The heralded Adobe Media Player (formerly codename Philo) has been released (in a prerelease verison) on Adobe Labs. It requires Adobe AIR Beta 2.
The Adobe Max release of cool new stuff has begun. Go to Adobe Labs to get the new releases. Also, many of the new “showcase applications” for AIR are also being released – including the much talked about Ebay Desktop application.
Tomorrow morning the crew from Georgia Tech Savannah (including me obviously) will be heading up to Chicago. We won’t be in the pre-conference workshops, but we will be there ready to go on Monday! I look forward to seeing all of you guys there. I will be Flickr’ing (as usual) and you can check out all of my Max photos as I take them by clicking the link below. I also will be blogging about all of the awesome when I can.
Linux adoption seems to be going through the roof as of late. What does this bring us – a lot of new Linux users. I would be willing to bet that some of those users have set up a basic web server – for development, testing, or even production purposes. When I first set up a Linux web server (in 2000), my machine got hacked in two days. I got an email from a research institute in California saying that my server was attempting to log into their servers. I had to pull the plug. The first tip for aspiring server administrators (and one that could have saved me in 2000) is to close all unnecessary ports.
Necessary Ports – any port that is needed by the general public to view the content on your machine (there is only 1 exception to this rule)
As I said – there is one exception to this rule, port 22 (for SSH). If you have a single server that is remote – you will need to have this port open. However, if you know that you login from the same IP address each time, you can limit port 22 to that IP address. This is the port that we will use to gain access to all of the other ports that we need to use on the machine. This process is know as SSH Tunneling, and it is supported by most major SSH clients (including Putty, which is free).
There are many ports that are left open on dedicated servers that don’t need to be open: MySQL (unless you need to access your databases directly from another server), Plesk (unless your hosting customers need to log into it), DNS (if it isn’t a DNS box), and Webmin. These are only the tip of the iceberg. If you rent a dedicated server from a company, it usually will have anywhere from 10-20 ports open for such things as Internet printing and windows file sharing (through Samba). This opens up some BIG security holes that need to be fixed. Here is where SSH Tunneling comes in.
SSH Tunneling – allows you to access any port on a remote computer by passing all of your data through the SSH (Secure Shell) port 22. This allows you to block ports to the outside world, but keep them open for you.
Example – Access to MySQL via SSH Tunneling
First, we are going to close the MySQL port on our server so that is only available to localhost. Unless you have changed it, MySQL should operate on port 3306. If you are running a Red Hat Linux, you can comment out the lines in /etc/sysconfig/iptables that have port 3306 listed. This works if you have a properly configured firewall already. Be sure of that first. Get more information about IPTables here. Once you have blocked port 3306 to the outside world, restart IPTables (or the firewall your system uses). In Redhat this can be accomplished by running “service iptables restart” as root.
MySQL has some great tools that you can use to administer your databases, users, and server processes. These come packaged together under MySQL GUI Tools on the MySQL site. To use these tools (if port 3306 is blocked on your firewall) you will have to set up an SSH Tunnel.
If you are using Putty, you can click the “Tunnels” option under “SSH”, you can add ports to tunnel. First, add the port you want to use on your local machine under “Source Port” (this doesn’t have to be the same as the port on the remote computer). Next, add your server hostname and port (like yourserver.com:3306) under the “Destination” field. Once you are done, click “Add” and then “Connect”. You are now tunneling in.
Now, you can access port 3306 on your remote server like below.
This principle can be applied to any port on any remote server that you have SSH access to. You can make your box infinitely more secure by closing all the ports that are not needed by the public. Oh, and Linux Commandment 2 will be – avoid FTP at all costs. This directly related to ports (will explain more in the next post).
Adobe released a press release regarding Flash Media Server 3 today. The FAQ below gives the details of the next release. So much of this is exciting! However, I was quite disappointed that the server-side scripting will still be Actionscript 1. At least the client side will be Actionscript 3 – and we can finally use AMF3 with FMS.
Getting information from multiple locations on the Internet for a single application is commonplace these days. It is one of many things that makes AIR such a great application platform.
To begin with, we are going to be dealing with a very simple Coldfusion component. The component contains one function "getStuff". If you pass in your name, it will return a string that says "Your Name is ...". If you place this somewhere in your web tree, you can expose it as a webservice by adding "?wsdl" to the end of the filename. That is all you have to do to expose your Coldfusion Component as a SOAP Webservice.
Reference: Coldfusion 8 and Web Services
Your reference for the SOAP Envelope will be the "wsdl" file. You can view the wsdl for our webservice in your browser by typing in the URL and adding "?wsdl" to the end of the file name. The wsdl is your guidebook to that specific webservice.
Reference: WSDL Tutorial
"At Adobe MAX 2007 in Chicago we are going showing off the next full release of Flash Player code named "Astro". The features are mind numbing and add capabilities far beyond anything the market today. The future of Adobe Flash Player looks very bright indeed."
Man, after the h.264 announcement, what else could there be? If you have any predictions, leave a comment.