Idea Man » Information Technology

Open source student management system

ideaman — Wed, 22 Nov 2006 16:36:29 +0000

Every once and a while I get to talking to the folks that manage our student information system (Banner) and man…. does it sound like a big mountain of complicated code and applications (with a hefty price tag to boot)! Student information systems have been in use for a long time now and I wondered if it might be the right time for an open source one to come along? Couldn’t enough people agree on what might be considered a set of best practices? I talked about it in passing with some people here, just as a “wouldn’t it be interesting if…?” conversation and one response I got was that many schools think that the way they do their processes is the right way (or better yet, the only way) so getting people to agree on something would be hellish. But… take a look at course management systems… Moodle is popular and so isn’t Sakai, maybe they could follow the trends set by those products? On a similar note, I just got the newest issue of Network Computing Magazine where they survey their readers for what erks them, one entry on the cover said “7% say open-source projects are run by sanctimonious elitists”!

Stop opening random TCP/UDP ports

ideaman — Fri, 17 Nov 2006 15:50:25 +0000

Maybe I am naive, but I would think it would be a lot easier from a security monitoring stand point to stop have processes like rpc and ftp opening up random ports. I want to be able to take a baseline of what ports a server is listening on and if there are any new ports opened afterwards then there is a good chance it has been compromised. And it would make the firewall admins a life a lot easier too!

xml language for mail filtering

ideaman — Mon, 13 Nov 2006 20:11:03 +0000

I want to be able to use any capable IMAP email client (okay, there aren’t too many capable ones I know…) and be able to manipulate my email filters at the server level instead of at the client level. A couple of reasons for this are…

If I set a filter (ex: a vacation response message) I don’t want to have to keep my local email client turned on to process the message.
If my computer croaks I do not want to have to rebuild all of my email filters.
Part of my job is testing different email applications, I should only have to create the filters in one place. Right now we use the CommuniGate Pro email server here at work and I am testing its MAPI connector for outlook and its pretty slick. Within outlook you can manipulate your server side email filters. I don’t think it would be rocket science to create an XML language that defines how a filter works (ex: the filter has a descriptive name like “Trash messages from Janet” and it has some parameters to follow like “If the senders email address is janet@interplanet-janet.com” then tie an action to it like “move to the IMAP ‘trash’ folder”. Of course you could have multiple parameters and actions and they just end up being more tags inside the XML for that filter. What would be great is if you could store these XML filters on a different server using https or something and just point your email server and your client at it (just like you can do with an address book in LDAP). The server can point to it to know how to process your messages and the client needs to point to it so you can use tools to add/edit/delete your email filters.

I think I’ll get started on it (:^)

reply and delete

ideaman — Tue, 03 Oct 2006 13:09:07 +0000

I think a “Reply & Delete” button in email would be helpful. Several times throughout the day I receive requests for tasks to be done and I have to perform the task, reply to the sender with a quick “all set” then delete the message. The “Reply & Delete” button would remove the original message after the reply was delivered.

DNS Mail – Fighting spam with Dynamic DNS

ideaman — Thu, 03 Aug 2006 15:13:01 +0000

Yeah, I know, I know, everyone has come up with their own FUSSP (Final Ultimate Solution to Spam Problem). Well, here is an idea I had that is losely based on SPF. It is called “DNS Mail”, see what you think.

————————————–

DNS Mail (stands for “Do Not Spam”).

DNS Mail is somewhat like SPF (Sender Policy Framework) in that it uses DNS TXT
resource records to assist in message verification. Where it differs is
how it uses TXT records (and how it allows you to forward email without
any issues).

Here is how it works.

martha@domain.com wants to send an email to claire@nonprofit.org.
When she sends her message to her outbound SMTP server, the SMTP server
dynamically updates DNS with a special TXT record for this message. It
would look something like this

1wsed45rtgyh5678.domain.com. TXT “To:claire@nonprofit.org*From:martha@domain.com*date=Thu, 03 Aug 2006 09:10:49 -0400″

Once DNS is updated with this temporary record, the SMTP server adds a header to
the email message that looks something like this

DNS-Mail-ID: 1wsed45rtgyh5678.domain.com

The outbound SMTP server then does a DNS MX lookup for nonprofit.org and once
it finds the server (ex: mx.nonprofit.org) it attempts to deliver
the message to that server.

If the server mx.nonprofit.org is set to use the DNS Mail protocol
it will look for a TXT entry within @domain.com DNS called
dnsmail.domain.com that lists the DNS server(s) that can be queried
to look for the TXT entry that corresponds to the message. Here is an
example.

dnsmail.domain.com. TXT “155.47.64.164,155.47.64.165″

NOTE: My guess is that most sites would have only one server listed (for
a couple of reasons).

1. They would most likely want to designate a separate DNS server. This
could be for performance reasons, security reasons, or to keep their
main DNS server zone files down to a manageable size.

2. Having one server eliminates a zone transfer timing issue.
If you have multiple DNS servers for DNS Mail, all the servers
would have to be updated pretty quickly via zone transfers
when the Outbound SMTP server updates one server with a new TXT
entry. If you have more than one DNS Mail server listed and
one of the servers is not up to date when an outside MX server
queries it, that server would have to wait to try again (causing
delays) or it might reject the message.

Once the receiving MX server finds the DNS server to query, it
does a lookup of the TXT record for that message ID (ex: 1wsed45rtgyh5678.domain.com).
If it can find the TXT record and match the “To:” and “From:” headers it
will know that the message was sent using an SMTP server that is “allowed”
by the sender.

As far as cleanup goes, either the Outbound SMTP server or the DNS server
can look for message ID TXT records that are older than “x” days or hours
and can delete them.

What if the recipient, claire@nonprofit.org, has her email forwarded
to her home address claire@my_isp.net? When the @nonprofit.org mail server
receives the message and goes to forward it, it should first make
a Dynamic DNS entry in its own DNS Mail DNS server(s) for this message
and append a new DNS-Mail-ID: header to the message. It will also include
the original DNS-Mail-ID: header in the message. When the @nonprofit.org
Outbound SMTP server connects to the MX server for @my_isp.net, the @my_isp.net
MX server will inspect the headers and verify both DNS-Mail-ID: headers.

Once you have something like this in place it makes reputation based subscription
services for spam a lot more effective.

wireless point of sale for rent

ideaman — Sun, 02 Jul 2006 13:08:33 +0000

When I pass a yard sale now I wonder if they make any money because I assume people driving by have less and less cash on them then in years back. I always try and put purchases on my credit card because it makes it convenient at the end of the month…. less trips to the bank and one bill to pay. What if you opened up a store where you rented out wireless broadband hand held credit card devices to people who, for example, were running a yard sale? They could tie it to an existing PayPal account so the device vendor wouldn’t have to deal with any of the financial dealings, the person renting it would just have to program it to point at their PayPal account. I am sure there would be a lot more uses for something like this, what about people outside the super market asking for donations (my excuse of ‘no cash’ would no longer work…. foiled by my own idea!!!!)

keyboard with LCD template

ideaman — Wed, 28 Jun 2006 19:23:17 +0000

Have you ever seen a keyboard with a laminated piece of paper cut out like a long rectangular template to fit around the function keys? They do it here for Banner to help end users know what function keys perform what actions (like copy, paste, delete, help etc,…) Wouldn’t it be cool if you could have an external keyboard that had a small LCD panel underneath the function keys that changed the information according to what application was at the forefront? I know programmatically that a Windows machine knows what application has the window in the forefront, it would just be a matter of having a file it reads that maps the keys and have it print the information in the LCD.

Email password self-service

ideaman — Thu, 22 Jun 2006 16:07:25 +0000

I developed the password management system we use at the college and I want to revamp it to allow for self service. Let me explain, if a person does not change their password after 6 months it will be reset for them and they have to contact the helpdesk, prove their identity, then get a new password generated for them. I am kind of getting tired of resetting passwords but I never built in a self service module so people can get their new passwords because I never liked the systems that other sites use. Usually they have you set a predefined question…. you know, something like “What is your cats name?” or something goofy like that. Instead, I thought it might be cool (and maybe safer) to have people set up a password partner. While your password is still valid (and you are logged into the web interface) you enter in the email address of a trusted friend or family member within the system. When your password expires you go to the web site and enter in your login ID and it generates an ID that gets sent in the form of a link (with a detailed explanation) to your password partner. I assume you would give a heads up off line to your password partner that they will be receiving an email from our system. The password partner then clicks on the link and it generates a new password for their friend/family member.

Better yet, every one has a cell phone, why not have them enter in their cell phone number while logged in and we send them an ID to enter into a web form that will generate them a new password? The telecom people are always trying to get a hold of students at their dorm room telephone numbers but the majority of the students do not set them up or never check the voicemail, this way we would have their cell phones on record if we really need to get in touch with them.
I’ll run these ideas by the group and see what they think.

3G mobile phones using the PCMCIA slots on laptops

ideaman — Fri, 16 Jun 2006 14:18:47 +0000

I noticed that I never use the PCMCIA slots on the laptops I have had…. not sure why, I guess the equipment I need has always been built in. I have a new razr phone (which I highly recommend for guys who do not want to look like a handy man carrying a phone on their belt, they fit perfectly in your front pocket). I was think that since phones are getting smaller and smarter it would be cool to have your phone plug right into your PCMCIA slot on your laptop. I then thought…. what if the phone rings while in the PCMCIA slot? Well you could eject it which would be the equivalent of answering the phone, or, maybe a computer based smart phone would pop up and you could interact through the microphone and speakers on your laptop?

What would be some other advantages or disadvantages…? You wouldn’t have the cabling issues that palm users have with toting around a USB (or even uglier a serial) adapter. Do Macs have PCMCIA slots? (Not a big Mac fan so I wouldn’t know….or care). Maybe it could double as a wireless broadband card so you could connect in your car to the Internet? I would think that the Windows Mobile phones would have an advantage in that they could tie into the OS (file and contact syncs etc….) What if hard drives are small enough and large enough that they are in the phone itself and it has the OS for the laptop on it? When the phone is in the PCMCIA slot it is the laptop’s harddrive, when it is out there is some solid state media in the laptop that keeps it going and synced? Now that seems like a stretch.

I wonder if power would be an issue? I would think that if the laptop is plugged into the wall it could charge the phone and the laptop…. not bad. But what if it is unplugged? Would the phone run on its own battery and the laptop on its own? Maybe some of the power saving options in the processors now a days could be used to say, throttle down the cpu in the laptop so it can give some battery resources to the phone?

Okay, I have rambled enough.

utilizing server rack space

ideaman — Mon, 12 Jun 2006 20:07:35 +0000

I had an idea the other day when we were looking at our Data Center racks, we were trying to figure out where we can locate some new systems. I thought…. we have lots of rack space but it is not contiguous. What if the major vendors rebuilt their larger rack unit models (ex: 7 unit storage appliance) into 2 or 1 unit ‘chunks’ that were interconnected somehow? I bet there are plenty of IT shops out there that can’t easily schedule enough downtime to move servers around enough to clear out some contiguous rack space. When they did eventually move the other servers around and had enough contiguous rack space you could then consolidate the interconnected 1 or 2 units pieces back together. I think in order for this to work you would have to have one section of the system power the other sections through the interconnect cables and to avoid an interconnect cable becoming a single point of failure you would need a redundant connection. Anyway, if a vendor hits it big with this idea then maybe I’ll be rich!