Linux – Page 49

Roundcube performance

December 12, 2010 by Igor Drobot Leave a Comment

There are many configuration options with inpact on performance in Roundcube and behind it (Database and Webserver). As Roundcube installation administrator you can set them to some defaults and prevent users to change them by using the ‘dont_override‘ option.

I tested some options and created my tiny boost list.
Here’s the list of options with impact on performance

Messages listing is a main task of a mail client. Sorting is expensive. First of all you should use an IMAP server with SORT capability. If message list displaying is still too slow you should set ‘message_sort_col’ to an empty string.
‘message_sort_col’
[Read more…]

Test spam rejection

December 12, 2010 by Igor Drobot Leave a Comment

Sometimes it’s interesting to test some MTA’s and their spam behavior, every mail system has his own spam behavior like SPAM_MARK_LEVEL or SPAM_REJECT_LEVEL.
If you send a mail with GTUBE string your mail should be rejected.

1	rejected after DATA: This message scored 1000.0 spam points

The GTUBE String to test spam rejection of mail servers:

1	XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X

Say no to GIF

December 8, 2010 by Igor Drobot Leave a Comment

I visit very often GNU/OpenSource websites like debian.org, and I’ve never seen there pictures in GIF format.
Why there are no GIFs on GNU Web Pages?

And of course, I found an answer on gnu.org:
There are no GIFs on the GNU web site because of the existing GIF patents Unisys and IBM covering the LZW compression algorithm which is used in making GIF files. These patents make it impossible to have free software to generate proper GIFs. They also apply to the compress program, which is why GNU does not use it or its format.

Unisys and IBM both applied for patents in 1983.

The Unisys patent expired on 20 June 2003 in the USA, in Europe it expired on 18 June 2004, in Japan the patent expired on 20 June 2004 and in Canada it expired on 7 July 2004. The U.S. IBM patent expired 11 August 2006, The Software Freedom Law Center says that after 1 October 2006, there will be no significant patent claims interfering with employment of the GIF format.

Webserver Benchmark

December 6, 2010 by Igor Drobot Leave a Comment

ab (Apache Benchmark) is a tool for benchmarking your HTTP server. It provides a quick an easy way to evaluate your http serving capabilities. ab overloads the server with http requests and measures the time it takes to serve all those requests.

How to install ab and where to get it? The real thing is that ab comes preconfigured with your apache installation. Apache by himself is just an extension command for the Apache Web Server. So if you have already installed Apache, then you should be able to run ab.

What we need in order to get ab to work is type the command and append the URL address we want to test. The command is issued as follows.

1	server ~ # ab -n10000 -c8 http://piper/

1 2	# Number of connections to send to the server -n

1 2	# Number concurrent requests to be made -c

1 2	# Option activates the KeepAlive feature -k

1 2	# Is the timelimit (in seconds) -t

ab testing mechanism actually is a good example of a Denial of Service (DoS) attack.

Nikto – vulnerabilities scanner

December 6, 2010 by Igor Drobot Leave a Comment

Nikto is an Open Source (GPL) web server scanner which scans your webserver against more than 3500 dangerous files/CGIs, outdated version checking, It has a very good plugin support
Official site

To install in ubuntu / debian

1	$ apt-get install nikto

For simple test:

firewall ~ # nikto -h debianuser.org
---------------------------------------------------------------------------
- Nikto 2.02/2.03     -     cirt.net
+ Target IP:       188.40.116.206
+ Target Hostname: debianuser.org
+ Target Port:     80
+ Start Time:      2010-12-07 10:45:55
---------------------------------------------------------------------------
+ Server: Apache
+ OSVDB-3092: GET /img/ : This may be interesting...
+ OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons
+ 4347 items checked: 2 item(s) reported on remote host
+ End Time:        2010-12-07 10:49:45 (230 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested