[ More Info ]

[/os/windows/software/audio-video/GSpot] permanent link

VLC media player is a highly portable multimedia player for various audio and video formats, such as MPEG-1, MPEG-2, MPEG-4, DivX, mp3, ogg, etc, as well as DVDs, VCDs, and various streaming protocols. It can also be used as a server to stream with extended features, such as video on demand, on the fly transcoding, etc., in unicast or multicast in IPv4 or IPv6 on a high-bandwidth network. It doesn't need any external codec or program to work.

VLC supports the following types of files and, when installed, will make itself the default program for opening these types of files, unless you specify otherwise.

VLC File Type Associations

Audio Files

.a52
.aac
.ac3
.dts
.flac
.mka
.mp1
.mp2
.mp3
.ogg
.spx
.wav
.wma

Video Files

.asf
.avi
.divx
.dv
.m1v
.m2v
.mkv
.mov
.mp4
.mpeg
.mpeg1
.mpeg2
.mpeg4
.mpg
.ps
.ts
.ogm
.vob
.wmv

Other

.asx
.bin
.cue
.m3u
.pls
.vlc

References:

1. The VideoLAN Web site
2. VLC ReadMe

[/os/windows/software/audio-video/VLC] permanent link

1. Click on Start.
2. Select Programs.
3. Select BlackBerry.
4. Select BlackBerry Desktop Manager.
5. Double-click on Email Settings.
6. Click on the Filters tab.

   

8. Click on Save.
9. Save the filters to an .rfi file.
10. Take the saved file to the other computer and go through the same steps, except click on Load to load the filters, rather than Save to save them.

[/network/email/blackberry] permanent link

[ More Info ]

[/os/windows/utilities/backup/backup_exec] permanent link

[/os/windows/utilities/backup/ghost] permanent link

[ More Info ]

[/security/trojans] permanent link

The version information for the router I tested is shown below:

The Belkin F5D7230-4 router has a security logging feature that shows a "system log" and a "firewall log", but the logging capabilities provided by the router are extremely limited. There's no way to have a log transmitted by email or for log information to be transmitted from the router by syslog. And the information logged is very rudimentary.

The example below shows entries in the system log for attemnpts I made from a system at 192.168.2.4, which was on the WAN side of the router, to login with an incorrect password, from a system that wasn't allowed to remotely manage the router. The entries in the firewall log section are from an nmap scan I ran against the router from a system on the WAN side of the router.

The router provides the capability to set "client IP filters" that allow one to limit outbound access through the router from systems on the LAN side of the router. You can specify an IP range and port range to be blocked and whether the block should apply only during specified days of the week and times or whether the block should always apply. And you can easily enable and disable a block. Using that capability you can limit outbound email access to only certain systems, etc.

There is also a "Parental Control" feature. Belkin states "Belkin's Parental Control protects you and your children/employees from objectionable content on the web. Parental Control comes pre-configured to block many types of web content, but is custom configurable to be more or less restrictive. Any web site can easily be set to be either, always blocked, or always allowed." That feature requires a subscription to Belkin's parental control service.

I had hoped that, if I specified a port block in the client IP filters section, I would see firewall log entries, if a system on the inside of the router attempted to access a system on the outside on a blocked port. Alas, no entries appear in the firewall log in such cases. For me, that makes the firewall logging capability provided by the router too limited to be of much value. I'd have to put a real firewall in front of it.

And for rating its security, you can access a lot of information from the router without even logging into it. If you use your web browser to access the router you can see the following information without logging into the router:

If the router is going to be used strictly for home use, making that information so readily available may not be a big concern, since, hopefully, family members connected by cables to the router can be reasonably trusted. Hopefully, wireless protection has been activated, so that no one can easily access the device, since providing all of that information so readily then could make an attacker's job much easier.

In addition to the lack of logging functionality, I have concerns regarding the router's reliability. I replaced it at my mother-in-law's house after she had some problems printing via the wireless interface in her laptop. I traced the problem to the Belkin router not responding. Powering the router off and on resolved the problem, but this happened a couple of times and I thought it best to replace the router. I also encountered problems with the router not responding when I tested it. The problems occurred within just a few minutes of testing. While logged into the router from a system on the LAN side, I tried accessing it from the WAN side from a system permitted to manage the router. I wanted to see what be logged if I entered the wrong password from that system. Well, the router simply stopped responding completely. I couldn't even ping it from either the WAN or LAN side. It wouldn't provide IP addresses via DHCP and it was no longer accessible from either the LAN or WAN side by HTTP. I had to power the router off and on. I tried again with the same results. Even for a router designed primarily for home use, having to power the router off and on frequently could irritate other family members and, if it was used in a small office, users would likely find any tendency to stop responding aggravating.

[/hardware/network/router/belkin] permanent link

[More Info ]

[/hardware/network/router/netopia] permanent link

PRESCREEN & OPT-OUT NOTICE: This "prescreened" offer of credit is based on information in your credit report indicating that you meet certain criteria. This offer is not guaranteed if you do not meet our criteria. If you do not want to receive prescreened offers of credit from this or other companies, call toll free 1 (888) 567-8688; or write: Experian Consumer Opt Out, P.O. Box 919, Allen, TX 75013; Equifax Options, P.O. Box 740123, Atlanta, GA 30374-0123; TransUnion Opt Out Request, P.O. Box 505, Woodlyn, PA 19094-0505.

I called the opt-out number, 1-888-567-8688. I was informed it was the consumer credit reporting industry opt-in and opt-out number, which allows you to add or remove your name from "receiving firm offers of credit or insurance based on your credit report" with the following credit reporting services:

Experian
Equifax
Innovis
TransUnion

You can choose to add your name, i.e. opt-in, to such offers, remove your name for 5 years, or remove your name permanently. If you try to remove your name permanently, you will be informed that you have to complete a form you will be sent, so I chose to remove my name for 5 years.

You will be asked to confirm your phone number, name and address and provide your Social Security Number (SSN) and date of birth. The whole process is handled by an automated system and it only took me a couple of minutes to complete it.

When I completed the process, I was informed that my removal request would be completed within 5 business days, but that I might continue to receive offers for several months from companies to which my information had already been provided and that I might also receive offers from companies that had obtained my information by other means. Hopefully, though, I will see a substantial diminution of the daily deluge of junk mail we receive at my house.

[/financial] permanent link

1. From the Excel menu select "File" or, if you are using Office 2007, click on the Office Button at the top left corner of the Excel window.
2. Select "Save As"
3. From the "Save As" window, select "Tools"
4. Select "General Options"
5. Specify a "Password to open"
6. Click on "OK" to save the file.

[/os/windows/office/excel] permanent link

You can use the method outlined by Adobe in Set passwords for PDFs to password protect PDF files that you will then email to others.

The article mentions that PDF documents can have two types of passwords:

1. User, aka "document open", password
2. Pemissions, aka "master", password, which provides access controls for the PDF document

To keep unauthorized individuals from viewing a PDF file, employ a "user" password. The other type of password, which you might also want to use in some cases, controls what recipients can do with a document.

Note: there are low-cost tools readily available online to remove that type of password from a PDF file. There are also low-cost programs readily available to defeat the first type of password unless you pick a strong password, i.e. one that is not a dictionary word, car name, sports team, person's name, etc. There are plenty of password dictionaries available to allow people to crack weak passwords. Any password protection scheme is virtually worthless, if someone picks a weak password. A strong password should have at least 8 characters with a combination of characters from at least 3 character sets. Character sets include those below:

1. Upper case letters
2. Lower case letters
3. Numbers
4. Special characters, such as "!", "-", "_", "$", etc.

Open the file you want to protect in Adobe Acrobat and follow the instructions below for encrypting and password protecting the file.

1. Click the secure button in the Tasks toolbar and choose Password Encrypt.
2. Click on Yes when prompted "Are you sure you want to change the security on this document?" If necessary, type the Permissions password that lets you change security settings. If you don't know the password, contact the author of the PDF file.
3. In the Password Security - Settings dialog box set the security options as desired. For the Compatibility setting, "Acrobat 5.0 or later" is the default option. That will provde 128-bit RC4 encryption. Selecting "Acrobat 3.0 or later", instead, will mean that users of older versions of Acrobat will be able to open the file, if they know the password, but I would strongly advise against choosing that option, if you need to guarantee that only someone who has been given the password can open it. If that option is selected, a 40-bit encryption scheme is used instead of 128-bit encryption. Even with a strong password, if you use 40-bit encryption, there are plenty of low-cost programs available online for anyone to easily break the password protection. With 128-bit protection, you can be confident that the protection will likely remain unbreakable for years to come (eventually increases in computing speeds, or the development of quantum computers, will likely render even that level of encryption breakable).
4. Specify a password, click OK and then OK again.
5. Save the file

Note: these instructions were written specifically for Adobe Acrobat 8 Standard edition, but will likely be similar for other versions.

[/os/windows/software/pdf] permanent link

Windows Defender Version:  1.1.1593.0
Engine Version: 1.1.3807.0
Definition Version:  1.41.172.0

Windows Defender found two items it gave a "medium" alert level. I instructed it to ignore both, since they were false positives. The first was for a download of the Activity Monitor program, which is in a "downloads" folder, but isn't installed on the system. The second occurred because SpySweeper updated the C:\WINDOWS\system32\drivers\etc\hosts file on 12/18/2006 to block nefarious sites.

MonitoringTool:Win32/ActivityMonitor

Category:
Monitoring Software

Description:
This program monitors user activity, such as keystrokes typed.

Advice:
Review the alert details to see why the software was detected. If you do not like how the software operates or if you do not recognize and trust the publisher, consider blocking or removing the software.

Resources:
file:
C:\Documents and Settings\JDoe\My Documents\Downloads\activmon39full.zip->amagent39.exe

containerfile:
C:\Documents and Settings\JDoe\My Documents\Downloads\activmon39full.zip

View more information about this item online

SettingsModifier:Win32/PossibleHostsFileHijack

Category:
Settings Modifier

Description:
This program has potentially unwanted behavior.

Advice:
Review the alert details to see why the software was detected. If you do not like how the software operates or if you do not recognize and trust the publisher, consider blocking or removing the software.

Resources:
file:
C:\WINDOWS\system32\drivers\etc\hosts

View more information about this item online

[/os/windows/software/security/monitoring/activity_monitor] permanent link

[/network/Internet/ISP] permanent link

[ More Info ]

[/security/forensics] permanent link

The screen saver for the hidden account is set to the "Windows XP" screen saver with "On resume, display Welcome screen" checked.

At Hide user accounts from the Windows XP Welcome screen, one can download a tool that makes it easy to hide and unhide accounts. The webpage also mentions that the Ctrl-Alt-Del trick for logging into hidden accounts has a a pitfall - "it will fail to work if a user is still currently logged in."

If I hit Ctrl-End, the cursor is placed in the passwod field for one of the visible accounts, but hitting Ctrl-Alt-Del at that point has no effect and I can't get back into the logged in account.

I've found I can get around this problem by logging into one of the visible accounts and then immediately logging off that account. If I then hit Ctrl-Alt-Del a couple of times, I get the "Log On to Windows" user name and password prompt and can regain access to the hidden account under which I'm already logged in.

[/os/windows/xp] permanent link

[ More Info ]

[/os/windows/software/network/web] permanent link

[ More Info ]

[/os/windows/software/security/antimalware] permanent link

E.g. for a file called samplefile.txt, I had to store it in the logbook directory as 080808_110230_samplefile.txt where 080808 represented the date for the file, August 8, 2008, and 110230 represented a timestamp for the file, i.e. 11:02:03 A.M. The date is in yymmdd format. I was then able to use http://server.example.com/sysadmin/080808_110230/samplefile.txt as the URL for the link in the logbook entry. I placed the 080808_110230 between slashes and followed it by the orginal filename.

I was then able to access the file through a link in the logbook entry.

[ More Info ]

[/network/web/blogging/elog] permanent link

# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so

#
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#

ProxyRequests On
#

    Order deny,allow
    Deny from all
    Allow from 192.168.1.3 192.168.1.4 127.0.0.1

After modifying the httpd.conf file, I restarted Apache with /usr/local/apache2/bin/apachectl restart. For a Linux system apachectl restart should suffice, though it is likely located in /usr/sbin, if you need to specify the full path.

After restarting Apache I was able to configure a browser on the system at the 192.168.1.4 address to use the Apache server as a proxy server. I used the IP address of the Apache server, 192.168.1.1 as the HTTP proxy server address with 80 as the port. I verified that the browser was using the Apache server as a proxy server by pointing the browser on the 192.168.1.4 system to www.showmyip.com. That site showed the address for the system as 192.168.1.1, i.e. it showed the connection as originating from the proxy server rather than the actual system on which the browser was being used.

I was also still able to access webpages on the website I host on the Apache server on the default HTTP port.

If you want to turn the proxy service off, you need only change the ProxyRequests On line to ProxyRequests Off and restart Apache.

References:

1. Configuring Apache 2.0 as a Forward Proxy Server
   By: Martin Brown
   Date: January 4, 2008
   ServerWatch
2. Configuring mod_proxy support for Apache
   IBM

[/network/web/server/apache] permanent link

User-Agent: TurnitinBot/2.1 (http://www.turnitin.com/robot/crawlerinfo.html)

Checking the URL listed, I found the following:

Chances are that you are reading this because you found a reference to this web page from your web server logs. This reference was left by Turnitin.com's web crawling robot, also known as TurnitinBot. This robot collects content from the Internet for the sole purpose of helping educational institutions prevent plagiarism. In particular, we compare student papers against the content we find on the Internet to see if we can find similarities. For more information on this service, please visit www.turnitin.com

The Wikipedia article on Turnitin states that it is as "an Internet-based plagiarism-detection service created by iParadigms, LLC. Institutions (typically universities and high schools) buy licenses to submit essays to the Turnitin website, which checks the document for plagiarism."

I had read that many schools now use such services to deter students from submitting plagiarized papers. I've seen services offerring pre-written papers for students to submit for classes, so I can see the need for teachers to use such detection services. I didn't realize this service crawled websites to index materials on the web as part of its detection efforts, but it makes sense to me that the service would do so. This is the first time I've noticed this particular web crawler

[/network/web/crawlers] permanent link

I ran yum install ethereal, which installed wireshark and its dependency, libsmi. Wireshark was installed, because development of ethereal has stopped and the core development team is now developing wireshark.

The FAQ for wireshark offers the following explanation of the name change.

In May of 2006, Gerald Combs (the original author of Ethereal) went to work for CACE Technologies (best known for WinPcap). Unfortunately, he had to leave the Ethereal trademarks behind.

This left the project in an awkward position. The only reasonable way to ensure the continued success of the project was to change the name. This is how Wireshark was born.

Wireshark is almost (but not quite) a fork. Normally a "fork" of an open source project results in two names, web sites, development teams, support infrastructures, etc. This is the case with Wireshark except for one notable exception -- every member of the core development team is now working on Wireshark. There has been no active development on Ethereal since the name change. Several parts of the Ethereal web site (such as the mailing lists, source code repository, and build farm) have gone offline.

After the installation completed, I tried running wireshark by issuing the command wireshark.

# wireshark
bash: wireshark: command not found

I then discovered that installing the wireshark RPM only installs a command line program, tshark. The program was installed in /usr/sbin/tshark. You can obtain help on tshark using man tshark or tshark -h. There is also documentation installed in /usr/share/wireshark/help.

I had to install wireshark-gnome to get the GUI version, which I did with yum -y install wireshark-gnome. I could then start the GUI version from a shell prompt with wireshark or start it by clicking on Applications, Internet, and then Wireshark Network Analyzer.

Since I wanted to capture only HTTP traffic, I typed HTTP in the Filter field and then clicked on the Apply button. I then clicked on Capture, Interfaces, and clicked on the Start button next to the eth0 interface to start capturing all HTTP traffic.

[/network/tools/sniffing/wireshark] permanent link

You can install the extension by simply clicking on the link for it. When it is installed, you will be notified you should restart Firefox to complete your changes.

The extension provides the capability for one to easily view the headers or CSS information for a page, check for Section 508 compliance, display the dimentions of images on the page, and many other capabilities useful to web developers.

[ More Info ]

[/network/web/browser/firefox] permanent link

SquirrelMail is installed in /usr/share/squirrelmail. The configuration files are installed in /etc/squirrelmail.

# ls /etc/squirrelmail
config_local.php  config.php  default_pref  sqspell_config.php

After the software was installed I ran the configuration script to configure SquirrelMail.

# /usr/share/squirrelmail/config/conf.pl

When I ran the configuration script, I saw the following menu:

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color off
S   Save data
Q   Quit

Command >>

I typed D and hit Enter to configure SquirrelMail for a specific IMAP server. In this case, I'm running dovecot on the server, which is one of the IMAP servers for which the configuration script can optimize SquirrelMail's settings.

SquirrelMail Configuration : Read: config.php
---------------------------------------------------------
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don't work so
well with others.  If you select your IMAP server, this option will
set some pre-defined settings for that server.

Please note that you will still need to go through and make sure
everything is correct.  This does not change everything.  There are
only a few settings that this will change.

Please select your IMAP server:
    bincimap    = Binc IMAP server
    courier     = Courier IMAP server
    cyrus       = Cyrus IMAP server
    dovecot     = Dovecot Secure IMAP server
    exchange    = Microsoft Exchange IMAP server
    hmailserver = hMailServer
    macosx      = Mac OS X Mailserver
    mercury32   = Mercury/32
    uw          = University of Washington's IMAP server

    quit        = Do not change anything
Command >>

I typed dovecot and hit Enter to configure SquirrelMail for the dovecot IMAP server. I was then shown the configuration options set for dovecot.

              imap_server_type = dovecot
         default_folder_prefix = 
                  trash_folder = Trash
                   sent_folder = Sent
                  draft_folder = Drafts
            show_prefix_option = false
          default_sub_of_inbox = false
show_contain_subfolders_option = false
            optional_delimiter = detect
                 delete_folder = false

Press any key to continue...

When I hit a key, I was returned to the main menu. I typed S and hit Enter to save the settings. I was informed "Data saved in config.php". I then typed Q and hit Enter to exit from the configuration script.

The system runs the Apache webserver, so I then restarted the Apache server with apachectl restart.

During the installation, the file /etc/httpd/conf.d/squirrelmail.conf is created. The file contains the following lines:

#
# SquirrelMail is a webmail package written in PHP.
#

Alias /webmail /usr/share/squirrelmail

The web interface for SquirrelMail can be accessed at http://a.example.com/webmail [substitute the actual name for your server for a.example.com]. You should see a login page where you can login to check email.

You can also test the SquirrelMail configuration using http://a.example.com/webmail/src/configtest.php [again, substitute your actual domain name for a.example.com]. When that page is displayed, you will see configuration information. The script will try to check some aspects of your SquirrelMail configuration and point you to errors whereever it can find them. You need to have run conf.pl in the config/ directory first, as I mentioned above, before you run this script. At the bottom of the webpage that is displayed, you should see "Congratulations, your SquirrelMail setup looks fine to me!"

[/network/email/squirrelmail] permanent link

You have exceeded the size limit on your mailbox. You can find types of items to delete or move, empty the deleted items folder, or you can have Outlook transfer items to an archive file.

I had to delete copies of messages he forwarded multiple times and archive some messages to bring the mailbox size below 2 GigaBytes (GB) [See Outlook 2003 Mailbox Size Exceeded].

I also checked the size of all other users' mailboxes on the Microsoft Exchange 6.5 server that processes his email. [See Determining Mailbox Size for All Exchange Users]

[/network/email/clients/outlook] permanent link

Port Configuration
SSL Configuration
Password Configuration

[/network/web/blogging/elog] permanent link

C:\>java -version
java version "1.6.0_07"
Java(TM) SE Runtime Environment (build 1.6.0_07-b06)
Java HotSpot(TM) Client VM (build 10.0-b23, mixed mode, sharing)

If you selected the default install directory, the JRE software will likely be stored in C:\Program Files\Java.

C:\PROGRA~1\Java>dir
 Volume in drive C has no label.
 Volume Serial Number is AC89-88C6

 Directory of C:\PROGRA~1\Java

08/02/2008  08:55 AM    <DIR>          .
08/02/2008  08:55 AM    <DIR>          ..
11/20/2004  04:49 PM    <DIR>          j2re1.4.2_03
12/13/2004  02:57 AM    <DIR>          j2re1.4.2_05
08/15/2005  09:20 PM    <DIR>          jre1.5.0_04
01/12/2006  12:57 AM    <DIR>          jre1.5.0_06
08/02/2008  08:55 AM    <DIR>          jre1.6.0_07
       0 File(s)              0 bytes
       7 Dir(s)  54,967,054,336 bytes free

On a Linux system, you can also issue the java -version command to see the version.

$ java -version
java version "1.4.2"
gij (GNU libgcj) version 4.1.2 20071124 (Red Hat 4.1.2-42)

Copyright (C) 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

[/software/java] permanent link