August 30, 2010

Sumatra PDF

Filed under: Computer Ramblings,General Ramblings,Technical Ramblings,The Great Tech Blog-Off — Tags: , , , — RodneyEberly @ 6:08 am

On our website at work, we dynamically generate PDFs. This requires lots of testing on our local pcs. Adobe Reader is good for viewing the pdf, however, it also places a lock on the file, so that nothing else can access it. So if you make changes to the pdf generation code and want to retest, you have to make sure that you have closed that file in Adobe Reader, otherwise, the code generating the PDF will throw an error.
A great alternative to Adobe Reader is Sumatra PDF. http://blog.kowalczyk.info/software/sumatrapdf/index.html
It is a small open-source PDF viewer for Windows. It may not have all the features of Adobe Reader, but it is fast, and best of all it does not lock the file. So you can keep the file open in Sumatra, even when modifying the pdf from another source, and Sumatra will automatically refresh the view with the latest version.

August 22, 2010

Power up Windows with old guard Unix tools

Filed under: Computer Ramblings,General Ramblings,Technical Ramblings,The Great Tech Blog-Off,Web Development Ramblings — Tags: , , , — ryaneberly @ 8:23 pm

Most of us who’ve spent time tinkering with Linux or other Unix flavors have quickly discovered that there are some powerful tools available on most standard *nix installs that do not have an equivalent in windows.

Here are a couple of simple tasks:

  • Search multiple files for a specific word or series of words.   (grep <pattern> <filepattern>)
  • Rename a list of files accord to pattern. (i.e. change all files ending in *.txt to *.rtf)
  • More powerful scripting than good old DOS Batch files.
  • Comparing the differences between 2 (text) files (diff <file> <file>)
  • Pull a file off the web without firing up a browser. (wget)
  • Watch the end of a file for changes, such as an application log file. (tail -f <file>)
  • telnet, ssh clients
  • Run an Xwindows client session in Windows. (startx)
  • Tell where an executable will be run from. (which)

Cygwin (cygwin.com) provides a great tool set for those who find themselves in Windows environments, but want to leverage the power of unix tools.

I first discovered Cygwin when working on a contract basis in software quality assurance (testing) for a large well-known semiconductor manufacturer.  We were doing most of our work via telnet sessions on an AIX (unix) server, and I wanted to get a larger/friendly command window by running Xwindows locally and exporting the display from my session on the server to my local workstation. Unix has had remote desktop for a long time… As a result, all the tools that I had grown to appreciate in AIX were suddenly available on my workstation.  I’ve kept a Cygwin install on my workstation ever since.

Installation:

  • Download and run setup.exe from cygwin.com.
  • Click through the options [defaults should be ok], and select a download site.
  • You will get a organized list of all the packages that are available. Modify the selected packages as you wish- the more you select, the larger the install footprint.
  • Setup caches what you download so if you want to add a package later, you can do so without downloading the whole system again.

Recommended modifications from the default packages.

  • Add Web/wget – download files off the web from the command line ( script heaven)
  • Add Editors/vim – If you like the vi editor, otherwise skip it

Installation will take a few minutes. When it’s done, open your command prompt (Start->Run, ‘cmd’) and start experimenting (no ‘rm’ commands). Cygwin adds its bin folder to your PATH, so the commands are available. Certain windows commands share names with their approximate unix equivalents, so you need to give the explicit path to the cygwin folder when calling these. ‘find’ is an example of this.

Here’s some examples:
C:\>which find
/cygdrive/c/WINDOWS/system32/find

No wonder it wasn’t working like I expected!  Not that windows drive c:  is mounted as /cygdrive/c, and most of the tools know how to navigate pure windows paths, but if possible use the unix form.

C:\>echo test > somefile.txt
C:\>\cygwin\bin\find somefil*

C:\> echo testing >> somefile.txt
C:\> echo something completely different >> somefile.txt
C:\> echo testing >> somefile.txt
C:\> echo testing >> somefile2.txt
C:\> grep different *
C:\> grep testing *
C:\> grep -v testing somefile.txt

C:\> cat somefile.txt | sed -e “s/ing/er/g”
C:\> cat somefile.txt | sed -e “s/ing/[\]/g”

I won’t get into how to use all these tools here.  Google ‘grep’ or ‘sed’ or unix shell script for more info.

August 16, 2010

Hottest July Virii

Filed under: Computer Ramblings,Security Ramblings,Technical Ramblings — Tags: , , , , , , , , — Kordel Eberly @ 8:53 am

For all my readers who care (that should be everyone) about Computer Security, the Jury is In on July’s most active Virii, Spyware and Malware infections. Following is a list of the top 5, with brief descriptions. My #1 Recommendation?? When there’s Sharks in the water, Surf Scared!!!

1. Trojan-Downloader.JS.Pegel.bp

Secretly downloads malicious script from a remote server, installs and redirects users to further malicious websites.

2. Exploit.Java.CVE-2010-0886.a

Allows attackers to download and execute arbitrary Java on vulnerable systems by luring victims to malicious sites.

3. Trojan-Downloader.VBS.Agent.zs

Downloads and installs new versions of malicious programs, including Trojans and AdWare, on victim PCs.

4. AdWare.Win32.FunWeb.q

Displays unsolicited pop-up ads which do not appear to be relevant or associated with the user’s browser sessions.

5.Exploit.JS.Agent.bab

Uses a Microsoft Internet Explorer vulnerability to silently install malicious software onto the user’s computer.

August 4, 2010

How to Deal with Spam (of the non-edible variety)

Filed under: Computer Ramblings,General Ramblings,Security Ramblings,Technical Ramblings,The Great Tech Blog-Off — Tags: , , , , — JeremyGonyea @ 4:27 pm

We’ve all seen them: a seemingly innocent email arrives purporting to be from your company’s Help Desk, your system administrator, or some wealthy prince of Nigeria. These emails ask for personal information such as usernames, passwords, bank account information, or even money. Responding to such emails often results in locked accounts, boatloads of more incoming spam, or worse. Below are some hints to help you recognize these emails:

What is Spam?

Spam is unsolicited email. Much like the “junk mail” from the normal post office, these messages can simply be erased or ignored. In order to limit the amount of spam arriving to your email inbox, many email services utilize a spam filtering service (i.e. Google’s Postini service) to automatically check and block potential spam messages.
There are different types of spam messages:

Some spam messages want you to purchase things. These are mostly harmless, and can be blocked and deleted.
A spam email may contain a file attachment, usually containing malicious software (malware) to infect your machine. The virus can steal information without your knowledge as well as use your machine in future attacks on other machines.
A phishing email is one that attempts to “fish out” information, including usernames and passwords, social security numbers, bank account information, etc. Once the phisher has this information, they use the compromised account to, in turn, send out thousands of similar messages to other unsuspecting recipients. Reputable institutions will NEVER ask for your username and password via email. Once other organizations see compromised email addresses sending thousands of spam messages, they block all further emails from that domain, including legitimate correspondences, in an effort to protect their own users. This causes a disruption in communication as recipients having addresses from other domains (i.e. Live, Gmail, Hotmail) no longer receive messages from you.

Some messages are still getting through my email’s spam service. What should I do?

DO NOT RESPOND TO THE EMAIL!! First, if your email provider supports it, submit the email to their spam service. If you are unsure whether or not a message is spam, please contact either your company’s Help Desk or possibly even your email service provider. Finally, be aware of what sites are asking for your email address. Check if their privacy policies will protect your information or if they send that personal information onto other third parties.

I may have given my information to a phisher. What should I do?

Everyone makes mistakes sometimes. If you feel that you may have compromised your account, contact your account provider immediately. If you still can log into the account, change the password as soon as possible to prevent any malicious usage on your account. Make an appointment with your company’s Help Desk as soon as possible. The worst thing you could do is ignore this! Take action immediately!

July 31, 2010

Standards Compliance – It’s a Beautiful Thing!

Filed under: Computer Ramblings,General Ramblings,Social Ramblings,Technical Ramblings — Tags: , , , , , — Kordel Eberly @ 10:12 pm

I’ve been working on a new Telephone System install for a large business client, and I’ve been enjoying the change in pace. I work with computers of every sort every day – laptops, servers, desktops, Windows XP, Vista, 7, sometimes even Fedora, CENTOS or OSX (though rarely). But the thing that I’ve really been enjoying about this project isn’t the hardware, the operating system, or even (mostly) the software – what I’ve REALLY been enjoying is STANDARDS COMPLIANCE!

For anyone who’s ever performed a large network upgrade or (better example) Telephone System upgrade or expansion, you may have been unlucky enough to discover the “joys” of Manufacturer specific protocols or hardware.

They suck.

With a few exceptions, nothing good has come out of Manufacturers going there own way, and leaving everyone else to go theirs. Enter, Standards.

In the technology world, several bodies make standards. The IEEE (Institute of Electrical and Electronics Engineers) is the most important single entity in the Technology field, but they and other, smaller bodies oversee development of standards for all kinds of things – from Wired network cabling standards to Computer Bus interface specifications to Power Supply output connections – almost ANYTHING that is universal between manufacturers has been developed and approved by a Standards committee.

And that, my friends, brings me back to where I started – Telephone systems.

You see, more than any other field that I’m involved with, Telecom is the one that has had LEAST (in my opinion) standardization – at least at the consumer level. I can’t tell you how many different Telephone systems I’ve seen by how many entirely DIFFERENT vendors (coincidentally, many of those vendors now defunct or bought-out). Nortel, Executone, Comdial, AT&T have now been superceded by Vodavi, Shortel, Avaya, Inter-Tel, and many others. And guess what? Nobody works or plays with anybody else. Period.

As a computer guy getting into the Telecom field, it was initially very surprising and frustrating to realize that a PBX (Public Branch eXchange – a Commercial Telephone System) from vendor A could not be swapped out with a PBX from vendor B. Nor could Phones from vendor A be used with Vendor B’s PBX.

In FACT, to add insult to injury, I learned quickly that you couldn’t even use Vendor A’s Model A telephone with their Model B PBX – or their Model’s C,D,E,F,G,H, or XIII.5! Model A PBX’s had their own Phones, their own Voicemail cards, their own interface modules, their own – EVERYTHING. As did Models A through triple-Q. You either learned to find and record Serial and Model numbers very thoroughly, or you found another career, quickly.

So…. where was I….

Ahhhhhh…. Standards!

Enter 2010 and the arrival of the IP-PBX (Trumpet blast please)!!!
Ok – honestly, IP-PBX’s aren’t new for 2010 – they’ve actually been around and gaining popularity for quite some time.

But that’s not the point. The point is, Eberly Systems has been using them – and they’re WONDERFUL!!!

I’ve had some great experiences with Trixbox, Asterisk, even AsteriskWin32 (yah, that’s a mouthful) – there’s a growing number of solid IP-PBX solutions out there. But what’s really cool? Un-like their older brothers (the PBX), this new breed supports Standards-based SIP Telephony – and that means OPTIONS!!!

Oh, I love that word – Options. It makes me think of Nvidia GTX-480′s, 2011 Camero SS, or a Starbucks Vanilla Latte with a Double-shot of Espresso – all kinds of wonderful things come to mind.

But back to reality – what SIP Standard Telephony means is gone are the days of a $10,000 system switch-overs because your PBX goes down – gone are the days of being tied to a dinky out-of-date telephone because your PBX doesn’t support anything newer – gone are the days of calling Uncle Moe’s Phone Place in Texas looking for the last VM card this side of China! It means OPTIONS BABY!!!

My last several ventures have been with the 3CX Phone Systems server for Windows. I love it. It does everything (everything I need at least) that Trixbox or Asterisk can do, but it does it with an attractive GUI that is pleasant to look at, even when you’re programming extension 4056 out of 10,000 (ok, it might actually be getting old by that point) – but the point is, the guys at 3CX have take a phenomenal feature set, and wrapped it up with a huge bow and flashy wrapping paper – and it delivers!

I’m a 3CX partner, but I don’t get paid to toot their horn – I do it because the system has saved me time, hassle and frustration, and has won me contracts, wowed my customers, and satisfied every need I’ve had in a phone system to date.

I love the SIP-standard compliant phones – you can pick Snom, Yealink, Polycom, Linksys, Cisco, Aastra, etc etc etc… VOIP gateways, providers, ATA’s, FXO/FXS cards – you name it, there are options. And guess what? They all (with a very few black-sheep exceptions) work with EVERYBODY’S STUFF.

It’s great. If a couple of outfits like Executone or Comdial had figured this out, they might still be selling hardware!

So…. the moral of the story.

Look for standards – not Manufacturer “standards”, but true Independently developed Industry Standards, and use them – and APPRECIATE them. No matter if your field is Telecom, Computers, Consumer Electronics, or Aviation – Standards make work POSSIBLE, and much more enjoyable!

By the way – if you want more info on 3CX Phone Systems, or a free Demo, drop me a line – http://www.eberlysystems.com/contact.php.

Ahhh….. Maybe it’s the rebel in me, but it’s so refreshing to be able to give “The Big Guys” the boot. Standards are here to stay, and the days of groveling before the Mega-Corporation as you purchase it’s latest proprietary Telephone hardware are OVER! All hail the age of the IP-PBX!!!

July 28, 2010

Dell System Boards replaced with Malware

Filed under: Computer Ramblings,Security Ramblings,Technical Ramblings,The Great Tech Blog-Off — PeterWallace @ 9:12 am

It seems to never end as to how Malware get spread around or the war to prevent you from infection.

In a post on the Dell Community Website (http://en.community.dell.com/support-forums/servers/f/956/t/19339458.aspx) that was brought to my attention today it stated that for a short period four different servers replacement mother boards were infected with the W32.Spybot.Worm (http://www.symantec.com/security_response/writeup.jsp?docid=2003-053013-5943-99) . It was found on 4 server models: PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410. Dell was quick at pulling the lot and going out and replacing the others. They claim it was less than 1% of the servers out there.

I have a few problems with this. Just how does a system board get infected with W32.Spybot.Worm that is a from a family of worms that spreads using the Kazaa file-sharing network and mIRC? This worm can also spread to computers that are compromised by common back door Trojan horses and on network shares protected by weak passwords. Does the system manufactures not have systems in place to catch this kind of things? How many other times have you received something that is infected? Just when you thought it would be safe you read more about careless companies not protecting themselves and others.

How can you keep yourself safe from Virus or Malware?

1) Know who you are dealing with

2) Use Security software that updates automatically and scans incoming and outgoing files

3) Protect YOUR Personal Information. It’s your most valuable asset

4) Backup your important files. Don’t forget about your pictures and home movies you have stored

5) Keep your Computer Operating system and software fully patched and use the automatic settings to update them

6) Run a firewall on your PC

7) Keep your passwords safe, strong and secure. Also don’t use the same password for everything!

8) Be careful about what you download. Many “file sharing” sites are full of virus and malware software

9) Think before opening the e-mail attachments and ask yourself would that person send that or do I know that person.

10) If you think you are infected work at removing it or take it to a professional.

Now I just need to run and fill out this form I just received for the 20 Million Dollars left to me from the Late Dr. DoWeCheatemAndHow. I’m finally rich! J

Thanks and safe surfing

Peter Wallace

July 22, 2010

The BlogMire – Tech Blog-Off 2.0!!!

Filed under: General Ramblings,Social Ramblings,Technical Ramblings,The Great Tech Blog-Off — Kordel Eberly @ 7:20 am

Greetings – and welcome to the BlogMire – the Tech Blog-Off round 2.0!!!

Contest will run from July 22nd to Midnight on August 21st.

Basic rules are much the same – for review,

Basic Rules:
1. All entries must be ORIGINAL CONTENT.
2. Entries must relate to something Eberly Systems is involved with (i.e. Computers, Networking, Telecommunications, Electronics, Power).
3. Entries must be at least several paragraphs in length, and must say something worth reading!
4. You may enter as many times as you like.
5. Entries that are extensive and show an exceptional amount of effort and quality may receive extra entries in the drawing.
6. Entries can be made via email to contest@eberlysystems.com, or via the blog directly at www.eberlysystems.com/blog (for this method, create a user and then email contest@eberlysystems.com with your username to request permission to post).

In addition, we’re adding a few MORE details to keep the rest of the world happy… Namely,

7. Don’t have anything to write about? Well, then READ – and leave a few thoughts or observations about someone else’s article! A separate drawing will be done for Commenters – you could win a Flash Drive or other cool gadget!
8. Drawings will be done in the following manner…
– First drawn gets first choice of available prizes
– Second drawn gets second choice of available prizes – etc, etc…
9. IMPORTANT! Your article may NOT be posted immediately! Our goal this contest is to offer a steady stream of articles throughout the month – so to start, we will post every few days – if we have a high volume of submissions, we may post 1 per day – but it all depends on how many we receive, so SUBMIT!

Thank you for your interest – I’m not going to spill ALL the beans just yet, but there are rumors of a few particularly hot prizes, one that isn’t even AVAILABLE yet – a much anticipated jaunt from a much beloved Software developer, who’s name will remain anonymous but who may have formerly been known as Blizzard… …

Stay Tuned!!!

July 12, 2010

Windows Power Toys

Filed under: Computer Ramblings,Technical Ramblings,The Great Tech Blog-Off — RodneyEberly @ 9:10 am

Microsoft has several small programs (Power Toys) that can enhance Windows.

http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx

I am a software developer, and two of the toys that I find useful are “Open Command Window Here” and “Alt-Tab Replacement”.

“Alt-Tab Replacement”

In case you are not familiar with this command in Windows, holding down ‘Alt’ and pressing ‘Tab’, will bring up another window containing icons (with a brief description) representing all of the current windows that are open in the task bar. While continuing to hold down ‘Alt’, pressing ‘Tab’ repeatedly will cycle through the current windows. When you release ‘Alt’ the screen represented by the currently highlighted icon will open on the top of all the other windows.

As a developer, I’m constantly switching between windows so any enhancement to this is welcome. The “Alt-Tab Replacement” toy keeps all the current functionality, but also displays a screen shot of the corresponding window. So multiple IM conversations, browers, etc. will each have a different image. It’s not much of a change, but it’s a fun little tool.

“Open Command Window Here”

Those of you that have had computers for years will remember the dos prompt. If you remember that you probably know that it still exists in Windows. You just have to go to “Start”, click “Run”, then type ‘cmd’. It will open a dos prompt windows under the ‘Documents and Settings’ folder. From there, you can navigate to the appropriate folder.

I use the dos prompt pretty often, but it is a pain to navigate a bunch of directories every time. The “Open Command Window Here” toy creates a shortcut to the dos prompt for any folder. After you install the toy, right click on any folder on your computer, and you should see the option ‘Open Command Window Here’. Click on it, and it will open the dos prompt already in that folder’s directory.

There are about a dozen toys on the site, but these are the only two that I have used.

Rodney Eberly

Synergy

Filed under: Computer Ramblings,Technical Ramblings,The Great Tech Blog-Off — RodneyEberly @ 9:10 am

For those of you with multiple computers in close proximity to each other, check out Synergy (http://synergy2.sourceforge.net/). It is an  open source program that allows you to share a keyboard/mouse among multiple computers. It easily lets you jump back and forth between monitors/pcs, and even allows copy/paste across different pcs! It runs on Windows, Macs, and Unix, though I have only used on Windows.

Most of you reading this can probably download it and jump right in, but I wrote some detailed instructions below.

Download and install the program from the website on each computer that you want to be connected.

1. Setting up the Server

  • Start Synergy on the pc that you want to be the server.

  • Select “Share this computer’s keyboard and mouse (server)”.

  • Click on the “Configure” button beside Screens & Links

    • You will need to add a “Screen” for each computer that you want to link (including the server itself).

      • Click on the + sign under “Screens”, which opens up the “Add Screen” window. Enter the current computer’s name (server) under Screen Name. If you do not know the computer name, Right click on “My Computer”, click “Properties”, click the “Computer Name” tab, and you will find the name. Or you can simply click on the “Info” button on the main screen of Synergy, as it defaults some of the data and will list the computer name as the default screen name.

      • There various options on the “Add Screen”, but you can just leave the defaults.

      • Now add additional screens for each remaining computer that you want to link together.

    • You will also need to add links for each screen (Screen A to Screen B, etc).

      • Highlight [New Link] , and at the bottom of the screen you will see:

          [0] to [100] % of the [---] of [---] goes to [0] to [100] % of [---]

        • This is to define what happens when the mouse pointer leaves the screen of one computer.

        • For example: [0] to [100] % of the [left] of [pc1] goes to [0] to [100] % of [pc2], means that anytime, you move the mouse off the left side of the screen of pc1, it will jump to pc2. If you want to, you can also divide the values with the top 50% of the left side of the screen going to one screen, and the bottom 50% going to another screen

        • Select the appropriate values, and click the + sign at the bottom.

        • You can add as many links as you want, however, it is important to note that ‘left of pc1 goes to pc2′ does NOT imply ‘right of pc2 goes to pc1′. You must define it bi-directionally. If you only define one direction, you will not be able to get back.

    • After you have finished, adding screens and links, click ‘OK’ at the bottom.

2. Setting up the clients

  • Start Synergy on one of the client computers. Select “Use another computer’s shared keyboard and mouse (client).” Type in the name of the host computer.

  • Click the ‘Test’ button on your server, which should bring up another screen with the message “started Server”.

  • Click the ‘Test’ button on one of your clients. It should bring up another screen with the message “started client” and “connected to server”. You can now move your mouse back and forth between the screens, using the links that were set up.

  • If you have problems with the test connection, you may have to look at the troubleshooting section on their site, or play around with your firewall. Please be very careful when changing firewall settings (opening ports, etc.) as it may expose you to attacks from other computers.

  • If you have any other client computers, set them up, and test the connection of them as well. Once the test connections are all working, close the connection on all computers, and click ‘Start’ at the bottom right of the main Synergy window on the server, and then on each of the clients.

You can now freely navigate between computers, as well as copy and paste.

Rodney Eberly

July 9, 2010

Is Your Data Safe on your USB Flash Drive?

Filed under: Computer Ramblings,Security Ramblings,Technical Ramblings,The Great Tech Blog-Off — Tags: , , , , — PeterWallace @ 10:41 pm

Just this week while I was away I found another USB Key on the ground. This one was a nice one, 8 gig with the cap still on it. Looks as someone had it in their pocket and went to take change out of there pocket to throw into a coin funnel. I picked it up and took it with me. Later that night I plugged it in to see if there was any information to find the owner. There was music, photos, Microsoft Money files, Excel and Word Documents on it. Started to dig in the Word files and spotted several Resume files all dated about the same time. Opened them thinking that they would be same person and they were all different names, looked some more and found a memo with a company name and phone number on it.

Turns out this key was lost by an employee from that company and did not even realize they had lost it. Dropped it in the mail back to them with a few quick notes on how to secure the USB key so if this happens again their data is safe. What are some ways to protect your data?

One: Never put sensitive data on a portable drive or USB Key that could get lost. (Real world knows that this will not happen)

Two: Buy a USB Drive that has security software with it and set it up to be secure. Something like the SanDisk Extreme® Contour™ USB Flash Drive (http://www.sandisk.com/products/computing-products/sandisk-extreme-cruzer-contour-usb-flash-drive) offers Password Protection and AES Hardware Encryption.

Three: What about all the ones you have laying around? There is software that can be used to secure them. Some Free or open-source are:

- Portable TrueCrypt (Open Source) – (http://www.truecrypt.org/) – Encrypts an entire storage device and encryption is real-time just as if you were copying it to an unprotected drive.

- Cryptainer (freeware) (http://www.cypherix.co.uk/prods.htm) – Creates Vaults up to 25 MB to store any type of data. Just drag your data in and it’s encrypted.

- Folder Lock (Free Version but has a paid version also) – (http://www.newsoftwares.net/folderlock/) – a fast file encryption software that can password protect folders, encrypt or lock files, protect USB Drives and lock CDs/DVDs.

- AXCRYPC (Open Source) – (http://www.axantum.com/AxCrypt/) – is the leading open source file encryption software for Windows. It integrates seamlessly with Windows to compress, encrypt, decrypt, store, send and work with individual files.

There is NO REASON someone else should be able to read your data with your permission. Don’t wait till you have lost your data to act but do it now.

Older Posts »
Privacy Policy | Terms & Conditions | Related Sites | SpyderMap | Web Portal | Exchange Links | Affiliates