Interesting situation at work

Two months ago, my new job saw an all time bandwidth traffic record of 151GB being used. This was an astonishing feat, as the previous high had been 90 odd, and during the June time period students were writing exams, so usage should have been quite low. Traffic was running at a constant +-300 kb/s, which was impacting our speed quite a lot. This was running right during the night, which was very weird.

After scratching our heads we were at a loss to describe how this had happened. Neither I nor my colleague had been downloading files nor running torrents. We suspected a member of staff had been doing so, or a student who messed with a staff member’s pc. We then went on a wild hunt to find this but we had no luck.

By happenstance, we got warned that we were sending spam, and after doing some detective work to find out what happened, the truth finally came out. One of our servers was being used as a proxy for spam. This particular server was set up with Squid and Dansguardian to provide internet access for students, and due to a rather messed up Netware authentication situation at work, my colleague gave the server a public IP address.

The end result was that spammers found the computer and used Squid as an open relay to send their spam. We have no clue how many messages must have passed through the server before we locked it down, but I imagine it must have been in the tens of thousands.

After locking things down, my colleague discovered that hacking attempts were taking place, as it appeared someone was trying to log in via SSH through a dictionary attack. Luckily this failed due to strong passwords, but it was still an astonishing site for me.

In all, we learnt some valuable lessons when it comes to what you let loose on a public IP. It’s happened once more since then, as my colleague was testing something and forgot to firewall the server. Luckily we caught it the next day and he shut it down.

Hopefully we don’t have a situation again like that someday. It’s embarrassing and a security risk.

Hmail Server

When it comes to email servers for Windows, there are a number of options, mostly commercially based products for small to medium business, or the really big groupware products for larger entities. When it comes to quality free mail servers, there doesn’t seem to be a really big range of choices.

Enter Hmail Server. I had previously heard of this software a few years back, but apart from looking at the website, I never got around to using the software. At the time, the versions available were licensed under the GNU GPL.

A few months back when I was busy with my Joomla based project, I came to the conclusion that I needed to test certain email based parts of the package, but without a live domain it was proving to be tricky. I remembered Hmail, and I decided to set it up on my pc to act as a mail server for Joomla.

The latest edition of the server is no longer under the GPL, but it is still free software. The install file was just under 3mb in size, which surprised me. For all the functionality it offered, 3mb seemed too small. Nonetheless, installing it was pretty simple. Hmail needs a database to store mail and it’s configuration, and it lets you use 1 of 3 different types. Since I had a MySQL server going, I simply used that option, and after a few more mouse clicks, the server was up and running.

Main Hmail console window

Hmail supports the 3 standard internet mail protocols, SMTP POP3 and IMAP4. It has a lot of other features as well that make it pretty modern. About the only downside is that you have to set up accounts by hand I think, though I may be wrong.

I’ve also used it at my job to help create an e-mail server for an adult education course that showed people how to use e-mail. Previously they couldn’t send and receive, but after setting up Hmail, the course suddenly became a lot more realistic.

In short, this is a quality free product that is being given away for free. Evaluate it, it may just be what you are looking for and can save you a lot of effort when setting up a mail server.

For more information, visit the website here

Mxit: Good, bad or something else?

Mxit is an instant messaging service that was designed here in South Africa. By stroke of genius, it was designed to run on any number of cellular phones instead of the PC. Due to its wide range of phones supported, it quickly grew to be the platform of choice amongst the youth of this country to communicate. Since it’s cheaper to chat than to send tons of SMS’s or to voice call, Mxit has become ingrained in the culture of the youth today.

I myself use the program almost every day to chat with my friends. I’ve been using it since 2006, when it was still in it’s infancy. I’ve seen it grow, have teething troubles, and then grow some more. I’ve cursed it when it’s been slow, loved it when it was fast. Social events are planned on Mxit without blinking an eye. It’s really become second nature to almost everyone who uses it.

However, I’ve also noticed the downsides to its addicting nature. Children walk in shopping malls eyes glued to their phones, without seeming to know where they are. I have friends who would chat non stop when visiting me, which was incredibly rude as they spent more time chatting online than actually talking to me. I myself have stayed up late into the night chatting sometimes, and while I can handle that, many school children can’t. When they only get 3 or 4 hours sleep, they become tired and irritable at school and struggle to learn anything.

Mxit has also taken a lot of flack in the media because it has been linked (sometimes falsely) to kidnappings, spreading pornography, school “slut lists” and more. In most cases, it is the users that give it a bad name, as they are simply taking a platform and using it to their own ends.

One thing that saddens me though is how Mxit is used by some of its users to blatantly sexually lure people. I used to chat in a special chat room called the Dating Game, where the aim is to chat with people, flirt a little and perhaps develop a friendship. However, I long since stopped using the service because it has become polluted with girls/ladies/somebody offering naked pictures/videos of themselves for airtime. I have no idea if they really do send back in return for the airtime, as I haven’t and won’t be testing that out. For all I know, it could also easily be a scam to get airtime.

It is situations like that however that give Mxit a bad name and reputation. They do try their best to filter such content and moderate chat rooms, but the sheer amount of messages flowing through the system makes it near on impossible.

In the end, it’s not really Mxit at fault I guess. They simply provided a platform and service, and has been tarnished by a number of users actions. In many cases, the exact same things can happen on Windows Live Messenger and other chat networks, but since Mxit is so easily accessed by the youth compared to computer access, the bad vibes will probably follow Mxit around for some time to come.