Saving and Restoring Windows File Associations

To be able to restore Windows file associations, you need to make a copy of two areas in the Windows registry: HKEY_CURRENT_USER\Software\Classes and HKEY_LOCAL_MACHINE\Software\Classes. Windows stores information on what application should be used to open a particular type of file, e.g. a file with a .jpg association in those two areas. If you have made a backup and some applications makes changes that you would like to reverse, you can use your backup files for those two branches of the registry to restore the file associations to what they were previously.

[ More Info ]

[/os/windows/registry] permanent link

Adobe Photoshop CS2 Saving Files in Incorrect Format

I encountered a problem with Adobe Photoshop CS2 version 9.0 on a system where Photoshop would not correctly save a file when the "Save As" option was used. You could pick whatever format you chose, but Photoshop would always save the file as a Photoshop PSD file. Oh, you could have it put on the extension for the desired format, e.g. somefile.jpg, but the contents of the file would be in PSD format. If you chose "Save for Web" instead of "Save As" you could save the file correctly in the chosen format, e.g. JPG.

I was finally able to resolve the problem by holding down the Ctrl, Alt, and Shift keys while starting Photoshop to have it wipe out its stored settings

[ More Info ]

[/os/windows/software/graphics/adobe/photoshop] permanent link

Removing a Spybot Teatimer Block

If you have inadvertenly blocked a process or registry change with the teatimer application that comes with Spybot Search & Destroy, you can take these steps to remove the block.

[/security/spyware/spybot/teatimer] permanent link

Running StarOffice 7 for the First Time

Sun's Solaris 10 operating system comes with the StarOffice 7 office package, which I've found handles Microsoft Office documents I've created on Windows systems or that I receive from others.

When I first started one of the StarOffice applications to read a Microsoft Word document, I was asked to install it and then was presented with the option of a "workstation" install or a "local" install.

 

Select Installation Type

Choose the type of installation.
(*)	Workstation Installation
	This installation will be carried out so that the programs can be started directly from the network. 1.5 MB are needed for the local files.
( )	Local Installation
	Installs all StarOffice 7 components locally on the workstation. This installation requires 284.3 MB memory; temporary 284.3 MB.

The choices weren't entirely clear to me. It seemed to me that the first was suggesting that I might be loading the software from another system, either a server of my own or one of Sun's servers. I expect to use the office package a lot and want to run it locally not over the network. However I wasn't sure that I was correctly understanding the options presented. It seemed to me I should select the "local installation" option, but I wasn't sure, so I did some searching online.

It seems I'm not the only one confused by the options presented. In a February 2004 posting to his blog on the O'Reilly Network website, John Adams voiced a similar complaint:

Sun's choice of office suite is a no-brainer: StarOffice 7. I find one thing to be rather weird about Star Office, and also OpenOffice, and that's that you need to install them once for each user. Furthermore, the choice of installation options is confusing. I was given a choice between Workstation Install and Local Install. I want both! I consider my computer to be a workstation, and I want the software installed locally. The correct, and completely counterintuitive choice here is the Workstation Install, which is described as the install to use when running the StarOffice software from a network location, except that I'm not running it from a network location, I'm running it locally. Had I not already been through this a time or two in the Windows world, I'd have made the wrong choice. In fact, under Windows, it's always a frustration to get OpenOffice configured so that it can be used by multiple users, but I digress.

From his posting I concluded that perhaps the local installation makes a copy of most of the StarOffice files for each user rather than allowing users on the same system to share the application.

I also found a thread at Nomenclature change on installer: "Workstation" and "Local" ins on the OpenOffice website where others complained the nomenclature was confusing. From that thread, I concluded that the workstation install was best for a multi-user system, so I chose that option.

I love the software and think it is a great alternative to Microsoft Windows, but I'm afraid most users would find those installation choices confusing also.

References:

1. Seasonal Revenue for Webloggers? Or, Digital Democratic Fundraising
   By John Adams
   February 18, 2004
2. Nomenclature change on installer: "Workstation" and "Local" ins
   May 12, 2004
3. StartOffice on Sun Ray Terminals at UD
   University of Delaware IT Help Center
   October 3, 2005

[/os/unix/solaris] permanent link

Forwarding an Exchange User's Email to an External Address

It is possible for email that comes into an Exchange mailbox to be forwarded to another email address as well. The other address does not have to be another email address on the Exchange server, but can be a Yahoo mail, Hotmail, or other email address.

[ More Info ]

[/network/email/exchange] permanent link

Fake FDIC Email

E-mails fraudulently claiming to be from the Federal Deposit Insurance Corporation (FDIC), which insures deposits in banks and thrift institutions, are attempting to trick recipients into installing unknown software on personal computers or into accessing a spoofed website. These e-mails falsely indicate that recipients should install software that was developed by the FDIC and other agencies or provide personal information at a spoofed, i.e. fake, website. The software may be a form of spyware or malicious code and may collect personal or confidential information. The spoofed website attempts to gain confidential information.

The subject line of such e-mail messages may include any of the following:

Online Access Agreement Update
SON Registration
Urgent Notification - Security Reminder
IMPORTANT: Notification of Federal Deposit Insurance Corporation

The e-mail may request that recipients click on a hyperlink that appears to be related to the FDIC, which directs recipients to an unknown executable file to be downloaded, or may direct recipients to a webpage requesting personal information. While the FDIC is working with the United States Computer Emergency Readiness Team (CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.

The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers and financial institutions are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

For further information on these "phishing" email messages, see the FDIC Consumer Alerts webpage at http://www.fdic.gov/consumers/consumer/alerts/index.html.

[/security/scams] permanent link

Adding a Program to Corel Photo Album "Open With" Menu

Corel's Photo Album program assists you with downloading and organizing photos. It also assists with backing up photos to CDs.

If you wish to open a photo in one of your collections with a particular program while working in Corel Photo Album 6, you can take the following steps.

[ More Info ]

[/os/windows/software/graphics/corel/photoalbum] permanent link

OpenSSL Vulnerabilities up to Version 0.9.7c

OpenSSL is an Open Source toolkit which implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols and provides a full-strength general purpose cryptography library. Versions of OpenSSL prior to 0.9.6k and 0.9.7c are vulnerable to Denial of Service (DoS) attacks or could theoretically allow remote execution of arbitrary code.

OpenSSL version	Applicable advisories	Effect
0.9.6d and earlier	30-Jul-2002	Practical to run arbitrary code remotely
0.9.6e-h and 0.9.7	19-Feb-2003	Practical (LAN) attack to recover frequently repeated plaintext such as passwords
0.9.6i and 0.9.7a	17-Mar-2003 19-Mar-2003	Practical (LAN) attacks to obtain or use secret key
0.9.6j and 0.9.7b	30-Sep-2003	Denial of Service, and theoretically possible run arbitrary code remotely
0.9.6k and 0.9.7c		Clean at present

Some attacks may not be feasible except from systems on the same LAN as the attacked system, since a very fast connection between the attacker and target may be needed to make the attack practicable. If a webserver is in a datacenter with perhaps dozens or even hundreds of other systems, a compromised system within the datacenter could be used by an attacker to exploit these vulnerabilities on other servers within the same datacenter, however.

If you need to determine which version of OpenSSL you are running, you can use the command openssl version. You may need to specify the full path to the command if it isn't in your default path. For a Solaris 10 system, you can use the following path:

# /usr/sfw/bin/openssl version
OpenSSL 0.9.7d 17 Mar 2004

For Solaris 7, use /usr/local/ssl/bin/openssl version.

References:

1. Vulnerable versions of OpenSSL apparently still widely deployed on commerce sites
   Netcraft
   November 3, 2003
2. ESB-2003.0871 -- Sun Alert Notification -- OpenSSL Vulnerabilitiyes in Sun Grid Engine 5.3
   Australian Computer Emergency Response Team (AusCERT)
   December 24, 2003

[/security/vulnerabilities/multios] permanent link

Showrev Command

The showrev command displays revision information for the current hardware and software of a system running the Solaris operating system. With no arguments, showrev shows the system revision information including hostname, hostid, release, kernel architecture, application architecture, hardware provider, domain, and kernel version.

Example for a Sun Sparc system running Solaris 7:

bash-2.03$ showrev
Hostname: pluto
Hostid: 80b11bbd
Release: 5.7
Kernel architecture: sun4u
Application architecture: sparc
Hardware provider: Sun_Microsystems
Domain:
Kernel version: SunOS 5.7 Generic 106541-39 Jan 2005

Example for an Intel-based PC running Solaris 10:

-bash-3.00$ showrev
Hostname: saturn
Hostid: 15db9095
Release: 5.10
Kernel architecture: i86pc
Application architecture: i386
Hardware provider:
Domain:
Kernel version: SunOS 5.10 Generic

If you use the -c option, showrev shows the PATH and LD_LIBRARY_PATH and finds out all the directories within the PATH that contain it. For each file found, its file type, revision, permissions, library information, and checksum are printed as well.

-bash-3.00$ showrev -c /usr/local/bin/mboxgrep

PATH is:
/usr/bin:/usr/ucb:/etc:.

PWD is:
/home/jsmith

LD_LIBRARY_PATH is not set in the current environment
________________________________________________________________________

File: /usr/local/bin/mboxgrep
=============================
File type: ELF 32-bit LSB executable 80386 Version 1, dynamically linked, stripped
Command version: GNU C crt1.s

GNU C crti.s

    SunOS 5.10 Generic January 2005

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GCC: (GNU) 3.4.2

GNU C crtn.o
ld: Software Generation Utilities - Solaris Link Editors: 5.10-1.477
File mode: rwxr-xr-x
User owning file: root
Group owning file: root
Library information:
        libbz2.so.1 =>   /usr/lib/libbz2.so.1
        libz.so.1 =>     /usr/lib/libz.so.1
        libpcre.so.0 =>  (file not found)
        libc.so.1 =>     /lib/libc.so.1
        libm.so.2 =>     /lib/libm.so.2
Sum: 28300
________________________________________________________________________

The -p option will show patch information.

-bash-3.00$ showrev -p
Patch: 116299-08 Obsoletes:  Requires:  Incompatibles:  Packages: SUNWxsrt, SUNWjaxp, SUNWxrgrt, SUNWxrpcrt
Patch: 116303-02 Obsoletes:  Requires:  Incompatibles:  Packages: SUNWxrpcrt

The -a option prints all available revision information, including Window system and patch information.

-bash-3.00$ showrev -a
Hostname: saturn
Hostid: 15db9095
Release: 5.10
Kernel architecture: i86pc
Application architecture: i386
Hardware provider:
Domain:
Kernel version: SunOS 5.10 Generic

OpenWindows version:
Solaris X11 Version 6.6.2 15 December 2004

Patch: 116299-08 Obsoletes:  Requires:  Incompatibles:  Packages: SUNWxsrt, SUNWjaxp, SUNWxrgrt, SUNWxrpcrt
Patch: 116303-02 Obsoletes:  Requires:  Incompatibles:  Packages: SUNWxrpcrt

[/os/unix/solaris] permanent link

FunWebProducts Malware

When I updated Spybot 1.4 on a system and then scanned the system, Spybot found FunWeb, FunWebProducts, MyWay.MyWebSearch, and MyWebSearch, all of which appeared to be related. This particular malware appears to be associated with iWon.

[ More Info ]

[/security/spyware/funwebproducts] permanent link

Viewing DWF Drawings in Buzzsaw

When you are viewing a DWF drawing, you will see a toolbar at the top of the drawing.

To zoom in or out of the drawing, click on the icon of the magnifying glass on the toolbar, which will change the cursor to a magnifying glass. Move the cursor into the drawing. To zoom in, while holding the left mouse button down (or the right mouse button, if you have the mouse configured for left-handed use), move the cursor left in the drawing. To zoom out, move the cursor right.

To zoom into a particular section of the drawing, click on the "zoom rectangle" tool. It has an icon that looks like a magnifying glass with a rectangle in it. It is immediately to the right of the magnifying tool that allows you to zoom in and out. Move the cursor into the drawing then click the mouse button and while holding down the mouse button drag the cursor to form a rectangle. When you release the mouse button, you will zoom into the area of the drawing you have defined by the rectangle you drew.

To pan the drawing, i.e. move to different sections of the drawing, click on the hand icon on the toolbar, which will change the cursor to a hand. Then move the cursor into the drawing. While holding the left mouse button down (or the right mouse button, if you have the mouse configured for left-handed use), move the cursor in the direction you wish to pan.

[/os/windows/software/cad/buzzsaw] permanent link