I’ve been having a lot of “fun” in the past few weeks with cloning a hard drive on a server. Let me tell you up front that I am a major penny pincher. You might remember my series on simple ways for the church to save money on operational expenditures. Some say that I’m cheap, but I prefer to be considered committed to missions and wise spending. That’s who I am. So, I end up using a lot of open source software.

I love Clonezilla. It’s an open source title comparable to Norton Ghost. Clonezilla has done some excellent things for me on a number of machines. It can really save a ton of time deploying new machines or replacing failing hard drives. Well, for some reason, it wouldn’t clone one of the partitions on Caleb’s hard drive. I did everything I knew how to do to make it work. I fixed the bad sectors, I ran tons of maintenance utilities, and I even got into the inner workings of Clonezilla and changed some of the script settings (scary, yes!).

Tonight, I bit the bullet and bought Paragon’s Drive Copy 8.5 Professional. It’s actually running right now, so I don’t have the final results, but it’s past the point that Clonezilla always crapped out. I’ve got to tell you that it looks like it’s going to be worth every penny of it’s $129 price tag. I have been pulling my hair out for weeks with this problem, and this thing looks like it’s going to do the trick. (I’ll know for sure in half an hour.)

What got me writing early on this, other than having nothing else to do but watch a progress bar, is that the rescue CD is very user friendly. It doesn’t look thrown together like so many other Linux-type rescue CD’s. It properly recognized the RAID, named the drives in easy human readable format (making it real hard to mess up the source and destination), and even lets me use the mouse. If this works, I don’t know if I’ll even install the Windows software that came with it.

So, hopefully my adventure with the Attack of the Clones is coming to an end. I’ll let you know how this thing pans out.

* UPDATE *

Drive Copy 8.5 worked like a champ!  The single drive has been successfully cloned to the RAID.  Now I’m a definite fan of Paragon Software!

I was watching a guy install WordPress a few days ago, and I couldn’t believe what I saw. He downloaded the zip file from WordPress.org, unzipped it, and uploaded all the files to his Web server by FTP. Sure, it works, but why do it that way when you can go SO much quicker? Let’s talk about SSH. While this stuff is pretty technical, once you’ve got a grip on it, you have some real power on your hands.

Prerequisites:

• You’ve got to have a Linux hosting package that allows you access to the shell (SSH). If you don’t have one I recommend the Linux Business Package from 1and1 which includes 3 domains (Disclaimer: I profit from sales generated from that link). By the way, their lower packages are cheaper but do not have shell access.
• You need a client to access the Shell. I suggest PuTTY (it’s free)

How to Install WordPress quickly with SSH:

1. Log-in to the shell with an SSH client, like PuTTY
2. cd (Change Directory) to the directory you want to install WordPress in. If you’re on 1and1, you will be in the root of your public Web site when you log-in. With other providers, you may have to use the command:

       cd public_html

   or something similar. You need to know which directory you are in. Are you in a directory that is accessed by http://example.com or by http://example.com/some_directory? Where you are now is where WordPress will be located.

3. Now you’re ready to rock and roll, simply use the following commands to make it happen.

       wget http://wordpress.org/latest.tar.gz
       tar -xzvf latest.tar.gz
       mv wordpress/* .
       rm -rf wordpress

   So, wget downloads the latest release of WordPress to your server, tar unzips it, move takes it out of the wordpress sub-directory into the current directory and rm removes the empty sub-directory.

4. Now, go to the place you put it on the Web. If you dumped all of those files into the public_html folder of example.com, just head over to http://example.com. If you put them into the folder wordpress, head over to http://example.com/wordpress. The on-screen instructions will lead you from here.

This works for upgrading to new versions as well. When updating, I personally like to remove the wp-content directory before overwriting the files because I don’t want the new files to mess with my plugins or themes.

Use caution with SSH as you are entering commands directly into your Web host’s server. They probably won’t let you run dangerous stuff and mess up their machine, but you could mess up your stuff. For instance, rm -rf * would wipe out everything in the directory you’re in. If you’re in public_html, you’ve just wiped your entire site. Read up before proceeding, but I wanted you to know that there is an easier way to install WordPress and other Web apps.

By the way, if you’re using a host that doesn’t give you shell access, you can sometimes still accomplish this by creating a simple Perl script. I make a Perl script that runs system(); calls if I need to do this. You get to figure that one out on your own.

Yesterday I wrote about securing your network. While I know that it is by no means a complete discussion on firewalls, let’s move on to talk in a little more detail about content filtering.

Our church has the highest grade of “business class” cable Internet available. It meets and even exceeds our needs for normal Internet browsing, giving each user sufficient speed for most uses. Unfortunately, they offer no sort of content filtering on the ISP side. Translation: all pages are by default accessible to all users, even “those” sites.

Well, it takes no Einstein to realize that this isn’t a good idea for a church. In fact, it’s a downright bad idea, specifically since we offer free WiFi to anyone who requests the passkey and have a computer lab for the little kiddos.

So, what options are available for content filtration?

1. Well, we could pay for client-side software for each machine. Ummm, no.
2. We could switch to an ISP with content filtering built in. That’d be a great option except for the fact that we don’t have a high-speed filtered provider in our area.
3. We could buy/lease a network filter like Barracuda or iPrism. These are very expensive, but they are GREAT for large organizations. Ours isn’t that big.
4. So, we chose Linux. It’s free, it’s fast, it’s efficient, and did I mention free?

We’re using DansGuardian as our content filter. The open-source DansGuardian is free for all non-commercial users. The creator also has a commercial version available through the fine folks at SmoothWall, known as SmoothGuardian.

DansGuardian works well with a huge blacklist of blocked sites, but it doesn’t rely on it. In fact, you don’t even *have* to have a blacklist. See, Dans also reads the HTML of each page you view scanning for banned phrases, URLs, PICS ratings, and more. If it sees a dirty word on a page, it blocks it, whether or not it exists in a blacklist. You can see the benefits of this straight away. Thousands of pornographic and otherwise obscene pages are created daily, and no blacklist could ever hope to keep up with them.

If you haven’t already, install a content filter in your church - it may save someone from developing a horrible addiction. (By the way, parents can also use DansGuardian at home)

For my inaugural post on my fancy new church IT blog, I want to talk about the necessity of protecting your church members’ information, your church-owned computers, and each network user. I was reading Nick Nicholaou’s post about Biometrics, and I was inspired to post on network security. He wrote:

Church and ministry networks have information that, if not properly protected, could cost a lot of money in penalties plus a hurt reputation in their community.

That’s absolutely correct. If we don’t look out for our data, no one will. When I arrived at FBC, I quickly learned that the entire network was protected by an overworked $50 firewall. I don’t fault the church - they didn’t know. I’m certain that if my church overlooked this security vulnerability, many others have as well.

I don’t intend to make a case for a good firewall, but I insist that you get one. Instead, I want to give you a few pointers. Namely, you don’t have to spend a lot of money to get your hands on some excellent protection. Friends, in my humble opinion, the answer is in Linux.

Last month, I installed a Linux firewall with no out-of-pocket costs. We had a spare computer, running a 300MHz P3 and 512Mb of SDRAM. You don’t need a beast. I downloaded the latest distribution of SmoothWall Express 2.0 and the DansGuardian add-on and burned them to a CD. The SmoothWall CD boots right up and walks you through the installation procedures. The DansGuardian needs a little bit of Linux finesse.

The bottom line is that this box now sits between the Interweb and the church network. There are two network cards, one goes to the cable modem and the other to a switch. It scans everything coming in and everything going out. SmoothWall is a great firewall right “out of the box.” It has an Intrusion Detection System built right in, and it logs everything. When you add DansGuardian, you gain the ability to filter content. That’s right, it makes it nearly impossible for kiddos in the computer lab to land on inappropriate content.

More on this later.