Jun 30, 2007
Jun 29, 2007
Cracking WEP with KisMac
4:59 PM
Paul B
Jun 28, 2007
Getting Around Mobile Phone Carriers
10:59 AM
Paul B
Have you ever watched a commercial on Television for a new cell phone and you thought to yourself, "Self, I am going to get me that cell phone!"? I have too. Have you ever received that phone only to find yourself completely dissapointed because of some limiting features? I have. One of my biggest pet-peaves is when a cell phone company gives you a phone that can play MP3's, but won't let you set them as a ring tone. WTF is that all about? Of course the answer is to force you to buy their ring tones, as if you aren't already paying enough for your minutes already!
I recently had an experience like that. My Wife and I switched from Cingular (Now the new AT&T) to T-Mobile. I got myself a Samsung T509 (Because it is free and looks cool) and my wife got the Samsung T619. Long story short, the ad said they were MP3 capable, but when we got them we found that that only meant they were able to play MP3's and not use them as ring tones.
I immediately scoured the web looking for a way to get around this, and I found it. The trick for these particular phones (T-Mobile Samsungs) is that they can play songs in .3gp format (Don't ask, I had never heard of it before my research either).
So now the trick was finding something that would convert MP3 to 3GP, and more importantly do it for free. Seriously, why go to all this trouble if your going to spend money. You might as well just download it from T-Mobile (Or Verizon or whoever) in the first place. No, this is about the principle. It is also about stickin' it to the man!
So, back on topic, I found a program that can convert the music from MP3, but it doesn't go directly from MP3 to 3GP. No, it converts it to M4A. (Did I lose you, don't worry, keep reading you will get it.) Once you convert it to M4A, you simply rename the file from musicfile.m4A to musicfile.3gp. Don't worry, it will still play, both M4A and 3gp are in the family of MP4 file formats so the extensions are interchangeable. Once in 3gp the file can be played as a ring tone on your phone. The quality isn't quite as good as the MP3, but it is still pretty good.
This magic software that converts it is absolutely free, because it is open source. It is called BoncEnc. To convert the file, just load your MP3 to the list, select your output directory, then click on the Encode menu > Start Encoding> FAAC MP4/AAC Encoder and your are off!
If your phone doesn't have expandable memory like mine then you might want to trim the music file first using Nero Wave Editor, or something free like MP3 Knife to trim it down so it doesn't take up too much space on your phone. Once you get it edited, cut and converted then you can transfer it over to your phone using bluetooth if your phone supports it, or through a data cable if your phone supports it. If your phone has no other method of interfacing with the computer, then this post probably isn't for you.
I recently had an experience like that. My Wife and I switched from Cingular (Now the new AT&T) to T-Mobile. I got myself a Samsung T509 (Because it is free and looks cool) and my wife got the Samsung T619. Long story short, the ad said they were MP3 capable, but when we got them we found that that only meant they were able to play MP3's and not use them as ring tones.
I immediately scoured the web looking for a way to get around this, and I found it. The trick for these particular phones (T-Mobile Samsungs) is that they can play songs in .3gp format (Don't ask, I had never heard of it before my research either).
So now the trick was finding something that would convert MP3 to 3GP, and more importantly do it for free. Seriously, why go to all this trouble if your going to spend money. You might as well just download it from T-Mobile (Or Verizon or whoever) in the first place. No, this is about the principle. It is also about stickin' it to the man!
So, back on topic, I found a program that can convert the music from MP3, but it doesn't go directly from MP3 to 3GP. No, it converts it to M4A. (Did I lose you, don't worry, keep reading you will get it.) Once you convert it to M4A, you simply rename the file from musicfile.m4A to musicfile.3gp. Don't worry, it will still play, both M4A and 3gp are in the family of MP4 file formats so the extensions are interchangeable. Once in 3gp the file can be played as a ring tone on your phone. The quality isn't quite as good as the MP3, but it is still pretty good.
This magic software that converts it is absolutely free, because it is open source. It is called BoncEnc. To convert the file, just load your MP3 to the list, select your output directory, then click on the Encode menu > Start Encoding> FAAC MP4/AAC Encoder and your are off!
If your phone doesn't have expandable memory like mine then you might want to trim the music file first using Nero Wave Editor, or something free like MP3 Knife to trim it down so it doesn't take up too much space on your phone. Once you get it edited, cut and converted then you can transfer it over to your phone using bluetooth if your phone supports it, or through a data cable if your phone supports it. If your phone has no other method of interfacing with the computer, then this post probably isn't for you.
Jun 27, 2007
The Admin iReviews the iPhone
8:57 AM
Paul B
So it looks like anybody who is anybody got their iPhones already and have their reviews out. The big wigs were NYT, WSJ, USAtoday and Newsweek. None of the sites I thought would get em got them. Strange I was sure Engadget or Gizmodo would have gotten one.
Well the reviewers ran down their expectations and what they actually got out of it. Here is a quick list of things the iPhone DOES NOT have. Any combonation of these would be a deal breaker for me:
• 3G of Any Flavor
• GPS
• A real keyboard
• Removable battery
• Expandable Storage
• Direct iTunes Music Store Access (Over Wi-Fi or EDGE)
• Songs as Ringtones
• Games
• Any flash support
• Instant Messaging
• Picture messages (MMS)
• Video recording
• Voice recognition or voice dialing
• Wireless Bluetooth Stereo Streaming (A2DP)
• One-size-fits-all headset jack (May have to buy an adapter for certain headphones)
iOuch that iBlows! Here are links to the reviews:
WSJ Review
Newsweek
NYT Review
USAToday
Originally Posted at Ask The Admin By Karl L. Gechlik
Jun 26, 2007
Vista Transformation Pack 7.0 Released!
2:18 PM
Paul B
I wrote in a previous post about the Vista Transformation Pack which is a cool theme pack for Windows XP and Windows 2003 to make it look and feel like Windows Vista right down to the splash screen.
Well, they have just released the latest version over at Windows X's Shrine. If you are too cheap to go out and buy Vista, then by all means give the new Vista Transformation Pack 7.0 a try!
Well, they have just released the latest version over at Windows X's Shrine. If you are too cheap to go out and buy Vista, then by all means give the new Vista Transformation Pack 7.0 a try!
Jun 25, 2007
For San Diego, Phoenix and San Francisco Leykis Listeners
4:54 PM
Paul B
For those of you who used to listen to Tom Leykis in the afternoon in the San Diego, Phoenix and San Francisco markets you got a rude awakening on Friday for the drive home. The station you used to listen to Tom on had a format change which means no more flash Friday's in our area's.
Well, I am not taking this lying down. The radio station may change, but I am still going to get my Leykis fix until he comes back on another station. Here is what I am doing, and you can do this too:
Everyday they record Tom's show into MP3 format and publish it as a pod cast. Subscribe to the podcast using your favorite RSS reader (I use the Google Home page) by clicking this link here. Don't worry, it's free.
The next day, check your RSS reader, or in my case, my Google home page, and download the previous day's show (Last Friday when he got pulled the show was recorded into 4 parts, so make sure you download them all). Now you can either put the MP3's on your MP3 player of choice if you have a car stereo adapter, or you can be cheap like me and burn and audio CD using CD Burner XP Pro, or Nero or some other music burning software for the ride home.
What's that smell? Mmmm, it smells like flash friday on a Monday :-)
Sure this is a work around, and not a fix. Keep writing letters to your local stations and tell them that you want to hear Tom!
Synching Palm Desktop Contacts with Outlook
10:40 AM
Paul B
I had a call last week from a user wanting to migrate his 600+ contacts from his Palm PDA to his new Blackberry. He seemed to think that we needed to order some special software for him to do this. The funny thing is he already had Palm Desktop software installed. He thought that the software was only to sync between his desktop and his PDA and nothing else. That is not the case at all.
The Palm Desktop software can export your contacts to a file which can then be imported into Outlook. To do it, just follow these simple instructions which I got from Microsoft Knowlege base Article 810930:
For best results, when asked to map custom fields, take the extra five minutes to do that. You won't regret it.
As far as the syncing to Blackberry part, since we have a BES (Blackberry Enterprise Server), once I included the new contact list in the users address book (Right click on the contacts properties, click on the Address book tab, and check on the box that says show this folder as an e-mail address book), the contacts synced with their Blackberry.
If you don't have a BES at your company, you can still sync your newly imported Outlook contacts with Blackberry Desktop Software.
The Palm Desktop software can export your contacts to a file which can then be imported into Outlook. To do it, just follow these simple instructions which I got from Microsoft Knowlege base Article 810930:
Export Address Book from Palm Desktop
1. | In Palm Desktop, click Address. |
2. | Click File, and then click Export. |
3. | In the File Name box, type Contacts. |
4. | In the Export type list, click Comma Separated Values. |
5. | Next to Range, click All , and then click Export. |
6. | In the Specify Export Fields dialog box, click OK two times. The Contacts.csv file is saved in the My Documents folder. |
Modify the CSV File
Before you import Contacts.csv into Outlook, you must create headers for the CSV file:1. | Open the file in Excel. | ||||||||||||||||||||||||||||||||||||||||
2. | Click 1 to select the first row, click Insert, and then click Rows. | ||||||||||||||||||||||||||||||||||||||||
In the first row that you just created, starting with cell A1 and continuing across to cell T1, enter the following fields to create header names for each column:
| |||||||||||||||||||||||||||||||||||||||||
3. | Click File, and then click Save. |
Import the CSV File into Outlook
1. | In Outlook, click File, and then click Import and Export to open the Import and Export Wizard. |
2. | In the Choose an action to perform box, click Import from another program or file, and then click Next. |
3. | In the Select file type to import from box, click Comma Separated Values (Windows), and then click Next. |
4. | In the File to Import box, click Browse, find Contacts.csv in your My Documents folder, and then click Next. |
5. | In the Select destination folder box, click Contacts, and then click Next. |
6. | Click Finish to complete the import operation. |
For best results, when asked to map custom fields, take the extra five minutes to do that. You won't regret it.
As far as the syncing to Blackberry part, since we have a BES (Blackberry Enterprise Server), once I included the new contact list in the users address book (Right click on the contacts properties, click on the Address book tab, and check on the box that says show this folder as an e-mail address book), the contacts synced with their Blackberry.
If you don't have a BES at your company, you can still sync your newly imported Outlook contacts with Blackberry Desktop Software.
Jun 24, 2007
Student of the Mod
10:24 PM
Paul B
As some of you guys know, I was awarded with "Student of the Mod" at my college for night students. For those of you not "in the know" a mod is like a semester but since the school offers an accelerated program our 'semesters' or Mods are only 10 weeks long. Anyhoo, I thought it only meant that I would get my picture taken and have a designated parking spot at school, well I just found out that the college has posted pictures of the current students of the Mod on their website. Here is me and my ugly mug, look under San Diego Nights: Click Here!
What I don't get is, Coleman has a graphic design program, you would think that they could air brush out my double chin...
Jun 23, 2007
Stones Parody: Boot me up!
12:23 AM
Paul B
Jun 22, 2007
NAT and Public VS Private IP Addresses
3:39 PM
Paul B
The following was written by The Admin, Karl Gechlik, himself over at ask The Admin, enjoy!
So alot of my end users do not know what NAT is . And if you havent guessed it is not what is pictured on the left! Users have no idea what the difference between ther external and internal IP addresses are or Public vs. Private. And chances are they will never know unless they try to connect to their desktop remotely and even than FAT CHANCE. They will come and ask you to set it up for them!
I get calls rather frequently since we started letting key users use MSTSC to connect to a RDP session. In fancy terms they open a Remote Desktop Connection and work as if they were in front of their machine. Your external IP comes in handy when you are using MSTSC, PCANYWHERE, VNC or other similar products.
I have seen it all the user going to http://www.whatsmyip.com/ and trying that. I have even seen a user try to change their local ip to "Be Something They Can Remember" LOL! It was set to 1.1.1.2
So here I go trying to break it down real simple like:
Your machine has an ip address on it that allows you to connect to your internal network. These addresses usually look something like 192.168.x.x or 10.0.0.x these addresses can not be addressed from outside your network they are INTERNAL addresses or PRIVATE addresses. If you want to connect to this INTERNAL address you need a NAT or a 1 to 1 this is a Network Translated Address or a 1 to 1 NAT.
You set this up in your firewall, router or default gateway. If you have a cable modem or dsl chances are you have a single dynamic Ip that changes every so often. But if you have a bigger line like a T1 or 10mb you should have been given a net block. Probably 4 public addresses.
If you are not sure contact your ISP.
Here is some more information I have gathered for a more detailed explanation (not real simple like):
IP NUMBERS, NAMES, AND DNS
Our current IP number system is referred to as "IPv4". To give the most simple explanation, IP numbers, like 209.204.13.67 can be described as phone numbers, and "fully qualified names" like ip-067.wmld.com can be described as the name of the device at that number. The DNS service or "Domain Name Server" is a software system of keeping track of what name is equivalent to what number, and vice versa. Much like the phone book.
Let's think about the telephone system. Joe Smith has a telephone number of 323-555-1234, and Mary Jones has a telephone number of 323-555-1987. If Joe needs to call Mary but doesn't know her number, he could dial 411 and ask for the number for Mary Jones. The operator may reply that there is more than one listing for a Mary Jones so he needs to be more specific, and provide an address. He then tells her he needs the number for the Mary Jones at 123 Main St., of which there is only one listing, and he gets the number. Conversely, Mary Jones might be looking at her telephone bill, and see a call to 323-555-1234 and wonder who she was talking to. Mary could look thru her rolodex until she found the number, and she would see that she had called Joe Smith.
The internet uses a very similar system, the combination of IP numbers and "fully qualified domain names", and the DNS server is the "411 service" keeping track of the matching records between the two. When a person using a computer needs to connect in some way to someone else's computer, they need to either know the IP number (like a phone number) of their computer, or they need to know the fully qualified domain name (like a person's name along with their street address) of their computer so the DNS system can look up the IP number of thier computer and return it to the requestor (just like the 411 operator does). IP numbers are structured as 4 numbers, from 0 to 255, each separated by a dot. 206.205.204.203 is just as valid a number as 1.2.3.5 or 16.7.200.34.
"Fully Qualified Domain Names" are much like a name along with an address, and can vary widely in their structure, but the most common are in the form "host.domain.extension". "host" being the "name" you or your system administrator has assigned to your computer, like "receptionist", and "domain.extension" is like a virtual "area" in which your computer can be found, like bigcompany.com. A domain name like "bigcompany.com" is very similar to the "areacode-prefix" combination used by phone companies to identify which region of the city your number is in, and which switching center your number is handled out of. "323-465" tells Pacific Bell that a number is in the "North and West of Downtown LA" area (323) , and served from the Hollywood #1 switch center (465) along with many other prefixes. "bigcompany.com" tells the network world that your computer is in the "area code" handled by BigCompany Inc. and "receptionist" tells the network world which computer inside that "area" to look up when looking for (or "resolving") an IP number from a fully qualified name. Therefore, when a computer program looks to the DNS server for the IP number assigned to "receptionist.bigcompany.com", the correct IP number is returned. If the computer program in question were to simply query the DNS for a computer called "receptionist", there might be thousands and thousands out there, and no way to resolve which one is which without the "street address" of the one you're looking for, in this case "bigcompany.com".
The name structure within a company can be varied to show more breakdown or to organize computers into department specific groups, like "receptionist.marketing.bigcompany.com". The setup and system for the prefix to a company's domain name is up to the administrator at the company and/or their internet service provider to decide on and implement.
PUBLIC VS. PRIVATE IP NUMBERS
Private IP numbers are the source of much confusion for many new networking users. Many home "powerusers" with more than one computer, small offices, and just about any user of a broadband IP connection to the internet like DSL or Cable Modem has probably come face to face with this issue. The whole use of IP numbers is generally hidden from your typical Internet user who uses a modem and PPP software to connect to the internet - they are transparently and dynamically assigned an IP number while they are dialed in by their ISP, and don't really have to think about it. That is until the user starts to get curious about running a webserver on a machine in their house, or moving up to faster "always on" connections like ISDN, DSL, Cable Modem, or other methods.
Think about what happens when a small city runs out of phone numbers, but can't split up an area code. Things could get difficult and providing additional phone service as the city expands would be a nightmare. One method of preventing an area from going totally overboard on providing separate phone numbers is to have one or a handfull of numbers used in a shared manner amongst many phone users, like any large office would do. A large company with 250 workers in an office building each with a phone at their desk wouldn't want to pay the phone company for 250 discreet and separate lines for each desk, nor would the phone company want to give all those numbers to them if they were trying to conserve numbers. Therefore, offices use internal equipment to "share" a smaller number of lines amongst their users, like mabye 20 or so used in rotary. By doing so, each desk can have an inter-office extension number, which is bridged to an outside phone company line when the user picks one up to dial out and one is free at that moment. In this case, any number of offices in the city might have an "extension 123" within their office, but each "extension 123" in these offices would never conflict with each other because they are "behind" the company's phone equipment which serves up the company's outside lines to those extensions when needed. The internal office extensions can communicate with each other perfectly fine, but must be connected to an outside line to connect to an extension at the company across the street. 213-555-1200 thru 1210 would be BigCompany, Inc.'s "public" phone lines, and extensions 1 thru 250 would be BigCompany, Inc.'s, "private" phone lines.
IP protocol networks use a system very similar to the above to prevent the world from running out of IP addresses. Even though 0-255.0-255.0-255.0-255 is technically 4,228,250,625 numbers, the useable amount of numbers is much lower due certain types of numbers set aside for special signalling and identification uses and not for typical "device" identification and traffic. Also consider that just about EVERY device that will handle IP traffic must have a unique number, and there are probably just as many routing and switching and serving devices on "the net" as there are actual computers. Add all that up and one can see how the current IP number structure really doesn't go all that far, and there is a need for computers and devices in certain groups to be able to use "private extensions" that work behind a group's "public numbers", just like the large company offices example above.
The organizations that agree on the technical standards behind the IP protocol have issued a standard for "Private IP number blocks", or numbers that can be used within an enterprise as long as the enterprise has the technical capability to separate those private IP numbers from the rest of the Internet at large, and properly gateway the traffic between the internal stations at the enterprise in question and the public Internet. For Example, when a large company with 200 computers in the office needs to implement IP networking and connectivity both between the computers in the office *AND* supply inbound and outbound connectivity to the Internet from within their office network, that company would avail themselves of a block of IP numbers within the "private" numbers set aside for just that purpose. There is most certainly many other computers somewhere in the world using your IP number if your IP number is one of these private numbers, but both yours and the other private IP numbers in the world are safely operated behind other IP routing equipment which handles all the internal network's traffic out to and in from the public Internet, just like all the "extension 105" numbers in offices thruought the world are safely operated behind telephone equipment that bridges those extensions in and outbound thru a given office's public telephone system number.
The private IP addresses that you assign for a private network (inter-office LAN, Internet Service Provider customer bases, campus networks, etc) should fall within the following three blocks of the IP address space:
10.0.0.1 to 10.255.255.255, which provides a single Class A network of addresses, which would use subnet mask 255.0.0.0.(theoretically up to 16,777,215 addresses, good for VERY large enterprises like internet service providers or other global deployment)
172.16.0.1 to 172.31.255.254, which provides 16 contiguous Class B network addresses, which would use subnet mask 255.255.0.0.(theoretically up to 1,048,576 addresses, good for large enterprises like colleges and governmental organizations)
192.168.0.1 to 192.168.255.254, which provides up to 2^16 Class C network addresses, which would use subnet mask 255.255.255.0.(theoretically up to 65,536 addresses, widely used by default in consumer/retail networking equipment)
Explanation of Subnet masks, Network classes, and other technical info is readily available on the internet.
Click here (updated - .pdf file) for an example page showing how the University of Michigan uses private IP numbers in their networking strategy.
Click here to read the Internet standards document RFC 1918, "Address Allocation for Private Internets".
ADDITIONAL READING, FUTURE CHANGES (ADDED 12-08-2005)
From Wikipedia - IPv6. IPv6 is the future improvement and extension of IPv4 (our current IP number system). The change is already happening although slowly. With IP numbers under IPv4 growing ever more scarce, IPv6 is bound to creep into your computing life...
Google Search - Link-Local IP numbers. Ever wonder why your Macintosh seems to have a strange IP number starting with 169.254, and you can't connect to the internet? There really is a good reason. Quoting from Wikipedia: "A second type of private network is the link-local address range codified in RFCs 3330 and 3927. The intention behind these RFCs is to provide an IP address (and by implication, network connectivity) without a DHCP server being available and without having to configure a network address manually. The subnet 169.254/16 has been set aside for this. If a network address cannot be obtained via DHCP, an address from 169.254.1.0 to 169.254.254.0 is assigned randomly. The standard prescribes that address collisions must be handled gracefully. The subnets 169.254.0/24 and 169.254.255/24 have been set aside for future use. As with the private network addresses defined in RFC 1918, packets from this subnet must not be routed to the internet at large."
I get calls rather frequently since we started letting key users use MSTSC to connect to a RDP session. In fancy terms they open a Remote Desktop Connection and work as if they were in front of their machine. Your external IP comes in handy when you are using MSTSC, PCANYWHERE, VNC or other similar products.
I have seen it all the user going to http://www.whatsmyip.com/ and trying that. I have even seen a user try to change their local ip to "Be Something They Can Remember" LOL! It was set to 1.1.1.2
So here I go trying to break it down real simple like:
Your machine has an ip address on it that allows you to connect to your internal network. These addresses usually look something like 192.168.x.x or 10.0.0.x these addresses can not be addressed from outside your network they are INTERNAL addresses or PRIVATE addresses. If you want to connect to this INTERNAL address you need a NAT or a 1 to 1 this is a Network Translated Address or a 1 to 1 NAT.
You set this up in your firewall, router or default gateway. If you have a cable modem or dsl chances are you have a single dynamic Ip that changes every so often. But if you have a bigger line like a T1 or 10mb you should have been given a net block. Probably 4 public addresses.
If you are not sure contact your ISP.
Here is some more information I have gathered for a more detailed explanation (not real simple like):
IP NUMBERS, NAMES, AND DNS
Our current IP number system is referred to as "IPv4". To give the most simple explanation, IP numbers, like 209.204.13.67 can be described as phone numbers, and "fully qualified names" like ip-067.wmld.com can be described as the name of the device at that number. The DNS service or "Domain Name Server" is a software system of keeping track of what name is equivalent to what number, and vice versa. Much like the phone book.
Let's think about the telephone system. Joe Smith has a telephone number of 323-555-1234, and Mary Jones has a telephone number of 323-555-1987. If Joe needs to call Mary but doesn't know her number, he could dial 411 and ask for the number for Mary Jones. The operator may reply that there is more than one listing for a Mary Jones so he needs to be more specific, and provide an address. He then tells her he needs the number for the Mary Jones at 123 Main St., of which there is only one listing, and he gets the number. Conversely, Mary Jones might be looking at her telephone bill, and see a call to 323-555-1234 and wonder who she was talking to. Mary could look thru her rolodex until she found the number, and she would see that she had called Joe Smith.
The internet uses a very similar system, the combination of IP numbers and "fully qualified domain names", and the DNS server is the "411 service" keeping track of the matching records between the two. When a person using a computer needs to connect in some way to someone else's computer, they need to either know the IP number (like a phone number) of their computer, or they need to know the fully qualified domain name (like a person's name along with their street address) of their computer so the DNS system can look up the IP number of thier computer and return it to the requestor (just like the 411 operator does). IP numbers are structured as 4 numbers, from 0 to 255, each separated by a dot. 206.205.204.203 is just as valid a number as 1.2.3.5 or 16.7.200.34.
"Fully Qualified Domain Names" are much like a name along with an address, and can vary widely in their structure, but the most common are in the form "host.domain.extension". "host" being the "name" you or your system administrator has assigned to your computer, like "receptionist", and "domain.extension" is like a virtual "area" in which your computer can be found, like bigcompany.com. A domain name like "bigcompany.com" is very similar to the "areacode-prefix" combination used by phone companies to identify which region of the city your number is in, and which switching center your number is handled out of. "323-465" tells Pacific Bell that a number is in the "North and West of Downtown LA" area (323) , and served from the Hollywood #1 switch center (465) along with many other prefixes. "bigcompany.com" tells the network world that your computer is in the "area code" handled by BigCompany Inc. and "receptionist" tells the network world which computer inside that "area" to look up when looking for (or "resolving") an IP number from a fully qualified name. Therefore, when a computer program looks to the DNS server for the IP number assigned to "receptionist.bigcompany.com", the correct IP number is returned. If the computer program in question were to simply query the DNS for a computer called "receptionist", there might be thousands and thousands out there, and no way to resolve which one is which without the "street address" of the one you're looking for, in this case "bigcompany.com".
The name structure within a company can be varied to show more breakdown or to organize computers into department specific groups, like "receptionist.marketing.bigcompany.com". The setup and system for the prefix to a company's domain name is up to the administrator at the company and/or their internet service provider to decide on and implement.
PUBLIC VS. PRIVATE IP NUMBERS
Private IP numbers are the source of much confusion for many new networking users. Many home "powerusers" with more than one computer, small offices, and just about any user of a broadband IP connection to the internet like DSL or Cable Modem has probably come face to face with this issue. The whole use of IP numbers is generally hidden from your typical Internet user who uses a modem and PPP software to connect to the internet - they are transparently and dynamically assigned an IP number while they are dialed in by their ISP, and don't really have to think about it. That is until the user starts to get curious about running a webserver on a machine in their house, or moving up to faster "always on" connections like ISDN, DSL, Cable Modem, or other methods.
Think about what happens when a small city runs out of phone numbers, but can't split up an area code. Things could get difficult and providing additional phone service as the city expands would be a nightmare. One method of preventing an area from going totally overboard on providing separate phone numbers is to have one or a handfull of numbers used in a shared manner amongst many phone users, like any large office would do. A large company with 250 workers in an office building each with a phone at their desk wouldn't want to pay the phone company for 250 discreet and separate lines for each desk, nor would the phone company want to give all those numbers to them if they were trying to conserve numbers. Therefore, offices use internal equipment to "share" a smaller number of lines amongst their users, like mabye 20 or so used in rotary. By doing so, each desk can have an inter-office extension number, which is bridged to an outside phone company line when the user picks one up to dial out and one is free at that moment. In this case, any number of offices in the city might have an "extension 123" within their office, but each "extension 123" in these offices would never conflict with each other because they are "behind" the company's phone equipment which serves up the company's outside lines to those extensions when needed. The internal office extensions can communicate with each other perfectly fine, but must be connected to an outside line to connect to an extension at the company across the street. 213-555-1200 thru 1210 would be BigCompany, Inc.'s "public" phone lines, and extensions 1 thru 250 would be BigCompany, Inc.'s, "private" phone lines.
IP protocol networks use a system very similar to the above to prevent the world from running out of IP addresses. Even though 0-255.0-255.0-255.0-255 is technically 4,228,250,625 numbers, the useable amount of numbers is much lower due certain types of numbers set aside for special signalling and identification uses and not for typical "device" identification and traffic. Also consider that just about EVERY device that will handle IP traffic must have a unique number, and there are probably just as many routing and switching and serving devices on "the net" as there are actual computers. Add all that up and one can see how the current IP number structure really doesn't go all that far, and there is a need for computers and devices in certain groups to be able to use "private extensions" that work behind a group's "public numbers", just like the large company offices example above.
The organizations that agree on the technical standards behind the IP protocol have issued a standard for "Private IP number blocks", or numbers that can be used within an enterprise as long as the enterprise has the technical capability to separate those private IP numbers from the rest of the Internet at large, and properly gateway the traffic between the internal stations at the enterprise in question and the public Internet. For Example, when a large company with 200 computers in the office needs to implement IP networking and connectivity both between the computers in the office *AND* supply inbound and outbound connectivity to the Internet from within their office network, that company would avail themselves of a block of IP numbers within the "private" numbers set aside for just that purpose. There is most certainly many other computers somewhere in the world using your IP number if your IP number is one of these private numbers, but both yours and the other private IP numbers in the world are safely operated behind other IP routing equipment which handles all the internal network's traffic out to and in from the public Internet, just like all the "extension 105" numbers in offices thruought the world are safely operated behind telephone equipment that bridges those extensions in and outbound thru a given office's public telephone system number.
The private IP addresses that you assign for a private network (inter-office LAN, Internet Service Provider customer bases, campus networks, etc) should fall within the following three blocks of the IP address space:
10.0.0.1 to 10.255.255.255, which provides a single Class A network of addresses, which would use subnet mask 255.0.0.0.(theoretically up to 16,777,215 addresses, good for VERY large enterprises like internet service providers or other global deployment)
172.16.0.1 to 172.31.255.254, which provides 16 contiguous Class B network addresses, which would use subnet mask 255.255.0.0.(theoretically up to 1,048,576 addresses, good for large enterprises like colleges and governmental organizations)
192.168.0.1 to 192.168.255.254, which provides up to 2^16 Class C network addresses, which would use subnet mask 255.255.255.0.(theoretically up to 65,536 addresses, widely used by default in consumer/retail networking equipment)
Explanation of Subnet masks, Network classes, and other technical info is readily available on the internet.
Click here (updated - .pdf file) for an example page showing how the University of Michigan uses private IP numbers in their networking strategy.
Click here to read the Internet standards document RFC 1918, "Address Allocation for Private Internets".
ADDITIONAL READING, FUTURE CHANGES (ADDED 12-08-2005)
From Wikipedia - IPv6. IPv6 is the future improvement and extension of IPv4 (our current IP number system). The change is already happening although slowly. With IP numbers under IPv4 growing ever more scarce, IPv6 is bound to creep into your computing life...
Google Search - Link-Local IP numbers. Ever wonder why your Macintosh seems to have a strange IP number starting with 169.254, and you can't connect to the internet? There really is a good reason. Quoting from Wikipedia: "A second type of private network is the link-local address range codified in RFCs 3330 and 3927. The intention behind these RFCs is to provide an IP address (and by implication, network connectivity) without a DHCP server being available and without having to configure a network address manually. The subnet 169.254/16 has been set aside for this. If a network address cannot be obtained via DHCP, an address from 169.254.1.0 to 169.254.254.0 is assigned randomly. The standard prescribes that address collisions must be handled gracefully. The subnets 169.254.0/24 and 169.254.255/24 have been set aside for future use. As with the private network addresses defined in RFC 1918, packets from this subnet must not be routed to the internet at large."
Some Ways to Speed up Outlook
12:39 PM
Paul B
I get calls all the time talking about how slow Outlook is, and Outlook is hanging, or freezing what have you. It is very common, so don't feel you are alone. in fact, Outlook being slow is probably one of a help desk's most frequent complaints. Very few times it is a server side issue, but sometimes it is. If someone tries to send a 50MB zip file down the pipe it will muck things up for everyone for sure. However, there are a lot of client side things that can slow you down as well, and that is where these tips can help you out a bit.
The company I work for (Yes I have a day job, and no I am not quitting it for full time blogging so don't worry), we have a bunch of small satellite offices all around the country. The problem is we only have four exchange servers to accommodate everyone in all of the states we have offices. Those with a server in their office rarely complain about slow Outlook problems, and slow attachment opening times, because they are geographically close to the server. Those offices farthest away from the server may experience some lag time as their attachments and e-mails have to travel across the wire hundreds or thousands of miles to open up on their computer screen. To ease some of the slowness in this situation you can configure your Outlook to use Cached exchange mode which downloads a local cache of your e-mails and attachments to your computer so that they can open up locally and not over the WAN. Opening locally will always be faster than opening across the internet.
To set cached exchange mode, in Outlook click on Tools> E-Mail Accounts. Click on View or Change existing e-mail accounts, then click next. Select the option for Microsoft Exchange Server and click the change button. under the box where it says exchange server, there should be a check box saying use cached exchange mode. Check the box and click next and finish. You will have to restart Outlook for the changes to take affect.
So what if that was already checked, or you are geographically close to the server, but Outlook is still slow? Often times it isn't even Outlook at all, it is Word. But how can it be Word? I am not even using Word! you might be yelling right now at this post. Actually, you are using Word. Outlook by default uses Microsoft Word as it's default e-mail editor. the problem with that is that when you open Outlook, simultaneously in the background Word is opening as well which creates added overhead for the computer. Besides the overhead though, word easily gets corrupted, and when it does it will screw Outlook up to no end. So why not turn it off? Outlook has it's own built in e-mail editor, and we can use it without having to use Word. To turn it off, click on Tools> Option, and click on the Mail Format Tab. uncheck the option to use Microsoft Office to edit e-mail messages, click Apply then OK.
What if all of that is done, but you are still having some problems? Luckily Microsoft is aware that they make lousy products, so they have built in a detect and repair tool into their office suite. To find it click on Help > Detect and Repair. Follow the prompts, and Office will repair itself. Check the option to Discard My Personal settings and restore default settings only as a last resort because you will have to reconfigure Outlook again which can be difficult if you don't already know your server/user settings.
If you can think of any other tips that you have found works (Besides switching over to Thunderbird {Exchange doesn't work with it so don't comment about it}), then please leave some comments.
Jun 20, 2007
Common Issues with Wireless
4:27 PM
Paul B
Everybody wants to get on wireless these days. It is sort of "the thing to do." Funny thing though is, nobody seems to know what they are doing when it comes to wireless. They think they crack open the box plug in some cables and away they go. Well, it isn't really quite that simple.
Issue number one, would be security. You absolutely MUST think about security if you implement a wireless network at your home or office. If you think you are helping out your IT department by putting an access point up in your office so you can move the stuff around your desk more freely, you are sadly mistaken. If you have done this without setting up any kind of encryption, you have just opened a huge back door to your companies network. At home, you may not be so worried. If someone shares my internet, so what? Someone next door could easily setup a phishing scam in the apartment next door, and use your wireless connection for the internet access. Then guess whose door the FBI will come knocking on? That's right, yours. So encryption is a must, I highly recommend using WPA and not WEP because WEP has been proven to be easily crackable.
Issue number two, would be placement. Before setting up anything, you should do a site survey. Walk around your home or office and look for things that can cause interference. Map things out, and take notes. Take a laptop with netstumbler installed and look for other wireless networks in range and see what channels they are on. Some things that can cause problems are:
*Cordless Phones/Microwave Ovens: These devices operate at 2.4Ghz, which is the same frequency Standard 802.11G/N routers use. Since they both operate at the same frequency, they will interfere with each other's signals.
*Concrete Walls: Concrete causes a problem, not because of the thickness or the re-bar in it, but because of the water in the mixture. The magic thing about concrete is that it never stops curing, and the water in the wall can cause signal loss.
*Pointing your antenna: Some people think that pointing the antenna is self explanatory, but it isn't. You can't point your antenna like you point your finger because the signal coming off the antenna radiates from the sides of the antenna, not the top (See the figure below, I am not an artist!)
*Wireless Channels: By default, almost all routers come pre-configured to use either channel 6 or 11 (if I'm not mistaken). Find out what channel the surrounding networks are using and select a different channel. As mentioned above, Netstumbler for Windows works well for this as well as kismet for Linux and Kismac for MAC.
*Chicken Wire: That's right, I said chicken wire. I didn't come up with this one myself. I had a wireless class at college, and my professor told us about chicken wire. Chicken wire is used in some houses to either hold in insulation in the walls, or is used when putting up plaster walls. The holes in the chicken wire are not large enough to allow the sign wave of the wireless signal to penetrate the wall and thus creates a Faraday cage of sorts.
Issue number three, compatibility. Almost all wireless devices come with the WiFi logo which is supposed to indicate some sort of standard. It suggests that if you have a Belkin router, your Linksys wireless card should be compatible. Well, 9 times out of 10 that is true, but every once in a while there is that 1 time where it is not true. It is almost always best practice to stick to the same manufacturer. If you are a D-Link person, stick with D-Link, if you like Linksys, stick with linksys and so on.
Issue number four, Firmware. The manufacturers of your equipment frequently come out with firmware updates for their products. If you notice issues with your router or card, look on the manufacturers website for a possible firmware update. Lots of times, the update can correct the problems you are having.
Issue number five, loss versus gain. Every time you have to send a signal down a wire you have loss. If you have a long cable going from your modem, CSU/DSU etc going to your router there will be loss of signal. The longer the cable, the more loss. Likewise, the air creates signal loss as well. The farther you are from the antenna, the weaker the signal. On the flip side, whenever you have an antenna, you have gain. Every time the signal comes out of the antenna, or is received by an antenna there is a little bit of gain in the signal. So what does that mean to you? Shorten your cables if possible, and buy higher gain antennas for your routers if you need the signal to travel longer distances.
There are more problems I'm sure that I have left out. If you can think of some, please comment about it so others can learn more.
Issue number one, would be security. You absolutely MUST think about security if you implement a wireless network at your home or office. If you think you are helping out your IT department by putting an access point up in your office so you can move the stuff around your desk more freely, you are sadly mistaken. If you have done this without setting up any kind of encryption, you have just opened a huge back door to your companies network. At home, you may not be so worried. If someone shares my internet, so what? Someone next door could easily setup a phishing scam in the apartment next door, and use your wireless connection for the internet access. Then guess whose door the FBI will come knocking on? That's right, yours. So encryption is a must, I highly recommend using WPA and not WEP because WEP has been proven to be easily crackable.
Issue number two, would be placement. Before setting up anything, you should do a site survey. Walk around your home or office and look for things that can cause interference. Map things out, and take notes. Take a laptop with netstumbler installed and look for other wireless networks in range and see what channels they are on. Some things that can cause problems are:
*Cordless Phones/Microwave Ovens: These devices operate at 2.4Ghz, which is the same frequency Standard 802.11G/N routers use. Since they both operate at the same frequency, they will interfere with each other's signals.
*Concrete Walls: Concrete causes a problem, not because of the thickness or the re-bar in it, but because of the water in the mixture. The magic thing about concrete is that it never stops curing, and the water in the wall can cause signal loss.
*Pointing your antenna: Some people think that pointing the antenna is self explanatory, but it isn't. You can't point your antenna like you point your finger because the signal coming off the antenna radiates from the sides of the antenna, not the top (See the figure below, I am not an artist!)
*Wireless Channels: By default, almost all routers come pre-configured to use either channel 6 or 11 (if I'm not mistaken). Find out what channel the surrounding networks are using and select a different channel. As mentioned above, Netstumbler for Windows works well for this as well as kismet for Linux and Kismac for MAC.
*Chicken Wire: That's right, I said chicken wire. I didn't come up with this one myself. I had a wireless class at college, and my professor told us about chicken wire. Chicken wire is used in some houses to either hold in insulation in the walls, or is used when putting up plaster walls. The holes in the chicken wire are not large enough to allow the sign wave of the wireless signal to penetrate the wall and thus creates a Faraday cage of sorts.
Issue number three, compatibility. Almost all wireless devices come with the WiFi logo which is supposed to indicate some sort of standard. It suggests that if you have a Belkin router, your Linksys wireless card should be compatible. Well, 9 times out of 10 that is true, but every once in a while there is that 1 time where it is not true. It is almost always best practice to stick to the same manufacturer. If you are a D-Link person, stick with D-Link, if you like Linksys, stick with linksys and so on.
Issue number four, Firmware. The manufacturers of your equipment frequently come out with firmware updates for their products. If you notice issues with your router or card, look on the manufacturers website for a possible firmware update. Lots of times, the update can correct the problems you are having.
Issue number five, loss versus gain. Every time you have to send a signal down a wire you have loss. If you have a long cable going from your modem, CSU/DSU etc going to your router there will be loss of signal. The longer the cable, the more loss. Likewise, the air creates signal loss as well. The farther you are from the antenna, the weaker the signal. On the flip side, whenever you have an antenna, you have gain. Every time the signal comes out of the antenna, or is received by an antenna there is a little bit of gain in the signal. So what does that mean to you? Shorten your cables if possible, and buy higher gain antennas for your routers if you need the signal to travel longer distances.
There are more problems I'm sure that I have left out. If you can think of some, please comment about it so others can learn more.
Managing Space on a MAC
2:44 PM
Paul B
Ask The Admin has another guest blogger by the name of Justin, who apparently is a MAC guy. He posted this really cool tip on managing drive space on your MAC. For you're reading pleasure, I have reposted the following directly from Ask the Admin:
"The Question: What the hell happened to all the space on my hard drive.
While searching for an answer to this question I found a number of methods ranging from manually cataloging the contents of all my folders (who is really that anal retentive?) to terminal queries (who really uses the terminal?). Anyway my search for the best tool led me to Disk Inventory X (external link to product download site). This program is an excellent way to concisely see what exactly is on your disks. The program has been around for a bit, and it gaining a good bit of notoriety, partially because its so pretty, but also because it is damn useful. Did I mention its totally free?
Disk Inventory X is an easy to use visualization tool that combs your hard disk identifying, grouping, and color coding each file. What you get is a full color representation, using treemaps, of your drive which allows you to see what files and file types are eating up your disk space. In my case, I identified 25 gigs (thats not a typo) of Samurai Jack cartoons that had been torrented 2 years ago, and were sitting in a third level sub-folder where they had never been opened.
Disk Inventory X is a simple download, and once unpacked it only takes a few minutes to categorize your disk. After that, use the results to identify, delete, or relocate the file types that are eating up your space. Unfortunately Disk Inventory X cannot make the tough decisions for you, and cannot categorize files by taste, so it is up to you to delete all those N'Sync and Kenny G tracks you grabbed for that girl you were dating in 1995. Check the program out, you won't be disappointed."
"The Question: What the hell happened to all the space on my hard drive.
While searching for an answer to this question I found a number of methods ranging from manually cataloging the contents of all my folders (who is really that anal retentive?) to terminal queries (who really uses the terminal?). Anyway my search for the best tool led me to Disk Inventory X (external link to product download site). This program is an excellent way to concisely see what exactly is on your disks. The program has been around for a bit, and it gaining a good bit of notoriety, partially because its so pretty, but also because it is damn useful. Did I mention its totally free?
Disk Inventory X is an easy to use visualization tool that combs your hard disk identifying, grouping, and color coding each file. What you get is a full color representation, using treemaps, of your drive which allows you to see what files and file types are eating up your disk space. In my case, I identified 25 gigs (thats not a typo) of Samurai Jack cartoons that had been torrented 2 years ago, and were sitting in a third level sub-folder where they had never been opened.
Disk Inventory X is a simple download, and once unpacked it only takes a few minutes to categorize your disk. After that, use the results to identify, delete, or relocate the file types that are eating up your space. Unfortunately Disk Inventory X cannot make the tough decisions for you, and cannot categorize files by taste, so it is up to you to delete all those N'Sync and Kenny G tracks you grabbed for that girl you were dating in 1995. Check the program out, you won't be disappointed."
Blog Pinging to boost Traffic
2:36 PM
Paul B
I was asked by "The Admin" on Ask the Admin to be a guest blogger. Well, I posted my first post on Ask The Admin today on using blog pinging services to help create more traffic for your blog. Instead of doing double work, you can catch the original post here.
Jun 19, 2007
Migrating users from a Workgroup to a Domain
5:14 PM
Paul B
I found this post at Ask The Admin, which is a pretty cool blog where users can post questions about various computer or technology issues. This comes from a guy wanting to know how to migrate pre-existing users from a small workgroup network to a domain environment. The following is re-printed with permission from Ask the Admin:
"...John from Downtown Manhattan wants to know what the best way to migrate his users from a Windows 2003 standalone server into a fresh new domain.
Well John we have just completed something very similar with the assistance of microsofts addusers.exe command and l0phtcrack for password retrieval. Addusers.exe can be found on the windows 2000 resource cd or from microsoft.com. Using addusers.exe with the /d switch we were able to extract to a text file all of our local users, groups and descriptions. But we were unable to export passwords... Thats where l0phtcrack came in we ran this against our local server and recovered all 250 user passwords in under 24 hours.
Then after joining the machine to our freshly created domain we used the adduser.exe to import the user information from the text file we exported using the /c script. We then went in manually and set the passwords. You could also leave the option to require the user to change their password on the next logon. Below you will find the syntax for addusers.exe.
Adds, Writes, or Erases accounts as specified by a delimited file.
ADDUSERS {/c/d{:u}/e} filename [/s:x] [/?] [\\computernamedomainname] [/p:{lced}]
/? Display this help screen.
/c Create accounts specified in the file.
/d: Write current accounts to the specified file, opt. followed by {:u}.
u Write current accounts to the specified file in Unicode text format.
/p: Set's account creation options, followed by an comb. of {lced} l Users do not have to change passwords at next logon. c Users cannot change passwords. e Passwords never expire. (implies l option) d Accounts disabled.
/e Erase user accounts specified in the file.
/s:x Sets the separator character for the input/output file. Replace the x with the character to be used for separating fields. (e.g. /s:~)
Note: The separator character is a comma ',' by default.
For detailed information please refer to the Resource Kit Help file."
"...John from Downtown Manhattan wants to know what the best way to migrate his users from a Windows 2003 standalone server into a fresh new domain.
Well John we have just completed something very similar with the assistance of microsofts addusers.exe command and l0phtcrack for password retrieval. Addusers.exe can be found on the windows 2000 resource cd or from microsoft.com. Using addusers.exe with the /d switch we were able to extract to a text file all of our local users, groups and descriptions. But we were unable to export passwords... Thats where l0phtcrack came in we ran this against our local server and recovered all 250 user passwords in under 24 hours.
Then after joining the machine to our freshly created domain we used the adduser.exe to import the user information from the text file we exported using the /c script. We then went in manually and set the passwords. You could also leave the option to require the user to change their password on the next logon. Below you will find the syntax for addusers.exe.
Adds, Writes, or Erases accounts as specified by a delimited file.
ADDUSERS {/c/d{:u}/e} filename [/s:x] [/?] [\\computernamedomainname] [/p:{lced}]
/? Display this help screen.
/c Create accounts specified in the file.
/d: Write current accounts to the specified file, opt. followed by {:u}.
u Write current accounts to the specified file in Unicode text format.
/p: Set's account creation options, followed by an comb. of {lced} l Users do not have to change passwords at next logon. c Users cannot change passwords. e Passwords never expire. (implies l option) d Accounts disabled.
/e Erase user accounts specified in the file.
/s:x Sets the separator character for the input/output file. Replace the x with the character to be used for separating fields. (e.g. /s:~)
Note: The separator character is a comma ',' by default.
For detailed information please refer to the Resource Kit Help file."
Hard Drive Data Recovery
9:39 AM
Paul B
Here is a cool video of a presentation done at last year's ToorCon, which is a security conference here is San Diego. It is kind of lengthy, but is very informative.
Jun 18, 2007
Cisco Password Recovery
11:16 PM
Paul B
Have you ever heard the expression, "If you have physical access to a machine on the network, you can own that machine." I have, one of my professors at school harps on that all the time. I knew what he was talking about as far as Windows machines. I mean there are tons of free utilities you can use to reset the administrator's password in Windows. There are an equal number for Linux I'm sure, but what about a router? I'm not talking about a cheap D-Link router that you use at home, I am talking about production grade Cisco routers. Resetting the privileged mode password is really a simple process.
In class tonight, we had a lab where we had to do password recovery on a Cisco 2600 series router. The process was really simple. First of all, in order to reset the password you have to be physically connected to the console port, so forget the notion of telnetting in and "Hacking the Gibson."
Now that you have picked the lock to get into the server room where the routers are, or if you are a network admin and you genuinely have access to the server room, you can hook up your laptop directly to the router's console port. With something like hyperterminal, make sure you have connectivity with the router (Check with Cisco's website for the hyperterminal settings).
Now that you have a good connection, power off the router, then power it back on. After you turn it back on you have 60 seconds to press ctrl+break. Keep it held down until you see rommon 1>.
At rommon 1> type confreg 0x2142 the press enter. At rommon 2> type reset.
Now the router will reboot and will now skip the startup configuration and you will now be prompted to go through router setup. When prompted, select no. We don't want to reconfigure the router, we only want to reset the password.
Now you should be at a prompt like router>, type enable and press enter. You should now be at a prompt like this: router#. Type enable and your new password then press enter. You should also reset the secret password by typing enable secret and the new secret password.
Now with the passwords reset, save your changes by typing copy running-config startup-config and press enter. Now type config-register 0x2102 and press enter. Type reload at the prompt and the router will now be rebooted with your new password. Congratulations! You now own the box!
Please keep in mind that this is for a Cisco 2600 series router. For the full step by step instructions for this or any other Cisco product, visit Cisco.com and do a search for password recovery.
In class tonight, we had a lab where we had to do password recovery on a Cisco 2600 series router. The process was really simple. First of all, in order to reset the password you have to be physically connected to the console port, so forget the notion of telnetting in and "Hacking the Gibson."
Now that you have picked the lock to get into the server room where the routers are, or if you are a network admin and you genuinely have access to the server room, you can hook up your laptop directly to the router's console port. With something like hyperterminal, make sure you have connectivity with the router (Check with Cisco's website for the hyperterminal settings).
Now that you have a good connection, power off the router, then power it back on. After you turn it back on you have 60 seconds to press ctrl+break. Keep it held down until you see rommon 1>.
At rommon 1> type confreg 0x2142 the press enter. At rommon 2> type reset.
Now the router will reboot and will now skip the startup configuration and you will now be prompted to go through router setup. When prompted, select no. We don't want to reconfigure the router, we only want to reset the password.
Now you should be at a prompt like router>, type enable and press enter. You should now be at a prompt like this: router#. Type enable and your new password then press enter. You should also reset the secret password by typing enable secret and the new secret password.
Now with the passwords reset, save your changes by typing copy running-config startup-config and press enter. Now type config-register 0x2102 and press enter. Type reload at the prompt and the router will now be rebooted with your new password. Congratulations! You now own the box!
Please keep in mind that this is for a Cisco 2600 series router. For the full step by step instructions for this or any other Cisco product, visit Cisco.com and do a search for password recovery.
Replace Telnet with OpenSSH
1:36 PM
Paul B
For those of you out there still living in the dark ages, and are still using Telnet because you haven't found a viable alternative (You know who you are). Maybe you haven't decided to switch to a more secure solution because you use Windows Servers and Windows hasn't adopted using SSH. Maybe you think SSH is only for Unix/Linux.
Well, your excuses are no longer good here. If you haven't heard about it, there is an OpenSSH port for Windows. Now you can still use a terminal remote access method, but you won't be sending your login credentials and important information across the wire in plain text.
OpenSSH provides full support for SSH/SCP/SFTP. So no more exuses, download OpenSSH and secure your servers.
Well, your excuses are no longer good here. If you haven't heard about it, there is an OpenSSH port for Windows. Now you can still use a terminal remote access method, but you won't be sending your login credentials and important information across the wire in plain text.
OpenSSH provides full support for SSH/SCP/SFTP. So no more exuses, download OpenSSH and secure your servers.
Jun 17, 2007
Freemasonry Part I and II
10:38 PM
Paul B
FBI tries to fight zombie hordes
10:05 PM
Paul B
I found this article while surfing Digg, and it really highlights the necessity of securing your home computers and your home networks.
The article says that the FBI has found networks of zombie computers being used to spread spam, steal IDs and attack websites.The agency said the zombies or bots were "a growing threat to national security".
read more | digg story
The article says that the FBI has found networks of zombie computers being used to spread spam, steal IDs and attack websites.The agency said the zombies or bots were "a growing threat to national security".
read more | digg story
Jun 16, 2007
Using John The Ripper to Crack a Hash
2:21 PM
Paul B
I found this YouTube video on how to crack a hash using John the Ripper. I thought it was pretty interesting.
By the way, the video mentions Cain and Able, you can find a download link for it and John the Ripper HERE. Oh, and you can download the background music HERE. Don't all run out and thank me at once.
By the way, the video mentions Cain and Able, you can find a download link for it and John the Ripper HERE. Oh, and you can download the background music HERE. Don't all run out and thank me at once.
Jun 15, 2007
Hak.5 Visit to Shmoocon
2:09 PM
Paul B
Deleting on Blackberry not Synching in Outlook
1:24 PM
Paul B
In my current position I have to support Blackberry users. In my opinion, after having to support Palm OS and Windows Mobile, Blackberry has been the most stable. Now, it would be ridiculous to go so far as to say that Blackberry doesn't have any problems, because that just isn't so. Blackberry has plenty of problems. One of those problems has to do with the fact that by default, when you setup the Blackberry for use with a Blackberry Enterprise Server (BES), emails you delete on your hand held do not automatically delete in Outlook. Don't ask me why, it is just set that way. Seriously, why is water wet? It just is.
In order to make your deleted items sync when you delete them from your phone, you need to go into Messages > Options > Email reconciliation. Select the delete option and change the setting from hand held, to hand held & mailbox. Save the setting and you're set. If the setting is already set at hand held & mailbox, then change it to hand held, save the setting, then change it back and save the setting again.
90% of the time, this is what the issue is. There are a few other reasons, but this is what you should check first. Goodluck!
In order to make your deleted items sync when you delete them from your phone, you need to go into Messages > Options > Email reconciliation. Select the delete option and change the setting from hand held, to hand held & mailbox. Save the setting and you're set. If the setting is already set at hand held & mailbox, then change it to hand held, save the setting, then change it back and save the setting again.
90% of the time, this is what the issue is. There are a few other reasons, but this is what you should check first. Goodluck!
Jun 12, 2007
View MySpace from Work
6:24 PM
Paul B
If you work for a company that uses some sort of web filtering product like Websense, Surfcontrol (Now owned by Websense), Blue coat or something similar, then this article is for you. These types of software are used to keep you from goofing off at work. Depending on your IT department's policies, certain categories of sites might be blocked from your work place. Sites with porn, or time wasting sites like MySpace are big targets for web filtering software.
There are ways around if you are slightly savvy. Once of the best ways is to use a remote web proxy to browse your out lawed sites. The remote web proxy lets you connect to a remote site, then use the internet at the remote site to browse the internet. Since the traffic is not really behind your company's firewall, or filtering software, they cannot block the sites you are going to. There are public web proxy sites out there like Proxy420.com, the problem with them is that the big name web filters like Websense probably has already categorized those sites as proxy avoidance. So what is your alternative? You can host your own web proxy from your home computer.
I host my own website from home using Abyss Web Server X1 which is free. You can also use IIS if you are running Windows XP Professional at home, or even Apache for Windows. If you have a Linux box at home, you will probably be running Apache as well. I followed these instruction which I got from webstuffcan.com. These instructions are for Apache, so if you use Apache, this will make sense to you. If you use something different like I do, then you might have to do some Googling to see how to do the same things with your web server software, but it can be done.
Step 1 - Download and install Perl distribution
Download Windows x86 version of Active Perl from ActiveState site. Install with default configuration except the directory which I recommend to be set to “C:\usr\”.
Step 2 - Download and install Apache server
Download latest Apache server for Windows from http://httpd.apache.org/. Install it under any folder with port 80 as the HTTP port . Setting port to 80 is important since most companies only allow port 80 access. If you get any error in binding to port 80, probably you have something else listening on it. If your ISP blocks port 80 like mine, use a different port like 8080. You will have to specify the port in the url if you use something other than 80. An example of a URL with an alternate port is http://example.com:8080.
Step 3 - Configure Apache server
Now we need to configure Apache to enable CGI.
Locate #AddHandler cgi-script .cgi in httpd.conf (located inside apache subfolder conf) and remove the hash(#) in front.
Locate the “you set DocumentRoot to” string in httpd.conf. Under that you will see Option directive. Change it to Options Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
Step 4 - Download and install CGIProxy (nph-proxy)
Download CGIProxy (nph-proxy) from http://www.jmarshall.com/tools/cgiproxy/nph-proxy.cgi.txt. Rename the file to nph-proxy.cgi and copy it to Apache’s document root (htdocs). Now change the first line in nph-proxy.cgi to #!C:\usr\perl\bin\perl.exe
Start Apache from the bin folder (httpd.exe). Now open a browser session and point to http://localhost/nph-proxy.cgi. If you get no errors, you should be good to go.
Find the public IP address of your home connection. This can be viewed by browsing to WhatIsMyIP.com. Now from your office computer browse to http://IP ADDRESS/. If you used a different port, use http://IP ADDRESS:port number. If you really want to be spiffy, sign up for free a Dynamic DNS account, and set your home router to automatically update it with your public IP. (Google port forwarding on your router to make all of this work).
Happy MySpacing!
Jun 11, 2007
Youtube to TIVO
1:55 PM
Paul B
Have you ever wanted to watch something you found on YouTube on your TV? Perhaps someone uploaded a really cool show they recorded from TV, and now you want to watch it on your. Either way, here is a utility where you can download your favorite YouTube show to your computer in FLV format. Just enter the YouTube URL for the video in the box below and click Get Video, a download link will appear.
Once you have downloaded your FLV format video, you can now convert it to mpeg version 1 or 2 using Freez FLV to Mpeg tool. Copy the new MPEG file to your TIVO directory on your computer where you share your files with your TIVO and you're done! As I mentioned in a previous post, you need the Tivo Desktop software to share files out to your TIVO.
Jun 10, 2007
Runner
9:09 PM
Paul B
Final Fight
3:58 PM
Paul B
Collateral Damage: II
3:43 PM
Paul B
Trech 2
3:12 PM
Paul B
This game is unbelievably awesome for a flash game. You are in command of a war robot and you have to take down a number of targets from tanks, to other war robots. Enjoy!
Click Here to Play!
Click Here to Play!
Jun 8, 2007
Ad-Aware 2007 is Here
10:41 PM
Paul B
Lavasoft has finally released the latest free edition of Ad-Aware: Ad-Aware 2007!
According to Lavasoft, "Ad-Aware 2007 Free includes a redesigned engine, improved code sequence identification, incremental definition updates, one-click Web-history cleanup, multiple browser support, and other new features."
You can download your copy here!
According to Lavasoft, "Ad-Aware 2007 Free includes a redesigned engine, improved code sequence identification, incremental definition updates, one-click Web-history cleanup, multiple browser support, and other new features."
You can download your copy here!
Jun 7, 2007
Sniper: WWII
12:19 AM
Paul B
Kind of cool flash game where you are a sniper in WWII and you have to pick off Nazi stick figures.
Jun 5, 2007
Use Autoit and "Stick it to the Man"
11:41 PM
Paul B
Many moons ago, there was this guy who worked for an evil company as a help desk technician. The guy had an evil boss that promised him a sweet promotion to desktop technician so the guy wouldn't leave the company, only to screw the guy later by changing his title, and those of the rest of the team, as well as making them all man the phone system a week later. Also, the boss decided to monitor the employees hours by checking which time they logged into the call center system. The boss would dock them if they were a few minutes late, or left early. Jaded over the double cross with the promotion, the employee got an idea on how to do a little screwing of his own.
The call center system was software that ran on Windows XP, and required the technician to sign in with their pin number. Once logged in, the technician could set themselves into a ready or non ready state. The only problem with the system was that it wasn't hot key friendly, and it didn't have any command line switches or functions. Automation of the sign in process would be difficult.
Well, the desktop technician (Who was now a Systems Support Specialist do to the stupid title change) had once played with a utility called Autoit, which lets you write a script using simple programming language and compile it into a self running executable. You could program all sorts of repetitive tasks like mouse movements, clicks and typing among other things. Well, the technician decided to write a program using Autoit that would automatically log him into the system so it wouldn't matter when he really came and went, and would never have to worry about being docked in pay.
Once the program was tested, the desktop technician set the program to run everyday at a certain time using a scheduled task. The second problem with the setup was that group policy set the workstations to lock out after a certain amount of time for security reasons. So the desktop technician set Windows to auto login at bootup using a registry setting (Click here to see what it is). Now, he only needed the screen to be unlocked for about 10 seconds so that the script could log him into the phone system, after that he wanted his workstation locked back up. So he wrote another Autoit program that would lock the workstation. He set altogether, three scheduled tasks. One to reboot the computer in the morning which would force the computer to unlock and auto login to Windows, then the second one would log him into the call center, and the third would lock his workstation.
Long story short, the technician never had to worry about being "late" again, and he was simultaneously sticking it to the man.
He also used the program to create a little utility that would lock the workstation and set the program to run in a never ending loop, so if you ran it it would lock the workstation, and no matter how many times you logged back in it would turn around and lock you right back out. It is a great practical joke program, and is easily overcome by a reboot, and doesn't really harm anything, oh, and it only works on Windows XP and later...But that is another story. In the meantime you can play with that little locker program here ;-)
I assume no responsibility if the locker program is misused. It is meant for entertainment purposes only.
The call center system was software that ran on Windows XP, and required the technician to sign in with their pin number. Once logged in, the technician could set themselves into a ready or non ready state. The only problem with the system was that it wasn't hot key friendly, and it didn't have any command line switches or functions. Automation of the sign in process would be difficult.
Well, the desktop technician (Who was now a Systems Support Specialist do to the stupid title change) had once played with a utility called Autoit, which lets you write a script using simple programming language and compile it into a self running executable. You could program all sorts of repetitive tasks like mouse movements, clicks and typing among other things. Well, the technician decided to write a program using Autoit that would automatically log him into the system so it wouldn't matter when he really came and went, and would never have to worry about being docked in pay.
Once the program was tested, the desktop technician set the program to run everyday at a certain time using a scheduled task. The second problem with the setup was that group policy set the workstations to lock out after a certain amount of time for security reasons. So the desktop technician set Windows to auto login at bootup using a registry setting (Click here to see what it is). Now, he only needed the screen to be unlocked for about 10 seconds so that the script could log him into the phone system, after that he wanted his workstation locked back up. So he wrote another Autoit program that would lock the workstation. He set altogether, three scheduled tasks. One to reboot the computer in the morning which would force the computer to unlock and auto login to Windows, then the second one would log him into the call center, and the third would lock his workstation.
Long story short, the technician never had to worry about being "late" again, and he was simultaneously sticking it to the man.
He also used the program to create a little utility that would lock the workstation and set the program to run in a never ending loop, so if you ran it it would lock the workstation, and no matter how many times you logged back in it would turn around and lock you right back out. It is a great practical joke program, and is easily overcome by a reboot, and doesn't really harm anything, oh, and it only works on Windows XP and later...But that is another story. In the meantime you can play with that little locker program here ;-)
I assume no responsibility if the locker program is misused. It is meant for entertainment purposes only.
Jun 4, 2007
DVD to TIVO
10:48 PM
Paul B
In this post, I am going to merge two topics that I've already blogged about (DVD Ripping and Conversion from DVD to PS2 or iPod) and I will take it one step further. I got this idea, because my wife wanted me to cut back on the amount of video's I was backing up. (Of course I am talking about home DVD's, and family wedding stuff, and nothing illegal. What you do is your business). She didn't want to have to store CD cases upon CD cases full of copied DVD's. She wanted to be able to view it and move on with out wasting space or media.
I got an idea. Why not play the DVD's that I converted to PSP format using Handbrake on my TIVO? The answer is simple, unless you have a series 3 TIVO, you cannot play anything besides MPEG-1 or MPEG-2 (They have expanded their codecs in series 3). I needed something to convert my new AVI files to MPEG.
Enter Videora TIVO Converter. Videora will convert AVI files to MPEG format so you can play it on your TIVO. It is really quite simple, just select the AVI file, and set your output directory to your TIVO directory (You have to have the free Tivo desktop software installed already to share it out to your TIVO). On your TIVO, go to your now playing list, scroll all the way to your bottom and select your TIVO server (Most likely will be your desktop computer where you just converted your AVI to MPEG). Scroll down the list until you see your newly converted video, and voilla! You are watching your movie on your TIVO.
Let's recap quickly. You rip your DVD to AVI using Handbrake (If the DVD is encrypted, rip it first to an ISO image using RipIt4Me then use Handbrake), then take the new AVI and convert it to MPEG using Videora. Last, transfer it to your TIVO using the TIVO desktop software. Yes...It is that easy!
I got an idea. Why not play the DVD's that I converted to PSP format using Handbrake on my TIVO? The answer is simple, unless you have a series 3 TIVO, you cannot play anything besides MPEG-1 or MPEG-2 (They have expanded their codecs in series 3). I needed something to convert my new AVI files to MPEG.
Enter Videora TIVO Converter. Videora will convert AVI files to MPEG format so you can play it on your TIVO. It is really quite simple, just select the AVI file, and set your output directory to your TIVO directory (You have to have the free Tivo desktop software installed already to share it out to your TIVO). On your TIVO, go to your now playing list, scroll all the way to your bottom and select your TIVO server (Most likely will be your desktop computer where you just converted your AVI to MPEG). Scroll down the list until you see your newly converted video, and voilla! You are watching your movie on your TIVO.
Let's recap quickly. You rip your DVD to AVI using Handbrake (If the DVD is encrypted, rip it first to an ISO image using RipIt4Me then use Handbrake), then take the new AVI and convert it to MPEG using Videora. Last, transfer it to your TIVO using the TIVO desktop software. Yes...It is that easy!
Jun 3, 2007
Jun 1, 2007
Lock Bumping
9:49 PM
Paul B