Eclectica Daybreak over Colburne Passage near Sidney, BC, Canada filler
shim shim shim shim
shim Home shim Software shim Avocations shim Services  
shim shim shim shim
Services
shim
Contact Info
shim
About
shim
shim

About This Site

So, what does it take to run a web site? That depends on whether you host it yourself, or pay someone to do it. In the interest of full control, as well as for the educational experience, I have chosen to run this entire site and the related network myself.

Physical Network

The physical network consists of the following elements, in order of connection from the outside:

  • Cable modem
  • Public switch/hub
  • Dual-homed (two network cards; Public/Private) internet server
  • Private switch/hub
  • Internal network; a file server, AS/400, various workstations

All of this hardware is protected by a pair of uninterruptible power supplies (UPS), and is connected by Category 5 cabling. The servers I built myself from components, and upgrade as needed from time to time.

Operating System

The computers need operating systems. The main servers both run Linux, which I installed; Engarde Secure Linux on the machine visible to the outside world, and Red Hat Linux on the file server. With the IBM AS/400 rounding out the set of servers, I have managed to build an entirely Microsoft-free server room.

DNS Server

I need a dedicated static IP address in order to offer my services to the internet at large. For this I cannot use an ordinary ISP account, so I have negotiated (and pay for) a business account that permits me to run servers. Fortunately, I have access to a broadband cable modem connection.

You probably don't want to type my IP address to find my site, so I have thought up and registered a domain name (eclectica.ca). To make this piece of magic work, I need to configure and operate a DNS (Domain Name System) server. When a request is made for eclectica.ca, the .ca server gives the IP address of my server. Mine is then able to respond to queries for, for example, www (www.eclectica.ca) and mail (mail.eclectica.ca).

e-mail Server

The service that I probably find most valuable of all is e-mail. This entails configuring the mail server so that it correctly sends mail on my behalf, and accepts mail for me as well. By convention, it must also accept mail for administrative accounts such as “postmaster” (in charge of mail), “hostmaster” (in charge of DNS), and “webmaster” (in charge of the web site). This mail is routed to me.

The server must be a good network citizen by refusing to relay mail for unrelated parties (usually spammers). It is also the first line of defence against inbound spam. Preventing the delivery of spam is probably the most time-consuming aspect of being a network adminstrator.

Web Server

Of course I want a web server, and I need to configure it. It turns out that the Apache web server is very reliable, and needs very little attention after it is initially configured.

Other Services

There are of course lots of other minor details to attend to.

For example, if the power fails, I want all the equipment to gracefully shut down if the failure lasts longer than a certain amount of time. This means that I need to hook up the signalling cables from the UPSes, and configure the software to act appropriately. This should of course be tested thoroughly, which involves watching all the servers go up and down like yo-yos as I pull the power and reconnect it in various permutations.

And so it goes for numerous other services.

Vigilance

All of the main services, DNS, web, and mail, are now up and running. But is everything secure?

Maybe it is today, but new vulnerabilities and exploits are discovered all the time. Some of these vulnerabilities may be sufficiently severe that an attacker can gain complete control over a system, and destroy everything without a trace. Even worse, a system could be used to attack others. This means that I must be ever vigilant, and watch for any announcement of a vulnerability that may affect my systems.

And of course, the vulnerability must be closed as soon as possible by fixing it, or by disabling the vulnerable service.

Incidentally, everyone who has a computer connected to the internet bears the responsibility of ensuring that it is secure. Last year's Code Red and Nimda worms did their damage by using the computers of unsuspecting ordinary citizens to launch their attacks.

The Web Site

Now I am ready to put up a web site. There are two parts to this; the technical part, and the content.

The technical part involves things like deciding on a structure for the site, choosing the appropriate technologies and development tools, and making it easy to transfer files from the staging area to the actual site. For all but the simplest sites, programming is involved; for example, I wrote this site in PHP rather than just HTML, but you can't tell by right-clicking and selecting View Source. By using PHP, I saved myself a tremendous amount of work, made the site more consistent in its appearance from page to page, and made it infinitely easier to modify and add pages.

As for the content, that is what you are reading right now. The best reason for putting up a web site is having something to say, or to show; I hope you find something here worthy of your attention.

And Finally...

Yes, this is “my” web site; I built and administer the whole thing. Perhaps all of the preceding offers you a bit of insight into what it takes.


shim