Striking a Nerve

David A. Bandel

Issue #98, June 2002

Readers respond to David's recent topics of interest, frustration and spam.

Recently it seems I hit on three very hot topics (all at once, too), that is if the volume of mail I've received is any indicator. The first of these topics can be reduced to library versioning problems on distributions and my need to keep several kernels of varying levels running to make everything I wanted to compile and run do so. Guess I'm not the only one. Perhaps a plea to programmers not to use the latest bleeding-edge library version would help, and this would be the LJ issue for that. So programmers, if you're listening, how about helping us users out!

The second issue that struck home was spam. We've seen the fall of ORBS followed closely by ORBZ. A number of other blacklists have sprung up in their place like weeds, but without a track record, just good intentions. The Razor database is suspect, with Razor sidelining several mailing-list messages that were obviously not spam. So lists and databases only work so well. I've looked over yet another antispam package that seems promising and is tunable. Let's see how that turns out (see SpamAssassin below).

Finally, a lot of folks are eager to dump Windows but can't seem to replace that Quicken package. Financial packages are dull, uninteresting and few programmers willingly commit the programming career equivalent of hara-kiri by writing one of these packages. But they are needed. One package with some promise has gone from open- to closed-source. I don't review commercial packages, but those of you needing a personal financial package might take a look at MoneyDance on the AppGen site (www.appgen.com).

Mail::SpamAssassin www.spamassassin.org

I've looked over a very large number of spam filters, and not one is perfect. It seems some folks have been poisoning the well where Vipul's Razor database is concerned, so I tried SpamAssassin, which has a setup similar to Vipul's Razor. One thing about SpamAssassin, it's easily reconfigured. During my test period, I had several hundred spam messages identified. I only had one spam at 4.6 make it through and one friendly message at 5.5 get sidelined. But SpamAssassin allows you to create white and black lists. So if you have friends in, say, Costa Rica who use acr.co.cr in their e-mail addresses, you can whitelist only their specific address, while the spam kings using acr.co.cr are summarily sent to /dev/null. Excellent. Requires: Perl, Perl modules Net::DNS, Mail::Internet, Net::SMTP and procmail.

xlog people.debian.org/~pa3aba/xlog.html

For all you ham operators out there, this is a great logging tool for your contacts. You can have multiple logs. You can add and delete bands in Preferences. The date is filled out, and on contact you just click the Time button and the time is filled in. Fill in the calling/responding station, add some remarks, select the band and click Add. You can search the log and more. It has an extremely user-friendly interface—heck, even a non-ham could work this log! And I should know. Requires: libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libm, glibc.

Remote Accounts Handler www.entropika.net/racs

This particular Bash script goes a little beyond gpasman. Not only does it store a list of your remote accounts and logins in GPG-encrypted form, it also allows you to connect to them by calling Racs with the alias for your remote account as the argument. It then fires up the application (SSH, Telnet, FTP, SFTP, HTTP, MySQL) and connects you to the account. Requires: Bash, expect, dialog (optional), GPG.

Penetrator www.triptico.com/software/penetrator.html

This Perl application will index all your files so you can perform a word search à la htDig or another search engine. But it also works locally on your hard disk and anywhere you have read privileges. So if, like me, you have years' worth of text-type documents and would like a word index of them, check out Penetrator. Its first run may take awhile, but after that, adding entries are quick and easy. If you take advantage of the optional SQL capabilities, you can perform SQL searches on the database without Penetrator's help. Requires: Perl, Perl modules DB_File, Getopt::Long, DBI::Pg (optional).

dnotify www.student.lu.se/~nbi98oli

This utility sleeps in the background until a directory it is watching has a file accessed or changed in a predetermined way; it will then perform the specified command. This utility could be of particular value as part of an intrusion detection system. Find a rootkit? Let dnotify send you a message when the directory containing the file has been accessed. Requires: glibc.

yesClock www.germane-software.com/software/yesClock

Here's a different idea in a clock. It will tell you the time, but also shows you (provided you've set your preferences to the appropriate lat/long) your relative day/night position. This one is just for fun. Requires: JVM2.

Nessus www.nessus.org

Three years ago I reviewed Ted, an excellent RTF word processor, Nessus, a security check program and Nmap, a network scanner. A tough choice, but I went for Nessus.

Okay, I cheated a little. Nessus uses Nmap as part of its routine. Nessus is probably the most complete and powerful security auditing tool available at any price, and this one's free. If you use the development release, you'll get a good look at all your vulnerabilities so you can do something about them. If you are responsible for network security, this package is a must-have. Requires: libX11, libXext, libXi, glibc, libdl, libgdk, libglib, libg mp2, libgtk, libm, libnsl, libresolv.

Until next month.

David A. Bandel (david@pananix.com) is a Linux/UNIX consultant currently living in the Republic of Panama. He is coauthor of Que Special Edition: Using Caldera OpenLinux.