July 9th, 2010 | 
Author: I’ve been delaying doing an upgrade to the latest-greatest until I had a few free hours. I made all the necessary backups, made a database backup and clicked on the upgrade button (This is a major revision upgrade). less than 2 minutes later, the whole upgrade is complete, the database has been upgraded and it looks like all the plugins are happy as well.
Another ringing endorsement for WordPress.
Posted in 
It looks like my remaining hard drive on the old web server is finally giving up the ghost. I will be migrating everything over to the new server this weekend, so there may be additional outages when I decide to make the cut-over, but this should be a flash cut via a firewall rule change.
I was a bit surprised when I checked the site earlier and nothing happened, attempts to log onto the server were also met with no response. A quick check on the hardware and I saw the message: Disk0: Fail, Disk1: Fail on the RAID enclosure. It’s really too bad the box doesn’t support drives larger than 80GB, but it was made many years ago. It’s also too bad I couldn’t find an additional 20GB disk in my collection with sufficiently close drive parameters to fix the mirror. Oh well, I’ve been putting it off for months now, so this is the best time to do it.
The presentation we had on a cloud-based virtual environment was quite interesting. We ended up going for just under two hours on the topic. Lots of technical discussion on how it works, the software choices and issues such as scalability, security, privacy, etc. all came up.
I may just have to sign up for a trial account just to see how it behaves. I’ve seen a number of environments that had this idea over the past 10 years, but this one may be “the one.” The concept is good, the timing is good and the implementation appears to be solid. It has pretty much anything you could want for a small virtual office and it offloads having a desktop support person on site. This is not to say there isn’t room for improvement and extra features, but the foundations appear to be solid and all of the basics are covered.
The URL is http://www.eseri.com/ and it is worth taking a look at.
Everything is based on open source software and it is all accessed via No Machine’s NX client. This provides a lightweight secure access method and the remote desktop is quite responsive. If I remember some tests I did a few years ago with a dial-up link, it was painful but usable at 9600, tolerable at 14.4 and worked pretty good above that.
It seems to have propagated rather quickly. I suspect some web-caching devices may take longer, but the three different external sites I have tried all show it as up and visible. That’s rather encouraging really.
For those looking for a web host, I have managed to find a couple of Canadian ones that have reasonable rates. I’ll post some info later, as I’d like to pull a couple of sites I have in the US back to Canada. One looks really good, but doesn’t offer secure connectivity. That I can’t really deal with. Another offers SFTP, so that’s a step in the right direction. Ideally ssh is my connectivity of choice, as it makes editing go so much faster.
As a result of this exercise, I’ll probably post a list of providers and their features that I care about. I don’t know if everyone else is as paranoid as I am, so we will see how it goes.
I’m, changing ISPs and as a result, the site may end up down while I get everything fixed up. Hopefully the changes will occur overnight and it will be quick and dirty, but I am not sure how long it will take for the changes to propagate. The short answer is that I’m expecting it all to be transparent, but you never know.
For those on the job lookout, there is a career fair happening on Thursday and Friday (May 20-21). Free registration and more info in the URL below:
http://www.itoottawa.com/events/index.html
Good luck!
Andrea
Title: June Meeting
Location: Pythian
Link out: Click here
Description:
This month we will be having a presentation from Eseri on virtual environments. Their description follows:
Cloud Computing technology is progressing at several layers – OS virtualization, data-center virtualization, browser based application delivery, and desktop virtualization. Eseri is a local company that has integrated a full organization IT solution from the best of the world’s open source, from hosted Intranet to desktops to applications, and host it in the cloud for access on virtual desktops. Eseri CTO and VP Engineering will demonstrate their solution, describe the architecture, and discuss the security advantages of the virtual desktop approach to the cloud.
Time availability will dictate if we get to continuing the server project. This month we will be adding a basic web server and webmail to the system
Start Time: 19:00
Date: 2010-06-17
End Time: 21:30
I’ve been writing up detailed notes for the course and placing them in the Forums under Initial Configuration (http://www.ovsage.org/forums/?vasthtmlaction=viewforum&f=1.0). I have just finished adding a complete list of all packages installed along with a brief description for each. Next I’ll be performing a detailed descriptions of all the services installed along with instructions for turning specific services on or off based on Scott’s list.
Title: May Meeting
Location: Pythian
Link out: Click here
Description: May Meeting for Ottawa Valley SAGE
This month we have two main topics:
- a presentation by Rove-IT on mobile administration (canceled for now)
- We will continue the configuration of the mail server system. This month we will be configuring the Dovecot portion and securing the connections.
As always, there will be some opening discussions and possibly an ignite video.
Start Time: 19:00
Date: 2010-05-20
End Time: 21:30
Comprehensive Risk Management, Education and Awareness Through
“The Harmonized Threat Risk Assessment Methodology”
Join the High Tech Crime and Investigation Association (HTCIA) Ottawa Chapter, Thursday, May 27, 2010, for a one day training event on the subject of the Harmonized Threat Risk Assessment (HTRA) Methodology. This session is geared towards those who are interested in understanding the methodology used by today’s Security Experts when conducting Threat Risk Assessments. Following the organization of the Harmonized TRA Methodology:
- Introduction;
- Preparation Phase;
- Asset Identification and Valuation;
- Threat Assessment;
- Vulnerability Assessment;
- Calculation of Residual Risk;
- Recommendations; and
- Conclusion
Each of the key areas will be addressed at an introductory level providing workshop attendees the understanding of how the HTRA process works. For those attendees looking for a full “how to” program, details on a full four day technical course will be made available during the workshop.
Since the unification of Threat Risk Assessment methodologies (October 29, 2007), through a joint working group of the Communications Security Establishment (CSE), the Royal Canadian Mounted Police (RCMP) and the parallel User Focus Group the Harmonized Threat Risk Assessment (HTRA) Methodology has become the unified Canadian Standard for the assessment of threat and risk.
Familiarity and understanding of the HTRA Methodology will provide both security professionals and the general public the knowledge, skills and confidence to apply the HTRA principles, regardless of profession, in their everyday life.
Important Note: This training is not generally available to the private sector. Take advantage of this unique opportunity to gain greater familiarity with the HTRA. This very informative training session will be moderated by none other than Mr. John Clayton who was the co-chair of the joint CSE-RCMP working group responsible for the development of the HTRA Methodology!
For further information , please visit the registration page. Seating is limited to 100 people.
This event is available to both members and non-members.
