MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
November
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
2007
Months
Jan Feb Mar
Apr May Jun
Jul Aug Sep
Oct NovDec


Fri, Nov 30, 2007 11:00 pm

Mounting a Dirty NTFS Volume

If you try to mount an NTFS volume on Linux that was used on a Windows system and get the message below, then Windows was not shut down properly. E.g. the system may have crashed or there was a power failure. 
$LogFile indicates unclean shutdown (0, 0)
Failed to mount '/dev/sda1': Operation not supported
Mount is denied because NTFS is marked to be in use. Choose one action:

Choice 1: If you have Windows then disconnect the external devices by
          clicking on the 'Safely Remove Hardware' icon in the Windows
          taskbar then shutdown Windows cleanly.

Choice 2: If you don't have Windows then you can use the 'force' option for
          your own responsibility. For example type on the command line:

            mount -t ntfs-3g /dev/sda1 /mnt/hdd -o force

    Or add the option to the relevant row in the /etc/fstab file:

            /dev/sda1 /mnt/hdd ntfs-3g defaults,force 0 0
Presuming the volume is /dev/sda1 and you want to mount it at /mnt/hdd, you can mount the volume read-only with mount -r /dev/sda1 /mnt/hdd. Or you can force a mount in read-write mode with mount /dev/sda1 /mnt/hdd -o force. But it might be best to run Windows chkdsk or a utility with similar functionality first, since the fact that the dirty bit is set could indicate corruption to the volume's file structure.

[/os/unix/commands/mount] permanent link

Fri, Nov 30, 2007 7:23 am

Comcast NTP Servers

I wanted to configure a user's home router to synchronize its time with a Network Time Protocol (NTP) server, so that its log entries would have accurate time stamps. Since the user had a Comcast-provided connection to the Internet, I decided to use a Comcast NTP server. The one that I used is ntp01.inflow.pa.bo.comcast.net [68.87.96.5].

If you want to verify that a NTP server is available and responding to NTP queries, you can go to Query NTP server and enter the Fully Qualified Domain Name (FQDN) or IP address of the system to be queried to submit an NTP query to the system from that site. If the queried system is responding to NTP requests, you will see something similar to the following:

Output of NTP server at 68.87.96.5

ntpdate

30 Nov 16:12:42 ntpdate[23942]: ntpdate 4.1.1@1.786 Tue Sep 23 17:37:40 UTC 2003 (1)
server 68.87.96.5, stratum 2, offset 0.001361, delay 0.10997
30 Nov 16:12:42 ntpdate[23942]: adjust time server 68.87.96.5 offset 0.001361 sec

If you see "stratum 0" displayed on the results page, the system is not responding to NTP queries. The offset and delay values will be zero as well in that case.

You can find a list of publicly accessible NTP servers at NTP.Servers Web .

[/network/ntp] permanent link

Wed, Nov 28, 2007 5:24 pm

Multiple IP Address on a Solaris System

I needed to assign a second IP address to a network interface on a Solaris 2.7 system. The system has 2 network cards, designated hme0 and hme1, each with its own IP address, but I needed to assign a second IP address to the hme0 interface. A webserver, which would normally be at the second IP address, was down and I wanted the webserver on this particular system to assume the functions of the offline system temporarily by responding at the IP address of the server that was down. In order to have a Solaris 2.x system listen on a second IP address on an interface, the following steps can be taken.
  1. Create an entry in /etc/hosts for the second hostname. In this particular case I added a myhost2 entry, so that I had the following entries in the file. 
    127.0.0.1    localhost       
10.0.74.214  myhost1.example.com myhost1   loghost
10.0.74.193  myhost2.example.com myhost2
192.168.1.1  janus
    Myhost1 and myhost2 will apply to the same network interface, whereas janus is for the second network interface card in the system. The myhost2 entry is the only new entry.
  2. Create /etc/hostname.hme:n files, or /etc/hostname.le0:n files depending on your system configuration, that contain the hostname for the virtual host n. You don't need to create hostname.hme0:0 as it is the same as hostname.hme0.

The above changes will cause the virtual hosts to be configured at boot time. If you don't want to reboot the system, you can use the ifconfig command to have the system start responding on the second IP address without rebooting. 

# ifconfig hme0:1 up
# ifconfig hme0:1 128.183.72.193 netmask 255.255.255.0

References:

  1. FAQs document :How to setup multiple ip for Solaris
    Date: March 30, 1998
    Freelab
  2. Configuring Networking
    By: Keith Parkansky
    Date: May 1, 2002
    Solaris x86

[/os/unix/solaris] permanent link

Tue, Nov 27, 2007 10:44 pm

Mounting a Hibernated Drive

I went back to working on a problem where I couldn't get a Windows XP system to resume from hibernation 1 by trying to examine the hiberfil.sys file, but wasn't able to get much further today.

References:

  1. System Won't Resume from Hibernation
    MoonPoint Support

[ More Info ]

[/os/unix/linux/ubuntu] permanent link

Wed, Nov 21, 2007 12:39 pm

BlackBerry Email Filters

For BlackBerry Desktop Manager 4.2.2 (Apr 26 2007), take the steps below. For BlackBerry Desktop Manager Version 4.0.1.10 (Apr 27 2005), see Creating an Email Filter for a Blackberry.
  1. Open the BlackBerry Desktop Manager.
  2. Double-click on Email Settings.

    BlackBerry Desktop Manager Email - Select Email Settings

  3. Click on the Filters tab.

    BlackBerry Filters

  4. Click on the New button.
  5. At the Add Filter window type whatever name you wish to use for the filter in the Filter Name field.

    BlackBerry Add Filter

  6. You can filter on the "from", "sent to", "subject", and "body" fields.

    If you did not want to forward messages from a particular email address, you would check the From checkbox. If you didn't want to forward messages from multiple senders, you could put all of their email addresses in the From field, separating the addresses by semicolons. You can also use an asterisk as a wildcard to block multiple sending addresses. For instance if you wanted to block all email from xyzcorp.com senders, you could put *@xyzcorp.com in the From field.
  7. Check the "Don't forward message to the device" checkbox.
  8. Click on OK.
  9. Click on OK again at the Email Settings window.

[/network/email/blackberry] permanent link

Tue, Nov 20, 2007 8:47 pm

MXToolBox

If you need to check the Mail Exchanger (MX) record for a domain, you can do so online using an MX Lookup Tool at MXToolBox. Once you have looked up MX information for a domain, you are given the option of running Simple Mail Transfer Protocol (SMTP) diagnostics, which will connect to a mail server via SMTP, perform a simple Open Relay Test and verify the server has a reverse DNS (PTR) record. It will also measure the response times for the mail server, giving you an indication of whether they are good or bad.

You also have the option, after you've looked up the MX information for a domain, to perform a blacklist check. That test will check a mail server IP address against 147 DNS based email blacklists. (Commonly called Realtime blacklist, DNSBL or RBL ). If your mail server has been blacklisted, some email you send may not be delivered. Email blacklists are a common method employed by email server administrators to reduce spam.

[/network/email/info] permanent link

Sun, Nov 18, 2007 6:57 pm

Iomega Clik! Drive

While tyring to make space in my garage for other stuff, I came across an unopened box with an Iomega Clik! PC Card Drive plus a 4-pack of the 40 MB Clik! disks. I've posted information on the drive here to use for an eBay listing.

[/hardware/storage/iomega] permanent link

Fri, Nov 16, 2007 7:34 pm

Linux LiveCD SATA Support

I booted a system which has a Serial ATA (SATA) drive in it from a Knoppix 5.0.1 LiveCD, but could not get the operating system to recognize the presence of the hard drive. So I then booted from a Slax LiveCD, but it did not recognize the drive either. The version of Slax I tried was the SLAX KillBill Edition 5.1.8.1. I then booted the system with a Sabayon 3.4e DVD. I was able to access the SATA drive then.

The problem is apparently due to the other distributions of Linux not recognizing the Serial ATA chipset on the motherboard of the system, at least for the versions that I was using. The system has a PCChips A31G V:1.0 motherboard According to Serial ATA (SATA) chipsets ? Linux support status, "Some SATA chipsets have been supported since practically forever, as their programming interfaces are unchanged from PATA predecessors. Others are brand-new and require new drivers from scratch.

Refererences:

  1. LiveCD
    Wikipedia - the free encyclopedia
  2. Serial ATA (SATA) chipsets ? Linux support status
    Revised: February 27, 2007
    Linuxmafia

[/os/unix/linux/knoppix] permanent link

Wed, Nov 14, 2007 10:30 pm

System Won't Resume From Hibernation

When I tried to reboot a laptop after putting it into hibernation mode, I kept getting the message "The last attempt to restart the system from its previous location failed. Attempt to restart again?" I had the option to "Delete restoration data and proceed to sytem boot menu" or "Continue with system restart". I tried to continue, but the system would just reboot and then I got the same menu again.

[ More Info ]

[/os/windows/xp] permanent link

Wed, Nov 14, 2007 9:49 pm

Netscape 7.2 Unread Mail Number Appears to be Wrong

A user of Netscape 7.2 informed me that the number displayed for the number of unread email messages in his inbox was not matching the number he saw highlighted as unread. He had a problem earlier that day with Netscape when his system ran very low on the amount of free space on his hard disk. I deleted a lot of files from a temp folder and deleted other no longer needed files. I then deleted his inbox.msf file, because I believed that index file had become corrupted (see Netscape 7.2 Inbox Corrupted for information on Netscape mailbox corruption) due to the disk space issue.

The .msf file is a Mail Summary File. It does not contain the messages for a mailbox, only an index of those messages to make sorting and locating messages quicker. If you delete an msf file, which you should only do without Netscape being open, the mailbox messages themselves remain and the index will be rebuilt the next time you open Netscape and access the mailbox.

However, even after deleting the inbox.msf file twice and having Netscape rebuild it, the user reported the problem recurring. I sent a few test messages to his address. When I checked his inbox they were highlighted as unread. I marked the entire folder as read to reset the counter. He said that sometime later he was having the same problem. For instance he might see 145 listed as the number of unread messages, but only a couple would be bolded indicating they were unread. And when I sorted messages by their read status, I would only see a couple.

I finally traced the issue to Netscape's "view" options. Netscape offers different "views" for your mailboxes. You can chose to view all mail or restrict the display of messages in various ways, e.g. perhaps you only want to see unread mail, or messages marked as important, or messages with attachments, or just email from the last 5 days. Another option is to display only mail from "People I Know", which I believe is email from addresses in your address book, though I'm not sure if in Netscape 7.2 it inclues email addresses from the Collected Address Book as well.

When I clicked on "View" then "Messages", I saw that Netscape was set to display messages from "People I Know" rather than "All". I changed the setting to "All".

[/network/email/clients/netscape] permanent link

Mon, Nov 12, 2007 9:02 pm

Silent Runners

Silent Runners is a Visual Basic script, which can be used to scan a system for software that starts automatically when Windows starts, which may aid you in determining if a system is infected with malware.

[ More Info ]

[/languages/vbs] permanent link

Mon, Nov 12, 2007 3:35 pm

Rejecting Email To a Specific Address in Sendmail

In checking the previous night's mail server log, I noticed a large number of messages addressed to someuser@frostdragon.com. There is an account, someuser on the system and email addressed to someuser@moonpoint.com should go through, but, though email for both domain names is processed by the server, email to someuser@frostdragon.com should not be delivered. Presumably, since someuser is acually a common male name, email addressed to someuser@frostdragon.com is from some spammer trying common names to deliver his spam.

I edited /etc/mail/access and added the line below: 

someuser@frostdragon.com                  550 Mailbox disabled for this recipient

The 550 is a standard error code for an email server to return to an email client when email is rejected. You can specify whatever message you wish after it. In this case I chose "Mailbox disabled for this recipient". I could have just used the following line instead, if I didn't want to specify my own specific error message.

someuser@frostdragon.com                  REJECT

After executing the command makemap hash /etc/mail/access </etc/mail/access to rebuild the access database file, you can test the block by establishing a telnet connection to port 25 on the server, issuing an helo or ehlo command, then a mail from command with any address as the "from" address, and then a rcpt to command with the relevant recipient address. 

mail from: someone@example.com
250 2.1.0 someone@example.com... Sender ok
rcpt to: someuser@frostdragon.com
550 5.0.0 someuser@frostdragon.com... Mailbox disabled for this recipient
rcpt to: someuser@moonpoint.com
250 2.1.5 someuser@moonpoint.com... Recipient ok
quit
221 2.0.0 frostdragon.com closing connection

From the above, I can see that email to the address I wanted marked as invalid is rejected immediately, but email to the same username at a different domain name gets through. Mail with a "from" address of someuser@frostdragon.com would still be accepted, even though it is now rejected as a "to" address.

Since I don't want the server to accept email if that address appears as a "from" address either, I added the line below to /etc/mail/access as well and rebuilt the access database with makemap hash /etc/mail/access </etc/mail/access. 

From:someuser@frostdragon.com             550 We don't accept mail from spammers

If you try sending using a "from" address of someuser@frostdragon.com now, the message will be rejected. However, if you test the block by the telnet e.g. telnet frostdragon.com 25 and then issuing an ehlo or helo command followed by mail from and rcpt to commands, you won't see the rejection message until you've entered the rcpt to command, i.e. it doesn't occur when the mail from command is issued. 

mail from:<someuser@frostdragon.com>
250 2.1.0 <someuser@frostdragon.com>... Sender ok
rcpt to:<myself@moonpoint.com>
550 5.0.0 <myself@moonpoint.com>... We don't accept mail from spammers

References:

  1. FEATUREs for check_* in sendmail 8.9
    Sendmail.Org
  2. Configuring sendmail to Reject Unsolicited Mail
    HP Technical Documentation
  3. Anti-Spam Configuration Control
    Sendmail.Org
  4. SMTP Service Extension for Returning Enhanced Error Codes
    The Internet Engineering Task Force (IETF)
  5. 22.6. The /etc/mail/access and access.db files
    Securing and Optimizing Linux
    RedHat Edition - A Hands on Guide

[/network/email/sendmail] permanent link

Sat, Nov 10, 2007 8:43 pm

Red Hat 9 RPMs

The RPMs on the Red Hat 9 (Shrike) CDs:

By Disc
Alphabetical listing

Additional packages in RPM format can be found at Dag Wieër's Apt/Yum RPM package overview.

[/os/unix/linux/redhat] permanent link

Thu, Nov 08, 2007 6:24 pm

Root Hints

I was notified by someone that the L root name server had changed. To see what root name servers one of my DNS servers, running Redhat Linux 9, was using, I ran dig and saw the following output: 
# dig

; <<>> DiG 9.2.1 <<>>
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60704
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       517448  IN      NS      G.ROOT-SERVERS.NET.
.                       517448  IN      NS      H.ROOT-SERVERS.NET.
.                       517448  IN      NS      I.ROOT-SERVERS.NET.
.                       517448  IN      NS      J.ROOT-SERVERS.NET.
.                       517448  IN      NS      K.ROOT-SERVERS.NET.
.                       517448  IN      NS      L.ROOT-SERVERS.NET.
.                       517448  IN      NS      M.ROOT-SERVERS.NET.
.                       517448  IN      NS      A.ROOT-SERVERS.NET.
.                       517448  IN      NS      B.ROOT-SERVERS.NET.
.                       517448  IN      NS      C.ROOT-SERVERS.NET.
.                       517448  IN      NS      D.ROOT-SERVERS.NET.
.                       517448  IN      NS      E.ROOT-SERVERS.NET.
.                       517448  IN      NS      F.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
F.ROOT-SERVERS.NET.     172107  IN      A       192.5.5.241
J.ROOT-SERVERS.NET.     172107  IN      A       192.58.128.30

;; Query time: 169 msec
;; SERVER: 207.233.128.10#53(207.233.128.10)
;; WHEN: Thu Nov  8 16:15:46 2007
;; MSG SIZE  rcvd: 260

I only saw the addresses for two of the thirteen root servers listed. The servers are named A.ROOT-SERVERS.NET. through M.ROOT-SERVERS.NET. as shown by the output of a dig command below. 

# dig . NS @f.root-servers.net

; <<>> DiG 9.2.1 <<>> . NS @f.root-servers.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19934
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       518400  IN      NS      H.ROOT-SERVERS.NET.
.                       518400  IN      NS      I.ROOT-SERVERS.NET.
.                       518400  IN      NS      J.ROOT-SERVERS.NET.
.                       518400  IN      NS      K.ROOT-SERVERS.NET.
.                       518400  IN      NS      L.ROOT-SERVERS.NET.
.                       518400  IN      NS      M.ROOT-SERVERS.NET.
.                       518400  IN      NS      A.ROOT-SERVERS.NET.
.                       518400  IN      NS      B.ROOT-SERVERS.NET.
.                       518400  IN      NS      C.ROOT-SERVERS.NET.
.                       518400  IN      NS      D.ROOT-SERVERS.NET.
.                       518400  IN      NS      E.ROOT-SERVERS.NET.
.                       518400  IN      NS      F.ROOT-SERVERS.NET.
.                       518400  IN      NS      G.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4
B.ROOT-SERVERS.NET.     3600000 IN      A       192.228.79.201
C.ROOT-SERVERS.NET.     3600000 IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     3600000 IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     3600000 IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     3600000 IN      A       192.5.5.241
G.ROOT-SERVERS.NET.     3600000 IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     3600000 IN      A       128.63.2.53
I.ROOT-SERVERS.NET.     3600000 IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     3600000 IN      A       192.58.128.30
K.ROOT-SERVERS.NET.     3600000 IN      A       193.0.14.129
L.ROOT-SERVERS.NET.     3600000 IN      A       199.7.83.42
M.ROOT-SERVERS.NET.     3600000 IN      A       202.12.27.33

;; Query time: 235 msec
;; SERVER: 192.5.5.241#53(f.root-servers.net)
;; WHEN: Thu Nov  8 16:22:59 2007
;; MSG SIZE  rcvd: 436

I also checked the status of the DNS service on the system with the rndc status command and saw the following: 

# rndc status
number of zones: 6
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running

When I checked the /var/named/named.ca file on the system, I found it was dated January 24, 2003, so was almost 5 years old, since the current date is November 8, 2007. I backed up the current named.ca file and then overwrote the file with the latest information.

# dig . NS @f.root-servers.net >/var/named/named.ca

I then restarted the DNS server with /etc/init.d/named restart.

Note: if you see the following when you check the DNS server status, try issuing the /etc/init.d/restart command again. 

# rndc status
rndc: connect failed: connection refused

The root hints file, /var/named/named.ca should be updated periodically, which I hadn't been doing on the server. A script to do so can be found at Keeping it working. The script will have to be customized for your particular system though, e.g. I would need to use named.ca instead of root.hints for the filename. And you also need to substitute the name of a system or an IP address of a system that should normally be reachable over your Internet connection for some.machine.net

References:

  1. Configuring DNS > Configuring named
    O'Reilly - Safari Books Online
  2. LOCAL AREA NETWORK DOMAIN NAME SYSTEM (DNS)
    Small Enterprise Networking and Computing Primer
  3. Keeping it working
    Linux.com

[/network/dns] permanent link

Wed, Nov 07, 2007 10:34 pm

Restart.Exe

When I scanned a system for malware, BitDefender Free Edition v10 reported the presence of Spyware.Destart.A in Restart.exe, which was in the directory C:\Windows\System32\Tools. I submitted the file to VirusTotal for analysis and also to Jotti's Online Malware Scan. Other antimalware software used by those sites also reported the file as malware. However, after further checking, I believe that the file is actually innocuous.

[ More Info ]

[/security/spyware] permanent link

Sun, Nov 04, 2007 7:20 pm

Numbered NIC in Device Manager

A Network Interface Controller (NIC) built into a PCChips A31G V:1.0 motherboard was appearing as a "Sis190 100/10 Ethernet Device #3" in the Windows Device Manager. I wanted to remove the "#3" from the end of the description. I tried fixnetwork.vbs, but that didn't work. I tried manually removing registry entries, but was unsuccessful in resolving the issue that way either.

[ More Info ]

[/hardware/network/nic/sis] permanent link

Sun, Nov 04, 2007 1:08 pm

No MAC Address on SiS190 NIC

I had a problem with a PCChips motherboard with a Silicon Integrated Systems (SiS) chipset not working because it had all zeros listed for the MAC address. Fortunately, the MAC, aka Ethernet, address can be changed through the Windows Device Manager.

[ More Info ]

[/hardware/network/nic/sis] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo