I use Symantec's Ghost 2003 to create image backups of disk drives. Since
the Ghost 2003 Boot Wizard can't create bootable CD's, only boot floppy disks,
I create a boot floppy disk and then use a program like
Easy Easy CD Creator, which can create boot CDs from floppy diskettes, to
create a Ghost 2003 boot CD
(see
for procedure to
use with Roxio's Easy CD and DVD Creator 6). When I booted systems from
the boot CD's I created I would see the message below:
So here is the deal... MOUSE.COM is trying to create a MOUSE.INI file and
because you created a bootable CD (read-only) it is unable to write the file
and gives the error message (Abort, Retry, Fail). If you fail, you can continue
just fine with mouse support.
The solution... add a MOUSE.INI to your floppy that you are creating the image
from. If you booted from the floppy at least once, this problem doesn't occur
because the file is created. That may be how it went away for you. Just
re-create the bootable CD from the floppy with mouse.ini added.
Here is my mouse.ini
[mouse]
MouseType=PS2
Cheers!
Since most of the systems on which I'm performing the Ghost 2003 image
backups have a mouse attached by the PS/2 mouse port, I thought that
should work fine. So I used Notepad
to create a
mouse.ini
file with the above lines on one of the Ghost 2003
boot floppy disks (be sure to change the "save as type" to "all files",
if using the Windows Notepad program). I also found that I was able to
boot laptops with a built-in mouse
touchpad and use use
the mouse with no problems with the mouse type set to PS2 in
mouse.ini
. I no longer received the "Abort, retry, or fail"
message when booting from a Ghost 2003 boot CD that had the
mouse.ini
file in the root directory.
Note: you can see optons for the mouse.com
program by
typing mouse /?
at a command prompt. You can use
mouse off
to remove the mouse driver from memory.
. You
can specify the mouse type by using the
type
option.
mouse type /Cn (serial), /Z (PS2), /In (inPort), /B (bus)
(n specifies a prot and can be either 1 or 2)
References:
-
Procedure for Generating Norton Ghost Bootable CD
MoonPoint Support
-
Ghost 2003 Multi-Boot CD (Abort,Retry,Fail) error
By: eASYkILL
Date: April 1, 2005
Microsoft Software
Forum Network (MSFN)
[/os/windows/utilities/backup/ghost]
permanent link
Thu, Jul 24, 2008 10:16 am
NTFS Support on CentOS
I needed to be able to access files on a USB drive formatted with the
NTFS filesystem from
a
CentOS 5.1 Linux system. To
do so I used the free
open
source NTFS driver for Linux,
NTFS-3G.
I followed the instructions at
How to Mount an NTFS Filesystem in order to be able to do so.
I issued the command yum install fuse fuse-ntfs-3g dkms dkms-fuse
to install the required packages (dkms and dkms-fuse install the fuse kernel
module).
The system needs to be configured to use the
RPMforge repository in order for
the above yum install
command to work. See
Installing Wine on CentOS or
RPMForge Packages and Yum Priorites for information on configuring
yum
to use the RPMforge repository.
After installing the ntfs-3g driver, I was able to mount the NTFS-formatted
drive.
[root@localhost ~]# mkdir /mnt/windrive
[root@localhost ~]# mount -t ntfs-3g /dev/sda1 /mnt/windrive
I first created a mount point, which I arbitrarily named "windrive" under
/mnt
. Then I needed to specify the file system type with
-t ntfs-3g
. This particular drive was an external USB drive,
which Linux identified as /dev/sda
. It had only one partition
on it, so I used /dev/sda1
to mount it. If you are unsure
how Linux will identify the drive, see
Linux Drive
Designations
If the NTFS drive contains the Windows operating system for a system and
the system was put into hibernation mode when it was shut down, you can only
mount it in read-only mode. You will see the following message, which I
saw when I tried to mount another drive from a hibernated Windows system,
if you don't specify read-only mode for mounting the drive:
# mount -t ntfs-3g /dev/sdc1 /mnt/workdrive
Windows is hibernated, refused to mount.
Failed to mount '/dev/sdc1': Operation not permitted
The NTFS partition is hibernated. Please resume and shutdown Windows
properly, or mount the volume read-only with the 'ro' mount option, or
mount the volume read-write with the 'remove_hiberfile' mount option.
For example type on the command line:
mount -t ntfs-3g /dev/sdc1 /mnt/workdrive -o remove_hiberfile
I was able to mount the drive by using the -r
option for
the mount command (you can also use -o ro
).
mount -r -t ntfs-3g /dev/sdc1 /mnt/workdrive
fuse-ntfs-3g package information:
[root@localhost /]# rpm -qi fuse-ntfs-3g
Name : fuse-ntfs-3g Relocations: (not relocatable)
Version : 1.2712 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/
Release : 1.el5.rf Build Date: Mon 14 Jul 2008 04:20:28 PM EDT
Install Date: Thu 24 Jul 2008 08:48:39 AM EDT Build Host: lisse.leuven.wieers.com
Group : System Environment/Kernel Source RPM: fuse-ntfs-3g-1.2712-1.el5.rf.src.rpm
Size : 905700 License: GPL
Signature : DSA/SHA1, Mon 14 Jul 2008 05:57:27 PM EDT, Key ID a20e52146b8d79e6
Packager : Dag Wieers <dag@wieers.com>
URL : http://www.ntfs-3g.org/
Summary : Linux NTFS userspace driver
Description :
The ntfs-3g driver is an open source, GPL licensed, third generation Linux NTFS
driver. It provides full read-write access to NTFS, excluding access to
encrypted files, writing compressed files, changing file ownership, access
right.
Technically it’s based on and a major improvement to the third generation Linux
NTFS driver, ntfsmount. The improvements include functionality, quality and
performance enhancements.
ntfs-3g features are being merged to ntfsmount. In the meanwhile, ntfs-3g is
currently the only free, as in either speech or beer, NTFS driver for Linux
that supports unlimited file creation and deletion.
After unmounting the drive with the umount
command, I removed
the directory I created when mounting it.
[root@localhost /]# rmdir /mnt/windrive
[/os/unix/linux/centos]
permanent link
Thu, Jul 24, 2008 10:05 am
Linux Drive Designations
If you are unsure how Linux will designate a drive, Linux identifies
IDE
drives as
hdx
, e.g.
hda
,
hdb
,
hdc
, or
hdd
, while
sdx
, such as
sda
,
sdb
, etc., is used to designate
SATA,
SCSI, and
USB drives.
IDE/ATAPI device names
Name | Device |
hda | IDE bus/connector 0 master device |
hdb | IDE bus/connector 0 slave device |
hdc | IDE bus/connector 1 master device |
hdd | IDE bus/connector 1 slave device |
To find drives on your system, type mesg | grep '^hd.:'
and/or dmesg | grep 'SCSI device sd.:'
[root@localhost ~]# dmesg | grep '^hd.:'
hda: HDS722516VLAT80, ATA DISK drive
hdc: Memorex DVD16+/-DL4RWlD2, ATAPI CD/DVD-ROM drive
hdd: ST3120026A, ATA DISK drive
hda: max request size: 512KiB
hda: 321672960 sectors (164696 MB) w/7938KiB Cache, CHS=20023/255/63, UDMA(100)
hda: cache flushes supported
hdd: max request size: 512KiB
hdd: 234441648 sectors (120034 MB) w/8192KiB Cache, CHS=16383/255/63, UDMA(100)
hdd: cache flushes supported
hdc: ATAPI 48X DVD-ROM DVD-R CD-R/RW drive, 2048kB Cache, UDMA(66)
[root@localhost ~]# dmesg | grep 'SCSI device sd.:'
SCSI device sda: 398297088 512-byte hdwr sectors (203928 MB)
SCSI device sda: 398297088 512-byte hdwr sectors (203928 MB)
SCSI device sdb: 156301488 512-byte hdwr sectors (80026 MB)
SCSI device sdb: 156301488 512-byte hdwr sectors (80026 MB)
SCSI device sdc: 156301488 512-byte hdwr sectors (80026 MB)
SCSI device sdc: drive cache: write back
SCSI device sdc: 156301488 512-byte hdwr sectors (80026 MB)
SCSI device sdc: drive cache: write back
[/os/unix/linux]
permanent link
Wed, Jul 23, 2008 2:41 pm
Installing Wine on CentOS
I needed to install
Wine on
a
CentOS
5.1 system I had just set up. Wine is available from the
RPMForge repository, so I downloaded
the latest
rpmforge-release
package from RPMForge and installed it.
[root@localhost ~]# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
[root@localhost ~]# rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.i386.rpm
That placed two new files, mirrors-rpmforge
and
rpmforge.repo
in /etc/yum.repos.d
. I then
checked to ensure the yum-priorites
package was installed.
[root@localhost ~]# rpm -qi yum-priorities
Name : yum-priorities Relocations: (not relocatable)
Version : 1.1.10 Vendor: CentOS
Release : 9.el5.centos Build Date: Sun 08 Jun 2008 06:25:46 PM EDT
Install Date: Wed 23 Jul 2008 12:20:43 AM EDT Build Host: builder16.centos.org
Group : System Environment/Base Source RPM: yum-utils-1.1.10-9.el5.centos.src.rpm
Size : 12698 License: GPL
Signature : DSA/SHA1, Sat 14 Jun 2008 07:23:04 PM EDT, Key ID a8a447dce8562897
URL : http://linux.duke.edu/yum/download/yum-utils/
Summary : plugin to give priorities to packages from different repos
Description :
This plugin allows repositories to have different priorities.
Packages in a repository with a lower priority can't be overridden by packages
from a repository with a higher priority even if repo has a later version.
I then verified that yum-priorities
is enabled by ensuring that the
following lines were present in /etc/yum/pluginconf.d/priorities.conf
:
[main]
enabled = 1
The yum repository information is stored in /etc/yum.repos.d
.
[root@localhost ~]# ls -l /etc/yum.repos.d
total 32
-rw-r--r-- 1 root root 2049 Jun 19 09:48 CentOS-Base.repo
-rw-r--r-- 1 root root 626 Jun 19 09:48 CentOS-Media.repo
-rw-r--r-- 1 root root 684 Mar 8 2007 mirrors-rpmforge
-rw-r--r-- 1 root root 428 Mar 8 2007 rpmforge.repo
I added priority=1
as the last line in the following sections
of CentOS-Base.repo
:
[base]
[updates]
[extras]
I added priority=2
as the last line in the [centosplus]
.
I edited /etc/yum.repos.d/rpmforge.repo
and added
priority = 11
at the end of the file.
Repositories with lower priority numbers are considered to have a higher
priority than than those with higher numbers. E.g. if repository A has
priority=4
associated with it while repository B has
priority=5
associated with it, repository A has a higher
priority than repository B.
After adding the RPMForge repository, I was then able to install
Wine with yum install wine
. The following dependencies
were also instaled:
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
wine i386 1.0-1.el5.rf rpmforge 2.9 k
Installing for dependencies:
wine-capi i386 1.0-1.el5.rf rpmforge 16 k
wine-cms i386 1.0-1.el5.rf rpmforge 65 k
wine-core i386 1.0-1.el5.rf rpmforge 36 M
wine-esd i386 1.0-1.el5.rf rpmforge 43 k
wine-jack i386 1.0-1.el5.rf rpmforge 13 k
wine-ldap i386 1.0-1.el5.rf rpmforge 251 k
wine-nas i386 1.0-1.el5.rf rpmforge 12 k
wine-twain i386 1.0-1.el5.rf rpmforge 23 k
After the installation, I ran winecfg
.
[root@localhost ~]# winecfg
wine: created the configuration directory '/root/.wine'
Could not load Mozilla. HTML rendering will be disabled.
wine: configuration in '/root/.wine' has been updated.
Wine was configured to emulate Windows XP by default.
I clicked on the Desktop Integration tab and
set the "My Documents", "My Pictures", "My Music", and
"My Videos" folders to link to directories I created
under a "Documents" folder, I created under the login
directory for the account I was logged in under. The
directories must be created before you link to
them with the Wine configuration utility.
[root@localhost Documents]# mkdir Pictures
[root@localhost Documents]# mkdir Music
[root@localhost Documents]# mkdir Videos
In the Wine configuration window, I clicked OK to retain
the default settings. When I was returned to the shell prompt, I ran
wine notepad
to test Wine with the notepad application.
References:
-
Installing RPMForge
CentOS Wiki
-
yum-plugin-priorities
CentOS Wiki
-
RPMForge Packages and Yum Priorites
MoonPoint Support
-
Configuring Wine
Wine HQ
[/os/unix/linux/centos]
permanent link
Tue, Jul 22, 2008 11:00 pm
Installing Centos 5.1 on a USB Drive
Though it took me some trial and error to figure out how to get it working, I
was finally able to install CentOS 5.1 on a USB drive and have a system
boot from the drive automatically. I wanted to have the drive set up with
CentOS, so I could easily transport programs and my personal files between
locations.
[ More Information ]
[/os/unix/linux/centos]
permanent link
Tue, Jul 15, 2008 8:31 pm
Use SFTP Rather Than FTP
FTP uses unencrypted userids
and passwords for file transfers, whereas
SFTP
uses an encrypted userid and password and encrypts the data as well.
Many may have also experienced problems with getting FTP to work through a
firewall. Steven Frank provides a list of other reasons at
http://stevenf.com/archive/dont-use-ftp.php as to why one should avoid
FTP when possible.
[/network/ftp]
permanent link
Tue, Jul 15, 2008 5:12 pm
Requiem for Windows XP
InfoWorld published an artcile
A requiem for Windows XP on July 1, 2008 stating that Microsoft
has held firm on discontinuing sales of Windows XP, though enterprises,
small businesses, and some consumers will still be able to install XP
as a "downgrade" to Windows Vista Business or Ultimate. System builders
will still be able to build PCs with Windows XP until February 1, 2009, so if
you purchase a PC at a computer show, such as those run by
MarketPro,
which I attend when they are held in my area, you will still be able to get
Windows XP on such a system.
There is also a link in the article to a
Windows 7 compatibility checker, if you are interested in determing
whether a system will be able to support the next version of Windows.
[/os/windows/xp]
permanent link
Tue, Jul 15, 2008 4:58 pm
Alternatives to Microsoft Office
InfoWorld has an article published
July 15, 2008 titled
Can you really live without Microsoft Office? that discusses
open source and cloud computing alternatives to Microsoft Office.
One of the alternatives is OpenOffice.
Though I use Microsoft Office on my Windows laptop, I use OpenOffice on other
systems, such as Linux or Solaris systems and even on one Windows system.
I've found it quite useable and, for most of the documents I work with,
able to handle documents created in Microsoft Office's applications fairly
well.
I also use Google Docs, though just
the spreadsheet capability. I use Google Docs spreadsheets for personal use,
such as tracking my mileage and gas consumption. It works fine for that and
could also suffice for others with uncomplicated spreadsheet requirements,
but it definitely isn't on a par with Microsoft Excel's capabilities.
I haven't tried the other alternative discussed in the article yet,
Zoho. Zoho is a suite of online applications
(services) that you access from the Zoho website. The applications are free
for individuals and some have a subscription fee for organizations.
In their FAQ,
Zoho states that "We assure you that the contents of your Account will not be
disclosed to anyone and will not be accessible to employees of AdventNet.
Neither do we process the contents of your Account for serving targeted
advertisements."
[/os/windows/office]
permanent link
Mon, Jul 14, 2008 10:33 pm
Netscape Mail View
Someone who uses Netscape 7.2 for email reported that the count for unread
messages, which appears on the left hand side of Netscape's mail window,
was showing uread messages, but he couldn't find them. When I checked
his system, I found he had changed the message "view" to show only messages
with attachments. I changed it to show all messages again, by selecting
"All" for "View" ("View" appears slightly above the list of messages in a
folder).
Netscape 7.2 supports the following "views"
All
Unread
Important
Work
Personal
To Do
Later
People I know
Recent Mail
Last 5 Days
Not Junk
Has Attachments
There is also an option to customize the view of messages.
[/network/email/clients/netscape]
permanent link
Sun, Jul 13, 2008 7:57 pm
BFG Tech Model BFG550WGSPSU Power Supply
Click either image to see a larger version
Manufacturer: BFG Tech
Model: BFG550WGSPSU
AC Input: 115/230V~,60/50Hz,10/6A
Specifications
ATX12V 2.2
Dual 12V Rails
SATA Connectors
PCI Express Ready
Efficiency: > 80% Typical
Silent 140mm Intake Fan
BFG Thermal Control Technology
Protection Circuitry
MTBF: 80,000 Hours at 25° C
Safety Approval: CCC, CB, UL, TUV, CE, CSA, CUL, NEMKO, SAA, GS, VDE
Dimensions: 8.6cm W x 15cm H x 14cm D (3.4" W x 6" H x 5.5" D)
1 Year Warranty
|
|
DC Output
+3.3V = 35A
+5V = 40A
+3.3V +5V Max. Combined Wattage = 130W
+12V1 = 18A
+12V2 = 18A
+12V Max. Combined Wattage = 432W
-12V = 0.5A
+5VSB = 2.5A
|
|
Included in Box
1 x 550 Watt Power Supply Unit
1 x US Power Cable
1 x User's Guide
4 x Mounting Screws
|
|
Connectors
1 x 24-Pin (20+4-Pin) Motherboard Connector
1 x 8-Pin (4+4-Pin) CPU 12V Power Connector
1 x 6-Pin PCI Express Connector
1 x 8-Pin (6+2-Pin) PCI Express Connector
4 x 4-Pin Molex Connectors
1 x 4-Pin Floppy Connector
4 x SATA Connectors (also includes connectors for IDE drives)
|
|
Works With The Following Motherboards
PCI Express
AGP
PCI
|
|
Manual
BFG Tech "GS" Series User's
Manual - Microsoft Word Document
BFG Tech "GS" Series
User's Manual - HTML Document (produced by OpenOffice.org Writer)
References:
- GS-550 Power Supply
BFG Tech
- BFG Tech
"GS" Series User's Manual
BFG Tech
[/pc/hardware/power-supply]
permanent link
Sun, Jul 13, 2008 3:04 pm
Scheduling NTBackup for a Daily Backup
The
NTBackup utility
comes with Windows NT, 2000, Server 2003, Small Business Server (SBS) 2003,
and Windows XP. NTBackup is not installed by default with Windows XP Home
Edition, but is available on the Windows XP installation disc. Microsoft
has replaced NTBackup in Windows Vista.
NTBackup backs up files to a proprietary BKF format. With Windows XP and
later, it can even backup open files using
Volume Shadow Copy,
aka Volume Snapshot Service (VSS)..
To create a backup process that runs every week on a specific
day to backup a folder on a
system, you can create a batch file similar to the following:
@echo off
REM NTBackup batch file for ACCI folder
REM Set date variable
For /f "tokens=2-4 delims=/ " %%a in ('date /t') do (set date=%%a-%%b-%%c)
date = %date%
ntbackup backup D:\ACCI /J "ACI" /V:No /M Normal /Snap:on /f "F:\ACI\Backups\Current\ACCI_Weekly_%date%.bkf"
The above batch file, which I've named acci-weekly.bat
will
backup the D:\backup
on the system on which it is run. The files
will be backed up to F:\ACI\Backups\Current\ACCI_%date%.bkf
. The
%date%
variable is set by the code below:
For /f "tokens=2-4 delims=/ " %%a in ('date /t') do (set date=%%a-%%b-%%c)
date = %date%
The %a
variable holds the
month, %b
holds the day, and %c
holds the year. Files
will be created with names in the form ACCI_Weekly_07-12-2008.bkf
.
The other parameters used are as described below:
/J {"JobName"}
Specifies the job name to be used in the backup report. The job name usually
describes the files and folders you are backing up in the current backup job.
/V:{yes | no}
Verifies the data after the backup is complete.
/M {BackupType}
Specifies the backup type. It must be one of the following: normal, copy,
differential, incremental, or daily.
/SNAP:{on | off}
Specifies whether or not the backup should use a volume shadow copy.
/F {"FileName"}
Logical disk path and file name. You must not use the following switches with
this switch: /P /G /T.
Further information on the options availabe with the ntbackup
command can be obtained by running ntbackup /?
from a command
prompt.
By specifying normal
as the backup type, all of the files
in the folder will be backed up. If the folder occupies a large amount of
disk space and will take a considerable amount of time to backup, you may not
want to backup all of the files every day.
In this case I would run a normal backup on Sundays, but an incremental
backup every other day. So I have a second batch file, acci.bat
.
@echo off
REM NTBackup batch file for ACCI folder
REM Set date variable
For /f "tokens=2-4 delims=/ " %%a in ('date /t') do (set date=%%a-%%b-%%c)
date = %date%
ntbackup backup D:\ACCI /J "ACI" /V:No /M Incremental /Snap:on /f "F:\ACI\
Backups\Current\ACCI_%date%.bkf"
To run the batch file that performs the incremental backup every day,
you can use the at
command.
C:\Documents and Settings\Administrator>at 19:30 /every:m,t,w,th,f,s d:
\backups\acci.bat
Added a new job with job ID = 1
The above command schedules the backup to run every night, Monday through
Saturday, at 7:30 P.M. The backup is an incremental backup. An incremental
backup is a backup that copies only those files created or changed since the
last normal or incremental backup. It marks files as being backed up by
clearing the archive attribute on files. If you use a combination of normal
and incremental backups to restore your files, you will need to have the last
normal backup and all incremental backup sets.
You can check scheduled jobs by running the at
command with
no parameters. You can get help on the command with at /?
.
C:\Documents and Settings\Administrator.mayberry>at
Status ID Day Time Command Line
-------------------------------------------------------------------------------
1 Each M T W Th F S 7:30 PM d:\backups\acci.bat
To schedule the job that runs once a week on Sunday, I can use
at 19:30 /every:su d:\backups\acci_weekly.bat
.
For a full restoral from the backups, I would need to restore first
from the weekly normal backup and then restore from each of the incremental
backups from that week.
[/os/windows/utilities/backup/ntbackup]
permanent link
Sat, Jul 12, 2008 2:42 pm
Ghost 7.5 Client Timed Out Failure
When I ran a
Symantec Ghost 7.5 backup
task to create an image backup of a system over the
LAN, the task failed. I
looked at the event log for the backup task by right-clicking on the failed
task.
I saw that the initialization failed.
The event details showed that the client timed out.
A Ghost client system should be listening on
UDP port 1346. The Ghost
server sends a datagram from UDP port 1347 to port 1346 on the client to
start the backup. But when I scanned the client system with Foundstone's free
ScanLine program, I found it wasn't responding on port 1346.
C:\>sl -u 1346 192.168.0.14
ScanLine (TM) 1.01
Copyright (c) Foundstone, Inc. 2002
http://www.foundstone.com
Scan of 1 IP started at Sat Jul 12 13:29:59 2008
-------------------------------------------------------------------------------
192.168.0.14
Responded in 0 ms.
0 hops away
Responds with ICMP unreachable: Yes
UDP ports:
-------------------------------------------------------------------------------
Scan finished at Sat Jul 12 13:29:59 2008
1 IP and 1 port scanned in 0 hours 0 mins 0.02 secs
And when I examined the network traffic between the two systems with
MicroOLAP's
tcpdump when I ran the backup task, I saw the client system was returning a
"udp port 1346 unreachable" message.
I logged onto the system from the server using the
Remote
Desktop Protocol (RDP). When I logged on and checked whether the
system was listening on UDP port 1346 with netstat
, I saw it
was listening.
C:\Documents and Settings\Administrator>netstat -a | find "1346"
UDP Ellie:1346 *:*
When I disconnected and scanned the system from the Ghost server again
using ScanLine, I could then see it was responding on UDP port 1346. Apparently
just logging on to the system caused it to start accepting data on port 1346
again.
C:\Program Files\Network\Scanning\Scanline>sl -u 1346 192.168.0.14
ScanLine (TM) 1.01
Copyright (c) Foundstone, Inc. 2002
http://www.foundstone.com
Scan of 1 IP started at Sat Jul 12 14:09:32 2008
-------------------------------------------------------------------------------
192.168.0.14
Responded in 0 ms.
0 hops away
Responds with ICMP unreachable: Yes
UDP ports: 1346
-------------------------------------------------------------------------------
Scan finished at Sat Jul 12 14:09:36 2008
1 IP and 1 port scanned in 0 hours 0 mins 4.02 secs
But when I ran the Ghost task again, it again failed. And when I scanned
the system with ScanLine again, I found the client system was no longer
responding on port 1346. And when I checked from the system itself by
using the netstat
command again, I found netstat was no longer
showing it listening on port 1346.
From the client system itself, I ran ngctw32.exe
, which is located
in C:\Program Files\Symantec\Ghost
. When I ran
ngctw32
, the ScanLine program showed it listening on port 1346 as
did netstat
. I then reran the Ghost task from the server. This
time the backup started.
[/os/windows/utilities/backup/ghost]
permanent link
Fri, Jul 11, 2008 3:26 pm
Free RocketMail Account
I signed up for a free
RocketMail
email account from
Yahoo today to use
as a test email account. Yahoo offers unlimited storage for the email
account. RocketMail was acquired by Yahoo! and relaunched by as
Yahoo! Mail in 1997.
John Kremer, a
Yahoo! Mail vice president, provides
some history on how Yahoo's email account storage capacity has grown over
the years. He mentions that when Yahoo! Mail launched in 1997, users got
a whopping 4 megabytes (MB) of storage for their email.
[/network/email/free]
permanent link
Thu, Jul 10, 2008 3:57 pm
Turning Off Forwarding in Microsoft Exchange
On a Small Business Server (SBS) 2003 system, to turn off forwarding of email
from Microsoft Exchange 6.5 to an external email address, take the following
steps:
- Click on Start.
- Select All Programs.
- Select Administrative Tools.
- Select Active Directory Users and Computers.
- Under Users, right-click on the appropriate user account and
select Properties.
- Click on the Exchange Advanced tab.
- Click on Delivery Options.
- Under Forwarding Address, select None, instead
of Forward to.
- Click on OK.
- Click on OK to close the Properties window.
[/network/email/exchange]
permanent link
Thu, Jun 26, 2008 10:05 pm
Maximum Email Size Allowed by GoDaddy
GoDaddy.com offers email hosting
service for domains. The maximum message size GoDaddy permits for email
accounts hosted on their email servers is 30 MB. The maximum size allowed
for an attachment to a message is 20 MB. The total combined size of the
file attachment and the contents of the email message itself cannot
exceed the 30MB limit.
References:
-
What is the maximum attachment size I can send through my email account?
Last Updated: April 24, 2007
GoDaddy Help Center
[/network/email/godaddy]
permanent link
Tue, Jun 24, 2008 10:03 pm
Visio Netscreen Shapes
MTMnet, Inc. provides Netscreen shapes, as
well as many other network shapes, at
MTMnet.com's Visio Icon &
Stencil Library
The following Juniper Networks NetScreen shapes are provided:
5GT | Netscreen-5GT |
5XT | Netscreen-5XT |
5GT Wireless | Netscreen-5GT Wireless |
HSC | Netscreen-HSC |
25 | Netscreen-25 |
208 | Netscreen-208 |
500 | Netscreen-500 |
500 GPRS | Netscreen-500 GPRS |
5200 | Netscreen-5200 |
5400 | Netscreen-5400 |
IDP 10 | Netscreen-IDP 10 |
IDP 100 | Netscreen-IDP 100 |
IDP 500 | Netscreen-IDP 500 |
IDP 1000 | Netscreen-IDP 1000 |
ISG 2000 | Netscreen-ISG 2000 |
RA 500 | Netscreen-RA 500 |
SA 1000 | Netscreen-SA 1000 |
SA 3000 | Netscreen-SA 3000 |
SA 3000 FIPS | Netscreen-SA 3000 FIPS |
SA 5000 | Netscreen-SA 5000 |
SA 5000 FIPS | Netscreen-SA 5000 FIPS |
SM 3000 | Netscreen-SM 3000 |
Netscreen-SA Central Manager | Netscreen-SA Central Manager |
Netscreen-Global Pro | Netscreen-Global Pro |
Netscreen-Security Manager 2004 | Netscreen-Security Manager 2004 |
Netscreen-Remote Security client | Netscreen-Remote Security client |
Netscreen-Remote VPN client | Netscreen-Remote VPN client |
Generic 19in Rack | Generic 19" Rack |
Download the .vss file onto
your system. Visio 2003 stores the stencils that come with it in
C:\Program Files\Microsoft Office\Visio11\1033. You should also have
a My Shapes directory under your My Documents directory.
I store stencils I've downlaoded there.
To use the new shapes, in Visio, click on File, then Shapes,
then My Shapes, if you've stored them in that directory. Then select
Netscreen for the Netscreen shapes.
Download Sites:
MTMnet.com
ShapeSource by Visimation
MoonPoint Support
[/os/windows/office/visio]
permanent link
Mon, Jun 23, 2008 9:21 pm
PossibleHostsFileHijack
I scanned my laptop with Windows Defender version 1593. It reported
it found "Win32/PossibleHostsFileHijack.
Scan Results
1 items detected
Select an action to apply:
Name | Alert level | Action | Status |
SettingsModifier:Win32/PossibleHostsFileHijack |
Medium | Clean | |
Category
Settings Modifier
Description:
This program has potentially unwanted behavior
Advice:
Review the alert details to see why the software was detected. If you do not
like how the software operates or if you do not recognize and trust the
publisher, consider, blocking or removing the software.
Resources:
file:
C:\WINDOWS\system32\drivers\etc\hosts
View more information about this item online
The link provided by Windows Defender to
SettingsModifier:Win32/PossibleHostsFileHijack provided the following
information:
Also Known As:
Trojan.Win32.Qhost (Kaspersky)
Qhosts.apd (McAfee)
Summary
A detection of Win32/PossibleHostsFileHijack is an indicator that your HOSTS
file may have been modified by malicious or potentially unwanted software.
Modifications to the HOSTS file can cause access to certain Internet domains
to be redirected or denied. This may prevent the computer from connecting to
certain Web sites.
Symptoms
Situations such as the following may be signs that your HOSTS file has been
modified without your consent:
-
You are unable to access a certain Web site that you believe is in operation,
such as a site that provides programs to help keep your computer secure.
-
Your browser connects to a Web site that does not appear to be appropriate,
given the Web address you entered.
The hosts file is at c:\windows\system32\drivers\etc\hosts.
In this case Windows Defender is flagging it because it has been modified.
Typically, it doesn't have much more in it than a reference to the
loopback address,
i.e. 127.0.0.1 localhost
.
In the case of this laptop, Spy Sweeper added entries such as the following:
127.0.0.1 localhost
127.0.0.1 1.httpdads.com #SpySweeperCASS
127.0.0.1 207-87-18-203.wsmg.digex.net #SpySweeperCASS
127.0.0.1 a.mktw.net #SpySweeperCASS
127.0.0.1 a.tribalfusion.com #SpySweeperCASS
Many antispyware programs, such as Spy Sweeper or
Spybot Search & Destroy, will
add entries to the hosts file,
pointing the address to malicious sites or those that distribute adware/spyware
to the loopback address, 127.0.0.1
, instead. That ensures that if
the the system attempts to contact one of those sites, such as
httpdads.com
, which is listed by SpySweeper, which is antispyware
software produced by
Webroot Software, Inc., that instead of
going to the website distributing the malware, the system instead is directed
to the local loopback address on the system itself, preventing the system
from contacting the actual website.
So, in this case, I can consider the report a "false positive" and instruct
Windows Defender to ignore it.
[/security/spyware/defender]
permanent link
Thu, Jun 12, 2008 10:11 pm
Eudora 4.2 Filenames with Spaces
A user of Eudora 4.2 reported that she was unable to open attachments
in email messages. When I checked her system I found that I could not
open attachments by double-clicking on them, if the attachment's filename
had a space in it, but I could open attachments that did not have spaces
in the names. Also, when I moved the cursor over the attachment name
in the message, I saw
%25%20
representing the spaces
in the file names, e.g. "Pulte Contact Information.xls" appeared
as "Pulte%25%20Contact%25%20Information.xls". The attachments were
stored in
M:\attach
, so I saw the following when I moved the
cursor over that file:
file:///M:/attach/Pulte%25%20Contact%25%20Information.xls
When I double-clicked on the attachment, I saw the following error message.
M:\attach\Pulte%20Contact%20Information.xls |
Windows cannot find 'M:\attach\Pulte%20Contact%20Information.xls'. Make
sure you typed the name correctly, and then try again. To search for a file,
click the Start button, and then click Search.
OK
|
A percent sign followed by 20
, i.e. %20, is often used to represent
a space in filenames within HTML documents, but I didn't know why %25%20 was
appearing.
At
Corrup path to mail attachments: includes %2520, I found someone
reporting a similar problem. A respondent to the original poster provided
the following comment:
This happens only when you "use Microsoft's viewer,"
which means that every email window is actually an Internet Explorer window,
in which spaces are not allowed in URLs.
%25 itself represents the character "%" - so after one interpretation by the
browser, %2520 becomes %20, which when interpreted a second time represents
one space.
However, I get only forward slashes [/] in my paths when using this mode,
which also begin with file:///C:/... [three initial forward slashes]
When not "using Microsoft's viewer," then you get backward slashes [\]
and the path is file://C:\... [with no %, just spaces]
That described what I saw. I saw forward slashes for the full
directory path when I hovered the mouse over the attachment name, but
backslashes were listed in the error message that appeared.
Someone else suggested unchecking "Use Microsoft Viewer" in
"Tools|Options|ViewingMail". I clicked on Tools, Options,
and selected Viewing Mail. I saw the following:
I unchecked "Use Microsoft's viewer". After closing and reopening
Eudora, I was then able to view attachments with spaces in the
filenames by double-clicking on them. I noticed that Eudora
was now displaying backslashes in the filenames, which is the
convention used by Microsoft Windows, when I moved the mouse
over them instead of the forward slashes it showed previously.
[/network/email/clients/eudora]
permanent link
Sun, Jun 08, 2008 9:47 pm
Microsoft Releasing Seven Patches This Month
Microsoft is releasing 7 patches for Windows this month. Some of the patches
plug remote code execution vulnerabilities. One is a critical patch for
Internet Explorer (IE) that address a vulnerability in versions of IE from
5.01 through 7. This patch applies to Windows 2000 SP4, XP SP2 and SP3, Windows
Server 2003 SP1 and SP2, Vista SP1, and all versions of Windows Server 2008.
Further information on the patches is available at
"
Microsoft To Issue 7 Patches This Month.
References:
-
Microsoft To Issue 7 Patches This Month
By Jabulani Leffall
June 5, 2008
Redmond | The Independent Voice of the
Microsoft IT Community
[/security/patches/windows]
permanent link
Sun, Jun 08, 2008 9:43 pm
Spam Accounts for Three-quarters of Email
MessageLabs, an online security
company, which provides antispam and antivirus services, reported that
three-quarters of the email messages it scanned during May 2008 were spam, an
increase of 3.3% from the prior month. MessageLabs also reported that one out of
every 170 messages it scanned contained some kind of malicious code with
90% of that malicious code being botware, which can turn a computer into
a "zombie" that can be remotely controlled by a
"
bot herder".
Mark Sunner, MessageLabs MessageLabs' chief security analyst, reported
that spammers are now also using
Google Docs and Microsoft's SkyDrive
free online storage to host the contents of their spam messages. The spammers
put a link into the messages they send pointing to online documents hosted
on those services, which have the advantage of providing large amounts of
bandwidth.
References:
-
Report: Cyberspace Becoming More Malicious
By William Jackson
June 4, 2008
Redmond Developer News
[/network/email/spam]
permanent link
Mon, Jun 02, 2008 6:53 pm
Photoshopping and Digital Forensics
A lot of photos you see posted on the web or sent around by email may have been
"
photoshopped", i.e. doctored in an image editing program, such as Adobe's
Photoshop graphics program. Such
photo
manipulation has been going on since before the advent of Photoshop, though.A Scientific American article,
Digital Forensics: 5 Ways to Spot a Fake Photo, published on June
2, 2008, details techniques that can be used to determine when photos have
been digitally altered.
There is an article
The Reuters Photo Scandal that discusses the manipulation of images
and the staging of photos for political purposes.
[/os/windows/software/graphics/adobe/photoshop]
permanent link
Mon, Jun 02, 2008 6:26 pm
Best Buy Pilot Recycling Program
According to
engadget's article,
Best Buy offers up free electronics recycling in 117 stores, Best
Buy has started a pilot recycling program in some of its stores in the
Baltimore, San Francisco, and Minnesota areas. Stores in those areas will now
accept up to two items per day, per household, including televisions and
monitors up to 32-inches, computers, cameras and other devices not including
microwaves, air conditioners. or appliances.
I've used Office Depot's recycling
program. You can buy boxes in several different sizes into which you can
place electronic items to be recycled. You bring the boxes back to the store
where someone checks that the items they contain are on the list of those
that Office Depot states they will recycle when you buy the boxes. The cost
of the boxes depends on their size. A small box is $5, a medium one is $10,
and a large one is $15. Details on the program are available at
Tech Recycling Services.
Staples also has a recycling program. Details on their program can be
found at
Staples Soul - Recycling. According to the Staple's website, "A
recycling fee of $10 per piece of large equipment is charged to cover handling,
transport, product disassembly and recycling. Smaller computer peripherals such
as keyboards, mice, and speakers are accepted at no charge."
Engadget has information on other recycling services at
http://www.engadget.com/tag/recycling, including information on a U.S.
Postal Service recyling program where the Postal Service allows you to ship
items to a recycling company for free.
Another service I found mentioned in comments to a June 2, 2008 engadget
article,
Staples to stock Flexplay self-destructing DVDs was
GreenDisk. GreenDisk recycles the
following items:
-
All forms of
electronic media and their cases: diskettes, zip disks, CDs, CD-Rs,
CD-RWs, DVDs et al, video tape (i.e. VHS), audio tape, game cartridges,
DAT, DLT, Beta or Digibeta, and virtually all other type of computer tapes.
-
Hard drives, Zip and Jazz
drives, jump drives, etc.
-
All forms of printer
cartridges including both inkjet and toner.
-
All types of cell phones,
pagers, PDAs and their chargers, cables, and headset accessories
-
All types of rechargeable
batteries (not regular alkaline ones) and their chargers
-
All of the small computer
accessories such as MP3 players, iPods, digital cameras, hand-held scanners,
handheld games and other connected devices. (Technotrash Can Only)
-
All of the cords, cables,
boards, chips, etc. attached to or removed from a computer.
-
Laptop computers
.
(Technotrash Can Only)
[/hardware/recycling]
permanent link
Mon, Jun 02, 2008 5:59 pm
Electronic Book Reading with Kindle
There is a May 28, 2008 article with information on Amazon's Kindle electronic
book reader on
engadget titled
Bezos: second Kindle is "not that near," Amazon to launch paid streaming
VoD. I've considered buying one of those. I'm running out of space to
store all of my books and am storing boxes of books in my attic now. I'd like to
be able to have at least a good portion of them available electronically with
the capability to mark passages I find particularly interesting (I never
markup my physical books, though). But the price has kept me from buying
a Kindle.
According to the article, Amazon's founder, Jeff Bezos, has said that
there are 125,000 books available for the Kindle. I didn't know it also could
allow you to surf the web or listen to music in MP3 form. One of those
posting comments to the article stated the following:
Frank - the Kindle can check e-mail, surf the web, &
play mp3s. The browser still needs some work but it is usable. Internet
service is free and at decent speeds as long as you are in a Sprint
service area. The Kindle is definitely a niche device but could become
more mainstream with some changes, primarily price & a larger screen. IMO
it's not as ugly in real life as the pictures represent on the web but
could use a better design. I have a few other quibbles with it but have
no regrets in buying one.
[/ebook]
permanent link
Sun, May 25, 2008 7:05 pm
Microsoft Stopping Book Search Project
eWeek reports in a May 25, 2008 article,
Microsoft Expels Book Search: Can Google Cash In?, that Microsoft
is ending its Live Search Books and Live Search Academic software projects.
Under those projects, Microsoft digitized 750,000 books and indexed 80
million journal articles.
Microsoft is apparently ending the projects because it doesn't see them
as revenue generating projects. Thankfully, Google, whose own efforts led
Microsoft to embark on similar projects, will continue its efforts to
digitize books. The
Google Book Search Library Project allows one to view snippets of
books still under copyright and to download the entire contents of books
that are no longer under copyright.
[/network/web/search]
permanent link
Thu, May 22, 2008 9:08 pm
perl-Calendar-Simple Package
I needed to install a calendar generation package on a Linux system.
I had previously used
pcal
on another Linux system and decided to use it again, since I was familiar
with it and found it met my requirements.
I looked for a pcal RPM package. I found that the perl-Calendar-Simple
package contained a pcal program and decided to install it.
I installed the package, which is available from
http://packages.sw.be/perl-Calendar-Simple/ or
RPM PBone. If you are using
the RPMforge repository, you
can install it with yum
or another installer. To configure
yum
to use the RPMForge repository, see
RPMForge Packages and Yum Priorites.
# yum install perl-Calendar-Simple
After I installed the package, I found it installed /usr/bin/pcal
.
That pcal
program was a Perl script. I could use it to
generate the current month's calendar by typing pcal
or a specific
month from the current year with pcal m
, where m
is a number representing a month, e.g. pcal 6
would display
the month of June. Or you can use pcal mm
, e.g. pcal
06
for June. That pcal
can also generate a calendar for a
specific month and year with pcal mm yyyy
, e.g. pcal
06 2009
for the calendar for June 2009.
# pcal 06 2009
June 2009
Su Mo Tu We Th Fr Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
But that pcal
program didn't offer me as many options as
I had with the cal
program that was already installed on the
system. I didn't need anything particularly fancy, but I did need the
capability to generate a calendar in
HTML format, which
the Perl pcal script didn't provide.
References:
-
RPMForge Packages and Yum Priorites
MoonPoint Support
-
Pcal
MoonPoint Support
-
PCAL and LCAL: PostScript Calendar
Programs
SourceForge.net
-
pcal and lcal - pcal branch
freshmeat.net
[/languages/perl]
permanent link
Sun, May 18, 2008 8:33 pm
Capitalizing the First Letter of Names with Excel
I needed to take a
Comma-Separated
Values (CSV) file that contained a
column of names, with all of the letters in upper case, e.g. "JOHN SMITH",
and convert the names to a form where only the first letter of the first name
and the first letter of the last name remained in upper case.
I opened the .csv file
in Excel and used the proper()
function to perform the conversion.
Excel provides 3 functions, upper
, lower
, and
proper
to change the case of text.
Example: JOHN Smith
is in cell A1 of an Excel worksheet
=UPPER(A1)
will change the text to all uppercase, i.e.
JOHN SMITH
=LOWER(A1)
will change the text to all lowercase, i.e.
john smith
=PROPER(A1)
will change the case to suit a proper name, i.e.
John Smith
There were about 1,500 entries in the worksheet, so I didn't want to type
a formula in each cell. Instead, I created another column immediately to the
right of the one containing the name by clicking on Insert then
Columns in Excel. The first cell containing a name was B2. In C2,
I put the formula =proper(b2)
. Then I clicked in the
C2 cell to select it. I then held the left mouse button down and extended the
highligted area down to the last row containing a name. Since the last
such row was row 1482, I highlighted cells C2 through C1482. When I had
all of the cells highlighted, I released the mouse button. I then hit
Ctrl-D to copy the formula down through all of the higlighted
cells (the formula is automatically incremented as it is copied). That
resulted in the following formulas in column C.
Cell | Formula |
B2 | =PROPER(B2) |
B3 | =PROPER(B3) |
... | ... |
B1481 | =PROPER(B1481) |
B1482 | =PROPER(B1482) |
I then resaved the file in csv format and closed it. I then reopened it in
Excel. Since it was saved in CSV format, column C had the names with the
correct capitalization now without any formula attached to them. I then
deleted column B, which had the names in all capital letters. I then resaved
the file.
Note: If you have a name in the form "JOHN S SMITH III", proper
will convert the name to "John S Smith Iii", so you may need to scan through
the list of names for such instances.
References:
-
Properly Capitalize Text with "Proper"
Lega Andrew - law for the rest of
us
-
text case conversion in excel
Excel Lesson (97 and 2002)
CastleJB.com
[/os/windows/office/excel]
permanent link
Fri, May 16, 2008 4:19 pm
Displaying Line Numbers in Vi
To turn on the display of line numbers in the vi editor, use the
following command:
:set number
To turn off the dispaly of line numbers, use the command below:
:set nonumber
[/software/editors/vi]
permanent link
Fri, May 16, 2008 3:20 pm
Delete Lines Containing or Not Containing a String Using Vi
To delete all lines containing a string or all lines not containing a
particular string, you can use the global search options in the Vi
editor.
Global Search
- :g/string/command
- command affects lines containing string
- :v/string/command
- command affects lines not containing string
To delete all lines containing "foo" you could use the following
command:
:g/foo/d
To delete all lines not containing "foo" you could use the following
command:
:v/foo/d
References:
-
vi
Reference Card
JILA
[/software/editors/vi]
permanent link
Thu, May 15, 2008 11:00 pm
Comcast and Cox Continue to Block BitTorrent Traffic
A report by Germany's Max Planck Institute reveals that
Comcast and
Cox Communications
are blocking BitTorrent traffic throughout the
day, despite Comcast's claims that it only throttles BitTorrent
Traffic during peak network hours. Comcast also claims that
its throttling of BitTorrent traffic is imperceptible to its
customers. It is likely true that most of Comcast's customers
won't realize that degraded performance for BitTorrent transfers
are occurring because Comcast is actively throttling that traffic.
References:
-
Cox, Comcast Accused of More BitTorrent Blocking
By Roy Mark
May 15, 2008
eWeek.com
[/network/p2p]
permanent link
Tue, May 13, 2008 11:13 pm
Xming X Server for Windows
If you need
X server
software for a Microsoft Windows system, the
Xming X Server
is a free, open source implementation of an X server.
The software can be downloaded from
SourceForge.net: Xming
X Server for Windows. Download and install the Xming installer and
the Xming-fonts installer. You can use the /silent
or
/verysilent
command-line parameters for an unattended installation.
[/network/x]
permanent link
Tue, May 13, 2008 10:21 pm
Apache AllowOverride AuthConfig Directive
You can control access to directories on an Apache webserver by placing
.htaccess
files in those directories and creating
.htpasswd
files containing userids and passwords required
to access the directories. But Apache won't use those
.htaccess
and
.htpasswd
files unless you modify Apache's
httpd.conf
configuration file, which will likely be at
/etc/httpd/conf/httpd.conf
on a Linux system.
To permit usage of those files to control access to directories
on the webserver, edit httpd.conf
and replace
the AllowOverride None
in the <Directory />
section with AllowOverride AuthConfig
.
#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
You can use the .htaccess
and .htpasswd
method
without changing the AllowOverride None
line in the following
section of httpd.conf
.
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
References:
-
Authentication, Authorization and Access Control
The Apache HTTP Server Project
-
Using Apache realms to password-protect your website
Last modified: January 09 2006
Linux/Mac Web, Database, Email,
DNS Server Administration and Security Howtos
-
USING .HTACCESS & HTPASSWD TO PROTECT YOUR FILES FROM UNAUTHORIZED ACCESS
BigNoseBird.Com
[/network/web/server/apache]
permanent link
Sun, May 11, 2008 9:46 pm
Changing Ports Used by Eudora
You can change the ports used by Eudora for outgoing or
incoming email from the standard
SMTP and
POP3 ports,
which are 25 and 110, respectively. To do so, close Eudora then move the
esoteric.epi
file from
Eudora Pro\extrastuff
up one directory to
Eudora Pro
, presuming that you installed
Eudora in
\Program Files\Eudora Pro
. Then take the following
steps:
- Click on Tools.
- Scroll down to Ports.
- You can then put in a port number, e.g. 587 in the SMTP field, so
that Eudora would connect to port 587 on the SMTP server rather than the
default port of 25.
- Click on the OK button.
Note: tested with Eudora 4.2.2
References:
-
Esoteric.epi / Esoteric Settings (Windows)
Eudora
-
Changing Ports for Sending/Receiving (Win)
Eudora
[/network/email/clients/eudora]
permanent link
Sun, May 11, 2008 9:10 pm
Eudora and SMTP AUTH
Many email servers require senders to authenticate with the server by some
mechanism, such as by providing a userid and password, when attempting to
send email through the email server that is not destined for an email address
residing on the server itself.
If you are attempting to send an email message using Eudora and you see a
message similar to the one below, then the
SMTP server that Eudora has been
configured to use for outgoing email likely requires authentication.
Can't send to 'someone@example.com'. The server gives this reason: '550 5.7.1
<someone@example.com>... Relaying denied. Proper authentication required.'.
Version 4.2.2 of Eudora supports
authentication when sending email. If you have a Windows 4.x version of Eudora,
you can upgrade it to version 4.2.2 by downloading
ep4xto422.exe from the
updater422 folder on the Qualcomm
FTP site. Version 4.2.0
doesn't support authenticating when sending email, though the help files
indicate that it does, according to
Eudora Pro 4.x - SMTP Auth
. If you don't know which version of Eudora you are running, you can
click on Help and then About in Eudora. You should see
"Version 4.2.2" for that version.
To enable authentication when sending in Eudora 4.2.2, you must edit
the eudora.ini
file. Close Eudora, if it is open, and add the
following two lines below the [Settings]
line in
eudora.ini
file.
SMTPAuthRequired=1
SMTPAuthAllowed=1
Then, when you reopen Eudora, SMTP authorization should be enabled.
Note: there are different methods of authenticating with an email server.
If you see a message similar to the following, the email server does not
support the authentication method used by Eudora.
<Dominant>, Connecting to the Mail Server..., [05:24:13 PM]
Can't find a supported authentication mechanism for sending messages, and you've
specified to require authentication.
For instance, Eudora 4.2.2 doesn't support the Plain and
Login methods.
You can determine which authentication methods a server supports by using
telnet to connect to port 25 on the server, which is the standard SMTP port.
After you issue an HELO
or EHLO
command and
some name for the system from which you are connecting, e.g. "laptop" or
"mysystem.example.com", you should
see AUTH
listed as one of the commands the server understands with
the authentication methods it supports listed immediately after AUTH
on the same line.
telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 example.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 11 May 2008 17:28:54 -0400
ehlo laptop
250-example.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
In the example above, the email server only supports the LOGIN
and PLAIN methods, which resulted in Eudora complaining that it
"Can't find a supported authentication mechanism for sending messages, and
you've specified to require authentication."
According to Negotiating an
SMTP AUTH Authentication Mechanism, "The standard Eudora client
(downloadable from www.eudora.com) tries to
use CRAM-MD5 by default."
If an email server supports CRAM-MD5 and DIGEST-MD5,
you would see the following, if you connected to port 25 on the server,
after you issued an helo
or ehlo
command..
250-AUTH DIGEST-MD5 CRAM-MD5
References:
-
Eudora Pro 4.x - SMTP Auth
jellico.com, Inc.
-
Negotiating an SMTP AUTH Authentication Mechanism
By Weldon Whipple
Technoids.org
[/network/email/clients/eudora]
permanent link
Sat, May 10, 2008 10:33 pm
Adding Another MIME Type to Apache
I posted a Microsoft Agent
.acs
file on my Apache webserver. I tried to download the file to a Windows XP
system with a web browser, but when I opened
the
URL, the browser
attempted to display the file rather than giving me the option to download it.
To rectify the problem, I had to add another
MIME type to the Apache
webserver httpd.conf
file. I edited
/etc/httpd/conf/httpd.conf
and added an AddType line for the
.acs file extension.
#
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#
#AddType application/x-tar .tgz
AddType application/octet-stream .acs
I then restarted the Apache webserver with apachectl restart
.
Afterwards when I visited the URL again, I was prompted as to whether I
wanted to download the file.
References:
-
Apache Module mod_mime
The Apache Server Project
-
Help: Unable to serve XBAP from Apache?
Posted: August 29, 2006
Vista Forums
[/network/web/server/apache]
permanent link
Sat, May 10, 2008 7:51 pm
Using Clamav-Milter With Sendmail
For a CentOS 5.1 email server, I wanted to check email passing
through the server with
Clam AntiVirus
I installed the clamav-milter package for sendmail
with
yum install clamav-milter
. I had previously
installed support for the
RPMForge
repository as described in
RPMForge Packages and Yum Priorites, which allowed me to use
yum
to download and install clamav and clamav-milter on
the system. Since clamav, clamav-db, and clamd were dependencies for
clamav-milter, they were installed as well when I ran
yum install
clamav-milter
.
After the packages were installed, I check the ClamAV definitions with
the freshclam
command.
# freshclam -V
ClamAV 0.93/6688/Wed Apr 9 10:40:38 2008
I verified that the version of sendmail
on the system provides
milter support with sendmail -d0 < /dev/null | grep MILTER
. If
sendmail provides milter support, MILTER will be listed in the
output. Sendmail 8.13 enables MILTER support by default.
See Clam AntiVirus
Milter Setup and Debugging for details on how to add MILTER
support for prior versions.
# sendmail -d0 < /dev/null | grep MILTER
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
According to
Clam AntiVirus Milter Setup and Debugging, the
libmilter*
library must be installed on the system to use
clamav-milter, so I checked for the presence of libmilter files with
locate libmilter
, but none were listed. The instructions suggested
that if the library is not installed, one should "go to the Sendmail source
directory, change into the libmilter subdirectory and run the install script."
But there was no sendmail source directory on the system, since sendmail had
been installed through a package when I initially set up the system.
Since the instructions also stated "Some operating systems provide MILTER
support via a port or package", I thought I would just proceed to see
what happened.
The next step listed was to configure clamav with --enable-milter
. I presumed that was already taken care of when I installed the
clamav-milter package, so I proceeded to the "configure clamd.conf" step.
I checked /etc/clamd.conf
, but didn't make any changes.
The installation of the clamav-milter package placed two files in
/etc/init.d
.
# ls -l /etc/init.d/clam*
-rwxr-xr-x 1 root root 1258 Mar 7 2007 /etc/init.d/clamav-milter
-rwxr-xr-x 1 root root 1130 Nov 1 2006 /etc/init.d/clamd
It also installed and turned on two system services.
# chkconfig --list clamd
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig --list clamav-milter
clamav-milter 0:off 1:off 2:on 3:on 4:on 5:on 6:off
I started the Clam AntiVirus daemon with /etc/init.d/clamd
# vi /etc/init.d/clamd
# /etc/init.d/clamd start
Starting Clam AntiVirus Daemon: [ OK ]
You then need to configure sendmail for clamav-milter support. If you try
launching clamav-milter first, you will get the error shown below:
# /etc/init.d/clamav-milter start
Starting Clamav Milter Daemon: clamav-milter: socket-addr (local:/var/clamav/clm
ilter.socket) doesn't agree with sendmail.cf
[FAILED]
So I put the following line as the last line in /etc/mail/sendmail.mc
INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter.sock, F=T, T=S:4m;R:4m')
I then rebuilt the sendmail.cf
file from sendmail.mc
with the following command:
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
When I tried restarting sendmail, though, I received a warning message:
# /etc/init.d/sendmail restart
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
Starting sendmail: WARNING: Xclmilter: local socket name /var/run/clamav/clmilte
r.sock missing
[ OK ]
Starting sm-client: [ OK ]
I then looked in /etc/sysconfig/clamav-milter
and saw the
following:
### Simple config file for clamav-milter, you should
### read the documentation and tweak it as you wish.
CLAMAV_FLAGS="
--config-file=/etc/clamd.conf
--force-scan
--local
--max-children=10
--noreject
--outgoing
--quiet
"
SOCKET_ADDRESS="local:/var/clamav/clmilter.socket"
Since according to the SOCKET_ADDRESS
in that file,
clmilter.socket
was expected in /var/clamav
,
I modified the line I added to the end of /etc/mail/sendmail.mc
to be as shown below:
INPUT_MAIL_FILTER(`clmilter', `S=local:/var/clamav/clmilter.socket, F=T, T=S:4m;R:4m')
I then rebuilt the sendmail.cf
file from sendmail.mc
,
restarted clamav-milter, and restarted sendmail.
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# /etc/init.d/clamav-milter restart
Stopping Clamav Milter Daemon: [FAILED]
Starting Clamav Milter Daemon: Your LANG environment variable is set to 'en_US.U
TF-8'
This is known to cause problems for some clamav-milter installations.
If you get failures with temporary files, please try again with LANG unset.
LibClamAV Error: cl_cvdhead: Can't open file /var/clamav/daily.inc/daily.info
Loaded ClamAV version 0.93, clamav-milter version 0.93
ClamAV: Protecting against 280776 viruses
[ OK ]
# /etc/init.d/sendmail restart
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
Starting sendmail: [ OK ]
Starting sm-client: [ OK ]
The "failed" for the restart of clamav-milter was probably because it wasn't
started at the time; so I could have used clamav-milter start
.
I also saw an error message regarding "LibClamAV Error: cl_cvdhead: Can't open
file /var/clamav/daily.inc/daily.info", but when I sent a test message to
an account on another system, I saw "X-Virus-Scanned: ClamAV version 0.93,
clamav-milter version 0.93" in the message's headers. I saw the same
header in a message I sent from the account on the other system to the
one running ClamAV. I also saw the header "X-Virus-Status: Clean". So
ClamAV appeared to be scanning incoming and outgoing email.
References:
-
Clam AntiVirus Milter Setup and Debugging
Jeremy Mates's Domain
-
Installing clamav-milter on FreeBSD
Ring of Saturn Internetworking
[/network/email/sendmail]
permanent link
Fri, May 09, 2008 10:03 pm
Scheduling a Backup Task in Symantec Ghost 7.5
- On the View menu, click Scheduler. All scheduled tasks will appear.
- On the Task menu, click New Task.
- Expand the Tasks folder.
- Select the task that you want to schedule, then click on the OK
button.
- On the Schedule tab, set the date, time, and frequency with which to
execute the task.
- On the Task tab, in the Run as field, type the user name of the
person who is running the task. The default is the logged on user.
- Click on the Set Password button.
- In the Password field, type your password. You must type a password
to run the task. The password is confirmed when the task runs.
- In the Confirm field, type your password again to confirm that it is
entered correctly.
- Click on the OK button.
[/os/windows/utilities/backup/ghost]
permanent link
Wed, May 07, 2008 9:21 pm
Online Tools to Check MX Records
Two webpages offering online tools to look up
MX record information
for a domain are listed below:
Check MX Records for Email Tool - Live2Support.com
MX Lookup - MXToolbox.com
[/network/dns]
permanent link
Wed, May 07, 2008 6:00 pm
Remote Web Workplace Users
A user in a domain with a Windows Small Business Server (SBS) 2003
domain controller told me that she could establish a
VPN from home
by entering her userid, password, and domain information, but then
when she opened her browser and pointed it to the SBS 2003 server
and tried to establish a "Remote Web Workplace" connection, her
userid and password wouldn't be accepted, though she was using
the same ones as for the VPN connection. She would see the error
message below:
The user name or password is incorrect. Verify that CAPS LOCK
is not on, and then retype the current user name and password.
If you receive this message again, contact your system
administrator to ensure that you have the correct permissions to
use the Remote Web Workplace.
In checking on the problem, I found her account was not a member
of the "Remote Web Workplace Users" group. The procedure for adding
an account to that group is listed below.
- Click on Start.
- Select Administrative Tools.
- Select Activer Directory Users and Computers.
- Under the domain name, select My Business, Users,
SBSUsers, and then the user's account or, under the domain name,
select Users and the user's account, if it is located there
instead.
- Right-click on the user's account and select Properties.
- Click on the Member Of tab.
- The user should already be a member of Domain Users. You need
to click on the Add button.
- In the "Enter the ojbect names to select" field, type Remote
Web Workplace.
- Click on the Check Names button. You should then see
"Remote Web Workplace Users" appear in the field underlined.
- Click on OK.
- Click on OK again to close the "Properties" window for the
user's account.
[/os/windows/server2003]
permanent link
Tue, May 06, 2008 10:58 pm
Sendmail Anti-Spam Blacklist Feature
To reduce the amount of spam reaching user's inboxes, I made some modifications
to the
/etc/mail/sendmail.mc
file on a Linux server running
sendmail.
The sendmail.mc
already had the line
FEATURE(`blacklist_recipients')dnl
. The
blacklist_recipients
feature turns on the ability to block
incoming mail for certain recipient usernames, hostnames, or addresses. For
example, you can block incoming mail to user nobody, host foo.mydomain.com, or
guest@bar.mydomain.com. These specifications are put in the
/etc/mail/access
file.
Immediately below that line, I added the following lines to use the
McFadden Associates E-Mail Blacklist,
the Spamhaus Block List,
and the Passive Spam Block List.
FEATURE(`dnsbl', `bl.csma.biz', `550 Spam Block: mail from $&{client_addr} refused - See http://bl.csma.biz/')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Spam Block: mail from $&{client_addr} refused - See http://www.spamhaus.org/sbl/')dnl
FEATURE(`dnsbl', `psbl.surriel.com', `550 Spam Block: mail from $&{client_addr} refused - see http://psbl.surriel.com/')dnl
I removed the "dnl" from the beginning of the following line, which
"uncomments" the directive, to allow
the system to accept email from users who have authenticated by a trusted
mechanism defined by TRUST_AUTH_MECH
(see
Sendmail Authorization for Outgoing Email).
dnl FEATURE(delay_checks)dnl
I didn't want a user's email to be rejected because the user's system
received a dynamically assigned IP
address previously assigned to a system sending out spam, which I've seen
happen previously. By using the delay_checks
feature, you can
have sendmail skip the check_mail and check_relay
rulesets, if the sender has been authenticated by a "trusted" mechanism,
such as by sending the user's userid and password to the server when sending
email.
I then regenerated the sendmail.cf file from the sendmail.mc file and restarted sendmail with the commands below.
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
/etc/init.d/sendmail restart
References:
-
Sendmail cf/README -
Features
sendmail.org
-
Sendmail cf/README - Anti-Spam Configuration Control
sendmail.org
-
Passive Spam Block List (PSBL) Added
MoonPoint Support
-
Sendmail Authorization for Outgoing Email
MoonPoint Support
-
McFadden Associates E-Mail Blacklist
-
Spamhaus Block List
-
Passive Spam Block List
[/network/email/sendmail]
permanent link
Mon, May 05, 2008 10:23 pm
Outlook 2002 Email Messages Not Opening
I found that when I double-clicked on email messages in Outlook 2002
on a user's system, they would not open. I couldn't open a message by
right-clicking on the message and choosing
Open either.
I was able to eliminate the problem by turning off the Google Desktop
add-in within Outlook, which can be done by the following steps:
- Click on Tools.
- Select Options.
- Click on the Other tab.
- Click on the Advanced Options button.
- Click on the Add-in Manager button.
- Uncheck "Google Desktop Search Outlook Addin".
- Click on OK.
- Click on Com Add-ins.
- Uncheck "Google Desktop Outlook Toolbar.
- Click on OK.
- Click on OK again.
- Click on OK to close the Options window.
[/network/email/clients/outlook]
permanent link
Mon, May 05, 2008 7:37 pm
Sendmail Authorization for Outgoing Email
A CentOS 5.1 email server wasn't allowing email clients, such as Outlook,
to relay email through it by providing a userid and password for authorization
for outgoing email. I configured an email client,
SimpleCheck, to use
the same userid and password when sending email as for checking incoming email.
I configured it to use the "plain" authorization method when sending email.
That didn't work, nor did using "login" or "CRAM-MD5"
for the authorization method. I would get an error message stating "'PLAIN'
authorization is not supported by the server" when I used the "plain"
authorization method. I got similar messages for the other authorization
methods.
The server was running sendmail, which
supports SMTP AUTH
as defined in
RFC 2554 which is
based on SASL.
The Cyrus SASL
package should be installed to enable sendmail to support
the AUTH command for authorization. I checked on whether it was installed
with rpm -qi cyrus-sasl
. I saw it was installed. I then
tried sendmail -d0.1 -bv root | grep SASL
and saw
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
.
The "SASLv2" in the output confirmed that support for SASL was present.
But when I connected to the
SMTP port by telnet, I didn't see the AUTH command listed when I issued
an ehlo
command. And I received messages that the "plain", "login",
"cram-md5", and "digest-md5" authorization methods weren't supported when I
issued auth commands for those authentication methods.
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 example.com ESMTP Sendmail 8.13.8/8.13.8; Tue, 6 May 2008 10:34:34 -0400
ehlo laptop
250-example.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
AUTH LOGIN
504 5.3.3 AUTH mechanism LOGIN not available
AUTH PLAIN
504 5.3.3 AUTH mechanism PLAIN not available
AUTH CRAM-MD5
504 5.3.3 AUTH mechanism CRAM-MD5 not available
AUTH DIGEST-MD5
504 5.3.3 AUTH mechanism DIGEST-MD5 not available
quit
When I used the testsaslauthd
command to check that the
saslauthd daemon was installed and running properly, I saw that it
was working properly.
# testsaslauthd -s smtp -u jdoe -p HerPassword
0: OK "Success."
You can test SASL support with the testsaslauthd
command by
specifying a username and its associated password on the system with
-u username -p password
. The -s service
option
specifies a particular service. Common service names are "imap", "sieve", and
"smtp".
I then looked at /etc/mail/sendmail.mc
. I saw
define(`confAUTH_OPTIONS', `A')dnl
, which provides a list
of options for SMTP AUTH was not commented out, so I left it
as is. I left the "dnl" at the beginning of the following line, which appeared
later in the file. The p
option in it
would result in sendmail not accepting the PLAIN and LOGIN
AUTH methos unless they were protected by a security latyer, such as
is provided by STARTTLS.
dnl define(`confAUTH_OPTIONS', `A p')dnl
The
sendmail AUTH_OPTIONS options are as follows:
AuthOptions
[no short name] List of options for SMTP
AUTH consisting of single characters with
intervening white space or commas.
A Use the AUTH= parameter for the MAIL FROM
command only when authentication succeeded.
This can be used as a workaround for broken
MTAs that do not implement RFC 2554 correctly.
a protection from active (non-dictionary) attacks
during authentication exchange.
c require mechanisms which pass client credentials,
and allow mechanisms which can pass credentials
to do so.
d don't permit mechanisms susceptible to passive
dictionary attack.
f require forward secrecy between sessions
(breaking one won't help break next).
p don't permit mechanisms susceptible to simple
passive attack (e.g., PLAIN, LOGIN), unless a
security layer is active.
y don't permit mechanisms that allow anonymous login.
The first option applies to sendmail as a
client, the others to a server. Example:
O AuthOptions=p,y
would disallow ANONYMOUS as AUTH mechanism
and would allow PLAIN and LOGIN only if a
security layer (e.g., provided by STARTTLS)
is already active. The options 'a', 'c',
'd', 'f', 'p', and 'y' refer to properties
of the selected SASL mechanisms. Explana-
tions of these properties can be found in
the Cyrus SASL documentation.
I removed "dnl" from beginning of the following 2 lines to uncomment
them:
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
The relevant lines were then as follows:
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
I then rebuilt the sendmail.cf
file from the
sendmail.mc
file using m4 /etc/mail/sendmail.mc >
/etc/mail/sendmail.cf
. I then restarted sendmail with
/etc/init.d/sendmail restart
.
When I then used telnet to connect to the SMTP port, port 25, on the
server, I saw AUTH
listed when I issued the ehlo
command.
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 example.com ESMTP Sendmail 8.13.8/8.13.8; Tue, 6 May 2008 13:44:58 -0400
ehlo laptop
250-example.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
Testing with
SimpleCheck, I was then able to send a message with it configured to
use the PLAIN or the LOGIN authorization mechanism.
References:
-
SMTP AUTH in sendmail 8.10-8.13
sendmail.org
-
Cyrus SASL for System Administrators
SEPP Application Catalog
-
sendmail AUTH_OPTIONS
lists.freebsd.org Mailing Lists
-
Using SMTP AUTH and STARTTLS with sendmail
A quick start guide for Red Hat/Fedora Linux
joreybump.com
[/network/email/sendmail]
permanent link
Sun, May 04, 2008 11:11 pm
Configuring Dovecot
I needed to provide
POP3 email
service on a CentOS system. The default POP server under Red Hat Enterprise
Linux is
/usr/lib/cyrus-imapd/pop3d and is provided by the
cyrus-imapd package. But that package was not installed on the system.
Another
IMAP and
POP3 package available for
CentOS systems is
Dovecot, which provies
an open source IMAP and POP3 server for Linux/UNIX-like systems.
I checked to see if dovecot was installed with
rpm -qi dovecot
.
It was. I then checked on whether it was active. It was not.
# chkconfig --list dovecot
dovecot 0:off 1:off 2:off 3:off 4:off 5:off 6:off
I turned it on so that it would be operational after the next reboot
with chkconfig dovecot on
.
# chkconfig dovecot on
[root@frostdragon ~]# chkconfig --list dovecot
dovecot 0:off 1:off 2:on 3:on 4:on 5:on 6:off
I then started the service with service dovecot start
.
# service dovecot start
Starting Dovecot Imap: [ OK ]
I could then see that the system was listening on the imap, imaps, pop3, and
pop3s ports.
# netstat -a | grep imap
tcp 0 0 *:imaps *:* LISTEN
tcp 0 0 *:imap *:* LISTEN
[root@frostdragon archive]# netstat -a | grep pop3
tcp 0 0 *:pop3s *:* LISTEN
tcp 0 0 *:pop3 *:* LISTEN
Dovecot can be configured to handle mailboxes for system users, i.e. for
accounts on the system or for
virtual users. Since the majority of people who would be using the
server for email would have no need to log into the system and since I wanted
to be able to have john@example.com and john@anotherexample.com, I chose
to configure Dovecot for virtual users.
The Dovecot Wiki has this to say
about usernames and domains:
Usernames and domains
Dovecot doesn't care much about domains in usernames. IMAP and POP3 protocols
currently have no concept of "domain", so the username is just something that
shows up in your logs and maybe in some configuration, but they have no direct
functionality.
So although Dovecot makes it easier to handle "user@domain" style usernames
(eg. %n and %d variables),
nothing breaks if you use for example "domain%user" style usernames instead.
However some
authentication mechanisms do have an explicit support for realms (pretty
much the same as domains). If those mechanisms are used, the username is
changed to be "user@realm".
And of course there's no need to have domains at all in the usernames.
I followed the instructions in
Simple Virtual
User Installation. I didn't need to create a dovecot
user,
since one already existed in /etc/passwd
. I did need to create
a vmail
user account and group, which is used to access the
mail for all users.
# grep dovecot /etc/passwd
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
# useradd -u 103 -c Dovecot vmail
The above useradd command created the vmail user and group and automatically
created a /home/vmail
directory owned by vmail:vmail, under which
the email for all users is stored. [Note: you may want to use
a UID greater than 500 rather than 103 as in the example above to avoid the
problem noted below where the dovecot configuration file by default only
permits a UID greater than 500]
I created /var/log/dovecot.log
and
/var/log/dovecot-info.log
and changed the owner and group for
those files to vmail.
# touch /var/log/dovecot.log /var/log/dovecot-info.log
# chown vmail /var/log/dove*; chgrp vmail /var/log/dove*;
I then edited /etc/dovecot.conf
and changed the settings for the
log files.
Original
# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
#log_path =
# For informational messages, use this logfile instead of the default
#info_log_path =
Modified
# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
log_path = /var/log/dovecot.log
# For informational messages, use this logfile
info_log_path = /var/log/dovecot-info.log
The default line in /etc/dovecot.conf
for plaintext authentication
is as follows:
#disable_plaintext_auth = no
Since disable_plaintext_auth
has a default value of "no", I didn't
have to uncomment that line.
I created a directory for the dovecot password file with
mkdir /etc/dovecot
and then set up a password file in
/etc/dovecot/passwd
. I changed the protection on the file with
chmod 600 /etc/dovecot/passwd
, so that only root would have
access, since I don't want others with accounts on the system to be able to
read the contents of the file. I created entries in the passwd file with
entries like the following:
jdoe@example.com:{PLAIN}HerPassword
I then modified the checkpassword section of /etc/dovecot.conf
Original
# checkpassword executable authentication
# NOTE: You will probably want to use "userdb prefetch" with this.
# http://wiki.dovecot.org/PasswordDatabase/CheckPassword
#passdb checkpassword {
# Path for checkpassword binary
#args =
#}
Modified
# passwd-like file with specified location
# http://wiki.dovecot.org/AuthDatabase/PasswdFile
passdb passwd-file {
# Path for passwd-file
args = /etc/dovecot/passwd
}
I then restarted dovecot with service dovecot restart
. I
then tested dovecot by using telnet to connect to port 110, the pop3
port, on the system. I could connect to port 110, but didn't get any
response to the user
and pass
commands. I looked in
/var/log/dovecot
and saw the following errors recorded:
dovecot: May 04 13:35:26 Error: Temporary failure in creating login processes, slowing down for now
dovecot: May 04 13:35:26 Error: imap-login: imap-login: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Cannot allocate memory
dovecot: May 04 13:35:26 Error: imap-login: imap-login: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Cannot allocate memory
dovecot: May 04 13:35:26 Error: pop3-login: pop3-login: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Cannot allocate memory
dovecot: May 04 13:35:26 Error: pop3-login: pop3-login: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Cannot allocate memory
dovecot: May 04 13:35:26 Error: pop3-login: pop3-login: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Cannot allocate memory
dovecot: May 04 13:35:26 Error: child 30454 (login) returned error 127
dovecot: May 04 13:35:26 Error: child 30455 (login) returned error 127
At
Redhat Dovecot error while loading shared libraries: libsepol.so.1: failed
to map segment from shared object: Cannot allocate memory, I found
a suggestion to edit /etc/dovecot.conf
and modify the
login_processes_size
line so that it is
login_process_size = 64
. The writer states on that webpage that
"This error is not related to shared libraries. You need to set maximum
process size in megabytes. If you don't use login_process_per_connection you
might need to grow this."
When I looked in /etc/dovecot.conf
, I saw the following line:
I removed the "#" and changed the line to login_process_size = 64
. I then restarted dovecot with service dovecot restart
.
I no longer saw the error messages in the /var/log/dovecot.log
file.
When I again checked email for accounts by using telnet 127.0.0.1
110
, I was able to check an account, jsmith, listed in
/etc/passwd
, but not the jdoe@example.com account listed in
the /etc/dovecot/passwd
file I created.
# telnet 127.0.0.1 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user jdoe@example.com
+OK
pass HerPassword
-ERR [IN-USE] Internal login failure. Refer to server log for more information.
Connection closed by foreign host.
[root@frostdragon log]# telnet 127.0.0.1 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user jsmith
+OK
pass HisPassword
+OK Logged in.
stat
+OK 0 0
quit
+OK Logging out.
Connection closed by foreign host.
When I looked in /etc/dovecot.conf
, I saw dovecot:
May 04 14:03:20 Error: auth(default):
userdb(jdoe@example.com,::ffff:127.0.0.1): user not found from userdb
.
I then realized I also needed to modify the "userdb static" section of
/etc/dovecot.conf
. I made the following changes:
Original
# static settings generated from template
# http://wiki.dovecot.org/UserDatabase/Static
#userdb static {
# Template for the fields. Can return anything a userdb could normally
# return. For example:
#
# args = uid=500 gid=500 home=/var/mail/%u
#
#args =
#}
Modified
# static settings generated from template
# http://wiki.dovecot.org/UserDatabase/Static
userdb static {
# Template for the fields. Can return anything a userdb could normally
# return. For example:
#
# args = uid=500 gid=500 home=/var/mail/%u
#
args = uid=vmail gid=vmail home=/home/vmail/%u
}
I then restarted dovecot with service dovecot restart
. But
I still couldn't check email for the virtual user account jdoe@example.com.
In the /var/log/dovecot.log
file, I saw dovecot:
May 04 14:34:19 Error: Logins with UID 103 (user jdoe@example.com) not
permitted (see first_valid_uid in config file)
When I checkd the /etc/dovecot.conf
, I found the following:
# Valid UID range for users, defaults to 500 and above. This is mostly
# to make sure that users can't log in as daemons or other system users.
# Note that denying root logins is hardcoded to dovecot binary and can't
# be done even if first_valid_uid is set to 0.
#first_valid_uid = 500
#last_valid_uid = 0
I then realized, since I created the vmail account with a UID of 103,
that the dovecot configuration file was preventing a login for it, because
it was less than 500. I could have changed the first_valid_uid
value in dovecot.conf, but I decided to delete the vmail account and its
associated home directory and then recreate it with a UID greater than 500.
I then restarted dovecot
# userdel vmail
# rm -rf /home/vmail
# useradd -u 502 -c "Dovecot Virtual Users" vmail
# service dovecot restart
I was then able to check email for both user accounts on the system and
virtual user accounts. I saw that dovecot created a
/home/vmail/jdoe@example.com
directory under
/home/vmail
.
At this point, though I could login to the POP3 port, port 110, and get dovecot
to accept the userid and password for a virtual user, sendmail would return
a "user unknow" message, if I tried to send email to a virtual user, because
sendmail knew nothing about the dovecot virtual users. So using
the instructions in
Dovecot LDA with Sendmail as a starting point, I took the steps
below.
I created the file /usr/share/sendmail-cf/mailer/dovecot.m4
and
put the lines below in it:
######################*****##############
### DOVECOT Mailer specification ###
##################*****##################
Mdovecot, P=/usr/local/libexec/dovecot/deliver, F=DFMPhnu9,
S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP,
T=DNS/RFC822/X-Unix,
A=deliver -d $u
In /etc/mail/sendmail.mc
, I had the following two lines:
MAILER(smtp)dnl
MAILER(procmail)dnl
I added MAILER(dovecot)dnl
after those two lines.
I then regenerated the sendmail.cf
file using the m4 command.
# m4 /etc/mail/sendmail.mc > /etc/mailsendmail.cf
Unfortunately, that did not resolve the issue with virtual users. I still
haven't been able to get that working.
References:
-
Chapter 23. Email
CentOS
-
Basic Configuration
Dovecot Wiki
-
Virtual Users
Dovecot Wiki
-
Simple Virtual User Installation
Dovecot Wiki
-
Passwd-file
Dovecot Wiki
-
Redhat Dovecot error while loading shared libraries: libsepol.so.1: failed to
map segment from shared object: Cannot allocate memory
nixCraft Insight Into Linux Admin Work
-
Dovecot LDA with Sendmail
Dovecot Wiki
[/network/email/dovecot]
permanent link
Sun, May 04, 2008 6:39 pm
Adding a New VIP Service to a NetScreen Firewall
To add a new Virtual IP (VIP) service to a NetScreen firewall, such
as the NetScreen-5GT, through the Web management user interface (WebUI) for the
firewall, take the following steps:
- Login into the firewall using a web browser.
- Click on Network.
- Click on Interfaces.
- For the Untrust interface, click on Edit.
- In the Properties line at the top of the webpage, you will
see VIP. Click on VIP.
- If you see an Add/Modify VIP Entry field with no
VIP services listed beneath it, select "Same as the untrusted interface
IP address" and click on Add, otherwise proceed to the
next step.
- Click on the New VIP Service button
- The Virtual IP field should show the IP address for the
Untrust interface. Put the appropriate value in the Virtual
Port field, e.g. 110 for POP3. Select the appropriate service for
the Map to Service field, e.g "POP3(110)" for POP3. For the
Map to IP value, put in the IP address for the internal server for
which you want to provide access to this service, e.g. 192.168.10.24, if
that was the IP address for the POP3 server behind the firewall.
- Click on the OK button.
Once the VIP service is configured, you need to set up a new firewall
rule, aka policy, to permit traffic from the outside of the firewall through
to the inside for this new service.
To do so, take the following steps:
- Click on Policies at the left side of the webpage.
- For the From field, select "Untrust" and select "Trust" for
the To field.
- Click on the New button.
- On the next webpage, put a name of your choosing in the Name field,
e.g.
POP3
for a POP3 service. You don't need to change the
Source Address, but for the Destination Address, select
"VIP(untrust)" from Address Book Entry for the
Desinstion Address. For Service, you can select "POP3" for
this example.
- If you want logging turned on for this policy, check Logging.
- If you want "counting" turned on for this policy, click on the
Advanced button and then check the Counting checkbox then
click on the OK button.
[/security/firewalls/netscreen]
permanent link
Sun, May 04, 2008 5:07 pm
Configuring Sendmail to Handle Email for Multiple Domains
If you need sendmail to handle email for alternate domain names, you can
add those domain names to
/etc/mail/local-host-names
.
E.g., suppose the server on which sendmail is running is someexample.com.
Sendmail will accept email addresses to someone@someexample.com, but would
reject email for someone@example.com. But, if you want sendmail to also
handle email for example.com addresses, e.g. you are going to have the
server act as an
Mail
exchanger (MX) server for example.com, you would add example.com to
/etc/local-host-names
:
# local-host-names - include all aliases for your machine here.
example.com
Then create the local-host-names.db
file with
makemap hash /etc/mail/local-host-names < /etc/mail/local-host-names
. When you restart sendmail, which you can do with
/etc/init.d/sendmail restart
, sendmail will then accept email
for example.com addresses.
Be aware that if you have an account jsmith which previously would receive
email addressed to jsmith@someexample.com, that
email addressed to jsmith@example.com will now go there as well.
[/network/email/sendmail]
permanent link
Sat, May 03, 2008 9:17 pm
Configuring Sendmail to Use a Smart Host
I needed to configure a
sendmail server that had a dynamic IP address to
route email out through an
SMTP
server belonging to an
ISP, since otherwise
some email servers might reject email from that sendmail server. Some email
servers will compare a sending email server's IP address to lists of addresses
known to be assigned by ISP's as dynamic IP addresses. By doing so, ISP's
hope to block spam from home user's PCs that have been compromised and put
to use as zombie systems by spammers.
The steps below can be taken on a Linux system running sendmail to have
it send email via a "smart
host" server. In essence, instead of the sendmail server sending email
directly to other email servers, it transmits all email to another server,
the "smart host", which handles the task of transmitting the received email
to the recipients' servers.
In /etc/mail/sendmail.mc
, look for the following section:
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST', `smtp.your.provider')dnl
dnl #
Remove the dnl
from the beginning of the
dnl define(`SMART_HOST', `smtp.your.provider')dnl
line and
replace smtp.your.provider
with the smart host you will be
using, e.g. mail.example.com
.
define(`SMART_HOST', `mail.example.com')dnl
In /etc/mail/access
add the following line, substituting
the actual SMTP server you will need to use for mail.example.com
and your actual username and password on the smart host server for
myloginname
and mypasswd
:
Authinfo:mail.example.com "U:myloginname" "P:mypasswd" "M:Plain"
Then regenerate the /etc/mail/access.db
file with
makemap hash /etc/mail/access </etc/mail/access
.
Regenerate /etc/mail/sendmail.cf
with
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
.
Then restart sendmail with service sendmail restart
or
/etc/init.d/sendmail restart
.
Once you have taken the above steps, you can send a test message from the
system. Sending one to a test email address on another system that will
allow you to view the message headers is ideal. At the destination, look at the
message headers for the email you sent. You should see it passing through
the smart host.
When I sent out a test message after making the changes above, the message
didn't reach the destination. I checked the mail queue with mailq
and saw the message had not gone out because of an "AUTH failure".
# mailq
/var/spool/mqueue (1 request)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
m43M1HT8032701 31 Sat May 3 18:01 <johnsmith@myserver.com>
(Deferred: Temporary AUTH failure)
<melvin@example.com>
I had sendmail attempt to send the queued message immediately and display
information on its progress with sendmail -q 0 -v
(the
-v
provides "verbose" information).
# sendmail -q 0 -v
Running /var/spool/mqueue/m43M1HT8032701 (sequence 1 of 1)
<melvin@example.com>... Connecting to smtp.atlanticbb.net. via relay...
220 ECHO Labs SMTP Service - MX01
>>> EHLO myserver.com
250-BL-106 says EHLO to 72.45.13.244:1097
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-AUTH=LOGIN
250 AUTH LOGIN
>>> QUIT
221 BL-106 closing connection
<melvin@example.com>... Deferred: Temporary AUTH failure
Closing connection to smtp.atlanticbb.net.
In this case I was using smtp.atlanticbb.net as the smart host. I could
see it supports an AUTH type of "LOGIN", but I didn't see "PLAIN" listed.
I edited /etc/mail/access
, replacing "M:Plain"
with "M:Login"
.
Authinfo:smtp.atlanticbb.net "U:myloginname" "P:mypasswd" "M:Login"
I then ran makemap hash /etc/mail/access < /etc/mail/access
again. Then when I had sendmail process the mail queue immediately again,
the message was successfully transmitted.
# sendmail -q 0 -v
Running /var/spool/mqueue/m43M1HT8032701 (sequence 1 of 1)
<melvin@example.com>... Connecting to smtp.atlanticbb.net. via relay...
220 ECHO Labs SMTP Service - MX02
>>> EHLO myserver.com
250-BL-206 says EHLO to 72.45.13.244:2430
250-8BITMIME
250-PIPELINING
250-AUTH=LOGIN
250-AUTH LOGIN
250 ENHANCEDSTATUSCODES
>>> AUTH LOGIN
334 VXNlcm4hcWU6
>>> bW9vbnBvbW40
334 UGFzc2dvdmQ6
>>> MVN0b2A1Njd=
235 Authed. Go on.
>>> MAIL From:<jsmith@myserver.com>
250 MAIL FROM accepted
>>> RCPT To:<melvin@example.com>
>>> DATA
250 Recipient Accepted - Will relay per rbIP
354 continue. finished with "\r\n.\r\n"
>>> .
250 OK D4/2C-23466-1B9EC184
<melvin@example.com>... Sent (OK D4/2C-23466-1B9EC184)
Closing connection to smtp.atlanticbb.net.
>>> QUIT
221 BL-206 closing connection
[/network/email/sendmail]
permanent link
Sat, May 03, 2008 4:59 pm
Alpine on CentOS
I've been using
Pine from the
University of Washington as my email client for a long time. Pine is an
acronym for
Program for
Internet
News &
Email. But
Pine is no longer under development. The University of Washington has developed
a successor package,
Alpine,
which it has released under the Apache License. When I set up a
CentOS 5.1 system, I decided to install
Alpine on it.
Alpine is available through RPMForge,
a repository for Linux packages in the RPM
format. To install
Alpine, I downloaded the rpmforge-release
package from
RPMforge/Using and
then installed it with rpm
.
# rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
That placed two new files, mirrors-rpmforge
and
rpmforge.repo
in /etc/yum.repos.d
. I installed
the yum-priorities
plugin as described in
RPMForge Packages and Yum Priorites and set the RPMForge
repository to a lower priority than the default CentOS repository.
I installed Alpine with yum install alpine
.
-
Alpine E-Mail Client Released -- Don't Call it a Comeback
By Michael Calore
December 21, 2007
Wired Blogs
-
Alpine Messaging System
University of Washington
-
RPMForge
[/network/email/clients/alpine]
permanent link
Sat, May 03, 2008 4:53 pm
RPMForge Packages and Yum Priorites
I wanted to be able to use
yum
to install packages from
the
RPMForge repository.
Instructions for installing RPMForge support on a
CentOS Linux system can be found
at
Installing
RPMforge.
First, install the yum-priorities
package with
yum install yum-priorities
.
This plugin allows repositories to have different priorities.
Packages in a repository with a lower priority can't be overridden by packages
from a repository with a higher priority even if the repository with the
higher priority has a later version of the package. As the
Installing
RPMForge webpage states you should "Beware that some packages are newer
than the official CentOS version and you should not blindly install those
packages. Before you replace a CentOS package you should make sure that will
not break anything important. In most cases you can revert any mistakes but it
is best to avoid the mess." By usng the yum-priorities
plugin,
you help avoid that problem.
Next verify that yum-priorities
is enabled by ensuring that the
following lines are present in /etc/yum/pluginconf.d/priorities.conf
:
[main]
enabled = 1
The yum repository information is stored in /etc/yum.repos.d.
cd /etc/yum.repos.d
# ls -l
total 16
-rw-r--r-- 1 root root 2049 Nov 22 20:32 CentOS-Base.repo
-rw-r--r-- 1 root root 622 Nov 22 20:32 CentOS-Media.repo
I added priority=1
as the last line in the following sections
of CentOS-Base.repo
:
[base]
[updates]
[extras]
I added priority=2
as the last line in the [centosplus]
section, which now contains the following lines:
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
priority=2
I installed the rpmforge-release
package with
rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
, which created
two new files mirrors-rpmforge
and rpmforge.repo
in
/etc/yum.repos.d
. I edited rpmforge.repo
and added
priority = 11
at the end of the file.
Repositories with lower priority numbers are considered to have a higher
priority than than those with higher numbers. E.g. if repository A has
priority=4
associated with it while repository B has
priority=5
associated with it, repository A has a higher
priority than repository B.
References:
-
Installing RPMForge
CentOS Wiki
-
yum-plugin-priorities
CentOS Wiki
[/os/unix/linux/centos]
permanent link
Fri, May 02, 2008 6:23 pm
Return Microsoft Word to Single-Spacing
If you are using Microsoft Word and it is double-spacing text when you want
it to single-space text, you can hit the
Shift and
Enter
keys simultaneously at the end of lines to get Word to single-space the lines
or you can take the following steps to have all of the text in the document
single-spaced
*:
- Inside the document, hit the Ctrl and A keys
simultaneously to highlight all of the existing text.
- Click on "Format" at the top of the Word window.
- Select "Paragraph".
- Change the line spacing to "single".
- Change the "before" and "after" values to "0 pt".
- Click on "OK".
*Written for Word 2003
[/os/windows/office/word]
permanent link
Fri, May 02, 2008 12:58 pm
10-Gigabit Ethernet
There is an
ITBusinessEdge
article,
Full Steam Ahead to 10 GbE, published on April 28 that mentions there
are a lot of advances helping bring 10-Gigabit Ethernet (10 GbE) into the
mainstream. One of those mentioned is 10GBASE-T, which permits the use of
unshielded twisted-pair (UTP) cabling. The article states that
"While this technology is still in limited deployment, more vendors and
devices with reduced power requirements are expected by the end of the year."
[/network/cabling]
permanent link
Thu, May 01, 2008 8:10 pm
Microsoft Working with Law Enforcement to Squash Botnets
An April 29
InfoWorld article,
Microsoft botnet-hunting tool helps bust hackers, mentions that
Microsoft has been working with law enforcement agencies to help shut down
botnets. It mentions "In February, the Sûreté du Québec
used Microsoft's botnet-buster to break up a network that had infected nearly
500,000 computers in 110 countries, according to Captain Frederick Gaudreau,
who heads up the provincial police force's cybercrime unit."
A half of a million computers in a botnet is an incredible number.
Captain Gaudreau attributed his agency's success in the case against the
botnet operators to the use of a tool Microsoft provided that keeps tabs
on botnets.
[/security/botnets]
permanent link
Mon, Apr 28, 2008 9:08 pm
Configuring Microsoft Exchange to Use a Smart Host
If a Microsoft Exchange server doesn't have a
PTR
record, other email servers may reject email from the Exchange server
when they are unable to perform a reverse lookup on the IP address for
the Exchange server. A workaround for this problem is to use a "smart host"
to route outgoing email from the Exchange server.
[ More Info ]
[/network/email/exchange]
permanent link
Sun, Apr 27, 2008 8:30 pm
Store.Exe Consuming Excessive Memory
On a Microsoft Exchange 2003 server, I've found Task Manager reporting high
memory utilization. When I sort the running processes by memory utilization in
the Task Manager (click on the
Performance tab then click on the
Processes column header to sort them), I see
store.exe
consuming over 500 MB. This is happening at the moment on a Sunday evening when
few of the systems in the domain even have Outlook open to check email. The
CPU utilization is low, less than 10% at the moment when I am seeing the 500 MB
memory usage.
I've been seeing memory utilization jumping up to high values a lot lately.
Rebooting the system resolves the problem, but I don't want to be rebooting
the Exchange server every day. I can also reduce the memory utilization by
selecting Run and typing services.msc to bring up the
services list, I can then right-click on Microsoft Exchange Information
Store and stop the service and then restart it. I then see store.exe
using about 20 MB of memory when I check its utilization with the
Windows Task Manager
The Microsoft Exchange Information Store service manages the
Microsoft Exchange Information Store, which includes mailbox stores and
public folder stores. If the service is stopped, mailbox stores and public
folder stores on the computer become unavailable, so it needs to be restarted
immediately after stopping it.
References:
-
Store.exe High Memory Utilization
August 10, 2005
Tech Support, Manuals & Troubleshooting for Consumers
-
Memory leak in Store.exe - pub1.edb GIGANTIC
Server Watch Forums
[/network/email/exchange]
permanent link
Sat, Apr 26, 2008 10:18 pm
Blosxom Calendar Plugin on 64-bit System
I found that the
Calendar
plugin for Blosxom stopped working when I moved my blog from a 32-bit
Redhat Linux system to a 64-bit CentOS Linux system. Nothing would appear
within the blog. When I checked the error log for the website, I saw the
following:
[Sat Apr 26 21:53:00 2008] [error] [client 192.168.0.44] calendar debug 1:
start() called, enabled
[Sat Apr 26 21:53:00 2008] [error] [client 192.168.0.44] calendar debug 1:
filter() called
[Sat Apr 26 21:53:00 2008] [error] [client 192.168.0.44] Byte order is not
compatible at ../../lib/Storable.pm (autosplit into
../../lib/auto/Storable/_retrieve.al) line 331, <DATA> line 32, at
/home/jsmith/www/blosxom/plugins/calendar line 322
[Sat Apr 26 21:53:00 2008] [error] [client 192.168.0.44] Premature end of
script headers: blosxom
At
[ic] HELP !FreeBSD 5.3 Box With newest version of perl storable problem
, I saw the following:
You appear to have a perl configured to use 64 bit integers in its scalar
variables. If you have existing data written with an earlier version of
Storable which this version of Storable refuses to load with a
Byte order is not compatible
error, then please read the section "64 bit data in perl 5.6.0 and 5.6.1"
in the Storable documentation for instructions on how to read your data.
(You can find the documentation at the end of Storable.pm in POD format)
That revealed that the problem was linked to the fact that I am now
using a 64-bit operating system.
I decided to see if an upgrade Storable module was available.
# cpan upgrade Storable
/usr/lib/perl5/5.8.8/CPAN/Config.pm initialized.
CPAN is the world-wide archive of perl resources. It consists of about
100 sites that all replicate the same contents all around the globe.
Many countries have at least one CPAN site already. The resources
found on CPAN are easily accessible with the CPAN.pm module. If you
want to use CPAN.pm, you have to configure it properly.
If you do not want to enter a dialog now, you can answer 'no' to this
question and I'll try to autoconfigure. (Note: you can revisit this
dialog anytime later by typing 'o conf init' at the cpan prompt.)
Are you ready for manual configuration? [yes]
I entered "no" to the prompt regarding whether I was ready for manual
configuration, which resulted in the autoconfigure process proceeding.
I then checked Storable again.
# cpan Storable
CPAN: Storable loaded ok
Going to read /root/.cpan/Metadata
Database was generated on Sat, 26 Apr 2008 17:29:46 GMT
Storable is up to date.
I checked the version of the module with
perlmodver.
The version was 2.18.
But the problem still remained. Taking a look at the code in the calendar
plugin, I realized it was reading a file, .calendar.cache
in
the plugins/state
directory. I had not noticed the file previously,
because I had checked the directory's contents only with ls
. I
saw it with ls -a
. The calendar plugin reads the contents of
that file. I had copied the file from the old 32-bit system to the new 64-bit
system when I copied the plugins directory and its subdirectores. When I
deleted the .calendar.cache
file from the state
directory and then tried accessing the blog again, the calendar plugin
recreated it, but this time it was in the proper 64-bit format that the
Storable.pm
module was expecting, so I was now able to view
the blog with the calendar functionality now working.
Further information on the issue can be found near the end of the
Storable.pm
file (look in
/usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi/Storable.pm
).
Perl 5.6.x introduced the ability to optional configure the perl interpreter
to use C's C<long long> type to allow scalars to store 64 bit integers on 32
bit systems. However, due to the way the Perl configuration system
generated the C configuration files on non-Windows platforms, and the way
Storable generates its header, nothing in the Storable file header reflected
whether the perl writing was using 32 or 64 bit integers, despite the fact
that Storable was storing some data differently in the file. Hence Storable
running on perl with 64 bit integers will read the header from a file
written by a 32 bit perl, not realise that the data is actually in a subtly
incompatible format, and then go horribly wrong (possibly crashing) if it
encountered a stored integer. This is a design failure.
Storable has now been changed to write out and read in a file header with
information about the size of integers. It's impossible to detect whether
an old file being read in was written with 32 or 64 bit integers (they have
the same header) so it's impossible to automatically switch to a correct
backwards compatibility mode. Hence this Storable defaults to the new,
correct behaviour.
What this means is that if you have data written by Storable 1.x running
on perl 5.6.0 or 5.6.1 configured with 64 bit integers on Unix or Linux
then by default this Storable will refuse to read it, giving the error
I<Byte order is not compatible>. If you have such data then you you
should set C<$Storable::interwork_56_64bit> to a true value to make this
Storable read and write files with the old header. You should also
migrate your data, or any older perl you are communicating with, to this
current version of Storable.
If you don't have data written with specific configuration of perl described
above, then you do not and should not do anything. Don't set the flag -
not only will Storable on an identically configured perl refuse to load them,
but Storable a differently configured perl will load them believing them
to be correct for it, and then may well fail or crash part way through
reading them.
[/network/web/blogging/blosxom]
permanent link
Sat, Mar 08, 2008 4:34 pm
Turning on Display of Account at Welcome Screen
I had turned off the display of an account at the Windows XP welcome screen
(see
Hiding an Account from the Welcome Screen) and needed to turn
it back on temporarily.
I checked the setting of the account from the command line with the
reg query
command. The account for which I had hidden the account
from the welcome screen display was the administrator account in this case.
C:\Documents and Settings\Administrator>reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList" /v Administrator
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList
Administrator REG_DWORD 0x0
The value of zero for HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList\Administrator
means the account is
not shown on the welcome screen.
I turned the display of that account back on with the reg add
command.
C:\Documents and Settings\Administrator>reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList" /v Administrator /t REG_DWORD /d 1
Value Administrator exists, overwrite(Y/N)? y
The operation completed successfully
I had to reboot for the administrator account to be displayed with the
other accounts on the system at the welcome screen. The picture chosen for
the administrator account was then shown with those for the other accounts,
allowing one to click on it to logon.
[/os/windows/xp]
permanent link
Sat, Mar 08, 2008 12:19 pm
Rdesktop on Solaris 10
I wanted to be able to use
rdesktop,
which is an open source client for Windows NT Terminal Server and Windows
2000/2003 Terminal Services, on an Intel-architecture Solaris 10 system,
so I downloaded the
x86
Solaris 10 version of rdesktop from
Sunfreeware.com.
Since one of the requirements for rdesktop 1.5.0 was
libiconv
, I installed it. I checked the version of gcc
on the system.
It was 3.4.3.
# /usr/sfw/bin/gcc -v
Reading specs from /usr/sfw/lib/gcc/i386-pc-solaris2.10/3.4.3/specs
Configured with: /builds/sfw10-gate/usr/src/cmd/gcc/gcc-3.4.3/configure --prefix=/usr/sfw --with-as=/usr/sfw/bin/gas --with-gnu-as --with-ld=/usr/ccs/bin/ld --without-gnu-ld --enable-languages=c,c++ --enable-shared
Thread model: posix
gcc version 3.4.3 (csl-sol210-3_4-branch+sol_rpath)
Version 3.4.6 was listed as a requirement, but I thought version 3.4.3 would
likely suffice.
Another requirement listed for rdesktop 1.5.0 was
openssl-0.9.8f. I checked the version of OpenSSL on the system with
openssl version
. OpenSSL 0.9.7d was already on the system.
# /usr/sfw/bin/openssl version
OpenSSL 0.9.7d 17 Mar 2004 (+ security patches to 2006-09-29)
After installing rdesktop 1.5.0, I checked to see if it would run with the
exiting 0.9.7d version of OpenSSL, but I received an error message when
I attempted to run it.
# /usr/local/bin/rdesktop -0 gna.insursol.com
ld.so.1: rdesktop: fatal: libcrypto.so.0.9.8: open failed: No such file or directory
Killed
I checked to see what OpenSSL package was already on the system and
saw the following:
# pkginfo | grep -i openssl
system SUNWopenssl-commands OpenSSL Commands (Usr)
system SUNWopenssl-include OpenSSL Header Files
system SUNWopenssl-libraries OpenSSL Libraries (Usr)
system SUNWopenssl-man OpenSSL Manual Pages
system SUNWopensslr OpenSSL (Root)
I checked for further information on the SUNWopenssl-commands
package and saw the following:
# pkginfo -l SUNWopenssl-commands
PKGINST: SUNWopenssl-commands
NAME: OpenSSL Commands (Usr)
CATEGORY: system
ARCH: i386
VERSION: 11.10.0,REV=2005.01.21.16.34
BASEDIR: /
VENDOR: Sun Microsystems, Inc.
DESC: OpenSSL Commands (Use)
PSTAMP: on10-patch-x20061222002936
INSTDATE: Feb 03 2008 21:00
HOTLINE: Please contact your local service provider
STATUS: completely installed
FILES: 5 installed pathnames
3 shared pathnames
3 directories
2 executables
634 blocks used (approx)
I decided to download and install the
OpenSSL 0.9.8f package from
Sunfreeware.com.
# gunzip openssl-0.9.8f-sol10-x86-local.gz
# pkgadd -d ./openssl-0.9.8f-sol10-x86-local
But, when I attempted to run the new version, which is installed in
/usr/local/ssl
, I received an error message.
# /usr/local/ssl/bin/openssl version
ld.so.1: openssl: fatal: libgcc_s.so.1: open failed: No such file or directory
Killed
I checked to see what versions of libgcc_s.so
were installed
on the system and where they were located.
# find / -name libgcc_s.so\*
/usr/sfw/lib/amd64/libgcc_s.so.1
/usr/sfw/lib/libgcc_s.so
/usr/sfw/lib/libgcc_s.so.1
Since libgcc_s.so
was located in /usr/sfw/lib
,
I then set LD_LIBRARY_PATH
to point to that directory. I was
then able to successfully run the version of openssl in /usr/local/ssl/bin
.
# LD_LIBRARY_PATH=/usr/sfw/lib
# export LD_LIBRARY_PATH
# /usr/local/ssl/bin/openssl version
OpenSSL 0.9.8f 11 Oct 2007
I was then able to use rdesktop on the Solaris 10 system to log into
a Windows Small Business Server (SBS) 2003 system as the administrator.
# /usr/local/bin/rdesktop -0 u administrator a.example.com
Note: if you use the above method of setting LD_LIBRARY_PATH
and exporting it to run rdesktop
, you will need to do so each
time you open a new terminal window.
[/os/unix/solaris]
permanent link
Fri, Mar 07, 2008 7:46 pm
fping
I needed to determine the IP addresses of all the hosts on a
LAN from a Solaris 10
system. I knew that all of them will respond to pings. To do so, I used
fping
. The
fping
program will allow you to quickly ping a range of hosts.
fping (Maintained by Thomas Dzubin)
fping is a ping(1) like program which uses the Internet Control Message
Protocol (ICMP) echo request to determine if a host is up. fping is
different from ping in that you can specify any number of hosts on
the command line, or specify a file containing the lists of hosts to
ping. Instead of trying one host until it timeouts or replies, fping will
send out a ping packet and move on to the next host in a round-robin
fashion. If a host replies, it is noted and removed from the list of
hosts to check. If a host does not respond within a certain time limit
and/or retry limit it will be considered unreachable.
Unlike ping, fping is meant to be used in scripts and its output is
easy to parse.
I downloaded the Intel architecture version of
fping for Solaris 10 from
Sunfreeware.com and installed it.
# gunzip fping-2.4b2-sol10-intel-local.gz
# pkgadd -d ./fping-2.4b2-sol10-intel-local
The following packages are available:
1 SMCfping fping
(intel) 2.4b2
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1
Processing package instance from
fping(intel) 2.4b2
ZeroHype Technologies Inc.
Using as the package base directory.
## Processing package information.
## Processing system information.
3 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
Installing fping as
## Installing part 1 of 1.
/usr/local/doc/fping/COPYING
/usr/local/doc/fping/ChangeLog
/usr/local/doc/fping/INSTALL
/usr/local/doc/fping/README
/usr/local/man/man8/fping.8
/usr/local/sbin/fping
[ verifying class ]
Installation of was successful.
Program usage information is shown below:
# /usr/local/sbin/fping -h
Usage: /usr/local/sbin/fping [options] [targets...]
-a show targets that are alive
-A show targets by address
-b n amount of ping data to send, in bytes (default 56)
-B f set exponential backoff factor to f
-c n count of pings to send to each target (default 1)
-C n same as -c, report results in verbose format
-e show elapsed time on return packets
-f file read list of targets from a file ( - means stdin) (only if no -g specified)
-g generate target list (only if no -f specified)
(specify the start and end IP in the target list, or supply a IP netmask)
(ex. /usr/local/sbin/fping -g 192.168.1.0 192.168.1.255 or /usr/local/sbin/fping -g 192.168.1.0/24)
-i n interval between sending ping packets (in millisec) (default 25)
-l loop sending pings forever
-m ping multiple interfaces on target host
-n show targets by name (-d is equivalent)
-p n interval between ping packets to one target (in millisec)
(in looping and counting modes, default 1000)
-q quiet (don't show per-target/per-ping results)
-Q n same as -q, but show summary every n seconds
-r n number of retries (default 3)
-s print final stats
-t n individual target initial timeout (in millisec) (default 500)
-u show targets that are unreachable
-v show version
targets list of targets to check (if no -f specified)
If I wanted to determine what hosts in the 192.168.1.0 to 192.168.1.255 range
exist and can be pinged, I could use the command fping -g 192.168.1.0
192.168.1.255
.
# /usr/local/sbin/fping -g 192.168.1.0 192.168.1.255
192.168.1.0 is alive [<- 192.168.1.44]
192.168.1.1 is alive
192.168.1.6 is alive
192.168.1.7 is alive
192.168.1.33 is alive
192.168.1.44 is alive
192.168.1.255 is alive [<- 192.168.1.44]
192.168.1.2 is unreachable
192.168.1.3 is unreachable
192.168.1.4 is unreachable
192.168.1.5 is unreachable
192.168.1.8 is unreachable
192.168.1.9 is unreachable
192.168.1.10 is unreachable
<text snipped>
192.168.1.30 is unreachable
192.168.1.31 is unreachable
192.168.1.32 is unreachable
192.168.1.34 is unreachable
192.168.1.35 is unreachable
<text snipped>
192.168.1.40 is unreachable
192.168.1.41 is unreachable
192.168.1.42 is unreachable
192.168.1.43 is unreachable
192.168.1.45 is unreachable
<text snipped>
192.168.1.252 is unreachable
192.168.1.253 is unreachable
192.168.1.254 is unreachable
If I don't want anything displayed for IP addresses where there was no
response, I could use fping -a -g <start address> <end
address>
, as in the example below.
# /usr/local/sbin/fping -a -g 192.168.1.0 192.168.1.255
192.168.1.0 [<- 192.168.1.44]
192.168.1.1
192.168.1.5
192.168.1.7
192.168.1.37
192.168.1.44
192.168.1.255 [<- 192.168.1.44]
The 192.168.1.0
and 192.168.1.255
addresses
are network and broadcast addresses respectively, not hosts responding to
ping packets. The 192.168.1.44
address is the address of the
system from which I ran the ping command.
[/os/unix/solaris]
permanent link
Fri, Mar 07, 2008 7:04 pm
Solaris Release Number
If you need to know the release number for Solaris 10 on a system, then
you can check
/etc/release
. You will see something like the
following there:
Solaris 10 6/06 s10x_u2wos_09a X86
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 09 June 2006
At this time, the current marketing release is
Solaris 10 8/07
.
[/os/unix/solaris]
permanent link
Tue, Mar 04, 2008 10:59 pm
Symantec AntiVirus VBN Files
The
qextract.exe
utility can be used to extract
quarantined files from the VBN files Symantec AntiVirus Corporate
Edition 8.0 and 8.1 (and possibly other versions) creates when
it quarantines infected files.
[ More Info ]
[/security/antivirus/symantec]
permanent link
Sun, Mar 02, 2008 1:56 pm
F-Secure Rescue CD 2.00
I've been using an
AVG Rescue CD to boot Windows systems from a CD, rather than the copy
of Windows installed on the system's hard drive, and then perform an antivirus
scan of the system. The AVG Rescue CD provides a Windows
GUI for performing scans
and I've found it works very well. The cost is currently $149.95 in U.S.
dollars.
Searching for other rescue CD's, I also found one from
F-Secure, which uses a
Knoppix LiveCD to boot a system to
perform an antivirus scan of the system. You can use it to boot a Windows
system to check the system for viruses without booting into a possibly
infected copy of the Windows operating system.
F-Secure Rescue CD 2.00 is free and can update itself over the network,
if a DHCP server is
available on the network to provide it with
IP configuration information.
You don't need to understand Linux to use the software; you are presented
with prompts to walk you through the process of scanning a system.
[ More Info ]
[/security/antivirus/f-secure]
permanent link
Sat, Mar 01, 2008 7:17 pm
Pins 4 and 5 in RJ-45 Cabling
I put a connector on an unterminated RJ-45 cable to connect a new system to a
LAN. I used the
T568B standard (see
Twisted Pair Connectors
for an explanation of the differences between
T568A and T568B) for the order of the pins in the connector.
I use a ByteBrothers
TVR10/100 for cable testing. I plugged the end of the cable onto which I had
just placed a connector into the remote unit and plugged the main unit into
the patch panel at the other end of the able using one of the cables
that came with the TVR10/100 test devices. The remote unit showed all 4 pairs
were ok, but at the remote unit, as the LEDs cycled green, I saw that the
4,5 pair was skipped. I disconnected the remote unit and found that the 4,5
LED was still lit on the main unit, which was odd.
I double-checked the connector I had put on the cable; it looked fine.
I punched down the end at the patch panel again without pulling the cable
out of the punchdown block, but the problem remained. I then wondered
whether I really needed pins 4 and 5 working for a 10 Mbs or 100 Mbs Ethernet
connection. Turns out I didn't. I ran a patch cable from the port on the
patch panel to the network switch and plugged the other end of the cable
into my laptop; the network connection worked.
The manual for the TVR10/100 LAN Tester provides the following information
on the cable pairs required for 10 Mbs and 100 Mbs Ethernet connections.
If a cable problem disables data communications at 100 MB/s.
The problem could be caused by not enough connected pairs: 10Base-T
data communications only requires two pair cables. There are two 100Base-T
standards, one requires two pair cables and the other requires four wire
pair cables. If a two pair cable is used, when four pair cables is required,
a slow 10 MB/s connection will be permanently established. The cable problem
could be caused by inverted pairs. A pair exists, but the pins are inverted
(e.g. 1,2 is 2,1). Or the problem could be the cabling is not rated for
100 MB/s speeds ("category 5" cable).
LAN Type | Cable Pairs
Required |
10Base-T | 1,2 |
3,6 | | |
100Base-T (Type 1 or TX) |
1,2 | 3,6 | | |
100Base-T (Type 2 or T4) |
1,2 | 3,6 | 4,5 | 7,8 |
As shown in the above table, 10Base-T or 100Base-T (Type 1 or TX) LAN ports
use two pair cables. 100Base-T (Type 2 or T4) LANs require all four pairs. It is
best to use and install Category 5 cables with all four pairs to ensure
compatibility with all three types of Base-T LANs.
If there is a short or open on pairs 1, 2 and 3,6 all communications
will be prevented. If there is a short or open on pairs 4,5 or 7,8 the
data rate may drop to 10 MB/s.
A faulty cable with missing or faulty pairs 4,5 or 7,8 may cause the
data rate on that cable to drop to 10 MB/s If this faulty cable is
between a PC and hub, all data going to and from that single PC will
be at a slow rate. If the faulty cable is between two hubs then
communications will some times be quick and other times it will be
slow. Communications between PC connected to the same hub will
be quick. Communications betwen a PC on one hub across a
faulty cable to a PC on another hub will be slow. This type of
problem can be very difficult to find without a TVR10/100.
So, I should probably fix the problem when I have time, even though the cable
provides network connectivity at the moment.
There is a clear explanation of how to build an RJ-45 Ethernet cable
at
Building a RJ-45 Ethernet cable of a specific length (light version)
. A source explaining the difference between 568A and 568B standards
is
Twisted Pair Connectors.
How to wire Ethernet Cables is another good reference for Ethernet
cables.
[/network/cabling]
permanent link
Sun, Feb 24, 2008 11:22 pm
Memory Upgrade for Gateway PC Model Number MFATXPN1 ESX 500S P04
I upgraded the memory in a Gateway PC model number MFATXPN1 ESX 500S P04
(that is the model number listed on the back of the computer).
The system, which was running Windows XP Professional, had only 256 MB of
memory installed.
The following memory module was already in the system:
MT8VDDT3264AG-265C4, PC2100U-25330-A1 |
US BZABW72029 200303 |
256MB, DDR, 266MHz, CL2.5V |
The BIOS memory information was as follows:
BIOS Settings
BIOS Version | RG84510A.15A.0021.P11 |
|
Processor Type | Intel (R) Pentium (R) 4 |
Processor Speed | 2 GHz |
System Bus Speed | 400 MHz |
System Memory Speed | 266 MHz |
|
Cache RAM | 512 KB |
|
Total Memory | 255 MB |
Memory Bank 0 | 256 MB (DDR 266) |
Memory Bank 1 | Not Installed |
I installed the following PNY
memory module in the second of the two memory slots in the system.
PNY 512MB
DDR
PC2700
333MHz / 266 MHz
OPTIMA&trade Memory
The following information was on a sticker on the module:
512MB,DDR DIMM,Q |
ASSY. IN TAIWAN |
64WQD-T PO135492 |
The package had "MD0512SD1-333-BB" on it above the
UPC. The
UPC was 7 51492 34983 1
.
When I booted into Windows and ran winver
, it showed
"Physical memory available to Windows: 784,176KB".
I ran a 30 minute test of the memory with
Windows Memory Diagnostic
Beta. No errors were found in the 3 passes of the diagnostic program that
were run.
[/hardware/pc/memory]
permanent link
Sun, Feb 24, 2008 10:44 pm
Memory Upgrade and Sound Card installation in Gateway E2300 PC
I upgraded the memory in a Gateway PC model number
MATXHDS MDW E 2300 (that is the model number listed on
the back of the computer; a sticker on the side of the
computer lists the model number as E2300). The system, which was running
Windows XP Professional, had only 256 MB of memory installed.
BIOS Utility - Main
|
BIOS Version | BF86510A.15A.0080.P18 |
|
Processor Type | Intel(R) Celeron(R) CPU |
Processor Spped | 2.8 GHz |
Systm Bus Speed | 533 MHz |
System Memory Speed | 333 MHz |
|
L2 Cache RAM | 256 KB |
Total Memory | 256 MB |
Memory Mode | Single Channel |
Memory Channel A Slot 0 | 256 MB (DDR333) |
Memory Channel A Slot 1 | Not Installed |
Memory Channel B Slot 0 | Not Installed |
Memory Channel B Slot 1 | Not Installed |
I also needed to install a sound card, since the on-board audio stopped
working. I changed the BIOS settings for the on-board audio support from
"enabled" to "disabled". The option is listed under Advanced then
Peripheral Configuration in the BIOS Setup Utility.
I checked the Crucial Memory site
for information on the memory that the system will support.
Manufacturer | Gateway |
Product Line | E Series |
Model | E2300 (4 DIMM slots) |
The Crucial Memory site providded the following information at
Computer memory upgrades for Gateway E-2300 Series (4 DIMM Slots)
Maximum Memory: | 4096MB |
Standard Memory | 256 or 512 removable |
Slots: | 4 (2 banks of 2) |
Although the memory can be installed one module at a time, the best
performance comes from using matched pairs of modules.
Each memory slot can hold DDR PC3200, DDR PC2700 with a maximum of
1 GB per slot.*
*Not to exceed manufacturer supported memory.
The Crucial Memory site also had the following series of questions and
answers regarding memory for the system:
Q: Will my system recognize the maximum upgrade?
A: Possibly
How much memory your Windows OS will recognize depends on which version of
Windows you are running. 32-bit versions of Windows will see (and utilize)
only 3GB or 3.5GB. To utilize more memory, install a 64-bit version of your OS.
More information about OS memory maximums can be found at
http://www.crucial.com/kb/answer.aspx?qid=4251.
Q: What memory goes into my computer, and will a
faster speed be backward-compatible?
A: DDR memory with support for DDR PC3200,DDR PC2700 speeds.
Because DDR memory is backward-compatible, you can safely upgrade your system
with any of the guaranteed-compatible DDR speeds listed below, even if your
manual calls for PC1600 or PC2100 speeds. [DDR PC3200 and DDR PC2700 modules
were listed below the statement]
Q: How much memory can my computer handle?
A: 4096MB
Adding the maximum amount of memory will improve performance and help extend
the useful life of your system as you run increasingly demanding software
applications in the future.
Q: Do I have to install matching pairs?
A: Yes
Your system requires that you install memory in pairs.
The system had a 256 MB memory module in Channel A DIMM0. That module
had the following information on a sticker on it.:
Hynix |
KOREA 03 |
PC2700U | 0430 |
256MB DDR 333MHz CL2.5 |
HYMD232646B8J-J AA-A |
I put the following memory in the system:
Kingston Technology
Value RAM
KVR333/1GR
The module had a sticker on it with the following information:
Kingston Technology |
KVR |
KVR333/1GR |
740617072662 | 2.5V |
Warranty Void if Removed |
The Crucial Memory site indicated that memory must be installed in
matching pairs, but I wasn't sure if that applied just to modules inserted
in the same channel, i.e., I wasn't sure if I could install the 1 GB module
in Channel B, since the 256 MB module was in channel A.
I put the new module in Channel B DIMM0. When I powered on the system,
I saw "1264MB System RAM" but then received the error message
"Dual-channel operation requires identical paired
DIMMs installed across both memory channels." I then tried the new
1 GB module in Channel A DIMM1. Again I saw "1264MB System RAM" and
the same error message, so I removed the 256 MB module and moved
the 1 GB module to Channel A DIMM0. This time when I powered on the
system I saw "1008 System RAM" followed by "Keyboard Error" and then
"Memory Size Decrease". I powered the system off and on and didn't
see the keyboard or "memory size decrease" messages again, though
the system did display "1008 System RAM" again.
When I checked the BIOS configuration, I saw the following:
BIOS Utility - Main
|
BIOS Version | BF86510A.15A.0080.P18 |
|
Processor Type | Intel(R) Celeron(R) CPU |
Processor Spped | 2.8 GHz |
Systm Bus Speed | 533 MHz |
System Memory Speed | 333 MHz |
|
L2 Cache RAM | 256 KB |
Total Memory | 1024 MB |
Memory Mode | Single Channel |
Memory Channel A Slot 0 | 1024 MB (DDR333) |
Memory Channel A Slot 1 | Not Installed |
Memory Channel B Slot 0 | Not Installed |
Memory Channel B Slot 1 | Not Installed |
When I selected the Advancecd tab in the BIOS Setup Utility
and then chose Video Configuration, I saw the following:
Video Configuration |
Primary Video Adapter |
[AGP] |
Frame Buffer Size |
[ 16MB] |
Presumably, the remaining 16 MB of the 1024 MB module is being allocated
to the frame buffer, which is why the system is reporting 1,008 MB during
the Power-on
Self-test (POST) process.
When I booted into Windows and ran winver
, I saw
"Physical memory available to Windows: 1,030,896 KB".
I had also installed a Dynex model DX-SC51 sound card in PCI slot 1
at the same time I installed the memory.
When I checked on the sound card, Windows Media Player reported
"Windows Media Player cannot play the file because there is a problem
with your sound device. There might not be a sound device installed
on your computer, it might be in use by another program, or it might not be
functioning properly."
Under the Device Manager, I saw "Unknown device" listed under
display adapters, but no new audio device listed. When I tried
to install the Dynex driver, I saw the warning message "Undetermine Card!
Please do not click cancel on device manager!" Clicking on OK
there produced another warning message "OS not support!"
I opened the case and checked the sound card. I found it wasn't
seated fully in its slot. I reseated the card. When I rebooted and logged
in as the adminsitrator, the Found New Hardware Wizard appeared.
I inserted the CD that came with the sound card. The wizard indicated it
found a Multimedia Audio Controller, an Envy24 Family Audio Controller WDM.
After the sotware was installed, I was able to play music files on the
system and hear sound from the speakers.
I ran a memory test on the new memory module with
Windows Memory Diagnostic
Beta. I let the test run for an hour and 30 minutes. The diagnostic program
completed 22 passes with no errors found.
[/hardware/pc/memory]
permanent link
Sun, Feb 24, 2008 11:51 am
Switching Rdesktop from Full-Screen to Windowed Mode
Rdesktop is free, open-source,
software that provides the capability for remotely controlling a
Microsoft Windows system from a Linux or Unix system.
I sometimes encounter a problem where I can't see the taskbar at the
bottom of the Windows display or the bottom of windows displayed on the
remote Windows system due to differences in the resolution for the
screen on the Linux/Unix system and the resolution of the Windows system.
The problem can be resolved by specifying the -f
option when
starting rdesktop
, so that you get a full screen display., e.g.
rdesktop -0 -f -u jsmith 192.168.0.44
. But what do you do
when you wish to put the remote session in a window rather than have it
occupy the full screen without disconnecting? You can hit the
Ctrl-Alt-Enter
keys simultaneously to switch to a windowed
view. You can also use Ctrl-Alt-Enter
to switch to a full-screen
view, if you didn't start redesktop
with the -f
option.
References:
- Rdesktop
Rdesktop.Org
-
Controlling a Windows System from a Linux System
January 12, 2006
MoonPoint Support
[/os/windows/software/remote-control/rdp]
permanent link
Sat, Feb 23, 2008 11:34 pm
Ghost Console Waiting for Console Services
On a system with Symantec Ghost 7.5,
I tried starting the
Ghost Console, but it hung
with the following message:
Wait... |
Waiting for console services to start |
Cancel
|
When I checked the Ghost services (click on Start, select
Run, type services.msc
and hit Enter),
I found the Symantec Ghost COnfiguration Server
was
started, but not the Symantec Ghost Database Service
,
which had a manual
startup type. I double-clicked on
Symantec Ghost Database Service
and clicked on the
Start button to start it. I received the error message below:
Services |
|
Could not start the Symantec Ghost Database Service service on Local
Computer.
Error 2: The system cannot find the file specified.
OK
|
The "path to executable" value was C:\Program Files\Symantec\Ghost\bin\dbserv.exe
. When I
checked, I found there was no C:\Program
Files\Symantec\Ghost
directory. I believe
it wasn't recovered when a disk drive problem
occurred previously. To correct the problem, I reinstalled
Symantec Ghost. I chose the Repair
option
during the installation. At the end of the repair operation,
I saw the error message below:
Symantec Ghost Configuration
Server |
|
08001 [Sybase][ODBC Driver][Adaptive Server
Anywhere]Unable to connect to
database server: Database server not running
Error 2: The system cannot find the file specified.
OK
|
So I tried the Remove
option to "Remove
Symantec Ghost Corporate Edition from your computer".
After deinstalling the software, I reinstalled it.
The Symantec Ghost Console then started
without a problem. And when I checked the running
services, I saw that both Symantec Ghost
Configuration Server
and Symantec
Ghost Database Service
were started.
I didn't see the client systems in the default machine
group, so thought I had to add the client systems back into the
console. When I tried to reinstall the client
software on a system, the installation failed.
When I checked the
RemoteInstall.log, I saw the reason listed
as "Remotely Installed Client is installed on this
machine."
To resolve the problem I restored the
privkey.crt
, pubkey.crt
,
and C:\Program Files\Symantec\Ghost
directory from a Ghost backup I had from some time ago.
To backup those files and that directory or restore
over them, you should close the Ghost Console,
if you have it open, and stop the running Ghost services.
You can stop the Ghost services by clicking on
Start, then selecting Run
and typing the following command and hitting
Enter. You need to include the double
quotes where shown below.
"c:\program files\symantec\ghost\ngserver.exe" -stop
If you check the running services, you should then see
both Symantec Ghost Configuration Server
and
Symantec Ghost Database Service
are stopped.
I then restored the privkey.crt
,
pubkey.crt
, and C:\Program
Files\Symantec\Ghost
directory from the backup.
Afterwards, I ran the command
"c:\program files\symantec\ghost\ngserver.exe" -start
to restart the Symantec Ghost services. I then saw the
systems in the default machine group I had been using
previously for the Ghost backups.
References:
-
How to move the Symantec Ghost Solution Suite 1.x Console to a different computer
or retain Console settings during a reinstall
Document ID: 2001050812540225
Last Modified: 11/08/2007
Date Created: 05/08/2001
Operating System(s): DOS, Windows 95, Windows 98, Windows NT,
Windows 2000, Windows ME
Product(s): Symantec Ghost 7.0, Symantec Ghost 7.5,
Symantec Ghost 8.0, Symantec Ghost 8.2, Symantec Ghost Solution Suite 1.0,
Symantec Ghost Solution Suite 1.1
Release(s): Ghost 7.0 [All Releases], Ghost 7.5 [All Releases],
Ghost 8.0 [All Releases], Symantec Ghost 8.2 [All Releases], Symantec
Ghost Solution Suite 1.0 [All Releases], Symantec Ghost Solution Suite 1.1
Symantec Corporation
[/os/windows/utilities/backup/ghost]
permanent link
Sat, Feb 23, 2008 2:21 pm
Bopup Scanner
Bopup Scanner is a
freeware network scanner that displays active computers with user names
logged into the computers (NetBIOS), MAC and IP addresses. Bopup Scanner also
recognizes and shows HTTP (Web) servers running on remote computers (TCP ports
80, 8080), if you select the option to have it scan for webservers, quickly
detects online computers, and allows you to browse shared resources of a remote
computer. You can save the results of a scan to a text file.
Bopup Scanner will perform a NetBIOS scan of a network, which will
show Windows systems on the network. The program first tries to
ping an address it is scanning. So, if you were watching its
scan with a sniffer, you would see an
ARP request
for the IP address. If there is a reply to the ARP request, an
ICMP echo
request is sent to the IP address. If an echo reply is received,
Bopup Scanner will then check for a response from the scanned IP address on
UDP port 137.
Port 137 is associated with the NetBIOS Name Service commonly used
on systems running the Microsoft Windows operating system. The
NetBIOS Name Service is typically how Windows computers find out information
concerning the networking features offered by a computer, such as system name,
file shares, etc.
Because it is only scanning for responses to NetBIOS Name Service requests,
Bopup Scanner will show a red circle for IP addresses where it received no
response to a NetBIOS Name Service query, even though there may be a system
at that address. E.g. there may be a Linux system, networked copier, router,
etc. at the address.
Regarding installation of the software, there is no installation procedure for
the program. You simply run scanner.exe
. When you first run it,
it will create the following registry entries:
Keys added: 5
-------------
HKEY_CURRENT_USER\Software\B Labs
HKEY_CURRENT_USER\Software\B Labs\Bopup Scanner
HKEY_CURRENT_USER\Software\Bopup Scanner
HKEY_CURRENT_USER\Software\Bopup Scanner\Scanner
HKEY_CURRENT_USER\Software\Bopup Scanner\Scanner\Settings
After starting the program, click on the Refresh button with
the green arrows next to it on the toolbar menu to begin a scan of the
subnet the system is on.
If you wish to check on whether a webserver is running on any of the
scanned IP addresses, click
on Options and check "Scan for HTTP servers (80, 8080 ports)".
You can save the results to a text file by clicking on Actions
and selecting Save list.
The developer, B-Labs Software,
also offers other
software that can be used for secure instant messaging.
Download Bopup Scanner
Developer Website
MoonPoint
Support (may not be the most current version)
[/network/tools/scanning/bopupscanner]
permanent link
Thu, Feb 21, 2008 12:34 pm
Internet Explorer Crash Recovery
An area in which
Opera is far superior
to Internet Explorer as a web browser is crash recovery. Internet Explorer,
even in version 7.0, does not provide any crash recovery features. In
Opera, should the browser or system crash, when you reopen the browser,
you can go back to exactly where you were prior to the crash. You can
have all of your tabs reopened and even move backwards through the prior
URLs you visited
in each tab. In contrast, Internet Explorer offers no crash recovery
features. Since I've often encountered probelms with Internet Explorer
crashing or hanging, I find the lack of any crash recovery features in the
browser to be a major drawback to using Internet Explorer.
So, I decided to look for an add-on that might add similar
functionality for Internet Explorer. I found a free add-on, IE7Pro, that offers that functionality
as well as other enhancements for Internet Explorer. The developer states
"IE7Pro includes Tabbed Browsing Management, AD Blocker, Flash Block,
Super Drag Drop, Crash Recovery, Proxy Switcher, Mouse Gesture, Tab
History Browser, Inline Search, User Agent Switcher, Webpage Capturer,
Greasemonkey like User Scripts platform, User Plug-ins and many more
power packed features. You can customize not just internet Explorer, but
even your favorite web site according to your need and taste using IE7Pro."
During the installation, which uses a Nullsoft Install System v2.33
installation program, you are given the option to select default settings,
which are shown below:
Please select default settings:
[x] Enable ADblock
[ ] Enable Userscripts
[ ] Enable Plugins
[X] Enable Spelling Checker
[ ] Set EasyHome as Homepage
At the end of the installation, you are requested to set the default
search engine to be IEPro's Google based search, to help finance
further development of the software, but you don't have to
do so. Selecting that option is certainly a small measure that you can
take to make continued development of the software possible.
To simulate a system crash, I powered off the system. When I
restarted the system and opened Internet Explorer, I saw a "Crash
Recovery" window stating "Your last session crashed, Please review and
open last URLs. All of the Internet Explorer 7 tabs I had open previously
were listed and checked to be reopened. I could deselect tabs I didn't
want reopened, if I wished. There were also Select All and
Select None buttons. I chose to reopen all of the tabs I had
open previously. Unfortunately, unlike Opera's crash recovery feature,
I couldn't click on the backwards arrow button in Internet Explorer
to view my history of previously visited sites in any tab. So, IE7Pro
definitely offered an improvement over the total lack of crash recovery
features in Internet Explorer, but also falls far short of the built-in
crash recovery features of Opera.
References:
-
IE7Pro User Guide
IE7Pro.com
-
IE7Pro FAQ
IE7Pro.com
[/network/web/browser/ie]
permanent link
Tue, Feb 19, 2008 11:27 pm
Counting Non-Blank Cells in a Spreadsheet and Using Multiple Criteria for Counting
Either the
counta
or
countif
functions can
be used to count the number of cells that are not blank in
a spreadsheet.
E.g., suppose you have the following information in a spreadsheet
| A | B |
1 |
apple | maple |
2 |
| oak |
3 |
plum | birch |
4 | | birch |
5 | apricot | |
The function counta(A1:A5)
would count those cells that
aren't empty in cells A1 to A5 yielding 3
.
The function countif(B1:B5,"*")
would also count those
cells that contain text in cells B1 to B5, yielding 4
as well.
Note: counta
will count cells that have formulas
in them even though those formulas may amount to nothing appearing
in the cell, i.e. they evaluate to "".
If you wanted to count the number of cells that contained specific
text, e.g. birch
, you could use
countif(B1:B5,"birch")
, which would yield 2
.
The count is case insensitive, i.e., if one of the cells contained "BIRCH",
instead of "birch", the count would still be equal to two.
If you wanted to count the number of cells that contained "birch" in
column B and "plum" in column A, then countif
won't work, since
you can only specify one criteria with it. You could use sum
instead. E.g. sum((B1:B5="birch")*(A1:A5="plum"))
, which
yields 1
. The *
in this case "ands" the two
conditions. Note: You have to hit the Ctrl, Shift, and Enter keys
simultaneously when you've typed the formula in order to enter it. If you
don't, you will see a #value
appear in the cell. This type of
formula is considered to be an "array" formula or CSE formula, since it
requires the Ctrl-Shift-Enter keys to be hit to enter it. When it is entered,
you will see {}
appear around the formula.
References:
-
Excel -- Worksheet Functions -- Count Cells
Last updated: November 11, 2006
Contextures -- Microsoft Office
Consulting
-
Excel Developer Tip: Summing and Counting Using Multiple Criteria
Excel Developer Tip Archives
[/os/windows/office/excel]
permanent link
Mon, Feb 18, 2008 8:30 am
Symantec AntiVirus Server Could Not Collect Log Data From Client
On a Symantec AntiVirus Corporate Edition 8.1 server, I tried checking the
logs for a client system through the Symantec System Center by unlocking
the server group, right-clicking on a client system, selecting
All
Tasks,
Symantec AntiVirus,
Logs, and
Scan
History. I received a message that the log data couldn't be
collected from the selected computer.
Symantec AntiVirus Management Snap-In |
Symantec AntiVirus could not collect all the log
data from the selected computer(s).
Please verify that Symantec AntiVirus is running on these computers.
OK
|
I received the same message if I tried viewing any log.
Symantec has a knowledgebase article on the problem at
Error: "Symantec AntiVirus could not collect all the log data from the
selected computer(s) . . ." when viewing client logs in Symantec System Center
. I followed the steps listed in that article.
I could ping the IP address of the system and ping -a 192.168.0.7
showed the hostname associated with the address. I could also ping the server
from the client system using ping
and ping -a
,
which confirmed network connectivity and the ability to do reverse lookups
on the IP addresses to get host names.
I checked for the presence of any .cer server group root certificate on
the server and the client. I didn't see any .cer file on either system, but
nor did I see a certificate on a client for which I could successfully check
log files from the antivirus server, so I didn't think that was the source
of the problem.
I could successfully start the Symantec AntiVirus Client program on
the client system. It showed the correct server name. Though nothing
was listed for "group", nothing was listed for "group" on a system I could
successfully query from the server, either.
And from the server, I could query the client and see that the
Symantec rtvscan.exe
program was running.
C:\>tasklist /s 192.168.0.7 /fi "imagename eq rtvscan.exe"
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
Rtvscan.exe 1760 0 46,604 K
When I checked the Windows XP firewall settings on a system I could successfully
query from the antivirus server, I saw a firewall rule listed for
User Datagram
Protocol (UDP) port 2967, which the Symantec RTVScan program uses.
I checked the firewall rules on the system
I couldn't successfully query with the command netsh firewall show
portopening
. I did not see a rule for RTVScan, so I created one from
the command line using the command netsh firewall set portopening
protocol = UDP port = 2967 name = "Symantec AntiVirus Client Management"
mode = ENABLE scope = CUSTOM 192.168.0.33
(IP address 192.168.0.33
corresponds to the IP address of the antivirus server).
When I tried checking the antivirus log files from the server again, I
still could not do so. Looking at the firewall rules on the client
with netsh firewall show portopening verbose = enable
(you
have to specify the verbose
option to see the scope of
rules), I saw that I had mistyped the IP address of the server when I
created the RTVScan rule with the netsh command. So I re-entered the
netsh firewall set portopening protocol = UDP port = 2967 name =
"Symantec AntiVirus Client Management" mode = ENABLE scope = CUSTOM
192.168.0.33
command exactly as before with the exception that this
time I specified the IP address correctly.
I was then able to check the virus history and other logs on the client
from the Symantec System Center.
References:
-
Error: "Symantec AntiVirus could not collect all the log data from the
selected computer(s) . . ." when viewing client logs in Symantec System Center
Document ID: 2003032010404748
Last Modified: 11/15/2006
Date Created: 03/20/2003
Operating System(s): Windows 2000, Windows Server 2003 32-bit Edition,
Windows 98, Windows Me, Windows NT 4.0 SP6a, Windows 2000 Professional, Windows
XP Professional
Product(s): Symantec AntiVirus Corporate Edition 10.0, Symantec
AntiVirus Corporate Edition 8.0, Symantec AntiVirus Corporate Edition 9.0,
Symantec Client Security 3.0, Symantec AntiVirus 10.1, Symantec Client Security
3.1
Release(s): SAV 10.0 [All Releases], SAV 8.0 [All Releases], SAV 9.0
[All Releases], Symantec Client Security 3.x [All versions], Symantec AntiVirus
10.1, Symantec Client Security 3.1
Symantec Corporation
-
Allow Rtvscan Access Through Windows XP Firewall
April 9, 2007
MoonPoint Support
-
Configuring Windows XP Firewall for Symantec Antivirus Client
April 9, 2007
MoonPoint Support
[/security/antivirus/symantec]
permanent link
Sun, Feb 17, 2008 11:45 pm
Unable to Unlock Symantec AntiVirus Server Group
I was unable to unlock the server group on a Symantec AntiVirus Corporate
Edition 8.1 server. I was also unable to start the Symantec AntiVirus
Server service or update the virus definitions on the server.
I discovered the problem was due to corrupt virus definitions.
[ More Info ]
[/security/antivirus/symantec]
permanent link
Sun, Feb 17, 2008 8:18 pm
Encoding Spaces in URLs
If you have a filename that includes spaces, you should encode the URL that you
use for any links to the document, i.e.
%20
should be used wherever
a space occurs in the filename.
You can go to
URL Encoding to see a list of characters that should be encoded, such as the
space character. You can also plug in a URL there and have it converted to a browser
safe version.
[/network/web/browser]
permanent link
Sun, Feb 17, 2008 5:41 pm
IP and Domain Name Reputation Sites
An
IP address may be added to a
DNS Blacklist (DNSBL), if spam
is detected as emanating from that IP address. You can check for the presence
of an IP address on various blacklists using the
MxToolBox Email Blacklist
Check, which currently checks 124 blacklists, or at individual
blacklist sites, such as
MAPS.
You can check on whether an IP address has been associated with attacks
on other systems at DShield
or myNetWatchman by
performing an IP lookup.
You can also obtain information on the "reputation" for a site
at Barracuda
Central by performing a lookup on either an IP address or a domain name.
Barracuda Networks sells widely used spam firewall devices, so a poor
reputation listing at Barracuda Central may lead to email from an IP address
listed there, or with a domain name in the body of email messages being found
there, being blocked by those using Barracuda Networks security devices.
Another reputation site is
TrustedSource. You can lookup an IP address there and see a graph
of activity associated with that site. If you see red bars on the
graph, those represent malicious activity associated with the IP address
on the days for which those bars appear.
[/network/Internet/domains]
permanent link
Sun, Feb 17, 2008 4:46 pm
Locating Cybersquatters Capitalizing on a Variant of Your Domain
Cybersquatters
may buy domains similar to yours hoping to take advantage
of someone mistyping your domain name or to mislead someone into thinking
a domain name in a URL belongs to a legitimate company or organization.
For instance many people might visit microsoft.com, so a cybersquatter might
buy micrsoft.com, which has a missing "o", so that someone making a typo that
left out that "o" would be directed to the cybersquatter's site instead, where
the cybersquatter may have nothing but ads, hoping to get money generated
from those viewing those ads. If millions of people visit microsoft.com every
week, the cybersquatter will probably get a signifiant amount of traffic
from such a typo.
Or perhaps you own example.com. The cybersquatter may purchase example.net,
if it is available. Someone seeing example.net in an email may think the
domain belongs to your company and visit a site that might have nothing but ads,
perhaps even risque ones, or the site might try to infect visitors with
adware/spyware, which might harm your company's reputation, even though you
don't own the domain name and have no control over the site.
CitizenHawk helps you locate
potential cybersquatter sites for your domain name.
[/network/Internet/domains]
permanent link
Sun, Feb 17, 2008 12:54 pm
Configure Sendmail to Listen on All Addresses
If you can't connect to the
SMTP port on a system, i.e.
port 25, from external hosts, but you can connect from the system itself,
then you need to comment out a line in
sendmail.mc
that
restricts connections to the local loopback address, 127.0.0.1.
I.e., if you can use telnet 127.0.0.1 25
and see the sendmail
banner, but when you use telnet 192.168.0.44 25
(presuming
192.168.0.44 is the IP address for the mail server), you get "connection
refused" messages, then the default configuration option in
sendmail.mc
is likely preventing the connection by causing
sendmail to only listen on the loopback address.
# telnet 192.168.0.44 25
Trying 192.168.0.44...
telnet: connect to address 192.168.0.44: Connection refused
telnet: Unable to connect to remote host: Connection refused
To resolve the problem, look for the following lines in sendmail.mc
, which on a Linux system will likely be in the /etc/mail
directory.
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
Edit the sendmail.mc
file from the root account. Put a
dnl #
at the beginning of the DAEMON_OPTIONS
line to comment out the line.
dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
Then issue the following commands:
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
/etc/init.d/sendmail restart
The first command rebuilds the .cf configuration file from the modified
.mc file. The second restarts sendmail so that it is using the new
configuration file.
[/network/email/sendmail]
permanent link
Fri, Feb 15, 2008 7:02 pm
216-115-223-200.expertcity.com HTTPS Access
While monitoring a
LAN
with
Show Traffic, a
network monitoring application for Windows systems, I noticed two
systems contacting 216.115.223.200 [ 216-115-223-200.expertcity.com ]
on port 443 (HTTPS).
Since the communications occurred at 18:30 when the
employees using those systems would have gone home, I did a
Google search on the
FQDN,
216-115-223-200.expertcity.com, which was associated with that address.
A
McAfee SiteAdvisor webpage linked the site with
GoToMeeting, i.e.
legitimate software on the users' systems. That webpage stated "When we
installed and ran GoToMeeting 2.0.0.127 (gotomeeting.exe), the following
network servers were contacted." It then listed the following addresses:
216-115-222-200.expertcity.com
216-115-223-200.expertcity.com
[/os/windows/network/monitoring/show_traffic]
permanent link
Fri, Feb 15, 2008 5:08 pm
Wed, Feb 13, 2008 10:53 pm
Configuring SNMP on a Netopia R7220-T Router
To configure
SNMP
on a Netopia R7220-T router, take the following steps:
- From the main menu, select System Configuration.
Netopia R7220-T v4.6.2
Easy Setup...
WAN Configuration...
System Configuration...
Utilities & Diagnostics...
Statistics & Logs...
Quick Menus...
Quick View...
Return/Enter displays options for the system.
You always start from this main screen.
From the System Configuration menu, select SNMP
(Simple Network Management Protocol)....
System Configuration
Network Protocols Setup...
Filter Sets...
IP Address Serving...
Date and Time...
Console Configuration...
SNMP (Simple Network Management Protocol)...
Security...
Upgrade Feature Set...
Logging...
Return/Enter to set up basic SNMP options (Community Strings, Traps, etc.).
From the SNMP Setup window, specify the desired SNMMP configuration.
SNMP Setup
System Name:
System Location:
System Contact:
Read-Only Community String: public
Read/Write Community String:
Authentication Traps Enable: Off
IP Trap Receivers...
Configure optional SNMP parameters from here.
You can put in whatever name you would like to use for the router in the
System Name field, e.g. Netopia Router
and then hit
Enter to advance to the next field, where you can specify the location,
e.g. 1020 Maple Street
. Hit Enter to fill in the
System Contact field. The default read-only community string is
public
. To prevent others from accessing information from the
router, you can provide another community string. You can provide a
read/write community string as well, if you like. If you want authentication
traps sent to another device, enable authentication traps and specify IP
trap receivers. Otherwise, you can leave these as is.
You can return to the main menu, if you wish, by hitting the
Escape key until to back up through the menus.
If you want a free program to monitor the router via SNMP from a Windows
system, try PRTG Traffic Grapher.
It is fairly straight-forward to set up and can even install its own
webserver on the system on which you install it. If you already have webserver
software running on the system on which you install it using port 80, PRTG
will automatically set up its own webserver at port 8080. Or you can choose
a different port, if you prefer. You can specify userids and passwords granted
access to the webserver, where the PRTG graphs are displayed.
[/hardware/network/router/netopia]
permanent link
Wed, Feb 13, 2008 9:25 pm
FTP Attacks from 221.130.187.49 and 202.57.128.159
The system became unresponsive for a time. I ran
kripp and found two systems conducting FTP brute-force
password guessing attempts.
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: poiuyt [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: purple [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: ranger [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: 111111 [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: purple [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: ranger [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: 111111 [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: 123go [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: 000000 [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: Airhead [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: oracle [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: Braves [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: library [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: Sparky [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: linux [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: angela [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: unix [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: brandy [F]
ftp password :: frostdragon.com -> 202.57.128.159.sta.isp-thailand.com :: anna :: amanda [F]
ftp password :: frostdragon.com -> 221.130.187.49 :: james :: cindy [F]
I blocked the 221.130.187.49 system with route add 221.130.187.49 reject
. I then checked DShield to
learn if it has been observed attacking other systems. The
DShield report
for 221.130.187.49 showed it was first reported engaged in hostile
activity on 2008-02-11 and the last reported incident was today
2008-02-13. The IP address is a Chinese address. When I checked the
IP Details
for the ports the system was attacking, I found it was listed only
for port 21 attacks, i.e. FTP
attacks.
It was also listed at myNetWatchman.
The Incident
Detail report for that IP address at myNetWatchman showed the system
had been attacking other systems on port 21 and port 22 (SSH) as well from
February 5, 2008 onwards.
I then checked the second system attacking, which was
202.57.128.159.sta.isp-thailand.com. The IP address for it is 202.57.128.159.
Note: a reverse lookup on 202.57.128.159 yields a Fully Qualified Domain Name
(FQDN) of 202.57.128.159.sta.isp-thailand.com, but a forward lookup on
202.57.128.159.sta.isp-thailand.com does not yield an IP address.
I ran an nmap scan of it to see what operating system it was running. I got
the following results:
# nmap -P0 -O 202.57.128.159
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Insufficient responses for TCP sequencing (1), OS detection may be less accurate
Interesting ports on 202.57.128.159.sta.isp-thailand.com (202.57.128.159):
(The 1588 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
80/tcp open http
111/tcp open sunrpc
135/tcp filtered loc-srv
137/tcp filtered netbios-ns
199/tcp open smux
443/tcp open https
445/tcp filtered microsoft-ds
3306/tcp open mysql
4444/tcp filtered krb524
8009/tcp open ajp13
8080/tcp open http-proxy
10000/tcp open snet-sensor-mgmt
Remote operating system guess: Linux Kernel 2.4.0 - 2.5.20
Nmap run completed -- 1 IP address (1 host up) scanned in 173 seconds
Visting http://202.57.128.159/ with
a browser showed "Welcome to web4.thaibestserver.net".
When I checked DShield for any reports
on hostile activity for that IP address, which is a Thai address,
I found it was first reported
engaged in hostile activity on 2008-02-08 with the most recent report
dated 2008-02-09 (see
IP Info
(202.57.128.159)). The
IP Details
202.57.128.159 report showed all of the incidents to be FTP attacks.
There was also an
Incident Detail report for it at
myNetWatchman, which also showed the system engaged in FTP attacks from
February 6 onwards.
I blocked it with route add 202.57.128.159 reject
.
I also turned off the FTP service on the system, since it isn't needed
at the moment.
[/security/attacks]
permanent link
Wed, Feb 13, 2008 3:41 pm
PrimoPDF Producing Zero Byte Files
I installed
PrimoPDF 3.0 on a system.
PrimoPDF provides free PDF converter software that will allow you to
"print" documents to a PDF file. After installing the software,
I could print to PDF files without a problem from the administrator account
from which I installed the software, but when I printed to a PDF file using
the PrimoPDF "printer", I would receive the error message below:
Adobe Reader |
Adobe Reader could not open 'http.pdf' because it
is either not a supported file
type or because the file has been damaged (for example, it was sent as an
email attachment and wan't correctly decoded).
OK
|
When I checked the PDF files produced by PrimoPDF, I found they were always
zero bytes in size. When the files were being produced I would hear an
error beep.
An
Error after converting posting at the
PrimoPDF Forums, suggested giving the
Users group on the system full control of the directory into which PrimoPDF
is installed.
From the Windows Explorer, I right-clicked on the directory under
Program Files
into which I had installed PrimoPDF and chose
Properties. I saw that the Users group had only read access, i.e. only
the read & execute, list folder contents, and read permissions were granted
to the Users group for that folder.
Note: you can use the cacls
command to check permission from
the command line, e.g. cacls "\program files\primopdf"
, if
the installation directory was \program files\primopdf
. You
will see BUILTIN\Users:(OI)(CI)R
. The R
at the
end indicates that the Users group on the system, to which all normal user
accounts belong, has only read access to that directory.
If you are logged into an account that is a member of the Administrators
group on the system, you can right-click on the directory and choose
Properties to reset the security permissions. Click on the
Security tab, then select the Users group under "group or user
names", then grant Full Control.
Since I was logged into a normal user account at the time I encountered
the problem and had a lot of windows open and didn't want to have to close
all of them, logoff, logon as an administrator, logoff, logon to my user
account again, and then reopen all of the applications and files I previously
had open, I used the cacls
command to reset the permissions.
To use that method, you need to take the following steps, if you are currently
logged into an unprivileged user account.
- Open a command prompt window as the Administrator. On Windows XP systems,
you can do so by going to
C:\WINDOWS\system32\
and right-clicking
on cmd.exe
while holding down the shift key (if you don't hold
down the shift key at the same time, you won't see the "run as" option). Then
select Run as. Click on The following user and put in
Administrator, or some other account with administrator access, for
the user name, and enter the appropriate password. Then hit Enter
or click on OK. A command prompt window will open with Administrator
credentials.
- Enter the command
cacls "\program files\primopdf" /E /G Users:F
to give all users of the system full control of the directory where you
installed PrimoPDF, presuming that you installed it in \program
files\primopdf
. Granting full control of the directory means
they can add or delete files in that directory. The Users group will still
only have "read" access to the dll and exe files in the directory, though.
The /E
means "edit the existing Access Control List (ACL)
rather than creating a new one and the /G
grants access
for the account or accounts specified as a parameter. The F
at the end grants "full" access. You can enter cacls /?
for help with the cacls
command. You will see something
like "processed dir: C:\program files\PrimoPDF", if the
command is successfully executed.
[/os/windows/software/pdf]
permanent link
Tue, Feb 12, 2008 9:43 pm
Smart Network Data Services for Tracking Email to Hotmail.com Addresses
Microsoft offers
Smart Network Data Services, which allows someone to view data
on email transmitted from IP addresses for which he or she is resonsible
to hotmail.com email addresses. Microsoft describes the service as
follows:
Smart Network Data Services (SNDS) is a revolutionary Windows Live Mail
initiative designed to allow everyone who owns IP space to contribute to the
fight against spam, malware, viruses, and other internet evils, and to protect
e-mail and the internet as a valued communications, productivity and commerce
tool. Windows Live Mail and MSN Hotmail, with over 250 million active user
accounts world-wide, is in a unique position to collect and analyze e-mail
activity data. By providing that data to service providers, most of whom
wouldn.t otherwise have access to any such data, they are empowered to use
their relationship with their customers to react and take repair actions, such
as preventing spam from originating within their IP space. The overarching
goal of SNDS is to make the Internet a better, safer place. Working together,
Windows Live Mail and service providers can make their respective customers
happier and more satisfied with the various services we all provide.
To request a Smart Network Data Services account, go to
SNDS - Request
Access. Enter the IP address or address range for which you are
responsible and for which you wish to track email being sent to Hotmail.com
addresses.
When you click on Submit you will see the message "We've determined
that the following email addresses are associated with the specified network
in an appropriately authoritative way. Please choose one that you can receive
mail at and we will send instructions for completing the signup process to that
address." You may then see 4 addresses similar to those below:
abuse@yourdomain.com
noc@isp1.net
noc@isp2.net
postmaster@yourdomain.com
Two of the addresses will be of the form abuse@yourdomain.com and
postmaser@yourdomain.com, assuming that a reverse DNS lookup on
a provided IP address yields "yourdomain.com".
A "whois" lookup will also be done on a provided IP address using the
relevant registrar, which, if you are in the U.S. will likely be
the American Registry for Internet Numbers
(ARIN). The "OrgTechEmail" address listed for the IP address may
be used as one of the possible addresses, e.g. noc@isp1.net, if that
was the "OrgTechEmail" listed for the
ISP.
You can see further information on how the email addresses are derived
at
SNDS - FAQ.
If you have PTR
record in DNS that points back to yourdomain.com,
and wish to use one of those email addresses, make sure that you have valid
abuse@yourdomain.com and postmaster@yourdomain.com email addresses.
What data does SNDS provide?
The data provided by SNDS is meant to provide as broad a picture of an IP's
mail sending behavior as necessary for the system's consumers to be
able to stop spam. It reports on a variety of characteristics of mail
traffic. The data points provided are designed to be difficult
or impossible for spammers to avoid differentiating themselves from
well-behaved mailers. Similarly however, data isn't provided on IPs that
send very little mail because they (currently) account for a negligible amount
of spam. For each IP within the ranges that the user has been authorized,
the following data is provided:
Virus-infected emails
Malware
hosting
Open proxy
status
An email message is sent to the address you specified. You will need to go
to a link provided in that email message to grant access to the data to a
Windows Live ID account, such as a hotmail.com email address,
you specified when you requested an account.
Once you have confirmed access, you can view data at
SNDS - View Data
There you will see a calendar where you can select dates for which to view
data. You have the option to change your settings to allow access your data as
a .CSV file without the need for browser-based authentication technologies such
as Windows Live™ ID. This
facilitates access to your data via your own automated scripts or programs.
I didn't see any data listed for an IP address I specified. I know email is
sent from that address to hotmail.com users, but the volume of traffic is
fairly low. The
SNDS - FAQ
states that "data isn't provided on IPs that send very little mail because
they (currently) account for a negligible amount of spam."
[/network/email/spam]
permanent link
Tue, Feb 12, 2008 8:42 pm
Viewing Exchange Logs in Excel
The email log files for a Microsoft Exchange server can be analyzed with
Microsoft Excel. Exchange stores the log entries in a text file, which can
be imported in Excel for analysis.
[
More Info ]
[/network/email/exchange]
permanent link
Tue, Feb 12, 2008 12:30 pm
IP on LASHBACK DNS Blocklist
An IP address for a site had gotten on some blocklists, apparently
due to an infected system at the site.
I went to the
MxToolBox Email Blacklist Check page, which currently checks for the
presence of an IP address on 124 blacklists. I checked on whether the IP
address was present on any of the lists queried by the MxToolBox blacklist
check tool. It was on the
LASHBACK blacklist, with the
reason listed as "Sender has sent to LashBack Unsubscribe Probe accounts
Return codes were: 127.0.0.2", but no others.
I requested a delisting from their
Unsubscribe Blacklist
Support page. When I looked up the address at LASHBACK, I found it was
listed. When I requested it be delisted at 12:30 PM, I was notified that it
would be removed within 1 hour. When I had checked for the address on
the
MxToolBox Email Blacklist Check page, I had seen a
TTL
value of 3594, which is 59.9 minutes, listed for it for the LASHBACK list.
[/network/email/blacklist]
permanent link
Mon, Feb 11, 2008 9:03 pm
System Not Recognizing EasyShare printer dock plus
A user told me that she was no longer able to communicate
with her Kodak EasyShare C340 camera, which she plugs into
a Kodak EasyShare printer dock plus.
The following steps can be taken to see if the system is
recognizing the presence of the printer dock.
- Click on Start.
- Select All Programs.
- Select Kodak.
- Select Kodak EasyShare printer dock.
- Select Kodak printer dock firmware updater.
When the application opens, you should see the printer
name listed along with the current firmware version number
as shown below.
In this case nothing was listed under "Printer Name" nor under
"Firmware Version Number". I unplugged the
USB cable
from the computer and plugged it back in. I then saw the
message below:
USB Device Not Recognized
One of the USB devices attached to this computer has
malfunctioned, and Windows does not recognize it.
For assistance in solving this problem, click this message.
I tried plugging the device into two other USB ports
with the same results. I unplugged the cable from the
printer dock and powered it off. I plugged the cable
back in and powered it on. I then heard noises from
the unit and when I exited the Kodak printer dock firmware
updater program and restarted it, I saw entries listed
under "Printer Name" and "Firmware Version Number"
[/hardware/camera]
permanent link
Sun, Feb 10, 2008 9:45 pm
Use Custom Filter with Netopia R7220-T Router
A Netopia R7220-T router has built-in firewall capabilities.
It comes with two filter sets preconfigured, "Basic Firewall"
and "NetBIOS", but you can create your own custom filters.
To use a custom filter you have created, take the following steps.
- From the main menu, select Quick Menus and hit Enter.
Netopia R7220-T v4.6.2
Easy Setup...
WAN Configuration...
System Configuration...
Utilities & Diagnostics...
Statistics & Logs...
Quick Menus...
Quick View...
Return/Enter displays options for the system.
You always start from this main screen.
- From the Quick Menu, select Change Connection Profiles
and hit Enter.
Quick Menu
Connection Profiles Line Configuration IP Setup
Add Connection Profiles IP Address Serving Setup
Change Connection Profiles IP Filter Sets
Delete Connection Profiles Backup Config Static Routes
WAN Default Profile Network Address Translation
IPX Setup
IPX Filters & Filter Sets
Console Configuration TFTP
SNMP Setup
This menu allows you to visit most configuration screens.
- When your connection profile, e.g. Easy Setup Profile, appears
hit enter to accept it for editing.
Quick Menu
+-Profile Name---------------------IP Address----IPX Network-+
Connecti+------------------------------------------------------------+
Add Conn| Easy Setup Profile 192.168.6.25 | Setup
Change C| |
Delete C| |
WAN Defa| |anslation
| |
| |
| |er Sets
| |
| |
| |
| |
Console | |
SNMP Set| |
| |
| |
| |
+------------------------------------------------------------+
Up/Down Arrow Keys to select, ESC to dismiss, Return/Enter to Edit.
- Select IP Profile Parameters... and hit Enter.
Change Connection Profile
Profile Name: Easy Setup Profile
Profile Enabled: Yes
Data Link Encapsulation... RFC1483
IP Enabled: Yes
IP Profile Parameters...
IPX Enabled: No
Interface Group... Primary
Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes.
Modify Connection Profile here. Changes are immediate.
- Select Filter Set... and hit Enter.
IP Profile Parameters
Address Translation Enabled: Yes
IP Addressing... Numbered
NAT Map List... Easy-PAT List
NAT Server List... Easy-Servers
Local WAN IP Address: 192.168.6.25
Local WAN IP Mask: 255.255.254.0
Filter Set... NetBIOS Filter
Remove Filter Set
Receive RIP: Both
Return/Enter to select Filter Set (Firewall) for this profile.
Configure IP requirements for a remote network connection here.
- Select the custom filter set you created, e.g. "Custom", if that was the
name you used, and hit Enter.
IP Profile Parameters
+-----------------------------------+
Address Translati+-----------------------------------+
IP Addressing... | Basic Firewall |
| NetBIOS Filter |
NAT Map List... | Custom |
NAT Server List..| |
| |
Local WAN IP Addr| |
Local WAN IP Mask| |
| |
+-----------------------------------+
Filter Set... NetBIOS Filter
Remove Filter Set
Receive RIP: Both
Up/Down Arrows to select, then Return/Enter; ESC to cancel.
- Hit Esc to go back to the prior IP Profile Parameters
menu. You should now see whatever name you used for your custom filter listed
on the same line as Filter Set....
IP Profile Parameters
Address Translation Enabled: Yes
IP Addressing... Numbered
NAT Map List... Easy-PAT List
NAT Server List... Easy-Servers
Local WAN IP Address: 66.159.76.25
Local WAN IP Mask: 255.255.254.0
Filter Set... Custom
Remove Filter Set
Receive RIP: Both
Toggle to Yes if this is a single IP address ISP account.
Configure IP requirements for a remote network connection here.
- You can then keep hitting Esc until you get back to the main
menu or just disconnect from the router
[/hardware/network/router/netopia]
permanent link
Sun, Feb 10, 2008 4:39 pm
Colasoft MAC Scanner 1.1
If you need to determine the
Media Access
Control (MAC) addresses on a
LAN using a Windows system,
Colasoft provides a tool,
MAC Scanner,
which you can use to scan all IP addresses in a subnet to obtain a list
of the MAC, aka hardware addresses, associated with those IP addresses.
The
results
can be exported to a text or Comma Separated Value (CSV) file.
[/os/windows/software/network/scanner]
permanent link
Sun, Feb 10, 2008 2:02 pm
Dell PowerConnect 3024 - Finding MAC Addresses
To determine the
Media Access Control (MAC) addresses of devices connected to a Dell
PowerConnect 3024 switch, take the following steps:
- Select Address Manager from the main menu.
PowerConnect 3024
Main Menu
a. System Manager
b. Port Manager
c. Address Manager
d. Spanning Tree
e. VLAN and CoS Setup
f. Port Trunking
g. Port Mirroring
h. SNMP Management
i. Multimedia Support
j. Statistics
k. Save Configuration
Hit to configure Static Address Table or Address Aging Time
<Ctrl-L> Refresh <Ctrl-W> Save
- Select Dynamic Addresses from the Address Manager menu.
PowerConnect 3024
Address Manager
a. Static Addresses
b. Dynamic Addresses
c. Address Aging
d. Static Multicast Groups Administration
e. Static Multicast Groups Membership
Hit <Enter> to view Dynamic Addresses
<ESC> Back <Ctrl-L> Refresh <Ctrl-W> Save
You will then see the MAC addresses that have been seen by the switch for each
port. Ports with no device attached will not be listed. If nothing is listed
for a port at the time you check, though, that does not necessarily mean that
no device is attached to that port, only that no activity has been seen on
that port recently. A system could be attached to the port, but turned off, or
may be on, but has not communicated with another device over the network
recently.
If the switch is seeing multiple MAC addresses on a port, as it would
if there is another switch or hub plugged into the port, which itself
has multiple systems plugged into it, it will show all of the MAC addresses. In
the example below, 5 addreses are listed for port 6 and 4 addresses
are listed for port 16. There is another switch connected to port 6
and a hub connected to port 16.
PowerConnect 3024
Address Manager/Dynamic Addresses
Dynamic Address Learning is: Enabled
Port: VLAN ID: MAC Address: Query Next Prev
Port VLAN MAC Address Port VLAN MAC Address
--------------------------------------------------------------------------------
1:3 1 00:0c:f1:c8:99:09 1:16 1 00:09:6b:19:38:a5
1:4 1 00:13:20:97:de:e4 1:20 1 00:16:01:41:72:3b
1:5 1 00:1d:09:0a:5d:55
1:6 1 00:11:11:64:ec:bc
1:6 1 00:13:20:97:e2:cf
1:6 1 00:13:72:3b:4a:b6
1:6 1 00:16:76:96:cb:1e
1:6 1 00:17:a4:26:88:d5
1:7 1 00:11:11:5e:b5:90
1:8 1 00:11:11:a8:9c:b0
1:15 1 00:30:18:aa:70:a5
1:16 1 00:00:74:ad:e8:c6
1:16 1 00:00:c5:7c:08:7c
1:16 1 00:06:25:b5:b4:62
Hit <Space> to Enable or Disable Dynamic Address Learning
<ESC> Back <Ctrl-L> Refresh <Ctrl-W> Save
If you see a MAC address which you don't recognize, you can lookup up the
manufacturer of the network adapter associated with that address at
Vendor/Ethernet MAC Address
Lookup and Search, which may help you identify what type of device
is connected on the port showing that MAC address. For instance, when I look
up 00:09:6b:19:38:a5
, I see the vendor listed as
"IBM Corporation". When I look up 00:17:a4:26:88:d5
, I see
"Global Data Services (may now be Hewlett-Packard, HP)" listed and, in
this case, the device is an HP K5400 printer.
References:
-
Vendor/Ethernet MAC Address Lookup and Search
Coffer.com
[/hardware/network/switch/dell]
permanent link
Sat, Feb 09, 2008 8:22 pm
Setting IP Information From the Command Line
On a Windows system, you can use the
netsh interface ip set
command to configure IP parameters for the system from the command line.
E.g. the command netsh interface ip set address name="Local Area
Connection" static 192.168.0.66 255.255.255.0 192.168.0.1 1
could
be used to set the IP address to a static value of 192.168.0.66
with a subnet mask of 255.255.255.0
and a default gateway of
192.168.0.1
.
[ More Info ]
[/os/windows/commands]
permanent link
Fri, Feb 08, 2008 10:16 pm
Uploading Blocked Files to a SharePoint Server
On a Windows Small Business Server (SBS) 2003 system, I tried uploading an
exe file to the SharePoint
server, but saw the following displayed when I attempted to upload it.
Form Validation Error
Please correct the information you provided by following these steps, then
submit the information again:
- The following file(s) have been blocked by the administrator:
Downloads/Security/clamwin-0.92-setup.exe
The following steps can be taken to allow the upload of an .exe file.
Similar steps can be followed to allow the upload of other blocked
files.
- Click on Start.
- Select All Programs.
- Select Administrative Tools.
- Select SharePoint Central Administration.
- Under Security Configuration, click on Manage blocked
file types.
- Delete
exe
from the list and click on OK.
[/os/windows/sharepoint]
permanent link
Thu, Feb 07, 2008 8:01 pm
Determining Version of Microsoft Exchange
To determine what version of Microsoft Exchange is running on
a system, you can take the following steps:
- Click on Start.
- Select All Programs.
- Select Microsoft Exchange.
- Select System Manager. Note: the System Manager
is applicable if you have Exchange Server 2000 and later. For
Exchange Server 5.5 and earlier, you will need to run
Exchange Administrator.
- Click Servers. You will then see the version
displayed. For Exchange Server 2000, the version is 6.0;
for Exchange Server 2003, the version is 6.5.
You can also determine the version number, by going to
C:\Program Files\Exchsrver\bin
, right-clicking on
store.exe
, selecting Properties, and
clicking on the Version tab.
Clicking on Product version will show the version
of the Exchange software. In the case shown above, the
file version is listed as 6.5.7651.61 while the product version
is 6.5. The digits after the 6.5 in the file version don't
necessarily match the build version displayed using the first
method.
Note: the version number you see using the above methods
may not necessarily be the same version number you would
see displayed if you telnet to port 25 on the Exchange server. E.g.
the above method of determining the version of Exchange running
on a system shows it to be 6.5 (Build 7638.2: Service Pack 2), but
if I telnet to port 25 on that same Exchange server, I see the
following:
220 example.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at
Wed, 13 Feb 2008 19:07:30 -0500
I.e. the "ESMTP MAIL Service" version is not the same as the version number
for the Exchange server software on the system, so you can't infer that
the version number you see displayed when you connect to port 25 on the
system is the Exchange server version number.
References:
-
How to tell which software version your computer is using
Published: June 18, 2004
Microsoft Corporation
[/network/email/exchange]
permanent link
Wed, Feb 06, 2008 9:38 pm
HPProduct Assistant Installation Failure
While checking a user's Windows XP system, I found that every time
I logged into it a window opened for the installation of
HPProductAssistant.
HPProductAssistant |
Please wait while Windows configures HPProductAssistant
Cancel
|
Then another HPProductAssistant window would appear stating "The feature
you are trying to use is on a CD-ROM or other removalable disk that is not
available" and asking me to "Insert the 'HPProductAssistant' disk and click OK"
with "1" appearing in the "use source" field. When I clicked on the browse
button, I saw it was looking for hpproductassistant.msi
.
If I clicked on the Cancel button, I would see the error message below:
HPProductAssistant |
Error 1706.No valid source could be found for product
HPProductAssistant. The Windows Installer cannot
continue.
OK
|
If I clicked on OK, which was the only option, the process would
just repeat. Clicking on the Cancel button at the point where it
prompted for the HPProductAssistant installation file, just kept the process
repeating as well. I had to kill the application through the Task Manager to
stop it.
When I checked on what process was associated with the HPProductAssistant in the
Task Manager by right-clicking on HPProductAssistant under the Applications
tab in the Task Manager and selecting Go To Process , I found it was
hpqtra08.exe
That file is associated with
"HP Digital Imaging Monitor" software and is located in
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
When I went to Start, All Programs, and Startup, I
found "HP Digital Imaging Monitor" listed there. It was probably put there
during the installation of software for the user's printer. HP will install
a lot of other software in addition to a printer driver when you use the
HP-provided installation disc for one of their printers. Since it wasn't working
and I doubted the user had any need for it, I clicked on Start,
All Programs and Startup then right-clicked on "HP Digital
Imaging Monitor and selected Delete to get rid of the entry
from the startup group. I rebooted the system to verify that the problem would
no longer occur; it did not.
References:
-
Wait while Windows configures HPProductAssistant???
Yahoo! Answers
-
How to remove hpqtra08 error
file.net
[/os/windows/processes]
permanent link
Sun, Feb 03, 2008 7:36 pm
Determing the Package to Which a File Belongs
If you wish to determine what package a file belongs to under Solaris,
you can use the command
pkgchk -l -p /path/file
. E.g.
to determine the package to which the
openssl
program located
in
/usr/sfw/bin
belongs, the following command could be used:
# pkgchk -l -p /usr/sfw/bin/openssl
Pathname: /usr/sfw/bin/openssl
Type: regular file
Expected mode: 0555
Expected owner: root
Expected group: bin
Expected file size (bytes): 318668
Expected sum(1) of contents: 16493
Expected last modification: Jan 26 21:01:01 2006
Referenced by the following packages:
SUNWopenssl-commands
Current status: installed
From the above information, I can see the file belongs to the package
SUNWopenssl-commands
. I can get further information on that
package, such as the date the package was installed with the command
pkginfo -l SUNWopenssl-commands
.
# pkginfo -l SUNWopenssl-commands
PKGINST: SUNWopenssl-commands
NAME: OpenSSL Commands (Usr)
CATEGORY: system
ARCH: i386
VERSION: 11.10.0,REV=2005.01.21.16.34
BASEDIR: /
VENDOR: Sun Microsystems, Inc.
DESC: OpenSSL Commands (Use)
PSTAMP: on10-patch-x20060126144406
INSTDATE: Jul 08 2006 23:31
HOTLINE: Please contact your local service provider
STATUS: completely installed
FILES: 5 installed pathnames
3 shared pathnames
3 directories
2 executables
634 blocks used (approx)
References:
-
Solaris find out a package which a file belongs to
nixCraft - Insight Into Linux Admin
Work
[/os/unix/solaris/commands]
permanent link
Sun, Feb 03, 2008 11:08 am
Internet Explorer Shortcut Keys
I use
Furl to save copies of webpages
I've found interesting. Furl creates an online bookmarks or "favorites"
list for you. If you make your Furl archive public, others can also
have access to your links. You also get an online archived copy of the webpage
you've "furled". So if the webpage disappears or the website where it resided
is inaccessible for some other reason the next time you want to view it,
you have a stored copy at Furl.
But sometimes I run into difficulty with multi-page news articles. I don't
want to have to furl each page individually. Some websites offer a "print"
function, so that you can display a copy of all pages of the article at
once to send them to the printer at once. But often, when the window opens
that displays the entire article for printing, I don't see the Internet
Explorer (IE) menubar with "File, Edit, View, Favorites, Tooks, and Help" on it.
The link to furl pages is under "Favorites", so I don't then have access
to that link.
One alternative is to right-click on the "print" version of the webpage,
choose "Properties" and then copy the URL for the webpage, which you can
paste into another IE window with the menubard displayed to access the page.
Another method is to hit the Ctrl and "I" keys simultaneously, which will
bring up the IE Favorites box.
Other IE shortcut keys to view and explore web pages are listed below:
To do this Press this key
----------------------------------------------------------------------
Display Internet Explorer Help or to F1
display context Help about an item in
a dialog box
Toggle between full-screen and other F11
views in the browser
Move forward through the items on a TAB
Web page, the Address box, or the
Links box
Move through the items on a Web page, SHIFT+TAB
the Address box, or the Links box
Go to your Home page ALT+HOME
Go to the next page ALT+RIGHT ARROW
Go to the previous page ALT+LEFT ARROW or BACKSPACE
Display a shortcut menu for a link SHIFT+F10
Move forward between frames CTRL+TAB or F6
Move back between frames SHIFT+CTRL+TAB
Scroll toward the beginning of a UP ARROW
document
Scroll toward the end of a document DOWN ARROW
Scroll toward the beginning of a PAGE UP
document in larger increments
Scroll toward the end of a document PAGE DOWN
in larger increments
Move to the beginning of a document HOME
Move to the end of a document END
Find on this page CTRL+F
Refresh the current Web page F5 or CTRL+R
Refresh the current Web page, even if CTRL+F5
the time stamp for the Web version and
your locally stored version are the same
Stop downloading a page ESC
Go to a new location CTRL+O or CTRL+L
Open a new window CTRL+N
Close the current window CTRL+W
Save the current page CTRL+S
Print the current page or active frame CTRL+P
Activate a selected link ENTER
Open the Search box CTRL+E
Open the Favorites box CTRL+I
Open the History box CTRL+H
In the History or Favorites boxes, CTRL+click
open multiple folders
References:
-
Internet Explorer Keyboard Shortcuts
Article ID : 306832
Last Review : May 7, 2007
Revision : 2.3
Microsoft Help and Support
[/network/web/browser/ie]
permanent link
Fri, Feb 01, 2008 9:41 pm
Removing a Package
Removing a package that has been installed on a Solaris system is handled
by the
pkgrm
command, which must be run from the root account.
E.g.
pkgrm SMCx11vnc
would remove the previously installed
x11vnc
package from a system. The output produced from
running the command appears below.
# pkgrm SMCx11vnc
The following package is currently installed:
SMCx11vnc x11vnc
(sparc) 0.7
Do you want to remove this package? [y,n,?,q] y
## Removing installed package instance <SMCx11vnc>
## Verifying package <SMCx11vnc> dependencies in global zone
## Processing package information.
## Removing pathnames in class <none>
/usr/local/share/x11vnc/classes/index.vnc
/usr/local/share/x11vnc/classes/VncViewer.jar
/usr/local/share/x11vnc/classes
/usr/local/share/x11vnc
/usr/local/share <shared pathname not removed>
/usr/local/man/man1/x11vnc.1
/usr/local/man/man1
/usr/local/man
/usr/local/doc/x11vnc/TODO
/usr/local/doc/x11vnc/README
/usr/local/doc/x11vnc/NEWS
/usr/local/doc/x11vnc/INSTALL
/usr/local/doc/x11vnc/ChangeLog
/usr/local/doc/x11vnc/COPYING
/usr/local/doc/x11vnc/AUTHORS
/usr/local/doc/x11vnc
/usr/local/doc <shared pathname not removed>
/usr/local/bin/x11vnc
/usr/local/bin <shared pathname not removed>
## Updating system information.
Removal of <SMCx11vnc> was successful.
References:
-
Remove a Solaris package with pkgrm
November 28, 2005
tech-recipes - Your cookbook of
tech-tutorials
[/os/unix/solaris/commands]
permanent link
Fri, Feb 01, 2008 8:40 pm
Pkginfo Command
On Solaris systems, the
pkginfo
command can be used to obtain
information on installed packages. It is somewhat aking to the
rpm
and similar commands on Linux systems.
usage:
pkginfo [-q] [-pi] [-x|l] [options] [pkg ...]
pkginfo -d device [-q] [-x|l] [options] [pkg ...]
where
-q #quiet mode
-p #select partially installed packages
-i #select completely installed packages
-x #extracted listing
-l #long listing
-r #relocation base
and options may include:
-c category, [category...]
-a architecture
-v version
If you just issue the command pkginfo
, you will see list of
all of the installed packages on the system with a one-line listing per
package.
# pkginfo
system CADP160 Adaptec Ultra160 SCSI Host Adapter
Driver
application CFWWine WINE
system HPFC Agilent Fibre Channel HBA Driver
system NCRos86r NCR Platform Support, OS Functional
ity (Root)
system SK98sol SysKonnect SK-NET Gigabit Ethernet
Adapter SK-98xx
system SKfp SysKonnect PCI-FDDI Host Adapter
application SMChtdig htdig
<text snipped>
system SUNWzlib The Zip compression library
system SUNWzoner Solaris Zones (Root)
system SUNWzoneu Solaris Zones (Usr)
system SUNWzsh Z shell (zsh)
system SYMhisl Symbios 895A, 896 and 1010 SCSI driver
If you are just interested in a particular package, you can use pkginfo
pkgname
where pkgname
is the relevant package. But you need
to bear in mind that the name assigned to the package may have SUNW
in front of it or may not otherwise be exactly what you expect. E.g., suppose
I want to know whether the zlib
package is installed, because
I want to install some other package that lists the zlib
software
as a dependency. If I use the command pkginfo zlib
, I see the
following:
# pkginfo zlib
ERROR: information for "zlib" was not found
Using pkginfo | grep -i pkgname
will likely be better, unless
you are certain of the package name.
# pkginfo | grep -i zlib
system SUNWzlib The Zip compression library
Now I see the package name for the zlib
package is SUNWzlib
and I could use that command with the pkginfo
command, but
I want see any more information unless I use the -l
option to
get a long listing.
# pkginfo SUNWzlib
system SUNWzlib The Zip compression library
# pkginfo -l SUNWzlib
PKGINST: SUNWzlib
NAME: The Zip compression library
CATEGORY: system
ARCH: i386
VERSION: 11.10.0,REV=2005.01.08.01.09
BASEDIR: /
VENDOR: Sun Microsystems, Inc.
DESC: The Zip compression library
PSTAMP: sfw10-x20050108014620
INSTDATE: Jul 08 2006 23:00
HOTLINE: Please contact your local service provider
STATUS: completely installed
FILES: 13 installed pathnames
4 shared pathnames
4 directories
2 executables
424 blocks used (approx)
The long listing shows me the version of zlib
installed, which
in this case is version 11.10.0. I also see the installation date was
July 8, 2006 at 11:00 P.M.
References:
-
Solaris: list installed packages with pkginfo
November 28, 2005
tech-recipes - Your cookbook of
tech-tutorials
[/os/unix/solaris/commands]
permanent link
Thu, Jan 31, 2008 4:59 pm
Make wget Pretend to Be Internet Explorer
I have a script that I manually run to download a particular webpage based
on a parameter that I submit to the script. The script downloads the
webpage with
wget
then parses the
webpage for specific information and displays only that information.
The script had been running fine until today, but produced an error message
when I ran it today. When I checked the information being retrieved by
wget, I found that instead of the desired webpage, I was getting
"Sorry. This page may not be spidered."
When a browser retrieves a webpage, it sends a set of values to the webserver.
Those values, which are called "headers", include a "user-agent" header
that identifies the browser to the server. E.g. a particular version of
Internet Explorer may identify itself as "Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.0)".
Some websites may use the user-agent header for statistical purposes, e.g.
to determine which browsers are most commonly used to access the website.
Such information may help a web developer tailor the site to the ones most
commonly used to view the site. Or the the website developer can use the
information to tailor its output to the browser being used by a particular
user. E.g., if a browser doesn't support a particular feature used in the
code on the website, the website software can present the viewer with
an alternative webpage.
Wget identifies itself as "wget x.y.z", where x.y.z is the version of wget
in use, e.g. "wget 1.8.2". So, if you retrieve a webpage with wget, the
webserver might see User-Agent: Wget/1.8.2"
as one of the
headers submitted to it by the browser.
In this case the website, where the page resided I wanted to access, was
seeing User-Agent: Wget/1.8.2"
and denying access to the
page. Fortunately, you can use the --user-agent
argument for
wget to specify that wget announce itself to a webserver as any browser
you might wish to emulate.
-U agent-string
--user-agent=agent-string
Identify as agent-string to the HTTP server.
The HTTP protocol allows the clients to identify themselves using a
"User-Agent" header field. This enables distinguishing the WWW
software, usually for statistical purposes or for tracing of proto-
col violations. Wget normally identifies as Wget/version, version
being the current version number of Wget.
However, some sites have been known to impose the policy of tailor-
ing the output according to the "User-Agent"-supplied information.
While conceptually this is not such a bad idea, it has been abused
by servers denying information to clients other than "Mozilla" or
Microsoft "Internet Explorer". This option allows you to change
the "User-Agent" line issued by Wget. Use of this option is dis-
couraged, unless you really know what you are doing.
I had wget pretend to be Internet Explorer by using the command below:
wget --user-agent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" --quiet --output-document=$outfile $url
After editing my script to use the --user-agent
option, the
script was able to download the webpage as before, placing the output
in the file designated by the $outfile
variable in the
script and using the URL I specified as an argument to the script.
References:
-
Masquerading Your Browser
By Eric Giguere
September 19, 2003
Updated October 28, 2004
ericgiguère.com resources
for software developers
[/network/web/tools/wget]
permanent link
Sun, Jan 27, 2008 10:44 pm
Upgrade of Apache From Version 2.0.39 to Version 2.0.59
A scan of a Solaris 7 system found several vulnerabilities for
Apache on the system. Most of them appeared to be due to the version
of Apache on the system not being up-to-date.
I checked the version of Apache running on the system by using telnet
to connect to port 80 and then issuing the
HEAD / HTTP/1.0
command.
# telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Fri, 25 Jan 2008 03:29:30 GMT
Server: Apache/2.0.39 (Unix)
Last-Modified: Thu, 29 Nov 2007 04:39:44 GMT
ETag: "89124-5df-e729c400"
Accept-Ranges: bytes
Content-Length: 1503
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Connection closed by foreign host.
The version was 2.0.39, so it was out-of-date.
You can also check the version with the apachectl
command.
# /usr/local/apache2/bin/apachectl -v
Server version: Apache/2.0.39
Server built: Jun 26 2002 01:03:14
Version 2.0.59 is the current version listed at
Sunfreeware.com -
SPARC/Solaris 7 Packages.
The dependencies statement for Apache 2.0.59 listed libiconv as a
dependency and stated "you may need /usr/local/lib/libgcc_s.so.1 either from
the libgcc-3.3 or gcc-3.3.2 or higher packages." When I checked the version
of gcc
with gcc -v
, I saw it was 3.0.4. So I first
upgraded libiconv
.
I installed
libiconv 1.11 on a Sun SPARC Solaris 7 system. I obtained the package
from Sunfreeware.com -
SPARC/Solaris 7 Packages.
# gunzip libiconv-1.11-sol7-sparc-local.gz
# pkgadd -d libiconv-1.11-sol7-sparc-local
The following packages are available:
1 SMCliconv libiconv
(sparc) 1.11
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: all
Processing package instance <SMCliconv> from </home/jdoe/libiconv-1.11-sol7-sparc-local>
libiconv
(sparc) 1.11
Bruno Haible
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
12 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
/usr/local/bin/iconv
/usr/local/doc/libiconv/ABOUT-NLS
/usr/local/doc/libiconv/AUTHORS
/usr/local/doc/libiconv/COPYING.LIB
/usr/local/doc/libiconv/ChangeLog
/usr/local/doc/libiconv/DESIGN
/usr/local/doc/libiconv/INSTALL.generic
/usr/local/doc/libiconv/NEWS
/usr/local/doc/libiconv/NOTES
/usr/local/doc/libiconv/PORTS
/usr/local/doc/libiconv/README
/usr/local/doc/libiconv/README.djgpp
/usr/local/doc/libiconv/README.os2
/usr/local/doc/libiconv/README.woe32
/usr/local/doc/libiconv/THANKS
/usr/local/include/iconv.h
/usr/local/include/libcharset.h
/usr/local/lib/libcharset.a
/usr/local/lib/libcharset.la
[Hit <RETURN> to continue display]
/usr/local/lib/libcharset.so.1.0.0
/usr/local/lib/libiconv.la
/usr/local/lib/libiconv.so
/usr/local/lib/libiconv.so.2
/usr/local/man/man1/iconv.1
/usr/local/man/man3/iconv.3
/usr/local/man/man3/iconv_close.3
/usr/local/man/man3/iconv_open.3
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
## Checking for setuid/setgid programs.
Installing libiconv as <SMCliconv>
## Installing part 1 of 1.
/usr/local/bin/iconv
/usr/local/doc/libiconv/ABOUT-NLS
/usr/local/doc/libiconv/AUTHORS
/usr/local/doc/libiconv/COPYING.LIB
/usr/local/doc/libiconv/ChangeLog
/usr/local/doc/libiconv/DESIGN
/usr/local/doc/libiconv/INSTALL.generic
/usr/local/doc/libiconv/NEWS
/usr/local/doc/libiconv/NOTES
/usr/local/doc/libiconv/PORTS
/usr/local/doc/libiconv/README
/usr/local/doc/libiconv/README.djgpp
/usr/local/doc/libiconv/README.os2
/usr/local/doc/libiconv/README.woe32
/usr/local/doc/libiconv/THANKS
/usr/local/include/iconv.h
/usr/local/include/libcharset.h
/usr/local/include/localcharset.h
/usr/local/lib/libcharset.a
/usr/local/lib/libcharset.la
/usr/local/lib/libcharset.so.1.0.0
/usr/local/lib/libiconv.la
/usr/local/lib/libiconv.so <symbolic link>
/usr/local/lib/libiconv.so.2 <symbolic link>
/usr/local/lib/libiconv.so.2.4.0
/usr/local/lib/preloadable_libiconv.so
/usr/local/man/man1/iconv.1
/usr/local/man/man3/iconv.3
/usr/local/man/man3/iconv_close.3
/usr/local/man/man3/iconv_open.3
/usr/local/man/man3/iconvctl.3
/usr/local/share/doc/iconv.1.html
/usr/local/share/doc/iconv.3.html
/usr/local/share/doc/iconv_close.3.html
/usr/local/share/doc/iconv_open.3.html
/usr/local/share/doc/iconvctl.3.html
[ verifying class <none> ]
Installation of <SMCliconv> was successful.
Since libintl
was listed as a dependency for
libiconv
, I tried to determine if libintl
on the system was the latest version.
I looked for libiintl files on the system. I found several.
# find / -name libintl\* -print
/usr/lib/sparcv9/libintl.so
/usr/lib/sparcv9/libintl.so.1
/usr/lib/libintl.so
/usr/lib/libintl.so.1
/usr/lib/libintl.a
/usr/include/libintl.h
/usr/share/man/sman4/libintl.4
/usr/local/lib/gcc-lib/sparc-sun-solaris2.7/3.0.4/include/libintl.h
When I looked in /usr/include/libintl.h
, I saw it was version
1.12, so I upgraded libintl to the 3.4.0 version from
Sunfreeware.com -
SPARC/Solaris 7 Packages.
# gunzip libintl-3.4.0-sol7-sparc-local.gz
# pkgadd -d libintl-3.4.0-sol7-sparc-local
The following packages are available:
1 SMClintl libintl
(sparc) 3.4.0
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMClintl> from </home/jdoe/libintl-3.4.0-sol7-sparc-local>
libintl
(sparc) 3.4.0
FSF
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
2 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
Installing libintl as <SMClintl>
## Installing part 1 of 1.
/usr/local/include/libintl.h
/usr/local/lib/libintl.a
/usr/local/lib/libintl.la
/usr/local/lib/libintl.so <symbolic link>
/usr/local/lib/libintl.so.3 <symbolic link>
/usr/local/lib/libintl.so.3.4.0
/usr/local/lib/libintl.so.8 <symbolic link>
/usr/local/lib/libintl.so.8.0.2
[ verifying class <none> ]
Installation of <SMClintl> was successful.
I then upgraded gcc
.
# gunzip gcc-3.4.6-sol7-sparc-local.gz
# pkgadd -d gcc-3.4.6-sol7-sparc-local
The following packages are available:
1 SMCgcc gcc
(sparc) 3.4.6
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMCgcc> from </tmp/testing/gcc-3.4.6-sol7-sparc-local>
gcc
(sparc) 3.4.6
FSF
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
10 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/bin/c++
* /usr/local/bin/cpp
* /usr/local/bin/g++
* /usr/local/bin/g77
* /usr/local/bin/gcc
* /usr/local/bin/gccbug
* /usr/local/bin/gcov
* /usr/local/bin/sparc-sun-solaris2.7-c++
* /usr/local/bin/sparc-sun-solaris2.7-g++
* /usr/local/bin/sparc-sun-solaris2.7-gcc
* /usr/local/info <attribute change only>
* /usr/local/info/cpp.info
* /usr/local/info/cppinternals.info
* /usr/local/info/g77.info
* /usr/local/info/gcc.info
* /usr/local/lib/libgcc_s.so.1
* /usr/local/lib/libiberty.a
* /usr/local/lib/libstdc++.a
* /usr/local/lib/libstdc++.la
[Hit <RETURN> to continue display]
* /usr/local/lib/libsupc++.a
* /usr/local/lib/libsupc++.la
* /usr/local/man/man1/cpp.1
* /usr/local/man/man1/g++.1
* /usr/local/man/man1/g77.1
* /usr/local/man/man1/gcc.1
* /usr/local/man/man1/gcov.1
* /usr/local/man/man7 <attribute change only>
* /usr/local/man/man7/fsf-funding.7
* /usr/local/man/man7/gfdl.7
* /usr/local/man/man7/gpl.7
* /usr/local/share/locale <attribute change only>
* /usr/local/share/locale/be <attribute change only>
* /usr/local/share/locale/be/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/ca <attribute change only>
* /usr/local/share/locale/ca/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/da <attribute change only>
* /usr/local/share/locale/da/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/de <attribute change only>
* /usr/local/share/locale/de/LC_MESSAGES <attribute change only>
[Hit <RETURN< to continue display]
* /usr/local/share/locale/el <attribute change only>
* /usr/local/share/locale/el/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/es <attribute change only>
* /usr/local/share/locale/es/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/fr <attribute change only>
* /usr/local/share/locale/fr/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/ja <attribute change only>
* /usr/local/share/locale/ja/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/nl <attribute change only>
* /usr/local/share/locale/nl/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/sv <attribute change only>
* /usr/local/share/locale/sv/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/tr <attribute change only>
* /usr/local/share/locale/tr/LC_MESSAGES <attribute change only>
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
<text snipped>
/usr/local/share/locale/tr/LC_MESSAGES/gcc.mo
[ verifying class <none> ]
Installation of <SMCgcc> was successful.
I then downloaded the 2.0.59 version of Apache and installed it.
# gunzip apache-2.0.59-sol7-sparc-local.gz
# pkgadd -d apache-2.0.59-sol7-sparc-local
The following packages are available:
1 SMCap2059 apache
(sparc) 2.0.59
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMCap2059> from </home/jdoe/apache-2.0.59-sol7-sparc-local>
apache
(sparc) 2.0.59
The Apache Group
Using </usr/local/apache2> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/apache2/bin <attribute change only>
* /usr/local/apache2/bin/ab
* /usr/local/apache2/bin/apachectl
* /usr/local/apache2/bin/apr-config
* /usr/local/apache2/bin/apu-config
* /usr/local/apache2/bin/apxs
* /usr/local/apache2/bin/checkgid
* /usr/local/apache2/bin/dbmmanage
* /usr/local/apache2/bin/envvars
* /usr/local/apache2/bin/envvars-std
* /usr/local/apache2/bin/htdbm
* /usr/local/apache2/bin/htdigest
* /usr/local/apache2/bin/htpasswd
* /usr/local/apache2/bin/httpd
* /usr/local/apache2/bin/logresolve
* /usr/local/apache2/bin/rotatelogs
* /usr/local/apache2/build <attribute change only>
* /usr/local/apache2/build/config_vars.mk
* /usr/local/apache2/build/instdso.sh
[Hit <RETURN> to continue display]
<text snipped>
* /usr/local/apache2/manual/vhosts/index.html.en
* /usr/local/apache2/manual/vhosts/ip-based.html
* /usr/local/apache2/manual/vhosts/mass.html
* /usr/local/apache2/manual/vhosts/name-based.html
* /usr/local/apache2/manual/vhosts/name-based.html.en
* /usr/local/apache2/modules <attribute change only>
* /usr/local/apache2/modules/httpd.exp
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
[ verifying class <none> ]
Installation of <SMCap2059> was successful.
When I tried to restart Apache to run the new version, I received
the message below:
# ../bin/apachectl restart
Syntax error on line 344 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not included in the server configuration
When I checked what was at line 344, I found Order allow,deny
.
<Directory "/usr/local/apache2/htdocs">
<text snipped>
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
I commented out the "order" and "allow" lines to see what would happen. I
then received an error message concerning the UserDir
command
in httpd.conf.
I checked the compiled-in modules for Apache with httpd -l
and
saw the following:
# ../bin/httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
The order
command requires the mod_access
module
to be loaded in Apache. It was apparently compiled into the previous version
I had running on the system, but it isn't compiled into the current version,
so I added
LoadModule access_module /usr/local/apache2/modules/mod_access.so
to /usr/local/apache2/conf/httpd.conf
.
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule access_module /usr/local/apache2/modules/mod_access.so
Note: the location of mod_access.so
and other modules
may be in a different location on other systems, e.g. under Linux it may be at
/etc/httpd/modules/mod_access.so
. I also discovered later
that I should have put LoadModule auth_module
/usr/local/apache2/modules/mod_auth.so
in as well to address
this error as shown at
Adding Modules to httpd.conf With Apache 2.
When I added the mod_access.so
line and ran apachectl
restart
, I then received the error message below:
# ../bin/apachectl restart
Syntax error on line 354 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'UserDir', perhaps mis-spelled or defined by a module not
included in the server configuration
I then added the line LoadModule userdir_module
/usr/local/apache2/modules/mod_userdir.so
below the
LoadModule access_module /usr/local/apache2/modules/mod_access.so
line in httpd.conf
. That eliminated the error related to the
UserDir
command, but I then saw another module related error
message.
# ../bin/apachectl restart
Syntax error on line 382 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'DirectoryIndex', perhaps mis-spelled or defined by a module not included in the server configuration
I added LoadModule dir_module /usr/local/apache2/modules/mod_dir.so
beneath the other LoadModule
statements and reran
apacectl restart
. The error message for DirectoryIndex
was eliminated and I got further in the configuration file, but I received
another error message when I restarted Apache.
# ../bin/apachectl restart
Syntax error on line 403 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'TypesConfig', perhaps mis-spelled or defined by a module not included in the server configuration
So I then added LoadModule mime_module
/usr/local/apache2/modules/mod_mime.so
and attempted again to restart
Apache. The next error message is shown below.
# ../bin/apachectl restart
Syntax error on line 456 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'LogFormat', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule log_config_module
/usr/local/apache2/modules/mod_log_config.so
. When I attempted to
restart Apache, I then saw the message below.
# ../bin/apachectl restart
Syntax error on line 506 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Alias', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule alias_module
/usr/local/apache2/modules/mod_alias.so
, which led to the next
error message.
# ../bin/apachectl restart
Syntax error on line 576 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'IndexOptions', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule autoindex_module
/usr/local/apache2/modules/mod_audoindex.so
and attempted to restart
Apache again.
# ../bin/apachectl restart
Syntax error on line 724 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'LanguagePriority', perhaps mis-spelled or defined by a module not included in the server configuration
I added LoadModule negotiation_module
/usr/local/apache2/modules/mod_negotiation.so
to address that error.
# ../bin/apachectl restart
Syntax error on line 908 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'BrowserMatch', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule setenvif_module
/usr/local/apache2/modules/mod_setevnif.so
and attempted to restart
again with apachectl restart
. At last it restarted without an
error message. Yeah! Except when I tried telnet 1270.0.1 80
to
connect to the default HTTP port on the local loopback address, it failed.
# telnet 127.0.0.1 80
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
When I looked in /usr/local/apache2/logs/error_log
, I saw the
following:
[Sun Jan 27 22:09:30 2008] [notice] SIGHUP received. Attempting to restart
Syntax error on line 219 of /usr/local/apache2/conf/httpd.conf:
module access_module is built-in and can't be loaded
So I removed LoadModule access_module
/usr/local/apache2/modules/mod_access.so
from httpd.conf
.
But then I got the Invalid command 'Order'
error message again.
# ../bin/apachectl restart
Syntax error on line 352 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not included in the server configuration
I put LoadModule access_module
/usr/local/apache2/modules/mod_access.so
and added LoadModule auth_module
/usr/local/apache2/modules/mod_auth.so
below it.
# ../bin/apachectl restart
httpd not running, trying to start
I tried connecting to port 80 on the loopback address again. This time
I was successful. I entered the command HEAD / HTTP/1.0
and
hit return a couple of times. Apache then responded with information showing
me that version 2.0.59 was running at last.
I now have the following module section in httpd.conf
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule access_module /usr/local/apache2/modules/mod_access.so
LoadModule auth_module /usr/local/apache2/modules/mod_auth.so
LoadModule userdir_module /usr/local/apache2/modules/mod_userdir.so
LoadModule dir_module /usr/local/apache2/modules/mod_dir.so
LoadModule mime_module /usr/local/apache2/modules/mod_mime.so
LoadModule log_config_module /usr/local/apache2/modules/mod_log_config.so
LoadModule alias_module /usr/local/apache2/modules/mod_alias.so
LoadModule autoindex_module /usr/local/apache2/modules/mod_autoindex.so
LoadModule negotiation_module /usr/local/apache2/modules/mod_negotiation.so
LoadModule setenvif_module /usr/local/apache2/modules/mod_setenvif.so
References:
-
Adding Modules to httpd.conf With Apache 2
Posted:2005-03-01
Network Administration Tools: GNU/Linux, Windows 2003, Windows 2000, NT, and
more...
[/os/unix/solaris/network]
permanent link
Sun, Jan 27, 2008 7:00 pm
Installing RealVNC 4.1.2 under Windows
I installed the free edition of
RealVNC
4.1.2 on a Windows XP system.
Windows
Defender 1.1.1593 was installed on the system and popped up a warning
when I started the installation of RealVNC.
To get Windows Defender to accept RealVNC, select "always allow" for
the action and then click on "Apply Actions".
When you are configuring RealVNC during installation, under the
Connections tab in RealVNC, you can set the ports or retain the
default ports that will be used for listening for connections, if
you are installing the server portion of the software so you
can connect remotely to the system you are installing it on. The
default values are shown below:
Accept connections on port: 5900
Disconnect idle clients after (seconds): 3600
Serve Java viewer via HTTP on port: 5800
Under Access Control in the Connections section, you
can check "Only accept connections from the local machine", if you wnat
to require access to be through an SSH connection.
If you install the server portion of the software to run as a service
on the Windows system, but don't want it to start automatically, click
on the Windows Start button, select Run and type
services.msc
. Find "VNC Server Version 4" within the services
list, double-click on it and change the startup type from "automatic" to
"manual", then click on OK.
References:
-
Malicious Software Encyclopedia: RemoteAccess:Win32/RealVNC
Published: September 12, 2006
Microsoft Corporation
[/os/windows/software/remote-control/vnc]
permanent link
Sun, Jan 27, 2008 6:01 pm
mshta.exe
The file
mshta.exe
in
c:\windwows\system32
is part of the Windows operating system. Known file sizes on Windows
XP are 29184 bytes, 30720 bytes, 45568 bytes,
24064 bytes, and 26624 bytes. The description assigned to it by Microsoft is
"Microsoft HTML Application Host". The program is needed to execute
.HTA (Hypertext
Application) files, which allow applications to be run from HTML
documents.
On a Windows XP Tablet PC Edition system with Service Pack 2 installed,
I see the following information for the file when I right-click on it
and select Properties:
Size: | 44.5 KB (45,568 bytes) |
Created: | Thursday, August 23, 2001, 7:00:00 AM |
Modified: | Monday, August 13, 2007, 6:32:30 PM |
File version: | 7.0.5730.13 |
At
Introduction to HTML Applications (HTAs), Microsoft states
the the following in regards to why someone would use HTAs:
Historically, programming languages like C++ and Microsoft Visual Basic have
provided the object models and access to system resources that developers
demand. With HTAs, Dynamic HTML (DHTML) with script can be added to that list.
HTAs not only support everything a Web page does - namely HTML, Cascading Style
Sheets (CSS), scripting languages, and behaviors - but also HTA-specific
functionality. This added functionality provides control over user interface
design and access to the client system. Moreover, run as trusted applications,
HTAs are not subject to the same security constraints as Web pages. As with any
executable file, the user is asked once, before the HTA is downloaded, whether
to save or run the application; if saved to the client machine, it simply runs
on demand thereafter. The end result is that an HTA runs like any executable
(.exe) written in C++ or Visual Basic.
The .HTA file type can become infected by malware. It is important to
note that, as fully trusted applications, HTAs can carry out actions that
Internet Explorer would never permit in a Web page. Microsoft also states
"In HTAs, the restrictions against allowing script to manipulate the client
machine are lifted. For example, all command codes are supported without
scripting limitations (see
command
id). And HTAs have read/write access to the files and system registry on
the client machine."
Execution of .HTA files by mshta.exe can be debugged with the Microsoft
Script Editor, MSE7.exe
.
References:
-
mshta.exe
Windows process - What is it?
file.net
-
mshta.exe - mshta - Process Information
Uniblue™ ProcessLibrary™
-
File Extension .HTA Details
FILExt - The File Extension Source
-
.HTA File Extension
FileInfo.net
-
Introduction to HTML Applications (HTAs) - Windows Internet Explorer
Microsoft
Developer Network
[/os/windows/processes]
permanent link
Mon, Jan 21, 2008 10:47 pm
Generating a New Encryption Key with BlackBerry Desktop Manager
If you get the message "Current Encryption Key is out of date. A new
encryption key will have to be generated.", when attempting to synchronize
your BlackBerry with the BlackBerry Desktop Manager you must generate
a new encryption key.
Messages are encrypted prior to being sent between the BlackBerry Desktop
Manager software and your BlackBerry. The encryption key for the BlackBerry
Desktop Manager and the BlackBerry's own encryption key must match in order
for messages to be decrypted at the receiving end. Encryption keys can
be manually or automatically generated.
If you are using the BlackBerry Desktop Manager for synchronization, take the
following steps to generate a new encryption key:
- Connect the BlackBerry device to the computer.
- In BlackBerry Desktop Manager, double-click
Redirector Settings.
- In the Redirector Settings window, click the
Security tab.
- Select Generate keys manually, then
click Generate. The Generating New Key window will appear.
- Move the mouse around until the Generating
New Key window closes. The random mouse movements help randomize the
encryption key. When the window closes, a new encryption key has been generated.
- If you want to be prompted to generate a new
encryption key every 31 days, select Generate keys automatically.
- Click Apply, then click OK.
References:
-
Encryption keys
Doc ID : KB00171
Last Modified : 2007-03-22
Research In Motion Limited
-
Generate a new encryption key
Doc ID : KB02740
Last Modified : 2007-06-07
Research In Motion Limited
[/network/email/blackberry]
permanent link
Tue, Jan 15, 2008 8:41 pm
Moving WinAmp Playlists from One Computer to Another
WinAmp 5.51 stores its playlists in its
Plugins\ml
directory, which will usually be
C:\Program Files\Winamp\Plugins\ml
. The individual playlists
will be in
.m3u8
files with names like
plfxxxx.m3u8
and
plfE454.m3u8
where
xxxx
is a combination of letters and numbers, e.g.
plf7501.m3u8
. The mapping between the name you give the list
and those names is in a
playlists.xml
file in the same directory.
Sample Playlists.Xml File
<?xml version="1.0" encoding="UTF-16"?>
<playlists playlists="2">
<playlist filename="plfE454.m3u8" title="Xmas - Hilary Duff - Santa Claus Lane" id="{C0112AC9-0575-422F-B216-9A104962C563}" songs="11" seconds="2200"/>
<playlist filename="plf7501.m3u8" title="Xmas - The Time-Life Treasury Of Christmas" id="{3463FBFD-C77E-44BD-BC13-6044D2E6BEE7}" songs="45" seconds="8327"/>
</playlists>
So, if you want to copy your playlists from one system to another, copy
the .m3u8
files and the playlists.xml
files from
the first system to the second system.
But what if the music files, e.g. your .mp3 files, are not in the same directory
on the second system as the first system? Then you will need to edit each
.m3u8
file and update the reference to the actual location
of the music files. E.g. if the files were on drive C:\MP3s
on the
first system, but drive D:\MP3s
on the second system, you will
need to do a global search and replace on C:\MP3s
substituting
D:\MP3s
for it. You can use any text editor, such as
Notepad
, which comes with Windows, since the .m3u8
files are just text files.
References:
-
Lost playlist
Posted on July 30, 2006
WINAMP.COM | Forums
[/os/windows/software/audio/winamp]
permanent link
Thu, Jan 10, 2008 3:45 pm
Changing the Background Color for a Table in Microsoft Word 2000
To change the background color in a table in Microsoft Word 2000,
take the following steps:
- Right-click somewhere in the table.
- Choose Table Properties.
- Click on the Borders and Shading button.
- Select the color you want for the table's background under
Fill.
- Click on OK.
- Click on OK again.
If you want to change the background color for just one cell in the table,
take the same steps as above, but before you click on OK after
selecting the fill color, change the value in the Apply to field
from "table" to "cell".
If you want to change the background color for an entire row in the table,
the steps are basically the same, but you need to highlight all the cells
in the row before selecting Table Properties.
- Right-click somewhere in the table.
- Choose Table Properties.
- Click on the Table tab.
- Click on the Borders and Shading button.
- Select the color you want for the table's background under
Fill.
- Click on OK.
- Click on OK again.
[/os/windows/office/word]
permanent link
Wed, Jan 09, 2008 10:10 pm
Unable to Backup HP Laptop with Ghost 2003
When I attempted to backup the hard drive in an HP laptop with
Norton Ghost 2003, I received the following error message:
Error |
There is no valid Source Drive to choose (11032)
OK
|
I tried another Norton Ghost 2003 boot diskette, but had the same results.
I then tried a PartImage Is Not Ghost
(PING) boot CD. During the boot process I saw the following:
ata1: port is slow to respond, please be patient (Status 0x80)
ata1: softreset failed (device not ready)
PING dropped me to a shell prompt, since that was the option I picked for
when it completed, without giving me a chance to start the backup. I powered
the system off and on and rebooted. I did not see the messages noted above
then and I was able to backup the system to an external USB disk drive.
I then tried again with a Norton Ghost 2003. This time Norton Ghost saw
the drive, but when I attempted to backup the drive, I received the
error below:
Application Error 29089 |
Write to image failed
If this problem persists, contact Symantec Technical Support
at http://service.symantec.com
OK
|
I tried again with a boot diskette that I had created using the Norton Ghost
Boot Wizard just a couple of days ago, since the first time I used a boot
CD that I had created a couple of years ago. The results were the same, however.
The next night I backed up the system with PING again and, afterwards,
tried a Norton Ghost 2003 boot disc with the USB 1.1 drivers provided
by Symantec with Ghost 2003.
Part | Type | ID | Description |
Volume Label | Size in MB | Data Size in MB |
1 | Primary | 07 |
NTFS | No name |
76316 | 14802 |
| | | |
Free | 2 | |
|
| | | |
Total | 76319 |
14802 |
This time I saw the error message "File Name ? (546)".
When I clicked on OK, I saw the message below:
Internal Error 36000 |
An internal inconsistency has been detected
If this problem persists, contact Symantec Technical Support
at http://service.symantec.com
OK
|
When I was dropped to a command prompt, though, I saw the following:
ABORT: 29089, Write to image file failed
ABORT: 36000, A GeneralException occurred
[/os/windows/utilities/backup/ghost]
permanent link
Wed, Jan 09, 2008 8:11 pm
Determining Version of a PDF File
If you examine the contents in the first few byes of a
PDF file, you
will see the PDF format version listed. E.g. you will see something such
as the following:
Hex: 25 50 44 46 2D 31 2E
ASCII: %PDF-1.
The bytes shown might be %PDF-1.4
(Hex 25 50 44 46 2D 31 2E
34), if the version is 1.4.
But there are cases where the information in the first few bytes of the
file can be overridden by information appearing later in the file. Derek
Clegg states at
Re: How do you determine PDF version that "The version of a PDF file
isn't solely determined by the first few bytes of the PDF; in PDF 1.4 and
later, the version specified at the start of the PDF file can be overridden by
a / Version entry in the document's catalog. (See section 3.4.1 of the PDF 1.5
specification for more info.) This is why Quartz PDF files always start with
%PDF-1.3 but may, in fact, be PDF 1.4 or later."
The PDF version number determines features incorporated into the format. For
instance version 1.4 was the first first to support transparency and
metadata. Some older PDF viewers may not be able to view PDF files written
in a newer PDF format. A listing of versions and features is available at
Create better PDFs by understanding the formats.
On a Unix or Linux system, you can use the od
command to view
the first few bytes of a PDF file.
# od -c -N 10 EBIA_ERISA_3rdQtr2007.pdf
0000000 % P D F - 1 . 4 \n %
0000012
The \n
that appears after the "1.4" is just a newline character.
Though Windows doesn't come with a hexadecimal editor, there are free
hexadecimal editors available for Windows systems as well that
will allow you to view those first few bytes in the PDF file.
References:
-
PDF Developer Center: PDF reference
Adobe Systems Incorporated
-
Re: How do you determine PDF version?
By: Derek Clegg
Date: February 21, 2006
Apple Mailing Lists
-
Create better PDFs by understanding the formats
By James Dempsey
December 14, 2006
Creative Guy
[/software/file_formats/pdf]
permanent link
Tue, Jan 08, 2008 4:16 pm
Removing Windows Messenger 4.7
I used the
Windows Update function in Internet Explorer on a
Windows XP system to check for patches for a laptop. Including optional
hardware and software patches, there were 63 available. I chose to
download and install them all. Windows Messenger 4.7 was among those
available; I hadn't paid attention to the fact it was among those to
be installed. It was the first one installed. I saw a Windows Firewall
notice pop up asking me whether I wanted to continue to block Windows
Messenger. I did, but the system gave me a Blue Screen of Death (BSOD)
when I attempted to block it.
When the system rebooted, Windows Messenger 4.7 opened. I didn't want
the software on this laptop anyway. So I opened the Control Panel
(Click on Start, select Settings, then Control
Panel). Under Add or Remove Programs in the Control Panel,
I chose Add/Remove Windows Components. Windows Messenger was
unchecked and had a size of 0.0 MB listed, so I couldn.t uninstall it
that way. I was able to remove it using the steps below, however:
- Close Messenger if it is running. If you see an icon for it
at the lower-right hand corner of your screen, right-click on it
and choose Exit.
- Click on the Start button.
- Select Run.
- In the Open field of the window that appears, copy and
paste
RunDll32 advpack.dll,LaunchINFSection
%windir%\INF\msmsgs.inf,BLC.Remove
- When you see the confirmation prompt below, choose "Yes"
after closing any of the referenced programs, if they are open.
To remove Messenger, you must first exit from it: Click the Messenger
icon in the taskbar, then Exit. Please also close all other programs
that display your contact list (for example, Internet Explorer, Outlook,
Outlook Express, MSN Explorer). Make sure to close programs for all users
signed in to this computer. Do you want to continue?
You will see a notice appear stating Windows Messenger has been removed
when the uninstall process completes.
If you don't want to remove Windows Messenger 4.7, but just want to
stop it from running automatically when you login to a system, instead
of following the procedure above, open Windows Messenger and take the
following steps:
- Click on Tools.
- Select Options.
- Click on the Preferences tab.
- Uncheck "Run this program when Windows starts".
- Click on OK.
References:
-
How to remove Windows Messenger 4.7 permanently
By
Darrell Norton
Posted: March 10, 2004
Darrell Norton's Blog
-
How do I get rid of Messenger 4.7?
By Leo Notenbom
Posted: May 28, 2004
Ask Leo! Tech Questions? Get Answers!
[/network/chat]
permanent link
Tue, Jan 08, 2008 12:18 pm
AntiVirus Reconnaissance
In analyzing the backend code associated with the
Pushdo Trojan downloader, security guru Joe Stewart found that
the malware being distributed would log the hard drive serial number on a
victim's computer. He speculates that perhaps the malware is checking the
hard drive serial number in order to check whether it is running on a
Virtual Machine (VM).
If the malware logs the same serial number for what would otherwise appear
to be separate machines, then it is likely that it is running on a VM.
Since antivirus companies use VM's to analyze malware in controlled
environments, the knowledge that the malware is running on a VM might be of
interest to the malware developer or distributor for that reason.
Some malware attempts to kill or disable antivirus software processes.
Pushdo does not. It merely reports back to its controlling server on
which antivirus software it has detected on the victim's sysetm. Pushdo
compares all of the processes running on the sysetm with its own list of
antivirus and personal firewall process names and then provides a report
to its controller listing the ones it has found.
In checking the Pushdo controller server, Stewart found malware samples
with rootkit
characteristics, which allow malware to hide from antivirus
and antispyware software, and also evidence of a spam
botnet.
References:
-
Inside a Modern Malware Distribution System
By Ryan Naraine
December 21, 2007
eWeek.com
[/security/malware]
permanent link
Tue, Jan 08, 2008 9:50 am
Internet Usage Statistics
If you want to see statistics on Internet usage for various parts of the
world, check
Internet Usage
World Status - Internet and Population Statistics, a
"website featuring up to date world Internet Usage, Population Statistics and
Internet Market Research Data, for over 233 individual countries and world
regions."
[/network/Internet]
permanent link
Mon, Jan 07, 2008 11:20 pm
Folders Could Not Be Opened
On a Windows XP system that was in a domain using a Microsoft Exchange
server, whenever a user attempted to use Outlook 2003, Outlook would
start to open then crash. The error message displayed was "the set of folders
could not be opened." I confirmed that the user's Outlook
.ost file still existed
and that the user had appropriate access permissions. I also ran the
scanost
utility that Microsoft provides with Office to verify
the integrity of the user's OST file. It did not find any problems with the
file. I found the problem was on the Exchange server. The mail store was
not loaded due to inconsistencies in it after a system crash. When I repaired
the mail store and the Exchange server was running properly again, the user
was able to open Outlook normally.
I don't know why this problem only occurred on this user's system. Outlook
2003 opened normally on other users' systems. They were not able to access
email on the Exchange server and Outlook indicated they were disconnected
from the Exchange server, but they were at least able to access email,
contacts, etc. that were stored in their OST offline storage files.
References:
-
Repair an .ost or .pst file in Outlook
Office Online Home Page
-
Repairing Outlook PST File Corruption at 2 GB Limit
MoonPoint Support
-
Using ScanOST to Repair OST Files
MoonPoint Support
[/network/email/clients/outlook]
permanent link
Privacy Policy
Contact