←January→
Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
|
|
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
|
|
|
|
Thu, Jan 31, 2008 4:59 pm
Make wget Pretend to Be Internet Explorer
I have a script that I manually run to download a particular webpage based
on a parameter that I submit to the script. The script downloads the
webpage with
wget
then parses the
webpage for specific information and displays only that information.
The script had been running fine until today, but produced an error message
when I ran it today. When I checked the information being retrieved by
wget, I found that instead of the desired webpage, I was getting
"Sorry. This page may not be spidered."
When a browser retrieves a webpage, it sends a set of values to the webserver.
Those values, which are called "headers", include a "user-agent" header
that identifies the browser to the server. E.g. a particular version of
Internet Explorer may identify itself as "Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.0)".
Some websites may use the user-agent header for statistical purposes, e.g.
to determine which browsers are most commonly used to access the website.
Such information may help a web developer tailor the site to the ones most
commonly used to view the site. Or the the website developer can use the
information to tailor its output to the browser being used by a particular
user. E.g., if a browser doesn't support a particular feature used in the
code on the website, the website software can present the viewer with
an alternative webpage.
Wget identifies itself as "wget x.y.z", where x.y.z is the version of wget
in use, e.g. "wget 1.8.2". So, if you retrieve a webpage with wget, the
webserver might see User-Agent: Wget/1.8.2"
as one of the
headers submitted to it by the browser.
In this case the website, where the page resided I wanted to access, was
seeing User-Agent: Wget/1.8.2"
and denying access to the
page. Fortunately, you can use the --user-agent
argument for
wget to specify that wget announce itself to a webserver as any browser
you might wish to emulate.
-U agent-string
--user-agent=agent-string
Identify as agent-string to the HTTP server.
The HTTP protocol allows the clients to identify themselves using a
"User-Agent" header field. This enables distinguishing the WWW
software, usually for statistical purposes or for tracing of proto-
col violations. Wget normally identifies as Wget/version, version
being the current version number of Wget.
However, some sites have been known to impose the policy of tailor-
ing the output according to the "User-Agent"-supplied information.
While conceptually this is not such a bad idea, it has been abused
by servers denying information to clients other than "Mozilla" or
Microsoft "Internet Explorer". This option allows you to change
the "User-Agent" line issued by Wget. Use of this option is dis-
couraged, unless you really know what you are doing.
I had wget pretend to be Internet Explorer by using the command below:
wget --user-agent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" --quiet --output-document=$outfile $url
After editing my script to use the --user-agent
option, the
script was able to download the webpage as before, placing the output
in the file designated by the $outfile
variable in the
script and using the URL I specified as an argument to the script.
References:
-
Masquerading Your Browser
By Eric Giguere
September 19, 2003
Updated October 28, 2004
ericgiguère.com resources
for software developers
[/network/web/tools/wget]
permanent link
Sun, Jan 27, 2008 10:44 pm
Upgrade of Apache From Version 2.0.39 to Version 2.0.59
A scan of a Solaris 7 system found several vulnerabilities for
Apache on the system. Most of them appeared to be due to the version
of Apache on the system not being up-to-date.
I checked the version of Apache running on the system by using telnet
to connect to port 80 and then issuing the
HEAD / HTTP/1.0
command.
# telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Fri, 25 Jan 2008 03:29:30 GMT
Server: Apache/2.0.39 (Unix)
Last-Modified: Thu, 29 Nov 2007 04:39:44 GMT
ETag: "89124-5df-e729c400"
Accept-Ranges: bytes
Content-Length: 1503
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Connection closed by foreign host.
The version was 2.0.39, so it was out-of-date.
You can also check the version with the apachectl
command.
# /usr/local/apache2/bin/apachectl -v
Server version: Apache/2.0.39
Server built: Jun 26 2002 01:03:14
Version 2.0.59 is the current version listed at
Sunfreeware.com -
SPARC/Solaris 7 Packages.
The dependencies statement for Apache 2.0.59 listed libiconv as a
dependency and stated "you may need /usr/local/lib/libgcc_s.so.1 either from
the libgcc-3.3 or gcc-3.3.2 or higher packages." When I checked the version
of gcc
with gcc -v
, I saw it was 3.0.4. So I first
upgraded libiconv
.
I installed
libiconv 1.11 on a Sun SPARC Solaris 7 system. I obtained the package
from Sunfreeware.com -
SPARC/Solaris 7 Packages.
# gunzip libiconv-1.11-sol7-sparc-local.gz
# pkgadd -d libiconv-1.11-sol7-sparc-local
The following packages are available:
1 SMCliconv libiconv
(sparc) 1.11
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: all
Processing package instance <SMCliconv> from </home/jdoe/libiconv-1.11-sol7-sparc-local>
libiconv
(sparc) 1.11
Bruno Haible
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
12 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
/usr/local/bin/iconv
/usr/local/doc/libiconv/ABOUT-NLS
/usr/local/doc/libiconv/AUTHORS
/usr/local/doc/libiconv/COPYING.LIB
/usr/local/doc/libiconv/ChangeLog
/usr/local/doc/libiconv/DESIGN
/usr/local/doc/libiconv/INSTALL.generic
/usr/local/doc/libiconv/NEWS
/usr/local/doc/libiconv/NOTES
/usr/local/doc/libiconv/PORTS
/usr/local/doc/libiconv/README
/usr/local/doc/libiconv/README.djgpp
/usr/local/doc/libiconv/README.os2
/usr/local/doc/libiconv/README.woe32
/usr/local/doc/libiconv/THANKS
/usr/local/include/iconv.h
/usr/local/include/libcharset.h
/usr/local/lib/libcharset.a
/usr/local/lib/libcharset.la
[Hit <RETURN> to continue display]
/usr/local/lib/libcharset.so.1.0.0
/usr/local/lib/libiconv.la
/usr/local/lib/libiconv.so
/usr/local/lib/libiconv.so.2
/usr/local/man/man1/iconv.1
/usr/local/man/man3/iconv.3
/usr/local/man/man3/iconv_close.3
/usr/local/man/man3/iconv_open.3
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
## Checking for setuid/setgid programs.
Installing libiconv as <SMCliconv>
## Installing part 1 of 1.
/usr/local/bin/iconv
/usr/local/doc/libiconv/ABOUT-NLS
/usr/local/doc/libiconv/AUTHORS
/usr/local/doc/libiconv/COPYING.LIB
/usr/local/doc/libiconv/ChangeLog
/usr/local/doc/libiconv/DESIGN
/usr/local/doc/libiconv/INSTALL.generic
/usr/local/doc/libiconv/NEWS
/usr/local/doc/libiconv/NOTES
/usr/local/doc/libiconv/PORTS
/usr/local/doc/libiconv/README
/usr/local/doc/libiconv/README.djgpp
/usr/local/doc/libiconv/README.os2
/usr/local/doc/libiconv/README.woe32
/usr/local/doc/libiconv/THANKS
/usr/local/include/iconv.h
/usr/local/include/libcharset.h
/usr/local/include/localcharset.h
/usr/local/lib/libcharset.a
/usr/local/lib/libcharset.la
/usr/local/lib/libcharset.so.1.0.0
/usr/local/lib/libiconv.la
/usr/local/lib/libiconv.so <symbolic link>
/usr/local/lib/libiconv.so.2 <symbolic link>
/usr/local/lib/libiconv.so.2.4.0
/usr/local/lib/preloadable_libiconv.so
/usr/local/man/man1/iconv.1
/usr/local/man/man3/iconv.3
/usr/local/man/man3/iconv_close.3
/usr/local/man/man3/iconv_open.3
/usr/local/man/man3/iconvctl.3
/usr/local/share/doc/iconv.1.html
/usr/local/share/doc/iconv.3.html
/usr/local/share/doc/iconv_close.3.html
/usr/local/share/doc/iconv_open.3.html
/usr/local/share/doc/iconvctl.3.html
[ verifying class <none> ]
Installation of <SMCliconv> was successful.
Since libintl
was listed as a dependency for
libiconv
, I tried to determine if libintl
on the system was the latest version.
I looked for libiintl files on the system. I found several.
# find / -name libintl\* -print
/usr/lib/sparcv9/libintl.so
/usr/lib/sparcv9/libintl.so.1
/usr/lib/libintl.so
/usr/lib/libintl.so.1
/usr/lib/libintl.a
/usr/include/libintl.h
/usr/share/man/sman4/libintl.4
/usr/local/lib/gcc-lib/sparc-sun-solaris2.7/3.0.4/include/libintl.h
When I looked in /usr/include/libintl.h
, I saw it was version
1.12, so I upgraded libintl to the 3.4.0 version from
Sunfreeware.com -
SPARC/Solaris 7 Packages.
# gunzip libintl-3.4.0-sol7-sparc-local.gz
# pkgadd -d libintl-3.4.0-sol7-sparc-local
The following packages are available:
1 SMClintl libintl
(sparc) 3.4.0
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMClintl> from </home/jdoe/libintl-3.4.0-sol7-sparc-local>
libintl
(sparc) 3.4.0
FSF
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
2 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
Installing libintl as <SMClintl>
## Installing part 1 of 1.
/usr/local/include/libintl.h
/usr/local/lib/libintl.a
/usr/local/lib/libintl.la
/usr/local/lib/libintl.so <symbolic link>
/usr/local/lib/libintl.so.3 <symbolic link>
/usr/local/lib/libintl.so.3.4.0
/usr/local/lib/libintl.so.8 <symbolic link>
/usr/local/lib/libintl.so.8.0.2
[ verifying class <none> ]
Installation of <SMClintl> was successful.
I then upgraded gcc
.
# gunzip gcc-3.4.6-sol7-sparc-local.gz
# pkgadd -d gcc-3.4.6-sol7-sparc-local
The following packages are available:
1 SMCgcc gcc
(sparc) 3.4.6
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMCgcc> from </tmp/testing/gcc-3.4.6-sol7-sparc-local>
gcc
(sparc) 3.4.6
FSF
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
10 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/bin/c++
* /usr/local/bin/cpp
* /usr/local/bin/g++
* /usr/local/bin/g77
* /usr/local/bin/gcc
* /usr/local/bin/gccbug
* /usr/local/bin/gcov
* /usr/local/bin/sparc-sun-solaris2.7-c++
* /usr/local/bin/sparc-sun-solaris2.7-g++
* /usr/local/bin/sparc-sun-solaris2.7-gcc
* /usr/local/info <attribute change only>
* /usr/local/info/cpp.info
* /usr/local/info/cppinternals.info
* /usr/local/info/g77.info
* /usr/local/info/gcc.info
* /usr/local/lib/libgcc_s.so.1
* /usr/local/lib/libiberty.a
* /usr/local/lib/libstdc++.a
* /usr/local/lib/libstdc++.la
[Hit <RETURN> to continue display]
* /usr/local/lib/libsupc++.a
* /usr/local/lib/libsupc++.la
* /usr/local/man/man1/cpp.1
* /usr/local/man/man1/g++.1
* /usr/local/man/man1/g77.1
* /usr/local/man/man1/gcc.1
* /usr/local/man/man1/gcov.1
* /usr/local/man/man7 <attribute change only>
* /usr/local/man/man7/fsf-funding.7
* /usr/local/man/man7/gfdl.7
* /usr/local/man/man7/gpl.7
* /usr/local/share/locale <attribute change only>
* /usr/local/share/locale/be <attribute change only>
* /usr/local/share/locale/be/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/ca <attribute change only>
* /usr/local/share/locale/ca/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/da <attribute change only>
* /usr/local/share/locale/da/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/de <attribute change only>
* /usr/local/share/locale/de/LC_MESSAGES <attribute change only>
[Hit <RETURN< to continue display]
* /usr/local/share/locale/el <attribute change only>
* /usr/local/share/locale/el/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/es <attribute change only>
* /usr/local/share/locale/es/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/fr <attribute change only>
* /usr/local/share/locale/fr/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/ja <attribute change only>
* /usr/local/share/locale/ja/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/nl <attribute change only>
* /usr/local/share/locale/nl/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/sv <attribute change only>
* /usr/local/share/locale/sv/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/tr <attribute change only>
* /usr/local/share/locale/tr/LC_MESSAGES <attribute change only>
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
<text snipped>
/usr/local/share/locale/tr/LC_MESSAGES/gcc.mo
[ verifying class <none> ]
Installation of <SMCgcc> was successful.
I then downloaded the 2.0.59 version of Apache and installed it.
# gunzip apache-2.0.59-sol7-sparc-local.gz
# pkgadd -d apache-2.0.59-sol7-sparc-local
The following packages are available:
1 SMCap2059 apache
(sparc) 2.0.59
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMCap2059> from </home/jdoe/apache-2.0.59-sol7-sparc-local>
apache
(sparc) 2.0.59
The Apache Group
Using </usr/local/apache2> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/apache2/bin <attribute change only>
* /usr/local/apache2/bin/ab
* /usr/local/apache2/bin/apachectl
* /usr/local/apache2/bin/apr-config
* /usr/local/apache2/bin/apu-config
* /usr/local/apache2/bin/apxs
* /usr/local/apache2/bin/checkgid
* /usr/local/apache2/bin/dbmmanage
* /usr/local/apache2/bin/envvars
* /usr/local/apache2/bin/envvars-std
* /usr/local/apache2/bin/htdbm
* /usr/local/apache2/bin/htdigest
* /usr/local/apache2/bin/htpasswd
* /usr/local/apache2/bin/httpd
* /usr/local/apache2/bin/logresolve
* /usr/local/apache2/bin/rotatelogs
* /usr/local/apache2/build <attribute change only>
* /usr/local/apache2/build/config_vars.mk
* /usr/local/apache2/build/instdso.sh
[Hit <RETURN> to continue display]
<text snipped>
* /usr/local/apache2/manual/vhosts/index.html.en
* /usr/local/apache2/manual/vhosts/ip-based.html
* /usr/local/apache2/manual/vhosts/mass.html
* /usr/local/apache2/manual/vhosts/name-based.html
* /usr/local/apache2/manual/vhosts/name-based.html.en
* /usr/local/apache2/modules <attribute change only>
* /usr/local/apache2/modules/httpd.exp
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
[ verifying class <none> ]
Installation of <SMCap2059> was successful.
When I tried to restart Apache to run the new version, I received
the message below:
# ../bin/apachectl restart
Syntax error on line 344 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not included in the server configuration
When I checked what was at line 344, I found Order allow,deny
.
<Directory "/usr/local/apache2/htdocs">
<text snipped>
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
I commented out the "order" and "allow" lines to see what would happen. I
then received an error message concerning the UserDir
command
in httpd.conf.
I checked the compiled-in modules for Apache with httpd -l
and
saw the following:
# ../bin/httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
The order
command requires the mod_access
module
to be loaded in Apache. It was apparently compiled into the previous version
I had running on the system, but it isn't compiled into the current version,
so I added
LoadModule access_module /usr/local/apache2/modules/mod_access.so
to /usr/local/apache2/conf/httpd.conf
.
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule access_module /usr/local/apache2/modules/mod_access.so
Note: the location of mod_access.so
and other modules
may be in a different location on other systems, e.g. under Linux it may be at
/etc/httpd/modules/mod_access.so
. I also discovered later
that I should have put LoadModule auth_module
/usr/local/apache2/modules/mod_auth.so
in as well to address
this error as shown at
Adding Modules to httpd.conf With Apache 2.
When I added the mod_access.so
line and ran apachectl
restart
, I then received the error message below:
# ../bin/apachectl restart
Syntax error on line 354 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'UserDir', perhaps mis-spelled or defined by a module not
included in the server configuration
I then added the line LoadModule userdir_module
/usr/local/apache2/modules/mod_userdir.so
below the
LoadModule access_module /usr/local/apache2/modules/mod_access.so
line in httpd.conf
. That eliminated the error related to the
UserDir
command, but I then saw another module related error
message.
# ../bin/apachectl restart
Syntax error on line 382 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'DirectoryIndex', perhaps mis-spelled or defined by a module not included in the server configuration
I added LoadModule dir_module /usr/local/apache2/modules/mod_dir.so
beneath the other LoadModule
statements and reran
apacectl restart
. The error message for DirectoryIndex
was eliminated and I got further in the configuration file, but I received
another error message when I restarted Apache.
# ../bin/apachectl restart
Syntax error on line 403 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'TypesConfig', perhaps mis-spelled or defined by a module not included in the server configuration
So I then added LoadModule mime_module
/usr/local/apache2/modules/mod_mime.so
and attempted again to restart
Apache. The next error message is shown below.
# ../bin/apachectl restart
Syntax error on line 456 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'LogFormat', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule log_config_module
/usr/local/apache2/modules/mod_log_config.so
. When I attempted to
restart Apache, I then saw the message below.
# ../bin/apachectl restart
Syntax error on line 506 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Alias', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule alias_module
/usr/local/apache2/modules/mod_alias.so
, which led to the next
error message.
# ../bin/apachectl restart
Syntax error on line 576 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'IndexOptions', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule autoindex_module
/usr/local/apache2/modules/mod_audoindex.so
and attempted to restart
Apache again.
# ../bin/apachectl restart
Syntax error on line 724 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'LanguagePriority', perhaps mis-spelled or defined by a module not included in the server configuration
I added LoadModule negotiation_module
/usr/local/apache2/modules/mod_negotiation.so
to address that error.
# ../bin/apachectl restart
Syntax error on line 908 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'BrowserMatch', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule setenvif_module
/usr/local/apache2/modules/mod_setevnif.so
and attempted to restart
again with apachectl restart
. At last it restarted without an
error message. Yeah! Except when I tried telnet 1270.0.1 80
to
connect to the default HTTP port on the local loopback address, it failed.
# telnet 127.0.0.1 80
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
When I looked in /usr/local/apache2/logs/error_log
, I saw the
following:
[Sun Jan 27 22:09:30 2008] [notice] SIGHUP received. Attempting to restart
Syntax error on line 219 of /usr/local/apache2/conf/httpd.conf:
module access_module is built-in and can't be loaded
So I removed LoadModule access_module
/usr/local/apache2/modules/mod_access.so
from httpd.conf
.
But then I got the Invalid command 'Order'
error message again.
# ../bin/apachectl restart
Syntax error on line 352 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not included in the server configuration
I put LoadModule access_module
/usr/local/apache2/modules/mod_access.so
and added LoadModule auth_module
/usr/local/apache2/modules/mod_auth.so
below it.
# ../bin/apachectl restart
httpd not running, trying to start
I tried connecting to port 80 on the loopback address again. This time
I was successful. I entered the command HEAD / HTTP/1.0
and
hit return a couple of times. Apache then responded with information showing
me that version 2.0.59 was running at last.
I now have the following module section in httpd.conf
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule access_module /usr/local/apache2/modules/mod_access.so
LoadModule auth_module /usr/local/apache2/modules/mod_auth.so
LoadModule userdir_module /usr/local/apache2/modules/mod_userdir.so
LoadModule dir_module /usr/local/apache2/modules/mod_dir.so
LoadModule mime_module /usr/local/apache2/modules/mod_mime.so
LoadModule log_config_module /usr/local/apache2/modules/mod_log_config.so
LoadModule alias_module /usr/local/apache2/modules/mod_alias.so
LoadModule autoindex_module /usr/local/apache2/modules/mod_autoindex.so
LoadModule negotiation_module /usr/local/apache2/modules/mod_negotiation.so
LoadModule setenvif_module /usr/local/apache2/modules/mod_setenvif.so
References:
-
Adding Modules to httpd.conf With Apache 2
Posted:2005-03-01
Network Administration Tools: GNU/Linux, Windows 2003, Windows 2000, NT, and
more...
[/os/unix/solaris/network]
permanent link
Sun, Jan 27, 2008 7:00 pm
Installing RealVNC 4.1.2 under Windows
I installed the free edition of
RealVNC
4.1.2 on a Windows XP system.
Windows
Defender 1.1.1593 was installed on the system and popped up a warning
when I started the installation of RealVNC.
To get Windows Defender to accept RealVNC, select "always allow" for
the action and then click on "Apply Actions".
When you are configuring RealVNC during installation, under the
Connections tab in RealVNC, you can set the ports or retain the
default ports that will be used for listening for connections, if
you are installing the server portion of the software so you
can connect remotely to the system you are installing it on. The
default values are shown below:
Accept connections on port: 5900
Disconnect idle clients after (seconds): 3600
Serve Java viewer via HTTP on port: 5800
Under Access Control in the Connections section, you
can check "Only accept connections from the local machine", if you wnat
to require access to be through an SSH connection.
If you install the server portion of the software to run as a service
on the Windows system, but don't want it to start automatically, click
on the Windows Start button, select Run and type
services.msc
. Find "VNC Server Version 4" within the services
list, double-click on it and change the startup type from "automatic" to
"manual", then click on OK.
References:
-
Malicious Software Encyclopedia: RemoteAccess:Win32/RealVNC
Published: September 12, 2006
Microsoft Corporation
[/os/windows/software/remote-control/vnc]
permanent link
Sun, Jan 27, 2008 6:01 pm
mshta.exe
The file
mshta.exe
in
c:\windwows\system32
is part of the Windows operating system. Known file sizes on Windows
XP are 29184 bytes, 30720 bytes, 45568 bytes,
24064 bytes, and 26624 bytes. The description assigned to it by Microsoft is
"Microsoft HTML Application Host". The program is needed to execute
.HTA (Hypertext
Application) files, which allow applications to be run from HTML
documents.
On a Windows XP Tablet PC Edition system with Service Pack 2 installed,
I see the following information for the file when I right-click on it
and select Properties:
Size: | 44.5 KB (45,568 bytes) |
Created: | Thursday, August 23, 2001, 7:00:00 AM |
Modified: | Monday, August 13, 2007, 6:32:30 PM |
File version: | 7.0.5730.13 |
At
Introduction to HTML Applications (HTAs), Microsoft states
the the following in regards to why someone would use HTAs:
Historically, programming languages like C++ and Microsoft Visual Basic have
provided the object models and access to system resources that developers
demand. With HTAs, Dynamic HTML (DHTML) with script can be added to that list.
HTAs not only support everything a Web page does - namely HTML, Cascading Style
Sheets (CSS), scripting languages, and behaviors - but also HTA-specific
functionality. This added functionality provides control over user interface
design and access to the client system. Moreover, run as trusted applications,
HTAs are not subject to the same security constraints as Web pages. As with any
executable file, the user is asked once, before the HTA is downloaded, whether
to save or run the application; if saved to the client machine, it simply runs
on demand thereafter. The end result is that an HTA runs like any executable
(.exe) written in C++ or Visual Basic.
The .HTA file type can become infected by malware. It is important to
note that, as fully trusted applications, HTAs can carry out actions that
Internet Explorer would never permit in a Web page. Microsoft also states
"In HTAs, the restrictions against allowing script to manipulate the client
machine are lifted. For example, all command codes are supported without
scripting limitations (see
command
id). And HTAs have read/write access to the files and system registry on
the client machine."
Execution of .HTA files by mshta.exe can be debugged with the Microsoft
Script Editor, MSE7.exe
.
References:
-
mshta.exe
Windows process - What is it?
file.net
-
mshta.exe - mshta - Process Information
Uniblue™ ProcessLibrary™
-
File Extension .HTA Details
FILExt - The File Extension Source
-
.HTA File Extension
FileInfo.net
-
Introduction to HTML Applications (HTAs) - Windows Internet Explorer
Microsoft
Developer Network
[/os/windows/processes]
permanent link
Mon, Jan 21, 2008 10:47 pm
Generating a New Encryption Key with BlackBerry Desktop Manager
If you get the message "Current Encryption Key is out of date. A new
encryption key will have to be generated.", when attempting to synchronize
your BlackBerry with the BlackBerry Desktop Manager you must generate
a new encryption key.
Messages are encrypted prior to being sent between the BlackBerry Desktop
Manager software and your BlackBerry. The encryption key for the BlackBerry
Desktop Manager and the BlackBerry's own encryption key must match in order
for messages to be decrypted at the receiving end. Encryption keys can
be manually or automatically generated.
If you are using the BlackBerry Desktop Manager for synchronization, take the
following steps to generate a new encryption key:
- Connect the BlackBerry device to the computer.
- In BlackBerry Desktop Manager, double-click
Redirector Settings.
- In the Redirector Settings window, click the
Security tab.
- Select Generate keys manually, then
click Generate. The Generating New Key window will appear.
- Move the mouse around until the Generating
New Key window closes. The random mouse movements help randomize the
encryption key. When the window closes, a new encryption key has been generated.
- If you want to be prompted to generate a new
encryption key every 31 days, select Generate keys automatically.
- Click Apply, then click OK.
References:
-
Encryption keys
Doc ID : KB00171
Last Modified : 2007-03-22
Research In Motion Limited
-
Generate a new encryption key
Doc ID : KB02740
Last Modified : 2007-06-07
Research In Motion Limited
[/network/email/blackberry]
permanent link
Tue, Jan 15, 2008 8:41 pm
Moving WinAmp Playlists from One Computer to Another
WinAmp 5.51 stores its playlists in its
Plugins\ml
directory, which will usually be
C:\Program Files\Winamp\Plugins\ml
. The individual playlists
will be in
.m3u8
files with names like
plfxxxx.m3u8
and
plfE454.m3u8
where
xxxx
is a combination of letters and numbers, e.g.
plf7501.m3u8
. The mapping between the name you give the list
and those names is in a
playlists.xml
file in the same directory.
Sample Playlists.Xml File
<?xml version="1.0" encoding="UTF-16"?>
<playlists playlists="2">
<playlist filename="plfE454.m3u8" title="Xmas - Hilary Duff - Santa Claus Lane" id="{C0112AC9-0575-422F-B216-9A104962C563}" songs="11" seconds="2200"/>
<playlist filename="plf7501.m3u8" title="Xmas - The Time-Life Treasury Of Christmas" id="{3463FBFD-C77E-44BD-BC13-6044D2E6BEE7}" songs="45" seconds="8327"/>
</playlists>
So, if you want to copy your playlists from one system to another, copy
the .m3u8
files and the playlists.xml
files from
the first system to the second system.
But what if the music files, e.g. your .mp3 files, are not in the same directory
on the second system as the first system? Then you will need to edit each
.m3u8
file and update the reference to the actual location
of the music files. E.g. if the files were on drive C:\MP3s
on the
first system, but drive D:\MP3s
on the second system, you will
need to do a global search and replace on C:\MP3s
substituting
D:\MP3s
for it. You can use any text editor, such as
Notepad
, which comes with Windows, since the .m3u8
files are just text files.
References:
-
Lost playlist
Posted on July 30, 2006
WINAMP.COM | Forums
[/os/windows/software/audio/winamp]
permanent link
Thu, Jan 10, 2008 3:45 pm
Changing the Background Color for a Table in Microsoft Word 2000
To change the background color in a table in Microsoft Word 2000,
take the following steps:
- Right-click somewhere in the table.
- Choose Table Properties.
- Click on the Borders and Shading button.
- Select the color you want for the table's background under
Fill.
- Click on OK.
- Click on OK again.
If you want to change the background color for just one cell in the table,
take the same steps as above, but before you click on OK after
selecting the fill color, change the value in the Apply to field
from "table" to "cell".
If you want to change the background color for an entire row in the table,
the steps are basically the same, but you need to highlight all the cells
in the row before selecting Table Properties.
- Right-click somewhere in the table.
- Choose Table Properties.
- Click on the Table tab.
- Click on the Borders and Shading button.
- Select the color you want for the table's background under
Fill.
- Click on OK.
- Click on OK again.
[/os/windows/office/word]
permanent link
Wed, Jan 09, 2008 10:10 pm
Unable to Backup HP Laptop with Ghost 2003
When I attempted to backup the hard drive in an HP laptop with
Norton Ghost 2003, I received the following error message:
Error |
There is no valid Source Drive to choose (11032)
OK
|
I tried another Norton Ghost 2003 boot diskette, but had the same results.
I then tried a PartImage Is Not Ghost
(PING) boot CD. During the boot process I saw the following:
ata1: port is slow to respond, please be patient (Status 0x80)
ata1: softreset failed (device not ready)
PING dropped me to a shell prompt, since that was the option I picked for
when it completed, without giving me a chance to start the backup. I powered
the system off and on and rebooted. I did not see the messages noted above
then and I was able to backup the system to an external USB disk drive.
I then tried again with a Norton Ghost 2003. This time Norton Ghost saw
the drive, but when I attempted to backup the drive, I received the
error below:
Application Error 29089 |
Write to image failed
If this problem persists, contact Symantec Technical Support
at http://service.symantec.com
OK
|
I tried again with a boot diskette that I had created using the Norton Ghost
Boot Wizard just a couple of days ago, since the first time I used a boot
CD that I had created a couple of years ago. The results were the same, however.
The next night I backed up the system with PING again and, afterwards,
tried a Norton Ghost 2003 boot disc with the USB 1.1 drivers provided
by Symantec with Ghost 2003.
Part | Type | ID | Description |
Volume Label | Size in MB | Data Size in MB |
1 | Primary | 07 |
NTFS | No name |
76316 | 14802 |
| | | |
Free | 2 | |
|
| | | |
Total | 76319 |
14802 |
This time I saw the error message "File Name ? (546)".
When I clicked on OK, I saw the message below:
Internal Error 36000 |
An internal inconsistency has been detected
If this problem persists, contact Symantec Technical Support
at http://service.symantec.com
OK
|
When I was dropped to a command prompt, though, I saw the following:
ABORT: 29089, Write to image file failed
ABORT: 36000, A GeneralException occurred
[/os/windows/utilities/backup/ghost]
permanent link
Wed, Jan 09, 2008 8:11 pm
Determining Version of a PDF File
If you examine the contents in the first few byes of a
PDF file, you
will see the PDF format version listed. E.g. you will see something such
as the following:
Hex: 25 50 44 46 2D 31 2E
ASCII: %PDF-1.
The bytes shown might be %PDF-1.4
(Hex 25 50 44 46 2D 31 2E
34), if the version is 1.4.
But there are cases where the information in the first few bytes of the
file can be overridden by information appearing later in the file. Derek
Clegg states at
Re: How do you determine PDF version that "The version of a PDF file
isn't solely determined by the first few bytes of the PDF; in PDF 1.4 and
later, the version specified at the start of the PDF file can be overridden by
a / Version entry in the document's catalog. (See section 3.4.1 of the PDF 1.5
specification for more info.) This is why Quartz PDF files always start with
%PDF-1.3 but may, in fact, be PDF 1.4 or later."
The PDF version number determines features incorporated into the format. For
instance version 1.4 was the first first to support transparency and
metadata. Some older PDF viewers may not be able to view PDF files written
in a newer PDF format. A listing of versions and features is available at
Create better PDFs by understanding the formats.
On a Unix or Linux system, you can use the od
command to view
the first few bytes of a PDF file.
# od -c -N 10 EBIA_ERISA_3rdQtr2007.pdf
0000000 % P D F - 1 . 4 \n %
0000012
The \n
that appears after the "1.4" is just a newline character.
Though Windows doesn't come with a hexadecimal editor, there are free
hexadecimal editors available for Windows systems as well that
will allow you to view those first few bytes in the PDF file.
References:
-
PDF Developer Center: PDF reference
Adobe Systems Incorporated
-
Re: How do you determine PDF version?
By: Derek Clegg
Date: February 21, 2006
Apple Mailing Lists
-
Create better PDFs by understanding the formats
By James Dempsey
December 14, 2006
Creative Guy
[/software/file_formats/pdf]
permanent link
Tue, Jan 08, 2008 4:16 pm
Removing Windows Messenger 4.7
I used the
Windows Update function in Internet Explorer on a
Windows XP system to check for patches for a laptop. Including optional
hardware and software patches, there were 63 available. I chose to
download and install them all. Windows Messenger 4.7 was among those
available; I hadn't paid attention to the fact it was among those to
be installed. It was the first one installed. I saw a Windows Firewall
notice pop up asking me whether I wanted to continue to block Windows
Messenger. I did, but the system gave me a Blue Screen of Death (BSOD)
when I attempted to block it.
When the system rebooted, Windows Messenger 4.7 opened. I didn't want
the software on this laptop anyway. So I opened the Control Panel
(Click on Start, select Settings, then Control
Panel). Under Add or Remove Programs in the Control Panel,
I chose Add/Remove Windows Components. Windows Messenger was
unchecked and had a size of 0.0 MB listed, so I couldn.t uninstall it
that way. I was able to remove it using the steps below, however:
- Close Messenger if it is running. If you see an icon for it
at the lower-right hand corner of your screen, right-click on it
and choose Exit.
- Click on the Start button.
- Select Run.
- In the Open field of the window that appears, copy and
paste
RunDll32 advpack.dll,LaunchINFSection
%windir%\INF\msmsgs.inf,BLC.Remove
- When you see the confirmation prompt below, choose "Yes"
after closing any of the referenced programs, if they are open.
To remove Messenger, you must first exit from it: Click the Messenger
icon in the taskbar, then Exit. Please also close all other programs
that display your contact list (for example, Internet Explorer, Outlook,
Outlook Express, MSN Explorer). Make sure to close programs for all users
signed in to this computer. Do you want to continue?
You will see a notice appear stating Windows Messenger has been removed
when the uninstall process completes.
If you don't want to remove Windows Messenger 4.7, but just want to
stop it from running automatically when you login to a system, instead
of following the procedure above, open Windows Messenger and take the
following steps:
- Click on Tools.
- Select Options.
- Click on the Preferences tab.
- Uncheck "Run this program when Windows starts".
- Click on OK.
References:
-
How to remove Windows Messenger 4.7 permanently
By
Darrell Norton
Posted: March 10, 2004
Darrell Norton's Blog
-
How do I get rid of Messenger 4.7?
By Leo Notenbom
Posted: May 28, 2004
Ask Leo! Tech Questions? Get Answers!
[/network/chat]
permanent link
Tue, Jan 08, 2008 12:18 pm
AntiVirus Reconnaissance
In analyzing the backend code associated with the
Pushdo Trojan downloader, security guru Joe Stewart found that
the malware being distributed would log the hard drive serial number on a
victim's computer. He speculates that perhaps the malware is checking the
hard drive serial number in order to check whether it is running on a
Virtual Machine (VM).
If the malware logs the same serial number for what would otherwise appear
to be separate machines, then it is likely that it is running on a VM.
Since antivirus companies use VM's to analyze malware in controlled
environments, the knowledge that the malware is running on a VM might be of
interest to the malware developer or distributor for that reason.
Some malware attempts to kill or disable antivirus software processes.
Pushdo does not. It merely reports back to its controlling server on
which antivirus software it has detected on the victim's sysetm. Pushdo
compares all of the processes running on the sysetm with its own list of
antivirus and personal firewall process names and then provides a report
to its controller listing the ones it has found.
In checking the Pushdo controller server, Stewart found malware samples
with rootkit
characteristics, which allow malware to hide from antivirus
and antispyware software, and also evidence of a spam
botnet.
References:
-
Inside a Modern Malware Distribution System
By Ryan Naraine
December 21, 2007
eWeek.com
[/security/malware]
permanent link
Tue, Jan 08, 2008 9:50 am
Internet Usage Statistics
If you want to see statistics on Internet usage for various parts of the
world, check
Internet Usage
World Status - Internet and Population Statistics, a
"website featuring up to date world Internet Usage, Population Statistics and
Internet Market Research Data, for over 233 individual countries and world
regions."
[/network/Internet]
permanent link
Mon, Jan 07, 2008 11:20 pm
Folders Could Not Be Opened
On a Windows XP system that was in a domain using a Microsoft Exchange
server, whenever a user attempted to use Outlook 2003, Outlook would
start to open then crash. The error message displayed was "the set of folders
could not be opened." I confirmed that the user's Outlook
.ost file still existed
and that the user had appropriate access permissions. I also ran the
scanost
utility that Microsoft provides with Office to verify
the integrity of the user's OST file. It did not find any problems with the
file. I found the problem was on the Exchange server. The mail store was
not loaded due to inconsistencies in it after a system crash. When I repaired
the mail store and the Exchange server was running properly again, the user
was able to open Outlook normally.
I don't know why this problem only occurred on this user's system. Outlook
2003 opened normally on other users' systems. They were not able to access
email on the Exchange server and Outlook indicated they were disconnected
from the Exchange server, but they were at least able to access email,
contacts, etc. that were stored in their OST offline storage files.
References:
-
Repair an .ost or .pst file in Outlook
Office Online Home Page
-
Repairing Outlook PST File Corruption at 2 GB Limit
MoonPoint Support
-
Using ScanOST to Repair OST Files
MoonPoint Support
[/network/email/clients/outlook]
permanent link
Privacy Policy
Contact