Wednesday, November 14, 2012

Trying and Installing Drupal on an Ubuntu Linux Laptop

I underwent Drupal training two times, and so I can say that I have experience in configuring and organizing a  college website using Drupal. But I have yet to install Drupal on a machine by myself - the whole thing, I mean.

So last weekend, as I set for myself, I tried doing it on my own, in my own Ubuntu Linux  laptop. I installed LAMP server using tasksel. (I encountered an almost 2-hour struggle with that particular part, because I could not make Apache web server work. After about 5 to 6 times uninstalling and purging and reinstalling, it finally reactivated.)

Then, I followed the installation video (I will link the Youtube video soon), and also an Ubuntu guide on installing drupal. I used one distro in particular, Open Enterprise, because I was led to believe that all the capabilities I want (rotating banner, social integration, blogs, SEO tools, etc.) are already there and just needs activation. I was wrong.

After installing (of course, I had to create a database first with MySQL, download the package and decompress it to the /var/www directory of my Ubuntu), it worked, but the apps are not yet there, and when I tried to install (download the package and install), there were some problems.

I could not actually figure out what the problem was. I am not sure if I don't know the username and password, or I have not configured it right (I did a few more steps apparently to allow clean-url to work), or the software was not configured for FTP, or something.

I installed additional packages (vsftpd I think). Still didn't work, after that, but I tried a different username and password (my computer login and password), and the FTP installation for the additional App (rotating banner, SEO tools, social integration) finally installed.

And yes, besides installing, they did work!

So now, the next stage is to try what I did on a laptop machine on a real server environment. I hope I will be successful, because if I am, I will do the same for our CAS website. It will be cleaner, easier to maintain, and more integrated to the UP Manila website that IMS is planning to develop.

Friday, August 17, 2012

IT Developments at CAS

With the eUP of the UP System, and the OpenERP of UP Manila, what can CAS offer?

DPSM has started the Faculty Information System (FIS), which the IT Office hopes to improve. In the meeting yesterday, the Dean of the College of Dentistry, Dr Medina, mentioned the frustrating data collection done by the UP System - Forms 15 to 23. I wanted to answer that the CAS is doing that, but I could not. I don't want to. Not yet. I have to wait until the FIS is improved.

Also, the Office of the Dean has purchased wireless routers for deployment at CAS (and SSWC) to improve the coverage of the wireless (obviously) network. I simply hope our internet gets better for the students and faculty to appreciate the development our College is doing.

On my own level, as practice of my training in database, I will make an equipment / property information system. The aim of this system is for the College (through the Supply Officer) to track maintenance activities, purchases, expenses and utilization related to the various equipment of the College.

I wanted to type "What else?" but I had to erase that. I am not even an information technology or information system officer, so these things are not actually within my responsibility. I want to help, but I want to make sure I can help well. So I will limit my effort to the smaller things for now.

For the AAC meeting, I hope I can communicate effectively the desire of the College - a comprehensive academic institutional information system (educational ERP?) that can answer their information needs so that they can manage effectively and efficiently. It will be slow, but this is a start.

I know we can do it. We just need to have the will and engage.

Monday, June 4, 2012

Flame malware targets Microsoft Update system: Patch now (Security)

Original Post:

Takeaway: Microsoft released a security alert and patch due to the disturbing news that the hugely complex Flame malware has spoofed MS-signed certificates, potentially making Microsoft Update a malware delivery mechanism. Yikes and double yikes.

In what security researcher Mikko Hypponen calls the “Holy Grail” of malware writers, the massive and complex Flame malware, linked to state-sponsored espionage and information-gathering, has managed to spoof Microsoft-signed digital certificates, creating the potential for man-in-the-middle attacks on the Microsoft Update system.

Clearly, as Hypponen points out, successfully exploiting this vast delivery mechanism for malware could be disastrous. If the Flame module successfully performs a man-in-the-middle attack, it drops a file called  WUSETUPV.EXE on to the target computer. As of now, however, Hypponen says, “…It has not been used in large-scale attacks. Most likely this function was used to spread further inside an organization or to drop the initial infection on a specific system.”

Microsoft’s warning and patch are located on its support page. The full Technet Security Advisory is linked here:

Microsoft is aware of active attacks using unauthorized digital certificates derived from a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.

Microsoft is providing an update for all supported releases of Microsoft Windows. The update revokes the trust of the following intermediate CA certificates:

Microsoft Enforced Licensing Intermediate PCA (2 certificates)
Microsoft Enforced Licensing Registration Authority CA (SHA1)
The investigation into the incident is ongoing, but the main takeaway for now is to patch immediately!

Sunday, April 1, 2012

CAS ICT Projects

With my upcoming database systems training (initially, with Intro to Database Systems, to be followed by Basic PHP-MySQL, and then Advanced PHP-MySQL), I have this preliminary list of ICT-related ideas:

  1. Information-Gathering Behavior of CAS Constituents - The end-goal is for the College to come up with a comprehensive strategic communication program for its various stakeholders and initiatives.
  2. Faculty Information System 2.0 - Update the FIS to be more useful to both management (administrators' information needs and promotional purposes) and the faculty members
  3. Database Implementation on Processes requiring them
  4. FOSS, Ubuntu and LibreOffice Training for the Faculty
  5. Google Apps Familiarization Training for Faculty (Design already 2 years old)
The wireless CAS campus is just delayed for a few weeks, but after this Holy Week, there will be more updates.

Thursday, March 29, 2012

CAS holds first open source training


The 2-day training seminar on FOSS, Ubuntu and LibreOffice yesterday and today was not simply a training about open source software, but is an example of open source training.

Besides the fact that all applications used to prepare for the training were open source (OpenOffice.Org in 2009 for the training profile, LibreOffice for the request for funds, tasks management and tracking, and the presentation file, Scribus for the certificate of attendance, Freemind for the planning and mind mapping), the training was open for everyone for feedback and comment.

The training profile, including the content, was published for everyone's preview before it was implemented. The "source" or training design was reviewed not only by training or open source specialists ("programmers" in computing science lingo) but for everyone to view and give feedback for improvement.

Further, the training invited IMS participants to view the curriculum and its implementation for continued improvement, and share the idea to others (IMS who will continue to develop their curriculum for implementation with other colleges).

The concept of open-source emphasizes the opportunity of open-source concepts: continued improvement, sharing of knowledge and community of learning.

This is just a quick write-up on the 2-day seminar. It was not just a seminar on open source software. It was an example of open-source training.