I have been using the Ooma Telo for VoIP phone service at home for several years. Over the last few months my wife has complained that she loses VPN connectivity to her corporate network when the phone rings. I had set up the home router with QOS for the Telo device and tried to adjust the settings available with the OpenWRT firmware to make sure the Telo was not getting all of the available bandwidth and creating the problem. That did not seem to help as the problem continued. So tonight I decided to troubleshoot the issue and ultimately found the problem and a solution.
To explain the solution I probably need to explain my network set up. The home router is running OpenWrt which is connected to the cable modem. The Ooma Telo device is connected to the LAN. This is not the recommended set up by Ooma. Ooma would like for the Telo device to be connected to the modem and the router connected to the Telo. I don’t want to do this as I think it would impact my ability to host this server on my network. In addition to the Access Point (AP) on the router, devices on the LAN are a couple of gigabit switches and two AP’s providing a point to point wireless bridge for wired connections to the stereo receiver, TV, Wii, etc.. Actual devices on the rest of the network are computers, phones, tablets and an Epson 845 WorkForce printer.
To troubleshoot, I set up a ping to an Internet host and called the home phone from my mobile and there was no impact to the ping. Then I started my work VPN (Cisco AnyConnect) and repeated the test, except this time I pinged an internal IP address on the corporate network. Sure enough, as soon as the home phone started ringing, my ping failed. Since the problem only started happening the last few months and the network was pretty stable up until that point, I started looking at other changes and the only thing that came to mind was connecting a phone line to the Epson printer a few months ago. So I disconnected the phone line to the printer and ran the VPN test again and the ping continued with no problem. So, for now, the printer is disconnected from the phone line and I believe this will prevent dropped VPN connections and keep the wife happy and hopefully help some others that might experience this problem.
My wife has always complained of having no mojo when the daylight hours get shorter and overcast Winter skies seem forever present from November to March. If you have ever looked at therapeutic Seasonal Affective Disorder light boxes as a treatment for SAD, you know they run from about $50 for very small ones to over $300 for larger models. From my research all of these devices try to provide over 10,000 lumens and should be used about 30 minutes or longer per day to provide enough light to counteract the effects of SAD. With that criteria in mind, I set out to see if I could construct SAD Light Therapy box as a Christmas gift for her. Below are the recaps of my efforts at version one and the final version that she uses today. Skip to the photo section below for a quick review of the steps taken to build the final version of the light box.
While researching these devices, I came across a LifeHack where a brother made one for his sister using a wooden file box from IKEA and had to drill the box for the bulb holder mounts. While I could have gone that route and my initial hardware store purchases were of three massive fluorescent bulbs and mountable cleat bases, I quickly found out that the massive bulbs also took a massive base known as Mogul type for which the standard bases I had bought would not work. I liked this design as I could get the lumens I needed with only three bulbs, which meant less effort to do the mounting in the box that I found to be base of the device. Speaking of the box, I located it at World Market and it is a red metal picnic box for lack of a better description. The dimensions are 14.6″W x 11.2″D x 7″H with the lid and opening being on the 14″x11″ side.
After returning the mogul bulbs and standard bases to the home improvement store, I spent a lot of time wandering the electrical and lighting aisles trying to come up with much easier design that would not involve drilling and mounting bulb bases or elaborate electrical wiring. The simplest design I could come up with was to mount power strips in the box with double sided tape and use electrical outlet to bulb base adapters to hold the bulbs.
Trying to keep the cost as low as possible, I went to Wal-mart to find the power strips and bulb adapters. I found four black standard six outlet power strips and eight bulb adapters as that was all the store had in stock at the time. I got home and mounted the power strips side by side with the double sided tape and placing the bulb adapters on the power strip outlets that would give me room to plug in the other power strips to the primary power strip that would received external power. This design ended up having odd bulb placement and the power strips in the bottom looked pretty ugly, so I took some white poster board and cut it to cover the guts while cutting round holes for the bulbs to screw into the adapters. The bulbs chosen were 100W equivalent compact fluorescents with each one providing 1,600 lumens for a total lumen output of about 12,800. My wife was happy with the gift and used it for about a week, before I started realizing there were some design flaws.
What I did not like about the initial build design were, the bulbs being non-symmetrical, and the double sided mounting tape quickly giving into the forces of gravity and the bulbs flopping to down with the unit sitting on one end to provide light out to the room. Part of the problem with the bulb placement was due to the power strips. The ones I had bought had a hump on them at the end where the switch was located. This prevented using the outlet closest to the switch as the bulb adapter was too wide to fit due to the hump. I also did not like that I had to use four strips when two of the appropriate size, with adequate spacing and no hump, could do the trick.
So design and build of version 2 came about by finding two Philips brand power strips that had six outlets, with one being spaced out further on the end for transformers and no hump near the switch. Mounting these two power strips along the 14″ orientation allowed symmetrical bulb placement, but there was little if any space to daisy chain the second power strip into the first for power. Given there was not a need for electrical grounding in this project with light bulbs, the plug of the second power strip was trimmed of its grounding leg to fit in the small space between two of the bulb adapters on the first strip. To solve the mounting tape problem, self drilling sheet metal screws were used to mount the power strips to the bottom of the box with care taken not hit the wiring at that end or the plug on the other end. This design looked clean enough that there was no need to hide the internals with poster board as done on the first design. On the electrical side of things, the cord from the power strip was pretty short and plugging in and unplugging version one as an on off mechanism was not convenient. So with version two, I bought an in-line electrical cord switch and cut the very end of the cord from the power strip at the plug. Then I took an old PC power cord and cut of the end that went into the PC off. I soldered one leg (wire) of the two cords together and connected the other legs to the switch connections. So now the light box can be left plugged in and the switch makes it easy to turn on and off. Finally, one feature that I have not mentioned that I wanted from the start, was the ability to put the cord into the box and close it for storage, but since the wife has been using it each day there has not been a need to store it away to test that feature.
Project Parts List and approximate costs ($75 total): Picnic Box ($25 World Market) – Wooden or Metal Box with enough space to accommodate power strips with bulbs and adapters Philips Power Strips ($3.50 each x 2 = $7 Ollies)– Ones with more space between outlets are better as are models that have the switch located on the side or at a minimum flat across the top – Possible Amazon Basics alternative AC Outlet to Bulb Adapters ($1.27 each x 8 = $10.16) – Should be available at most home improvement stores or Wal-mart CFL Bulbs (4 pack 23W 1600 Lumen Great Value Wal-Mart $9.88 x 2 = $19.76)– CFL or LED based on Lumens needed and available sockets. (Note: First batch of GV/WM bulbs had almost four bad ones, so save your receipt for an easier exchange.) Mounting Hardware ($1) – Screws or another mechanism to hold power strips in place in the box. In-Line Cord Switch ($5) – Standard Rocker Type with pass through of one leg. Extension to Cord ($0) – Left over PC power cord.
Line the inside of the box with white contact paper or make another internal cover from poster board like version 1
Check the output of UV light
And depending on the results of #2, procure and install some sort of diffuser with UV filtering capabilities (I am thinking something like plastic drop cloth using a rod with a right angle on the ends to place in holes on the lid edge to the far side of the light compartment, as this should support the diffuser drape and also give the unit some stability while on standing on its side)
Update: January 17, 2015 – A quick test of UV output with some UV activated Transitions eyeglasses showed there was some UV output from these bulbs. The solution I found was to obtain some clear UV filtering film from Tinted Atmospheres where I had my Mazda 5 windows tinted. The film was not cheap, but it appears to be preventing the output of UV when tested with the glasses. To mount it, I cut a 13 1/2″ square of the film and used some very small button magnets to hold it in place on the front opening of the light box. See step 7 below.
The photos from this year’s Step Out walk are located here. Thanks to all of the volunteers, walkers and sponsors for making the event a success. All photos at my PerformancePixel.com may be downloaded for free/no charge. So don’t use the order prints feature unless that offers a convenient means for you to get them. The prices for prints that are ordered is the cost that the lab charges with no markup from me. Again, thanks for your support of the walk. It was great to see so many families supporting loved ones with diabetes.
After having some issues with this new server build and Apache2, I decided to move over to Nginx for the web server. This meant I had to figure out how to get a Linux, (e)Nginx, MySQL, and PHP (LEMP) server going. Although I am not a DigitalOcean customer I used a great tutorial from them to determine what I needed on the Nginx and PHP5-FPM side of things and left off the other steps pertaining to Linux and MySQL. I also had to recreate my self-signed cert for SSL which I did using these instructions from DigitalOcean. These portions of the upgrade, I actually did from remote while DJ’ing for an 80’s gig, but I did need to finish up swapping the Apache2 and Nginx daemon start ups the next day. All in all, it was a pretty effortless job to make the Apache to Nginx switch until I started investigating what I needed to do to continue blocking web visitors by country.
So the next step was to enable the MaxMind GeoIP modules in Nginx and configure the web site profile to block countries other than the usual five. For this portion, I found another tutorial from how-to-forge that walked through the process step by step. Just like the previous effort to do this under Apache, there are methods to allow all countries and specify a few to block or block all countries and specify a few to allow. The latter is the method I chose. The one option that I really like with this setup is instead of giving a 403 – forbidden response to blocked visitors, I followed the tutorial’s recommendation to use a 444 – no response method which just keeps the browser at the other end hanging on and waiting for a response.
Between country blocking, using a self-signed SSL cert and a captcha requirement for administrative access, the number of attempted password guessing attacks against this site has gone from several an hour to zero.
In addition to WordPress, my site also includes Zenphoto 2.0 for the photo gallery. While it initially looked like wordpress and zenphoto were functioning correctly under nginx, if you went into any of the albums you would get a 404 error. Turns out that mod-rewrite and php needed some attention to get Zenphoto back to health. Here is a post I made to the Zenphoto 2.0 forum on the adjustments needed.
Due to some problems with apache2 under a new Ubuntu 14.04 load, I decided to switch my web server to nginx. I used a couple of nginx (LEMP) tutorials from DigitalOcean even though my server self hosted. My primary site is wordpress with zenphoto 2.0 as a sub folder named zp. Zenphoto detected the server change to nginx and prompted me to run setup. This created two issues. One was setup did not detect a working mod_rewrite. The other was a timeout error (504) waiting on the setup script to complete. The timeout for php execution completion is probably set at 30 seconds on most default php installations. This is too short for the setup process to complete. This site (http://www.nginxtips.com/504-gateway-time-out-using-nginx/) has the settings needed for extending the timeout to avoid a 504 error waiting on Zenphoto 2.0 setup to complete.
You may have to make adjustments to the location of the files to edit, with Ubuntu 14.04, nginx, and php5-fpm these were the locations:
php.ini = /etc/php5/fpm/php.ini
www.conf = /etc/php5/fpm/pool.d
virtual host conf = /etc/nginx/sites-available/<default site file>
As Debby and I prepare for vacation, where she might get a chance to try out Stand Up Paddleboarding (SUP), she decided it might be time to get a lesson before possibly having to lay out some cash on a rental while on vacation. So, if she wanted to learn, it meant I had to use one of my old sailboards as a SUP board or check into to getting one of the newer boards made for touring on flat water. My previous experience has been using an old sailboard as a SUP. Those boards were a Magnum Nova and Hobie Alpha 230a. Real SUP boards include an Ocean Kayak 11′ Nalu and the 12′ Naish Glide (2010 model). I found the surf style nose on the Naish made me feel like a was pushing water a little bit when compared to the displacement nose on the Nalu. Looking at what’s available in displacement touring boards, there are a lot of options with prices on the low end for the Nalu’s around $600 to high-end carbon touring boards going for more than $2,500. I ended up closer to the low end with a 12’6″ Bic Ace-Tec Wing limited edition from REI. More on that later…
Debby’s first lesson went well. We showed up at a local Raleigh city park, Lake Johnson, where a SUP group lesson was just starting. I gave Debby the quick instructions of how to hold the paddle the right way, where to put it across the board while going on to the board on one knee in shallow water. She has seen me SUP enough to have a basic idea on paddling. She ended up on the Naish Glide and followed the group class out to the back side of the lake which required me to go from standing up on my board to a crouching position on my knees to make it under the Avent Ferry Road Bridge. Once on the other side, she was able to stand up pretty easily by following my example. We hung out in that part of the lake for a while after letting the group lesson go their own way to learn important things like how to get back on the board after falling off, where Debby’s idea of good lesson was not falling off. After about fifteen minutes, we headed back to the main part of the lake which gave Debby another chance to go under the bridge and stand up again. We paddled toward the dam and Debby had no issues and no near falls over the hour that we were on the water.
My thoughts on the new Bic Wing are: Wow! Now the first thing I will have to say is the board is a little heavier compared to the Glide, but not anything like the rotomolded Ocean Kayak. I ended up getting the blue topped limited edition during the Labor Day sale at REI with the ship to store option that only took two days to arrive. I had been looking at this as a potential displacement board for awhile, but the $1399 price tag was a little more than I wanted to spend and 15% off helped push me over the edge and pull the trigger on the purchase. My only qualm with REI, being an REI member at least, is they did not give a dividend on my purchase stating that the discount I was getting was more then the dividend would be. That is pretty lame if you ask me, but it was not enough to make me decide to try and see if I could get it for the same price at another retailer that had similar ship to store options.
We unboxed the board at REI and let them recycle the the card board before heading out to Lake Johnson. Thankfully one of the staff that helped me get it out of the box took the extra effort to bring me the FCS hex key wrench they found when discarding the box while I was still loading the new board up on the car or it would have been a sad trip to the lake for me as I only brought a phillips and straight screw driver with me. Getting it on the water was pretty simple once I got the FCS 9″ touring fin installed. Sadly carrying this board and the Naish Glide on my roof rack at the same time will require removing the fin from the Bic. On the water the Wing is very stable, from a stop you have to alternate your paddle from side to side to get going in a straight line, but once you are carrying some speed this board tracks truer in the water better than any of the four boards I have SUP’ed on the past including when I was lowering the daggerboard on the Hobie Alpha to get some stability back when I was first starting out. With Debby going at a much slower pace during her lesson, I had to double back several times to get her caught up. Initially I was back paddling on one side to turn around and since this board tracks so straight I was almost coming to a complete stop to make the turn. Later on I started walking back on the board to get the nose to lift out of the water and torquing my core to twist the board as I paddled on one side to make the turn. Turning this way was quick and let me maintain some forward momentum, but required my full attention to keep my balance.
Overall I think this is going to be a great board for my flat water needs here in the area. As far as the aesthetics go on this board, I like the metallic royal blue on top and the white bottom. I have not verified this, but a quick glance at a couple of the graphics on the side they did not appear to be integrated into the glossy finish, so it will be interesting to see how long these decals stay on. The recessed deck padding is nice and you can see where the red swoosh is cut into the base white pad. I did get a little bit of hot foot on my right side, but that is most likely due to some planar faciitus and me being off the water for so long and not the padding. The weather was an intermittent light breeze with overcast to partly cloudy while we were out on the water. That said, I did notice that if I slid the outside of my foot off the pad up onto the blue top, I could feel the increased heat level of the darker color versus the mostly white pad. Compared to the normal edition of this board in all white non-glossy finish with red graphics, I really like the red, white and mostly blue look of the top on the limited edition. One of the items to note on the limited edition is the glossy finish. Long term I think this may show a little more of the scrapes and dings that come with loading, launching and landing, but the whole reason for the Ace-Tec construction is make these boards pretty bullet proof and I can tell you as the owner of two 1980’s sailboards using similar construction that you can probably poke a hole all the way through one of the boards and keep using for years to come as long as you don’t compromise the board’s structural integrity. I have to make a note to myself that if I am leaving the board out in the sun for a any long length of time, it is probably better to leave the white up and blue side down help the board keep its cool.
Hopefully I will be able to get it out a few more times over the Fall season and post some additional reviews.
It was a busy weekend for photography. So much so that I had to call in the reserves (my wife & father-in-law) to help. The first event was the Raleigh Police 5K Run For Our Heroes in downtown Raleigh. The other event was the first annual Bed Race held by the Caring Community Foundation. If you are looking for the images, you will find the 5K photos here and the Bed Race photos here. As always thanks for your support of these great charities, the Raleigh Police Memorial Foundation and the Caring Community Foundation.
The memorial foundation has been working hard over the past few years to raise funds for a proper fallen officer memorial for the Raleigh Police Department. Sadly eight officers have given their lives while protecting the citizens of our capital city, but they are finally recognized through the memorial which was dedicated Friday night before the 5K on Saturday. If you get a chance, please visit the Raleigh City hall to pay your respects at the memorial.
The Caring Community Foundation continues to be the little cancer charity that can. While many cancer charities raise funds for research, CCF is unique in that the funds raised are used to assist cancer patients in our area that have financial needs which are many times identified by their oncologist. The goal last year was 365 patients assisted and that goal was met and this charity has raised over $1 million in the 10 years since its humble start with a backyard BBQ.
Deciding on which web hosting provider to use should be based on more than the hosting fee, or you stand the possibility that your site will end up on a blacklist that may prevent many of your potential visitors from reaching your site. Whether you are hosting a blog or a small business website, your ultimate goal is to have your site serve your visitors the content you want to share. But if your site is hosted as a virtual site on server that might be actually hosting hundreds of other web sites, you shouldn’t be surprised when potential visitors claim they can no longer access your site.
When this happens, many site owners don’t consider blacklists as the source of their problem. Blacklists are the customary means for security tools such as content filters and DNS systems to block access to web sites or servers that are known to be providing malicious content or redirects to other malicious web sites. Now when you start to think about the inexpensive web hosting company placing hundreds of sites on the same server, you can start to see an analogy to a physical neighborhood in the virtual neighborhood represented by the many sites hosted on a single server. If you are opening a new business that you expect your customers to visit in person, you might consider the square foot cost of the lease, but more importantly you consider the location for both convenience and safety of your customers. But this logic is often ignored when setting up a web presence as price seems to be overriding logic with little if any consideration given to potential web site visitor safety.
When a web site owner has experienced being on a blacklist, they will usually try to find out if their site is truly malicious. For the non-technical this is often a challenge. For some host names, the google web crawler aka Spider can tell a site owner if their site has been found to be malicious. Google also offers the ability for web site owners to check out how their site appears to the google crawler. https://support.google.com/webmasters/answer/158587?hl=en
With the appropriate URL, web site owners can also view the status of their pages through the google malicious URL service. In most cases this can be done based on IP address, host or domain name or AS number. So if we take a site that is known to be clear of any malicious content and check it, it should show that google has found no problems with the site. If we use the AS number, which includes all of the sites on the hosting provider network, you can check provider for reputation as seen by the google crawler (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=AS:46606). One can think of this as the neighborhood that the hosting provider represents. Here are some examples of this using the site from my local bike shop cycle-logic.biz. The report for this site at http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=Cycle-logic.biz shows no malicious content has been found on the site over the past 90 days. So why would this site end up on a blacklist? Simple answer is the Internet neighborhood in which the site resides has a very poor reputation. The IP address represents all of the sites commingled with the cycle-logic.biz web site. If we go a little further and look at virustotal’s report for the IP address 18.104.22.168, many sites from this IP address are listed as being suspect. https://www.virustotal.com/en/ip-address/22.214.171.124/information/. The best source for checking to see if an IP address is showing up in any blacklists is http://dawhois.com/rbl_check/. Currently this site is reports the IP address hosting cycle-logic.biz, 126.96.36.199, is listed in 11 blacklists.
So if you are considering hosting a web site or blog, research the provider’s reputation through their AS number. If there are multiple sites noted in their record at google, try another provider. Reputable providers will usually act quickly if notified of malicious content on a customer’s site and either notify the customer or take down the content. While these providers may cost a little more than $5.95 a month, you will significantly reduce the risk that your site will get on a blacklist due to other sites being hosted on the same IP address are providing malicious content or redirects to other malicious web sites.
Many thanks to all of the folks that came out and supported the Raleigh St. Baldrick’s event (updated totals at the link) this year. The numbers shared with volunteers prior to the event were: over $200,000 raised and 400+ shavees and another 100+ volunteers. I am sure the actual numbers will be higher with the number of groups that showed up and the last minute challenges from the stage. This was my first St. Baldrick’s event thanks to my friend of 40 years Evelyn Putnam who recruited me to help since I already shoot for some other local charities. I am trying to get locations of the other photographer’s images and will share links if they placed theirs on the web. My shots are located here. Many thanks to the two returning photographers, Carter Pettibone and Haley Bohn; and thanks, as well, to ShellyBooker, Evelyn Putnam and one other un-named shooter who had her head shaved as well helping with photography. While I have shot many charity events, there is no doubt when you hear from the families that are currently fighting for their child with cancer or the parents that lost their child to cancer; it’s a wake up call that there has to be something we can do and we did it today! Whether shavee, family member, or friend supporting them; the funds raised will support research like that of Dr. Oren J. Becher, from The Becher Lab At Duke University. And we know we make a difference with the success stories of cancer battles won that would not be possible without funding more children’s cancer research.
After much monitoring of malicious traffic and hacking attempts against this server, I have taken the ultimate draconian measure of blocking all countries except our US allies: Canada, United Kingdom, Australia and New Zealand.
The attempted attack that broke the camel’s back came yesterday with an attempt to have WordPress download malicious content from another site. The attempted download failed, but I manually went and got the files only to find they were trying to load an IRC Bot, web shell, deface my site, and use it to scan for other victims. So recky aka bogel, and x0re; sorry it failed for you. If anyone has any hosts talking out to *.blackunix.us, block the traffic. Nothing good can come from the hosts answering up on that domain name.
bot.blackunix.us has address 188.8.131.52
bot.blackunix.us has address 184.108.40.206
bot.blackunix.us has address 220.127.116.11
bot.blackunix.us has address 18.104.22.168
bot.blackunix.us has address 22.214.171.124
bot.blackunix.us has address 126.96.36.199