Thursday, May 27, 2010

Open-Audit

what kind of hardware specs comprise the boxes on my network?  namely RAM, CPU, hard disk space, etc.

for answers to those questions and more, turn to our new favorite auditing system:  Open-Audit.

This took a bit of finagling, but once setup, we were most happy with the results.  What took me a few hours to figure out and document has been distilled to a setup that should take ~15 minutes.  Enjoy!

==============================================================


SETUP://

install XAMPP:  http://www.apachefriends.org/en/xampp-windows.html and accept all the defaults during the setup routine

if the machine you are installing to is already running a websever (eg IIS), you will need to change the port before starting up the service by modifying:

C:\xampp\apache\conf\httpd.conf

start up both APACHE & MYSQL using the XAMPP control panel

-Change all the port 80 --> 8080 or something

download Open-Audit and extract the meat to c:\xampp\htdocs\openaudit  (the end result--you should see a ton of PHP files in this folder)

open a web browser to:  http://localhost:8080/openaudit/setup.php

-just click next all the way through

==============================================================

CONFIGURE AUDIT://

edit C:\xampp\htdocs\openaudit\scripts\audit.config.  look for the following lines and modify appropriately:

'
' Standard audit section
'
audit_location = "l"
audit_host="http://SERVERNAME:8080"

audit_local_domain = "y"
'
local_domain = "LDAP://Domain.local"
'
' Nmap section
'
nmap_tmp_cleanup = true           ' Set this false if you want to leave the tmp files for analysis in your tmp folder
nmap_subnet = "172.22.4.."            ' The subnet you wish to scan
nmap_subnet_formatted = "172.022.004."    ' The subnet padded with 0's

==============================================================

INITIATE AUDIT://

C:\xampp\htdocs\openaudit\scripts> CSCRIPT audit.vbs

Saturday, May 1, 2010

i'm a tool


i have been blessed/cursed with a mind that is incessantly trying to figure things out.  i see a fountain in the park and instantly questions arise:  is water is fresh?  how is the water is being pumped up to the top of the fountain?  how big of a pump does it take move that much water?  is there more than one pump?  do kids throw coins into the fountain?  does someone regularly clean out the coins?  how does the city handle the 'proceeds' from the fountain?  do they have to chlorinate the water?  how much water does the fountain hold? and on and on and on.

its not good enough to know how it works, i want to know how the system works all the way down to the basic elements.  in an ideal world, i would like to know enough about a system so that i can instinctively know what the basic pieces of the system are doing for any particular output.

clearly there are some systems that i want to know more about that others.  computers & networking for example, have always fascinated me.  i want to know what makes them tick, and want to understand the why and the how of it all.  i think that's what makes me good at my job.  when i encounter a problem, i want to know how the problem came to be, and understand how all the variables played a part in creating it.  oftentimes, i resort to workarounds or just don't have the energy to do it because i'm burned out, but if there were no time constraints it would give me comfort in getting to the root cause of them all.

another system that i'm very curious about is earth's biosphere.  specifically the role of the male gender of species homo genus sapiens.

here are some things that i find fascinating:

in higher life forms, there are two sexes, male & female
new life is by default female, it requires an external trigger to start a chain of events to create a male
therefore males are more specialized version of the species

specialized to what end?  for war with all the other males mostly if you look at the male competition for  females in nature.

gentlemen, i take no pleasure in telling you this, but the human male is built for war.  war can assume many different forms, physical war (guns, swords), mental war (politicking), and on some levels i'm sure.

so how does my life fit into all of this?  i feel that males are a specialized form of the human species.  take a female brain, mitigate the emotive sources, tune it to solve problems, remove the child bearing systems to increase physical performance and you end up with a man.

the way i see it, we were created by women to serve them.  the sole reason for your existence is to provide for a woman.

Saturday, April 17, 2010

Monday, April 5, 2010

Weekend Athlete!

i'm doing my 1st triathalon april 25th. it's a sprint and i've been training hard to stay out of the bottom fourth.

to lug my bike around, i'm using a 2002 lexus is300 sportcross. i have really enjoyed this car, but i'm always apprehensive to transport the bikes (especially the mountain bike) since i feel like the carpeting is getting trashed.

i'm thankful for the hatch and fold down seats, but loading/unloading the bike (or bikeS for that matter) is never a task  i look forward to. so--i'm seriously considering a Honda Element.

while doing research, i found the most rad site. cars.com has a guy that reviews sport utility vehicles from the perspective of the weekend athlete. check it out here.
of course he found the element THE most weekend athlete friendly car. here's what i love about it:

1) the interior is hoseable--rubber mats are there to handle muddy tires
2) you can stow your bikes vertically inside
3) it has a tailgate
4) it handles like a car
5) if you lay down the front and back seats, they form a nice impromptu bed to chill out on.
6) supposedly the seats are comfortable for long distance treks.

oh and my favorite--a crotchrocket will fit inside!!  (one of my dreams is to race a motorcycle around a proper track)

without further adieu--here's the review!


"error sending" or "authorization error" scanning from a Brother MFC 8480


installed the 3/2010 firmware update and beat my head against trying to get it to scan to a UNC path for an hour. you never know what kind of funky syntax the different vendors want. one time on a Canon Aficio, i had to enter the domain name in ALL CAPS. so i tried all kinds of combinations of slashes after the path, before the path, yada yada yada.

i gave up and called support. turns out that Brother is aware of this issue and that they are working on a patch.

in terms of features, i like what this unit offers. it has a nice and large LED panel which provides intuitive access to up to 10 SCAN TO destinations, and provides the standard copy/fax functions of course.

You can assign any of the 'scan to' slots to a respective UNC path or FTP server.

simple & straight-forward scanning to a share--the only way to do it. HP--you guys should learn a lesson from these other guys.


Monday, March 1, 2010

The system image restore failed. No disk that can be used for recovering the system disk can be found (0x80042412)

Lesson learned from this one:

The key to this one is to keep in mind that it doesn't matter that the size of the image may be less than the drive you are restoring to.

What does matter is that the drive you are restoring TO has enough space to house the partition sizes of of the imaged OS.

In my case, the original OS looked like this:

Partition 0 100MB
Partition 1 575GB
Windows 7 Backup image 433GB

attemping to restore to a 500GB physical disk will throw the error stated in the title. I ended up procuring a 1TB disk and the restore is moving forward.

Friday, January 22, 2010

What to do when your computer gets infected with Malware?

*Here's SBIT's recipe for spyware removal. I should mention that once compromised--one can never be 100% sure that your system is completely free from hidden ghosts that will one day wake up silently "all your base are belong to us". but if you're willing to assume the risk, here's the recipe we use for 'cleanups'.

Install, get the signature updates, & perform a scan using all of these (they are all free btw):




Wednesday, January 20, 2010

How to Install Windows 7 on a Dell XPS M2010



First, I would like to pass on some knowledge about this Unit from the Dell gentleman.

1) this video card in these units suffer from the manufacturing defects that affected those NVIDIA GPUs

2) if and when these cards go out, dell is sending out the same defective units as there was never a replacement

3) when the unit will not POST. dell support will send a replacement motherboard, but it is not the motherboard--its the video card, so expect a second trip from your repair guy.

With that said. Some nice fellow posted a step by step guide on installing most of the drivers for Win7 on this unit. Dell's website has no Win7 specific drivers listed nor do they plan on ever releasing them as I understand it.

Here's info on how to get it done. Specifically look for at northernlights.me.uk

Cheers

Wednesday, January 13, 2010

Get some good out of your Passwords

"I'm good enough, I'm smart enough, and doggone it, people like me." - Stuart Smiley

If you're like me and required to enter passwords all day--why not get something out of it? For example, if you made a new year's resolution to work out--entering something like:

quitB3ingaFatass
MustStayTheCourse

25x a day might give you the extra push you need to stick with it.

Perhaps you've just found Jesus:

JesusL0vesMe
Thou5haltNotCovet
Or, if you're a member of the Bildeberg Group:

ToH3llWith3very0n3Else

Monday, January 11, 2010

Why the S2000 is the best value sports car for $20K


  1. it's rear wheel drive w/ a limited slip differential
  2. it has a shifter that is talked about in car magazines
  3. the hood is aluminum
  4. it was built from the ground up as a roadster (minimal vibrations in the cabin aka cowl shake)
  5. it does 0-60 in under 6 seconds
  6. the car is classified SCCA Solo II "A Stock" along with the NSX, M3, 911, Supra Turbo.
  7. the exhaust note is thrilling, especially when revved to 8250
  8. Honda reliability along with a tastefully designed interior
  9. it makes 240 horsepower
  10. the power train is warrantied for 3 more years of 100K miles.
Honda went all out with the S2000--so much so that typical performance mods (intake, exhaust, etc) provide no gains. In other words, this car was tuned at the factory. I think this alone says volumes about what the S2000 is all about.

Before I test drove it, I had made up my mind that I would never own a high-strung VTEC car again after owning a Honda prelude. But, in hindsight--I feel very good about my choice. It is literally a track car you can drive on the public streets. In other words--its a go-kart with a stereo, and A/C

Criticisms:
  1. tweater position - i wish honda would have spent a little more time and positioned the tweaters for a proper sound stage. the audio is imbalanced, and its rather annoying to know why.
  2. rear view mirror - since the car sits so low to the ground, it seems as if everyone has their high beams on you all of the time. a proper auto-dimming rear view mirror would seem appropriate
  3. key - there is no option for an integrated key/remote
  4. smart headlights - i wish the car would turn off the headlights by themselves when the vehicle is locked.



Thursday, January 7, 2010

Windows 7 XP Mode deployment

the problem:

client has a program that is only XP compatible. they require all users (9 of them) to be able to login to any computer (9 computers) and run this app. all of the workstations are running Windows 7

considerations:

setting up windows xp mode, their line of business application, and the printer takes about 15 minutes per user.

9 users x 9 computers = 81 'setups'. (calculates to roughly 20 hours)

the journey:

originally the client stated that only certain users would be logging into certain computers, this amounted to ~15 setups. of course, the next day, i learn that they want all users to be able to logon to any computer and have access the XP-only app--this is after i had spent about 3-4 hours manually setting the original 15 profiles up.

after getting up from the mental blow--i gathered my self and went to work on a GPO. to make a long story short--i came up with this gameplan:

1. customize one of the Win7 XP Mode images (install the LOB app, printer)
2. use a GPO to copy this file out when a user logs on
3. create a shortcut on the users' desktop to launch the VM

to that end, i setup the following GPOs

1. copy image file to the machine upon login
2. copy over CreateVirtualMachine.wsf script to the workstation
3. bind the image file from step1 to the user profile using the script copied over in step2. i used a login script for this.
4. create a shortcut on the desktop that will launch the newly provisioned Image.

this seemed to do the trick, however--i did not account for the fact that since all the VMs would have the same NETBIOS name, the images would play havoc on the Win7 Host. we encountered "duplicate name exists on the network" messages, and "duplicate ip address.." messages. this effectively shutdown the network on the host OS.

so--that night, i went back to work. i needed a way for all the VMs to have a different NETBIOS names (all 81 of them). after much consternation i did some research and tried netdom.exe to no avail since these workstations were not joined to a domain. upon more digging, i found a utility that not only renames the computer, but has the ability to specify the new name using randomly generated characters--perfect!.

the batch file looked something like this:

splash.rtf
comprename.exe 234398-XPM ?1?2?3?4-xp2
shutdown -r -t 1

i edited the RUNONCE registry key so my batch file would--well run once. the splash.rtf message basically tells the user that the computer is going to reboot, and instructs them to close the splash.rtf window once read. otherwise, the rest of the script will not process.

i found this method to work nicely. installing the driver and local printer for the tcp/ip network printer works around the flaky VPC print redirection.

the only downside to this solution is that your workstations will take about 3-4 minutes while the 1.5GB image file gets transferred over (my switch is 10/100). users will only have to wait once per machine, as subsequent logins will not require the file copy.

other things worth mentioning:

running the VM's in "Shared Networking" would obviate the need to rename all the VMs, but for whatever reason--when I deployed the and binded them to user profiles--it defaulted to natively using the host's NIC.

if you look at the settings of the default "Windows XP Mode" and click on the hard disk 1, you will notice there is a parent disk located @

C:\Program Files\Windows XP Mode\Windows XP Mode base.vhd

it took a while for this to sink into my mind. the 1.5GB image that i customized is actually a differencing disk! this means that not only does one need to install windows virtual pc, you need to also install the Windows XP Mode as well.

in terms of authentication--these users are just going to have to deal with inconvenience of manually entering in their credentials. the splash.rtm page will come in handy when i have to instruct them on how to do this down the road. since the VMs will usually be hibernated, i don't think this will be that big of a deal.

relevant links:

CompRename
http://www.willowhayes.co.uk/

RunOnce Registry Key
http://msdn.microsoft.com/en-us/library/aa376977%28VS.85%29.aspx

Deploying Windows XP Mode
http://www.microsoft.com/downloads/details.aspx?FamilyID=9f142a1a-a7b7-4d0b-bd56-d9627f39c14f&displaylang=en

Windows XP Mode IT Pro Deployment Overview
http://www.microsoft.com/downloads/details.aspx?familyid=7BF4316D-34D2-4976-8F44-23C792CA78EC&displaylang=en

Virtual PC Guy's Blog
http://blogs.msdn.com/Virtual_PC_Guy/