Wednesday, December 26, 2012

Testing an External NTP Server

First off, NTP uses port 123. That was the first thing I checked when trying to telnet to one of the pool.ntp.org servers. Seems most NTP server ignore the telnet command.

Then I thought I'd use net time, but it has been deprecated in Windows 7 in favor of the newer w32tm command.

There's a litany of switches to use with it, but the /monitor /computers:server are the ones you want.

And using the command: c:\w32tm /monitor /computers:time.nist.gov
You will get the following output, showing it works:

time.nist.gov[64.250.177.145:123]:
    ICMP: 59ms delay
    NTP: -0.1402919s offset from local clock
        RefID: 'ACTS' [0x53544341]
        Stratum: 1

You can find a huge amount of popular public NTP servers at NTP.org

Monday, November 19, 2012

Finding a Linux Application Version

During a recent Wordpress installation endeavor, I needed to confirm I had the correct versions of Apache, PHP, etc., and didn't exactly know how to accomplish that. As with many things in the computer world, there are many ways to skin a cat...

This example uses Apache, which is httpd as a service (daemon in Linux-speak).

Add -v to the binary (or -V depending on the app), and this doesn't work for everything.
[root@spidey ~]# httpd -v
Server version: Apache/2.2.15 (Unix)
Server built:   Feb  7 2012 09:50:11

Use which to locate the full path of a command
[root@spidey ~]# which httpd
/usr/sbin/httpd

Use whereis to locate the binary, source and man pages
[root@spidey ~]# whereis httpd
httpd: /usr/sbin/httpd /usr/sbin/httpd.event /usr/sbin/httpd.worker /etc/httpd /usr/lib64/httpd /usr/share/man/man8/httpd.8.gz

Querying the installed package by using rpm -q
[root@spidey ~]# rpm -q httpd
httpd-2.2.15-15.el6_2.1.x86_64

You can do a locate to see everywhere on the system httpd shows up
[root@spidey ~]# locate httpd
/etc/httpd
/etc/httpd/conf
/etc/httpd/conf.d
/etc/httpd/logs
...

Or a find with -name

[root@spidey ~]# find / -name httpd
/etc/httpd
/etc/rc.d/init.d/httpd
/etc/sysconfig/httpd
/etc/logrotate.d/httpd
...

And yes, I did have the correct version :)

Thursday, August 30, 2012

Blog migration...

My previous Wordpress blog host has been shutdown, so it was time to move on. The logical choice seemed to be Wordpress.com, it was a direct import.

Unfortunately they don't make it easy to forward your subdomain, there's a $13/yr charge (which I was willing to pay), but they drop all "www" requests. That is where all my links point as well as links from other forums and blogs. Okay stop laughing, there is over four other blogs that link here ;)

Anyway, the next choice was Blogger/Blogspot, where we are now. It was super easy to point the domain here, GoDaddy which holds my domain even has a wizard to make the forward easy as 3.14159265...

Blogspot even take imports for XML, same as Wordpress exports! But not the same format as Wordpress (Finished: Sorry, the import failed due to a server error. The error code is bX-a9cw3d). A quick search pointed me to an article at Squidoo which then pointed to an XML conversion site Wordpress-to-Blogger. There was only a little massaging to be done, reporting and the re-addition of my About page (which needed updating anyway) and now we're here...

Thursday, July 12, 2012

How Good is Your Password?

This is a question that people rarely ask themselves. I know numerous people who've had mail and video game accounts hacked due to weak passwords. I'm a big fan of using passphrases and special characters whenever possible. It irks me to no end that some of my financial institution's websites don't allow special characters and even limit the password to eight digits (seriously it's 2012).

Steve Gibson, a long time security hawk and software developer, has a great website for checking out how your password will do against a brute-force attack. However, it won't tell you if it's easy to guess (like your dog's name that's all over FaceBook) or is an easily cracked dictionary word (note: stay away from words found in the dictionary).

Try your password/passphrase out here: Haystack

Thursday, June 7, 2012

FATAL: Pppd is not setuid-root

We've been rolling out shiny new MacBooks lately along with the SonicWALL SSL-VPN NetExtender client. Little did we know that some of the MacOS X connections were going to fail. Luckily the error message pointed the way: "FATAL: Pppd is not setuid-root and the invoking user is not root."

It seems the later versions of Mac OS X (10.6+) don't allow the setuid flag to be set on PPPD.

You can fix this by getting your bash on.

  1. Open Terminal (Applications > Utilities > Terminal)

  2. Type: sudo chmod u+s /usr/sbin/pppd and hit Enter

  3. Type the user’s password and hit Enter

  4. Now connect and get to work :)

Wednesday, May 30, 2012

Setting Google Chrome as your Default Mail Client

Want Google Chrome to handle all of your mail links or perhaps calendar requests? Or stop Chrome from taking those requests?

Go to the Settings subpage for the handlers: chrome://chrome/settings/handlers

More info can be found here.

Tuesday, May 29, 2012

Fedora 17 Now Available

Hot off the presses, the Fedora Project released their latest operation system, Fedora 17.

I'm downloading my copy right now, you can too.

Friday, May 25, 2012

Dell Server Parts

Recently a customer's Dell PowerEdge T105 blew out its power supply. Too bad the three-year warranty ended just four months ago.

What to do? Call Dell with credit card in hand...and proceed with being transferred all over because you're out of warranty. Normally I'm very happy with Dell support, but I guess you're treated well when you are still in warranty.

Where else can you go when you need parts and they've stopped making them or cost too much from Dell? You can go with eBay and take your chances, or go to either Server Supply or Velocity Tech Solutions. You can even get real warranties on the parts.

Thursday, April 26, 2012

Excel Formula Field Only Shows Last Two Characters

Okay, this is a dumb one. When highlighting any cell it only shows the last two characters in the formula field.

Can't seem to find a permanent fix yet, but it seems to happen only when using two monitors. The workaround is to view Excel in the primary monitor and the formula field then shows all the cell's contents.

And from my searches, this seems to have been happening since Excel 97...good stuff.

Thursday, April 12, 2012

Removing the U3 Partition from a Flash Drive

I find most extra software bundled with hardware unnecessary and usually annoying; U3 luckily is both.

After attempts to format, fdisk /mbr, diskpart clean, etc. all failed. I did some poking around and found the uninstaller is bundled with the startup app, clever...

  1. Insert your U3 flash drive  and Launch the U3 application.

  2. Click on the U3 Launchpad Settings

  3. Click the Uninstall tab on the Settings menu (all windows and files accessed from the flash drive must be closed).

  4. Finally, click Uninstall U3 Launchpad


That's it, no more pop-ups and annoying software.

Monday, April 2, 2012

Resetting a Verizon MiFi 2200

A recently returned Verizon MiFi 2200 was found to have been reset by the user, with now-forgotten settings. Luckily the reset is easy...

  1. Power on the MiFi (if it isn't already).

  2. Take off the back cover and depress the reset button with a paperclip or similar (look for a hole labelled RESET in one of the corners).

  3. Hold the button in until the status LED turns green, then blinks once (this can take up to ten seconds).

  4. Let it go and then you'll find the SSID listed on the back in your available wireless networks (typically Verizon MIFI4510L XXXX).

Thursday, March 29, 2012

Dell Latitude Unknown Data Interface Driver

Installing a system from scratch can be a bear when it comes to finding device drivers, especially when the device in question doesn't have a manufacturer, model or even name associated with it. The latest install in which I had to deal with this was a Dell Latitude D430, but this device seems common to other D-Series Latitudes like the D620.

It's listed in the Device Manager simply as Data Interface with the typical unknown icon, and there were two of them. Digging further into the details of the device yielded the Hardware ID values below.

USB\VID_413C&PID_8114&MI_00\7&24B185B&0&0000
USB\VID_413C&PID_8114&MI_01\7&24B185B&0&0001


Turns out these are for the Verizon cellular modem card and drivers are readily available from Dell, under Technical Support, with your trusty Service Tag. I found the Verizon WWAN Card driver under the Communications heading (as VZW Mobile Broadband).

Tuesday, March 27, 2012

E-mail to Text Message

This has already been posted many places, but I'm tired of looking it up and dealing with glaring ads and pop-ups.

As you can guess, to send an e-mail to someone's phone as a text message, just replace the phonenumber with whomever you're trying to message, i.e. 4085551212@vtext.com.

  • Alltel - phonenumber@message.alltel.com

  • AT&T - phonenumber@txt.att.net

  • Boost Mobile - phonenumber@myboostmobile.com

  • Sprint Nextel - phonenumber@messaging.sprintpcs.com

  • T-Mobile - phonenumber@tmomail.net

  • US Cellular - phonenumber@email.uscc.net

  • Verizon - phonenumber@vtext.com

  • Virgin Mobile USA - phonenumber@vmobl.com


Etiquette is 140 characters or less and just be aware some may not have unlimited texting, so be careful on the quantity and size of messages.

Wednesday, March 7, 2012

Removing Remote Desktop Login Wallpaper

This annoyance has popped up off and on for years. You initiate a Remote Desktop connection to a system over VPN and the login screen has a large bitmap image causing it to draw and redraw while you wait.

This is typical for Windows Storage Server 2003 on Dell hardware. Unfortunately there isn't a GUI setting for this, so it 's just better to search for the file and delete or rename it. In this case it's: C:\Windows\System32\dellwall.bmp which is 3MB, no wonder it takes time to draw over a slower connection.

Tuesday, March 6, 2012

Locked Out of Track-It! Admin Console

Great! The only one in with admin privileges on Track-It! is no longer with the company. If you have access to the server and the Track-It! MS SQL database you're in luck.


  • Log into the Track-It! server and fire up the MS SQL Management Studio

  • Drill down under "Server" > Databases > TRACKITX > Tables

  • Find dbo.STAF, right-click and choose Open Table

  • Choose a username you wish to give administrative access to, scroll to the right to the SECPOLICYID column and change the entry to the number 2.

  • Close the table and Management Studio.

  • Log out of Track-It! and back in, now you have access to the Administration Console.

Sunday, February 19, 2012

Free Microsoft Software Trials

Big project coming up, polishing the resume or just curious? Microsoft's TechNet Evaluation Center is there to help.

The trial periods may vary a bit, but even 60 days of testing and mucking about should do the trick.

Want unlimited trial software? Subscribe to TechNet and no matter what the level you choose, it's an amazing array of operating systems and applications that never expire; worth every penny.

Friday, February 10, 2012

Cisco VPN Client PCF File

I could have sworn you exported the pcf profile (the VPN configuration file that can be imported for new installs) within the Cisco VPN IPSec Client, but I was wrong.

This little guy is actually a text file that's created as soon as you add a new connection. And it places it within the VPN client installation directory, as listed below.

C:\Program Files\Cisco Systems\VPN Client\Profiles

Once you grab your profile, you can throw it in with the installation files for the client and it will automatically be imported for use immediately upon completion (reboot is necessary, of course).

Wednesday, February 8, 2012

Hide Your Windows System from the Network

Should you wish to hide your Windows system from the Network Neighborhood just run the command below:

c:\net config server /hidden:yes

There's a bevy of net commands to be used to perform all sorts of tasks; truly worth investigation.

Friday, February 3, 2012

Cisco ASA 5505 Initial Configuration Commands

One thing I can say about the Startup Wizard in the Cisco ASA 5505, is that it would be kicked out of Hogwarts. Lame joke sure, but so is Cisco for selling something so complex to small businesses. What my customer of eight employees needs is a firewall with the robust dependability of a Cisco PIX with the simplicity of a Linksys. Seems like a no brainer, but since the 2003 purchase, I don't think Cisco hasn't done anything even close. Enough of my rant...

Some of the Startup Wizard went okay (like changing the external IP and enable password only), but when it came to changing the inside network, it hung a number of times, once for over 30 minutes, before I turned it off. Turned out I needed to actually change the internal IP address via the command line, but not before wiping out DHCP, because that locks the internal subnet from being changed. Oh yeah, don't forget to change the subnet from which you can access the internal web server, otherwise you're locked out of that as well. And yes, I attempted to do this via the ASDM, but it hung every time I tried to change the internal IP address. Sorry, I guess my ranting wasn't done.

Below are the commands I used to complete the above tasks...

Note: All of these require you to be logged into the "enable" account, i.e. type enable at the command-line in your terminal window and enter the password

Turn DHCP off:
ciscoasa# config term
ciscoasa(config)# no dhcpd enable inside

Updating your internal IP address/subnet (assuming it's VLAN 1)
ciscoasa# config term
ciscoasa(config)# interface Vlan 1
ciscoasa(config-if)# ip address 10.0.1.1 255.255.255.0
ciscoasa(config-if)# no shut

Adding an outside route (your gateway address (and why isn't this in the wizard?!?!))
ciscoasa# config term
ciscoasa(config)# route outside 0.0.0.0 0.0.0.0 76.176.56.86 1

Update access to the ADSM (so you can reach it from your new network listed above)
ciscoasa# config term
ciscoasa(config)# http 10.0.1.0 255.255.255.0 inside
ciscoasa(config)# exit
ciscoasa# show run | include http
http 10.0.1.0 255.255.255.0 inside (this shows your new network has access)
http 192.168.1.0 255.255.255.0 inside

Turn on DHCP and configure for use
ciscoasa# config term
ciscoasa(config)# dhcpd address 10.0.1.201-10.0.1.240 inside
ciscoasa(config)# dhcpd dns 10.0.1.10 10.0.1.11
ciscoasa(config)# dhcpd wins 10.0.1.10
ciscoasa(config)# dhcpd lease 3000
ciscoasa(config)# dhcpd domain contoso.com
ciscoasa(config)# dhcpd enable inside

Write running config to flash (saving all of your changes)
ciscoasa# write memory

Restarting your Cisco ASA from command line
ciscoasa# reload noconfirm

Should you post any questions, I'll be happy to try and help, but I can't promise anything...

Tuesday, January 31, 2012

Adding Windows XP Media Center to a Domain

During another domain migration yesterday, I came across a Windows XP Media Center PC in the workplace. This is certainly common with small companies, especially when they're bootstrapping. You buy what you can afford and that usually means Home and Media editions of Windows. Those work great for a small network, but of course can't be added to a domain, at least Home can't. Luckily Windows XP Media Center can be hacked into joining a domain, because unlike XP Home Edition, it won't upgrade to XP Professional.

So here's the hack:

  1. If you haven't already, install the Windows Recovery Console (you'll need your Windows XP disk for this)

  2. Boot into the Microsoft Windows Recovery Console when prompted

    1. Select the proper OS (usually 1) and enter the Administrator password (if prompted)



  3. Copy the SYSTEM registry hive to C:\ copy c:\windows\system32\config\SYSTEM c:\

  4. Type exit and boot into your Windows XP Media Center system as an administrator

  5. Open Registry Editor (Start > Run... type regedit, click OK

    1. Highlight HKEY_LOCAL_MACHINE

    2. Click File > Load Hive...

    3. Browse and select C:\SYSTEM

    4. Enter your PC-name or anything really

    5. Drill down to HKEY_LOCAL_MACHINE\PC-name\WPA\MedCtrUpg

    6. Change the IsLegacyMCE key in the right pane to the number 1 (default is 0)

    7. Highlight the PC-name under HKEY_LOCAL_MACHINE and click File > Unload Hive..., click Yes



  6. Reboot into the Microsoft Windows Recovery Console as in step 2

    1. Copy the SYSTEM registry hive back copy c:\SYSTEM c:\winsows\system32\config\system enter Y to overwrite

    2. Rename the old SYSTEM hive on C:\ ren c:\SYSTEM SYSTEM_old

    3. Type exit and reboot back into your Windows XP Media Center system as an administrator



  7. Now you should be able to add the system to the domain

  8. Optional: delete c:\SYSTEM_old and change the boot selection time from 30 seconds to 2 or 3 (now that the Recovery Console has been added)


Thanks to Aaron Tiensivu, who's article helped me yesterday. I decided to make an abridged post here since I'm getting annoyed at having to find this hack every time.

Sunday, January 29, 2012

Optimize Windows Settings for SSD

So you got a shiny new SSD for your Windows system. As you may or may not know, there is only a finite number of writes to each sector before it becomes unusable, eventually causing the disk to be unusable.

So what can you go to make sure it lasts as long as it can? I've gathered a few tips from around the web to help.

Versions after Windows XP actually do make some changes to optimize, but it doesn't hurt to check. And have fun with your new found (or bought) speed!

Wednesday, January 25, 2012

Firing a SysAdmin

Recently I had to replace an IT guy who'd gone off the rails. Something odd about this profession seems to cause an unusually high number of them (say, compared to other engineers) to drop off the radar and partially or completely disappear. It usually happens in one of two ways, they start with sporadic attendance, rarely answering phone calls and e-mail, then completely disappearing, or just the latter and they entirely stop all communications, possibly even leaving the area. Hard to say if it's something psychologically different with SysAdmins (we can be quite an odd bunch) or if it's the pressure and culture that spawns the flight response...

I've tried endless searches on "firing a sysadmin", "locking out an IT guy", etc., but nothing useful. So, I've compiled a list of things to examine when an IT guy goes AWOL and you need to lock them out, reclaim logins and check for holes.

  • Firewall passwords & rules

  • Router logins

  • Switch logins

  • VPN server login & configuration

  • Domain Admin/root password

  • Group Membership (Domain Admins, Schema Admins, Enterprise Admins, Built-in administrators, Exchange admins, root, wheel, etc.)

  • Other domain admin accounts

  • Service accounts (check Services logon list)

  • User accounts (every employee should change password)

  • Local admin accounts on client systems

  • Hosting/DNS/Domain Name Services passwords

    • Web hosting logins

    • Registrar logins and contacts

    • Managed DNS



  • Exchange/mail servers

    • Mailbox forwarding

    • Routing groups

    • Hosted spam filtering



  • MS SQL/database accounts

  • Auto-logins, i.e. kiosk systems

  • Examine startup scripts and group policy

  • Examine scheduled tasks, at or cron jobs

  • Change wireless security key

  • Change remote access accounts, i.e. GoToMeeting, TeamViewer, etc.

  • Update 3rd party software passwords, i.e. anti-virus, backup, etc.

  • Update 3rd party hosted software, i.e. Amazon S3, Salesforce, etc.

  • Change vendor logins, i.e. CDW, Dell, Microsoft, Tigerdirect, etc.

  • Remote system logins/wireless

  • Check systems in the field for items above

  • Check for keyloggers on all systems

  • Phone system accounts and logins

    • Change all voice mail pins



  • Update building alarm security codes

    • Contact for alarm company if the person is on the access list



  • Update access information/logins at colocation facilities


That's what I came up with so far for a Windows-centric network. Anything you can add?

Monday, January 23, 2012

Cisco ASA 5505 Software Upgrade

So you're looking to upgrade your Cisco ASA 5505 to the latest and greatest firmware? Well take it from me, don't update the ASA software first. If the ASDM software is not compatible with the updated ASA version, you will get locked out and have to get out your console cable.

Not so bad, but if your server room is actually a storage closet with the rack eight feet in the air so you have to stand crooked on a ladder, it's a pain in the back (and a lower, rear facing location as well).

The upgrade process is in fact, quite painless.

  1. Just fire up your ASDM

  2. Go to Tools > Upload Software from Local Computer...

  3. Choose your Image to Upload: (ADSM first, then ASA later)

  4. Browse Local Files... to add the image (.bin file)

  5. Click Upload Image and follow the prompts to finish (they vary depending on image uploaded)


Following the process above for our brand new firewall, the ASDM image reloaded properly to the latest version while the device was running, the ASA software however, did not. Rebooting the ASA loaded everything properly and I was on my way. (Or was I? That's blog entry to come...)

Saturday, January 21, 2012

Activate Windows and Office at the Command Line

I was recently looking for a way to activate Windows 7 and Office 2010 at a command prompt; this is what I found...

Since the release of Vista, you can use the command line utility slmgr for Windows activation when using a MAK (or Multiple Activation Key).

Windows Activation

  1. Open a command window (as administrator)

  2. And run...


slmgr -ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
slmgr -ato

Office Activation

  1. Open a command window (as administrator)

  2. From C:\Program Files\Microsoft Office\Office14 run...


cscript ospp.vbs /inpkey:xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
cscript ospp.vbs /act

Who needs all that pointing and clicking anyway?

Monday, January 16, 2012

Exchange Maintenance Tasks

There isn't really a lot to be done with Exchange these days. Since the advent of E12, the code name for Exchange 2007, the maintenance task list has shrunk quite a bit.

The items that do need watching are just a subset of the "old days."

  • Maintain your daily backups - probably the most important thing you can do for Exchange

  • Examine your message queues for log jams or stuck messages

  • Check available disk space (but you've already automated this, right?)

  • Examine the event logs for errors and warnings

  • Make sure your anti-malware software is functioning properly, i.e. turned on and getting updates (some people host this service, so that would only leave four items :)


Thanks to Jim McBee for providing guidance in his many excellent books.

Wednesday, January 11, 2012

"Delivery has failed" error When Scheduling a Resource

There are plenty of answers to the error message:

"Delivery has failed to these recipients or distribution lists:
 
Jane Doe
Your message wasn't delivered because of security policies..."

In our case, Jane Doe was no longer an employee and her account was disabled. The sender of the message was requesting a meeting with someone who had Jane as his admin, so he had her as a Delegate for his Calendar. Once we removed her from his Outlook's Delegate list, there were no more errors.

Pretty simple, but they've moved Delegate Access in Outlook 2010, now you go to File > Account Settings > Delegate Access

For Outlook 2007 and earlier, go to Tools > Options > Delegates tab.

Friday, January 6, 2012

Auto-complete Not Working After Outlook 2010 Upgrade

You know you love it, being able to just start typing the first few characters of an address and Outlook "guesses" the rest for you. At least I think you love it, because every time someone's Outlook is upgraded or they are moved to a new system, everyone notices it's missing right off the bat.

Prior to Outlook 2010 all this information was kept in a NK2 file, typically called Outlook.NK2. Previously you could just copy this file to the corresponding folder on a new machine and it worked almost like magic. With the new upgrade, not so much. It's not a hard process to import the auto-complete data, but there are some additional steps.

  1. Copy your old *.NK2 file to C:\Users\%username%\AppData\Roaming\Microsoft\Outlook

  2. Ensure the name matches your current profile name, default is Outlook. (Look in Control Panel > Mail > Show Profiles... to be sure.)

  3. Now from the Run... prompt enter: outlook.exe /importnk2 and click OK.

  4. Once imported the NK2 file will have a .old extension, remove that if you wish to run the import again.


All auto-complete data is now kept within an Outlook 2010 mailbox, so no external files will be needed in the future.

Wednesday, January 4, 2012

(Not so) New Folder Locations

Since the advent of Windows Vista, the usual folder locations don't always apply. Take the Quick Launch or All Users Desktop, where did they go?

Here's a short list of what's been moved around (and yes, I'm writing this as much for me as anyone else)...

All Users:

  • All Users Desktop, Favorites, Documents, Downloads, Music, Pictures & Videos - C:\Users\Public

  • All Users Start Menu - C:\ProgramData\Microsoft\Windows\Start Menu

  • Documents and Settings (just for completeness sake): C:\Users

  • Templates - C:\ProgramData\Microsoft\Windows\Templates


User Specific:

  • Cookies - C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Cookies

  • Default Outlook OST/PST folder - C:\Users\%username%\AppData\Local\Microsoft\Outlook

  • Quick Launch - C:\Users\%username%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch

  • Send To - C:\Users\%username%\AppData\Roaming\Microsoft\Windows\SendTo

  • Start Menu - C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu

  • Temp - C:\Users\%username%\AppData\Local\Temp

  • Temporary Internet Files - C:\Users\%username%\AppData\Local\Microsoft\Windows\Temporary Internet Files