Cliffle!

Me wearing ridiculous goggles

Home

Switching this site from Jekyll to Hakyll

I used to manage this site with Jekyll. I’ve now switched to Hakyll. Here’s my reasoning and some notes on how it went.

Read More...

Project Loon

While I’ve been blogging about my personal projects off and on, I’ve been awfully quiet about my day job. Now I can tell you why.

The internet is an amazing technology for empowering people to connect with their loved ones, develop new ideas, find kindred spirits, start businesses, and educate one another. But it works best when everyone can participate.

Soon, they’ll be able to.


My Recommended Publicfile Patches

While djb is perhaps best known for writing qmail, he also wrote a web server, publicfile. Like his other software, publicfile is simple and robust. I use it to serve this site, among other software.

Characteristically for djb, publicfile is pretty minimal out of the box. Here are a few patches I applied to the source to make my server faster, more flexible, and easier to use.

Read More...

Ultimate Guide to 3D Printing

Back in the Fall, I was invited to contribute to Make Magazine’s Ultimate Guide to 3D Printing. (That’s me on the front page, squinting at the Ultimaker wiki.)

If you’re in the market for a 3D printer, it’s a great place to start! We spent a weekend really putting these printers through their paces.


Attacks on my Server: The Data

I try to maintain a reasonably secure webserver.

A webserver is a computer, connected to the public internet, that does things (serves pages, etc.) whenever anyone asks it to. This makes it an easy thing to attack: the first step toward attacking a computer is usually getting it to do your bidding, and a webserver does your bidding every time you click a link.

My system logs show that I get attacked several times a day, like (I imagine) most computers on the Internet. Fortunately, most attacks bounce off — not because I have some magic security-foo, but rather because the software I’m using — specifically publicfile — doesn’t work the way the attackers expect it to.

While I am not so naive or foolish as to say that my server is “secure” — I’m sure it has some exploitable hole, and it runs in a distant facility that probably forgets to lock the doors sometimes — these attacks are of mostly academic interest.

Here’s some data I’ve collected from the past month or so of attacks. I figure this might help someone else detect or prevent an attack in the future.

Read More...

Older Posts

More Cliffle

By Topic