I recently went on two trips, a wedding and then a business trip, and both involved getting internet access at the hotel. The hotel we stayed at at the wedding had free wireless internet, which was completely unencrypted and definately visable from the other hotels grouped around it. The second hotel had strictly wired internet which required me to sign up. Neither of them really gave me a huge amount of confidence in them keeping my information safe. What does one do? If you have broadband and a dynamic DNS account (I suggest DynDNS.org, I've used them for years without a problem), you have some options!

**Remote Desktop **

This is the easiest thing to set up. All you need is a broadband connection back home, a router, and a spare computer. If you don't want to spring for an extra Windows license for the machine, you can install Ubuntu Linux and use FreeNX to run a fully encrypted session through your home's internet connection. I prefer this solution over regular Windows XP Remote Desktop because it is faster, and there is less chance someone will hack your Linux box as opposed to a Windows XP machine sitting on the internet.

Tunneling via VPN

There are a couple of ways that people can tunnel their internet connection. The one that will give you the most control is a VPN. Both times I used OpenVPN to connect back home, and I did all my browsing via a remote Linux box. The tunnel kept everything encrypted just like a corporate VPN, and since I did everything through a remote computer's browser, there was no chance of my passwords being sniffed across the network. VPNing also does not restrict you to what is on a single machine. If you use iTunes or SlimServer to stream music across your network at home, you can access them just like you could if you were at home.

You can also have OpenVPN force all your traffic through the secure VPN connection. This way you do not have to set up a remote computer to do your surfing (in a normal non-tunneled VPN, all of your internet requests go through the ISP you are connected to, in this case the hotel). This is fine as long as you don't do any large downloads as that will quickly kill your VPN's bandwidth.

To set this up, I recommend replacing your home router with an IPCop linux router and installing the Zerina OpenVPN plugin for it. This will set up a VPN server (and a much nicer router than what most $50-$100 routers are) in less than 30 minutes. For your clients, you can install the command-line OpenVPN client for Linux (Ubuntu/Debian users should be able to just do a 'sudo apt-get install openvpn' if you have the extra repos set up), and Windows users can use the OpenVPN GUI.

TOR + Privoxy

This is a good last-ditch effort if you don't have broadband at home or can't set up either of the above options. TOR (The Onion Router) is a software router that takes all of your traffic through other random TOR servers out on the net. What this does is find a single TOR server, sends the request to it, which finds another TOR server and sends the request through it, so on and so on until you reach your destination. Slow, yes, but it gets the job done.

Privoxy allows you to set up a SOCKS4/5 proxy to filter different programs through TOR. You can point your IM programs, browsers, or anything else that supports SOCKS proxies to your local Privoxy install, which then pushes it through TOR. Brilliant! This will not speed up a TOR connection at all, but it gives you a good measure of protection from packet sniffers.

Well, I hope that this helps those road warriors out there a bit. In this day and age, the tools to do identity theft are free and getting easier and easier to use. The above suggestions on keeping your information private should help keep you a bit safer when it comes to the internet.

Ever log into a box, or install a new distro, only to find that the prompt is either just a # or it only provides very minimalistic information? Well, it's easy to change the look of the command prompt by editing the ~/.profile or other appropriate file.

Most shells look at the 'PS1' environment variable to see what the shell prompt should look like. For example, in OpenBSD the root user doesn't have PS1 set to anything, so you get just a '#' as your prompt. Not terribly useful once you start navigating through the file system, opening multiple SSH sessions to edit multiple files, and then you start to loose track of what window is what. So lets add some information to the shell prompt.

Open up the ~/.profile (or ~/.bashrc, or other appropriate file for your distro) with your favorite text editor. I use nano:

nano ~/.profile

Check to see if there is a PS1 variable already set. The line will look something like this:

PS1='[u@h]'

You can either comment the line out (which I recommend) or just alter it to your preferences.

There are a few different options that you can use to edit the look of your command prompt:

\d Date in "Weekday Month Date" format. \h Short hostname. \H Complete hostname including domain. \j Number of running jobs \l Terminal device of the shell (ex: ttyp1) \n Newline character \r Carriage return \s Name of the shell, e.g. BASH \t Current time in 24 hour HH:MM:SS format. \T Current time in 12 hour HH:MM:SS format. \u Username. \v Version of Bash \V Version of Bash with patch level \w Current working directory. \W Basename of the current working directory \$ Insert a '$' (root gets '#' instead) \ Backslash \@ Current time in 12 hour am/pm format. ! Number of commands in the history file (.bash_history). # Number of commands you have executed in your current session.

So lets set up a prompt that looks like '[username@hostname cwd]$ ' with the following:

PS1='[\u@\h \w]\$ ' export PS1

The 'export PS1' tells the shell to actually use this variable. Log out and log back in, and you will see your new prompt.

Add some color Now that we have some useful information, we can even add color (assuming your terminal supports color). To add color we get a few new commands: \e[X;Xm Start a color combination, where X;X is a combination below \e[m End color

Color

Code

Black

0;30

Blue

0;34

Green

0;32

Cyan

0;36

Red

0;31

Purple

0;35

Brown

0;33

Blue

0;34

Green

0;32

Cyan

0;36

Red

0;31

Purple

0;35

Brown

0;33

I personally like Green, so I extend my PS1 to look like this:

PS1='\e[0;32[\u@\h \w]\e[m\$ ' So, take all the above information and turn the shell prompt into something that you want to use.

A downside to any scripted language is that it is recompiled every time that it is run. CPU cycles are wasted compiling both simple and complicated scripts over and over, regardless if the actual output even changes. What can you do to stop this kind of waste? If you are using PHP, there are quite a few caching mechanisms. I spent most of today trying to get a few of them to work with OpenBSD 4.1 with very little success. One that I did get working was APC.

What is APC? APC literally stands for 'Another PHP Cache.' What it does is keep a compiled version of your PHP code on the server so that your web server does not waste time doing the same compile over and over. APC itself runs as a PHP module for PHP 4.3.x and higher. If you are running your own server, APC is very easy to install.

Installing APC These instructions are for OpenBSD 4.1, but should work for any flavor of *nix.

What you need installed:

• autoconf

• PHP 4.3.x or higher

• GD library for PHP

• PEAR Libraries for PHP

• Apache 1.3 or higher

Head on over to http://pecl.php.net/package/APC and download the latest package to your server. Uncompress the file with 'tar -zxf APC-X.X.X.tgz' where the X's correspond to the version that you downloaded (3.0.14 as of today). Head into the new folder with 'cd APC-3.0.14/APC-3.0.14'. We will need to compile this module with the following commands:

phpize
./configure --enable-apc-mmap --with-apxs --with-php-config=/usr/local/php/bin/php-config
make
make install

If everything goes well it should install itself into /var/www/lib/php/modules/apc.so . Enable APC with the following addition to your /var/www/conf/php.ini file:

extension=apc.so
apc.enabled=1
apc.shm_segments=1
apc.shm_size=128
apc.ttl=7200
apc.user_ttl=7200
apc.num_files_hint=1024
apc.mmap_file_mask=/tmp/apc.XXXXXX
apc.enable_cli=1

Stop and start httpd and make sure that PHP files still work. If everything goes well, move the apc.php file from the downloaded files to your DocumentRoot. Edit the file and change the line:

defaults('ADMIN_PASSWORD','password');

and replace 'password' with whatever password you want to log in with. You can also change the line right above that to change the username that you will use to log in.

Using APC Visit some of your PHP pages, and then head over to the APC control page in your browser (for example, http://localhost/apc.php), log in, and look at the stats. APC keeps track what pages are being cached, what pages are being missed, how much memory it is taking up, etc. If you have GD installed it will draw graphs for instead of giving just text information. You can clear out the cache by clicking on the 'Clear opcode Cache' button, but other than that APC runs all by itself.

Does It Really Help? I used the 'ab' Apache Benchmarking tool from a machine on the local network of the webserver. I ran it with the following command:

ab -kc 50 -n 1000 http://gir/index.php

with and without APC installed. Overall I netted about 10 extra page returns per second with a 50ms decrease in overall response time. The numbers aren't huge, but over time those numbers add up. APC also did not cause any extra CPU load. APC and other PHP caching mechanisms aren't the only thing that can be done to speed up a website, but for those that have access to their web server if can hel