Setting up a MyDLP server

MyDLP is a free and open source data loss prevention software that runs with multi-site configurations on network servers and endpoint computers. MyDLP is currently supported only on Ubuntu. You can download a preconfigured MyDLP Server Installation Disk Image from the MyDLP website. This is a short article on how I setup MyDLP on a brand new server system.

Install Ubuntu

I had an Ubuntu 12.04 (Precise Pangolin) image available, and decided to use it for the new server. Since the server system did not have an Optical Drive, I had to create a bootable USB media. For creating the bootable USB drive from the ISO file, I used Linux Live USB Creator from on a Windows PC. The procedure was simple

  1. Select the USB Media (USB Key)
  2. Choose the source media (ISO file / CD ROM)
  3. Optionally, configure the advanced options. (I disabled the VirtualBox options, since the USB drive will be used only as an installation media)
  4. Click on the lightning button to create the bootable USB drive

Plugin the USB drive to your computer. Boot to BIOS settings and select the USB drive as the primary hard disk. Save the changes and restart. If everything went fine, the system will boot to the Ubuntu installation screen.

Install MyDLP

If you are not installing Ubuntu from the the pre configured MyDLP Server Installation Image, you need to install MyDLP separately. To install MyDLP, the MyDLP repository  needs to be added to apt repositories list.

First of all, install the public key for the repository
wget -q -O - http://ftp.linux.org.tr/mydlp/mydlp_repository.pub | sudo apt-key add -

Once the key is successfully installed, add the MyDLP repository using
sudo add-apt-repository "deb ftp://ftp.linux.org.tr/mydlp/ubuntu precise main"

Update apt to reload the repositories.
sudo apt-get update

Now that the repository is configured, we are ready to install MyDLP and its dependencies.
sudo aptitude install mydlp mydlp-appliance squid3-ssl

During the installation process, you will be prompted to set MySQL root password. MyDLP had trouble connecting to the MySQL database, when I used a non-empty password. So when you are installing for the first time, it is better to leave the passwords blank.

If the installation completed successfully, you will be able to login to the MyDLP web UI by visiting
http://127.0.0.1/

The default username and password for the MyDLP web appliance is mydlp. Replace 127.0.0.1 with your server ip address, if you are installing on a remote server.

Now you should be having a Squid proxy server listening on port 3128 of the server. To test the new DLP server, add some test policy rules using the MyDLP web UI. Update your router firewall to block direct internet access from your workstations. Configure the workstations to use the squid server installed on your new server as proxy server. Try browsing the internet from the workstation. If your server is properly setup, you can see that your requests are blocked / allowed based on your configured rules. The blocked requests will be listed in the logs section of web UI for audit purpose.

I used iptables on my TomatoUSB router to transparently redirect all traffic through my proxy server. The main advantage of configuring the proxy at the router level is that you don’t have to configure each workstation separately. Also, you can easily configure the router to block all internet access, except through the proxy.

Google being reported as fraud site by Opera

It has been almost a month since my last post. I will be extremely busy till the end of this month. The new year has been going great so far. All my exams, except one, were easy. Hope you all had a great Christmas and New Year (Yes, I know it is a bit too late ūüôā ).

Today early morning, my brother rushed in to my room and told me that our latest site, www.love-meter.net, is being reported as fraud site by Opera. I ran to my computer and found that it was true. I was surprised because the site is not yet complete and still it is being reported as a fraud site. I reloaded the page and it was then I noticed that it was not actually our site, but Google’s cache of my site that my brother was referring to. I checked my site and found that it was not showing any warnings. Next I checked for Google’s cache of www.google.com and found that it too showed the same error. But the warning is not being shown on the datacenter homepage. I checked the page cache in some other datacenters [64.233.161.104, 209.85.165.102] and they were not showing any such warning.

BTW, I had received several feedbacks and comments on Local Analytics. I am sorry, I wasn’t able to respond to your comments and fix the errors you have reported. I will try my best to fix those errors by the end of this month or early February.

Google reported as fraud site by Opera Site Check Google reported as fraud site by Opera Site Check

CRM serves Church!

Have you ever thought of the fact that running a Church is not a simple work and the process is such a complicated one that sometimes it is better to hire managers to run this process? Are there any alternative and any thing that helps to automate the process?

The whole organization of Church must be structured and this structure can be fully assigned to Customer Relationship Management Software (Church software) that will be of a tremendous help to those who are in charge of running the organization of church procedures.

There are always a number of administrative tasks that are to be handled in Church, for example, church accounting, financial management, church membership and attendance tracking. To record and track the above mentioned things manually can be a real nightmare and will definitely demand more managers who are to be highly-qualified to handle this job. That is why Church Attendance Software and Church Finance Software integrated into one CRM is a must nowadays.

On the other side, modern CRM software can help make the process easy and well-structured. Church management software can be obtained from different manufacturers and not just from one vendor. It means that you have a choice of different Church CRMs that can boast of rich functionality that will cater for any taste. Customizable automated process, easy time tracking procedures and workflow management are just minimum required features for a good faith-based non-profit organization.

TorPlus v1.03 released

Today I am releasing the latest version of TorPlus. For those who still don’t know about TorPlus, it is a software bundle containing TOR (The Onion Router), Opera(browser) and Privoxy (web proxy software). The bundle is preconfigured to work through proxy servers with the help of Tor. You can move from the proxy mode to normal mode with one click. Opera is also preconfigured to include several modifications. You can enable / disable Cookies, Javascript, plugins, java and flash with a single click. Also you can switch your browser’s user agent also easily from the status bar. An adblocker is also included with the Opera.

I haven’t updated TorKestrel, yet. I will be updating it to the latest beta version soon.

You can download the latest version of TorPlus from the downloads section.

Update :  TorKestrel+ v1.0.3 has also been released

ChangeLog 

  • Updated Opera to latest version (v 9.24)
  • Updated Kestrel to latest beta version
  • Updated Tor to latest version (v 0.1.2.18)

Outsourcing and Relenta CRM

Today, many companies rely on outsourcing, freelancers, or contract workers in order to complete projects on time and in order to make a business grow. Small and medium-sized businesses, especially, often rely on contractors or freelancers in order to create better profits.

There are many advantages to hiring freelancers. They require less money and generate more real work for the effort. In most cases, you pay freelancers only for the amount of work completed. This means that you do not pay for vacation time, coffee breaks, and so forth. This can save you a great deal of money over the average employee. Additionally, freelancers usually do not require insurance, benefits, and other additional expenses that traditional employees make use of. Many companies are also finding that outsourcing some of their work to freelancers allows them to hire people for occasional work. For example, if your company requires design services only once in a while, outsourcing to a freelancer can be less expensive than going to a company for your needs or hiring a design team permanently.

Keeping in touch with your virtual team with Relenta CRM

One challenge with outsourcing is that in many cases employers have less control over the work performed and must develop a failsafe communications system with their new employee. Relenta CRM software makes this very simple. A contractor or freelancer can be entered into the Relenta CRM system as a contact. That way, you can keep track of all the e-mail correspondence, information, and files exchanged between the company and the freelancer. Plus, Relenta CRM provides the ideal virtual workspace for both you and your contract employee. Simply assign the contract employee a department of their own, or give them access to the department that they are involved in. The employee can upload files, manage contacts, add assigned tasks in the shared online calendar, and interact with the department that he or she needs to interact with. At the same time, you can keep your financial department, and then any other department with sensitive information secure. Relenta CRM has gained immense popularity with many Chicago web development and Toronto SEO companies for it’s easy-to-use modules and intuitive interface.

Google Analytics Reporting Suite on AIR

Today I am going to write about an excellent application, which I discovered yesterday. The main reason why I hated checking out my Google Analytics reports was that I hated logging in to my Analytics account. My personal Google account is different from the one I use for website related uses, including Adsense, Sitemaps and Analytics. Whenever I try to check my personal mails and Analytics account together, I get logged out from the former. That was when I discovered Google Analytics Reporting Suite based on Adobe Integrated Runtime (Previosly Apollo), developed by Nico.

Google Analytics Reporting suite is a desktop application based on AIR, which allows you to access your Google Analytics Reports directly from your desktop. GARS provides a much better interface compared to the original web application. It also implements almost all the features provided by the web application.

The program allows you to manage multiple profiles from different Google Accounts directly from the program. The login credetials will be saved on your computer so that you don’t have to re-login every time you check your reports.

Here is a screencast of the previous version

Highlighted features of GARS (from AboutNico.be)

  • Easy profile selection and account management ¬Ľ
  • Use multiple profiles from different Analytics accounts ¬Ľ
  • All visitors, traffic and content reports available ¬Ľ
  • Tabbed interface to easily switch between reports ¬Ľ
  • Data drilldown, goal values, data segmentation ¬Ľ
  • Animated, interactive graphs ¬Ľ
  • Advanced data grids with filtering and paging ¬Ľ
  • Switch between interactive reports or PDF reports ¬Ľ
  • Site overlay view ¬Ľ
  • Exports to PDF, Excel and XML ¬Ľ

Google Analytics AIR v1.0 sneak peakThe program is still in its beta stage with beta 2 released on October 5th. I recommend everyone  to tryout the program and provide feedback to Nico, so that it can be improved further. Version 1.0 of the reporting suite is expected to be released by early 2008. A sneak peak of Google Analytics AIR 1.0 was provided and the new version is much prettier.

Google does not provide an official API to access Google Analytics data by external programs. Fortunately, programmers have developed unofficial APIs[1, 2] for doing the same, even though Google is remaining silent on the legality of using it. Google Analytics Reporting Suite is also based on an unofficial API developed by Nico, by studying the working of the web application for months. Fortunately, both Google and Adobe extended support to Nico for further developing the application. GARS is included in Adobe’s Showcase program and Google has offered assistance in making the program more secure.

Now that I have Google Analytics Reporting Suite installed, I now check my Google Analytics reports 4 – 5 times a day. Thank you Nico.¬† ūüôā

Downloads 

Best traffic analysis programs for your blog

If you are into blogging seriously and hope to become a professional blogger, then you should analyze your traffic regularly. Regular traffic analysis helps you a in knowing what kind of effect your posts are making on your readers. It helps you in understanding the topics your readers are interested.  A keen observation and wise decisions will surely add your name to the list of the best bloggers.

Traffic analysis is a very difficult job and I’m sure that most of us are not interested in it. Fortunately, there are several services available, which allows us to analyze site traffic with detailed reports and convenient graphs.

  • Google Analytics

    Home Page | Get Product | Product Tour | Features
    Managed by Google, this is one of the best available web traffic analysis service. The best thing about Google Analytics is that it is free. In my opinion, Google Analytics is the best traffic analysis service that is free. Analytics allows you to manage unlimited number of websites from your account.
    Installation of Analytics on your site is as simple as adding a piece of Javascript code on your website. There are a number of WordPress plugins for Analytics available which requires only your Analytics account ID, and thus save you the trouble of editing your theme. I too have created a highly configurable Analytics plugin for Word Press, which allows you to locally host the urchin.js file and periodically update it.
    Pros:

    • Indepth reports with detailed graphs.
    • Ecommerce tracking is possible.
    • Option to export the stat reports to a number of formats.

    Cons:

    • Real-time tracking is not possible. . The reports are updated several times a day, but still it gets delayed by several hours.
    • Detailed report about single visits is not available
    • Customer support limited to Help center and support group
  • StatCounter

    Home Page | Get Product | Demo | Features
    If you too hate Google after their latest PageRank update [1, 2, 3], and do not want to use their service anymore, then StatCounter is your second best option (Is it a coincidence that StatCounter lost its PageRank from 10 to 6 in the latest update?). The reports are not as detailed as the ones provided by Google Analytics.
    Pros:

    • Stats are updated in realtime.
    • Detailed report about last 500 visits is available.
    • Ability to display a visible counter on your webpage.

    Cons:

    • The reports are not as flexible as Google Analytics.
    • Free account control panel is ad supported.
    • E-commerce tracking and tracking of visitors over multiple domains is not possible.
  • Mint

    Home Page | Get Product | Demo | Features
    Unlike Google Analytics and StatCounter, Mint is a hosted traffic analysis program written in PHP and MySQL. Also Mint is not free and costs $30. Mint provides very detailed realtime details of your site traffic. But since the program is hosted on your server which may not be dedicated servers with load balancing, it can cause heavy server loads for high traffic websites. I have never used Mint, but have heard very Good reviews about Mint from several sources. If you have a medium traffic website and can spend $30, then this is the best software for real time tracking. I recommend using Mint along with Google Analytics, so that you will be having access to detailed realtime reports from Mint and comprehensive and detailed long term statistics from Google Analytics.
    Pros:

    • Stats are updated in realtime.
    • Very simple and nice interface.
    • Ability to extend and enhance the functionality of Mint by using plugins(called Peppers).

    Cons:

    • It is not free.
    • The program needs to be installed on your server.
    • Requires Unix server with atleast MySQL 3.x and PHP 4.2.3.
    • Causes intensive server load on high traffic websites.
    • Lack of comprehensive reports and graphs.
  • FireStats

    Home Page | Get Product |  Demo | Features
    Like Mints, FireStats is also a hosted Traffic tracking program. But unlike Mint, FireStats is free for non-commercial use and costs $25 for commercial use. I have been using FireStats for the past few months. The reports are not as detailed as in Mint, but the development of FireStats is happening at a rapid pace. FireStats can be installed as a standalone version or as plugins for WordPress, WordPress MU, Joomla, Drupal, MediaWiki etc. For WordPress blogs, FireStats provides two widgets for displaying your traffic stats and popular posts. It also allows you to display the country, platform and browser details of your commentators next to their name. For non-commercial usages, I recommend using FireStats. But for commercial sites I recommend using Mint, because for the small difference in price you get a much detailed report.
    Pros:

    • Stats are updated in realtime.
    • Very easy integration with a number of programs like WordPress, WordPress MU, Joomla, Drupal etc.
    • Multi level access to reports.
    • Availability of widgets for displaying stats and popular posts.
    • Ability to show the country, platform and browser details of your commentators next to their name.

    Cons:

    • Not free for commercial use.
    • Requires atleast MySQL 4.0.17 with INODB support and PHP 4.4.2.
    • Provides only basic details.
    • Interface and usability is not as good as Analytics or Mint.

Opera 9.5 beta coming

The Desktop team of the worlds fastest browser, Opera, has announced that the beta version of the latest version, Opera 9.5 (code named Kestrel) will be released on October 25. I am really excited by this announcement. Opera has been my favorite browser ever since I started using it a few years back. I love opera mainly because of its speed and less memory usage. Being a person who always have many tabs open at the same time, I find opera to be using much less resources than other browsers.

I have been using Kestrel for the last one month and I find it better than Opera 9, though still there are many unfixed bugs. Opera is world’s fastest browser and the latest 9.5 release is a complete rewrite of the original code. Hence the performance of Opera has improved unbelievably. You may check the results of some performance tests carried out on the latest versions of the popular browsers.

I will be updating my Opera+Tor+Privoxy bundle TorPlus, once the beta version is released.

You can download Opera 9.5 alpha from Opera.com and latest snapshot of Kestrel from the desktop team’s blog.

Steganography – Hide your files within files

I found this new technique yesterday. Many of you might be knowing this already. But still I thought it is worth to write about it.

So what the heck is Steganography? According to Wikipedia

¬†“Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message; this is in contrast to cryptography, where the existence of the message itself is not disguised, but the content is obscured.

Remember the good old days when you used to write invisible messages on paper using lime juice? Yes, this is the modern version of the same technique.

There are several methods for hiding data within files. One method is to alter the covering image bits and storing the secret file contents within the least significant bits of the covering image. More information on this method can be found on the Wikipedia page on Steganography. This affects the covering image quality (though the changes are usually undetectable).

The second method, which we are dealing with here is appending the contents of the secret file at the end of the JPEG file. In this method, the quality of the original image is not compromised. The simplest method for doing this is using the command copy in  Windows and cat in Linux / Mac.

On windows, open the command prompt (Start Menu > Run > cmd) and type

copy /b cover_image.jpg + secret.zip  output_file.jpg

On Linux / Mac systems run the following command in your terminal window

cat  cover_image.jpg  secret.zip >>  output_file.jpg

Where cover_image.jpg is the JPEG file used to cover the secret file
secret.zip is the archive whose content is to be protected
output_file.jpg is the protected file having the contents of secret.zip hidden within cover_image.jpg

If you wish to incorporate extra protection to the hidden file, then don’t forget to password protect the archive before hiding.

Now that you have stored the files, how do you retrieve it? Unfortunately, not all compression and archiving softwares support these archives. Fortunately, WinRAR and 7-Zip, two popular compression utilities supports these files. Depending on your system, the extract option may or may not be available on the Explorer right click context menu of the output image file (It is not shown in my system, while it is being shown in my friend’s system). If it is not shown, then do one of the following

  • ¬†Change the output file extension to .zip from .jpg and extract the files or
  • Open either WinRAR or 7-Zip and browse open the output image

PHP programmers interested in Steganography please check the Stegger library at PHPClasses.