Cata's troubleshooting tips for pc

How to Protect your Passwords using KeePass

2011-08-22T16:32:00.001+03:00

Do you know how to protect your passwords?Here is a video I made to teach you how to keep your passwords safe.Sorry about my english.. after all it is not my native language and it's my first video ever..Hope you like it :)

Thank you for reading my blog .Cata's Troubleshooting tips for Pc.

What is a Facebook Page?

2011-08-13T11:49:00.003+03:00

1.Facebook Pages are for organizations, businesses, celebrities, and bands to broadcast great information in an official, public manner to people who choose to connect with them. Similar to profiles, Pages can be enhanced with applications that help the entity communicate and engage with their audiences, and capture new audiences virally through friend recommendations, News Feed stories, Facebook events, and beyond.

You can create and manage a Facebook Page for your organization from your personal account and . .Please note that only the official representative of an organization, business, celebrity, or band is permitted to create a Page.Facebook pages are free too and you can admin as many pages as you want.

2.How can you create a Page?

If you are the official representative of an organization, business, celebrity, or band, you can create a Page here to represent your organization on Facebook.

3.What is it good for?

You can connect with your fans write topics about your business ,favorite topics , favorite entertainers and have them comment or like what you write.If you have a business is a great way to let them find out about what you do.Search Engines love facebook too so you will gate some good backlinks from your facebook pages.

Here is a great tutorial of how to build a facebook page.

4.Applications and Features of Facebook Pages

Use Publisher to keep your users updated on new content.
Write or import Notes (even on-the-go) and share them with your audience.
Post Photos and Videos of your events.
Add Applications that enhance your Page experience.
Create Discussion Boards to solicit user feedback and generate brainstorms.
Create Groups to help people with similar interests connect with one another
Set up Events and have your fans RSVP
Check out Facebook Platform to see how you can customize your presence on Facebook.
Learn more about the people who like your Page by exploring our new Insights dashboard. Understand how your Facebook Pages are performing by viewing this Facebook Insights Guide.

Windows 7 Application Log Error Event ID : 4107 - how to solve this

2011-07-15T11:08:00.005+03:00

This error occurs because the Microsoft Certificate Trust List Publisher certificate expired. A copy of the CTL with an expired signing certificate exists in the CryptnetUrlCache folder.Probably if you open your Application Log will look like this:

Step 1 - Open Windows Explorer and in the search box type CryptnetUrlCache.You chose to search on the whole computer.It will find 3 locations:

C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\

C:\Users\Kiki\AppData\LocalLow\Microsoft\CryptnetUrlCache\

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\

Step 2 - you need to go in each of these 3 locations.Each of these locations will have 2 subfolders named Content and MetaData and delete the content of these 2 subfolders (not the folders) in each of the 3 CryptnetUrlCache folder locations. Restart the computer.

Note:

1.For your peace of mind you should backup these folders just in case...
2.If you have multiple users using that pc you will have more locations from which you need to empty the Content and MetaData folders.
3. A useful command line for deleting the content of the Content and MetaData folders located in C:\Users\user_name path is this command:

cmd --> and type : certutil -urlcache * delete (you need to run this command for each user on your pc; you can do that by logging in as that user )

4.Or if you don't like to do thing yourself Microsoft released a Fix for this error .You can download the Microsoft Fix here.

Hope I was able to help.Thank you for reading my blog.

How to Backup your Rosetta Stone Data

2011-07-14T10:17:00.002+03:00

I had a client that wanted me to backup his data from the Rosetta Stone Language Learning Application.

Here is how to do this:

Step 1 - To Backup Rosetta Stone software or to transfer the saves to another computer , first make a copy of the tracking .db3(you can copy the report file too but it is not mandatory) file that stores all of your user data, progress and scores to your external hard drive/usb stick.The file is located here:

Windows XP: C:\Documents and Settings\All Users\Application Data\Rosetta Stone\tracking.db3
Vista: C:\Program Data\Rosetta Stone\tracking.db3
Windows 7: C:\ProgramData\Rosetta Stone\tracking.db3

Deactivate and uninstall the program from your old computer if you are going to install it on a new computer.

Step 2 - reinstall the Rosetta Stone software and the language packs you had.Then activate them.After that copy the file tracking.db3 you saved at Step 1 back in to the folder appropriate for your Windows version mentioned at Step 1 overwriting the file located in there.Done.

Hope it helped. Thank you for reading my blog.

How to Backup Angry Birds Rio saves if you need to reinstall your Windows

2011-07-14T10:01:00.002+03:00

I had a client that asked me to backup his Angry Birds Rio before I reinstall his Windows so..Here is how to Backup Angry Birds Rio:

Step 1 - Find this folder Angry Birds Rio which is located here : "C:\Users\john\AppData\Roaming\Rovio\Angry Birds Rio"

Step 2 - Copy the settings.lua and highscores.lua files to youe backup external drive/ usb stick

Step 3 - To restore it you need to reinstall the game first than search for the folder Angry Birds Rio which is located here : C:\Users\john\AppData\Roaming\Rovio\Angry Birds Rio and copy the files settings.lua and highscores.lua you backed up at Step 2 in here overwriting the files located in there.Done. Start the game and presto you got your saves back.

Hope it helped. Thank you for reading my blog.

Windows 7 System Log Warning Event Id 219 - how to solve

2011-07-14T09:46:00.002+03:00

If you have this warning in your system log even if it is not critical is annoying right?

Here is How to solve this:

Step 1 - Right Click Computer-->Manage-->Device Manager-->Search for Windows SideShow

This warning occurs with the Logitech Keyboards of the G Series that do not have the LCD display like the Logitech G11 model because the recent Logitech software installs automatically the drivers for the LCD display of the keyboard and you don't have LCD screen on your keyboard..

Step 2 - Expand Windows SideShow and disable these 2 device drivers Logitech Game Panel Devices(Mono) & Logitech Game Panel Devices(QVGA).You disable them by right clicking on them and selecting Disable or by double clicking on them and selecting the Driver tab and choosing Disable and yes.

Hope it helped.Thank you for reading my blog.

Windows 7 Application Log Error Event ID 10 - how to solve this

2011-07-14T09:21:00.004+03:00

If you have this error in your Application Log:

Here is how to solve this error:

Step 1 - Restart the Computer and press F8 to boot in Safe Mode.

Step2 - Right Click Computer--> Manage-->Chose Services and Applications-->Services Panel-->find the service Windows Management Instrumentation double click it and Stop the service.(Or type in run or in start menu search bar services.msc and Enter key find the service and stop it)

Step3 - find this folder Repository which is located here : "C:\Windows\System32\wbem\Repository" delete all the files in this folder (I recommend you backup these files in her just in case).Done.

Step4 - Restart the Computer and check the Application Log the error will be gone(At first restart after you deleted the files in Repository folder you will get some warnings but that is normal those warnings will never apear again)

Hope I was able to help.Thank you for reading my blog.

Performance Analysis of Logs (PAL) and Server Performance Advisor (SPA) for Windows Server 2003

2011-03-04T18:18:00.005+02:00

If Performance Monitor Logs and Alerts is giving you an headache these tools will help you make your life easyer doing the performance analysis for you:

"Microsoft Windows Server 2003 Performance Advisor v2.0 is the latest version of Server Performance Advisor, which is a simple but robust tool that helps you diagnose the root causes of performance problems in a Microsoft Windows Server 2003 deployment. It measures the performance and use of resources by your computer to report on the parts that are stressed under workload. It does so by collecting performance data and generating comprehensive diagnostic reports that give you the data to easily analyze problems and develop corrective actions.
SPA provides several specialized reports, including a System Overview (focusing on CPU usage, Memory usage, busy files, busy TCP clients, top CPU consumers) and built-in template reports for server roles such as Active Directory, Internet Information System (IIS), DNS, Terminal Services, SQL, print spooler, and others. In fact, SPA is kind of a Performance Monitor tool that is integrated with Network Monitor and has a built-in logic that allows for easier understanding of the captured data and can help you identify clients or applications that are consuming resources on a server."

For more information click here : Petri IT Knowledgebase it is a great article. It was pointless for me to do the same article.

PAL (Performance Analysis of Logs) tool is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex, but known thresholds (that are provided). The tool comes out-of-the-box with some predefined thresholds defined as high according to the Microsoft consulting/development but those can be adjusted to whatever you like.
The tool generates an HTML based report which graphically charts important performance counters and throws alerts when thresholds are exceeded. The thresholds are originally based on thresholds defined by the Microsoft product teams and members of Microsoft support, but continue to be expanded by this ongoing project. This tool is not a replacement of traditional performance analysis, but it automates the analysis of performance counter logs enough to save you time.

Features

Thresholds files for most of the major Microsoft products such as IIS, MOSS, SQL Server, BizTalk, Exchange, and Active Directory.

An easy to use GUI interface which makes creating batch files for the PAL.vbs script.

A GUI editor for creating or editing your own threshold files.

Creates an HTML based report for ease of copy/pasting into other applications.

Analyzes performance counter logs for thresholds using thresholds that change their criteria based on the computer's role or hardware specs.

You can download it from here.PAL is greater after me because you can use it on any operating system you like.(Tested on Windows 7, Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2)
Note: In Windows 2003 Server sp2 and Windows 2003 Server R2 sp2 it has a little bug that you can export the Treshold Files in html format only in the root folder of the application(C:\Program Files\PAL\PAL v2.0.7).
Another thing that is problematic is that you need to change your Regional and Language Options to Standards:English(United States) & Location:United States otherwise it won't run.

Both applications are free for home and business use.

IT FACTS

2011-03-03T15:53:00.003+02:00

Read this article is soooo true : IT FACTS

How to start Windows Reliability and Performance Monitor with elevated privileges

2011-03-03T14:18:00.002+02:00

To start Windows Reliability and Performance Monitor with elevated privileges

Click Start-->click All Programs-->click Accessories-->right-click Command Prompt, and click Run as Administrator.
Enter the user name and password of an account that is a member of the local Administrators group.
At the command prompt, type perfmon.exe and press ENTER. Windows Reliability and Performance Monitor will start in the Resource View page.

Note:

You can also start Resource View in its own window by typing perfmon /res or resmon at a command prompt(in cmd).

Network Bottlenecks Performance Counters

2011-03-03T14:12:00.001+02:00

Network Bottlenecks

Network Interface\ Bytes Total/sec - is the rate at which bytes are sent and received over each network adapter;Network Interface\Bytes Total/sec is a sum of Network Interface\Bytes Received/sec and Network Interface\Bytes Sent/sec
Network Interface\ Bytes Sent/sec - this counter is self evident
Network Interface\ Bytes Received/sec - this counter is self evident
Network Interface\ Current Bandwidth - is an estimate of the current bandwidth of the network interface in bits per second (BPS). For interfaces that do not vary in bandwidth or for those where no accurate estimation can be made, this value is the nominal bandwidth.

UDP\ Datagrams Received/sec - the rate at which UDP datagrams are delivered to UDP users
UDP\ Datagrams Sent/sec - is the rate at which UDP datagrams are sent from the entity.
TCP\ Segments Sent/sec - is the rate at which segments are sent, including those on current connections, but excluding those containing only retransmitted bytes
TCP\ Segments Received/sec - is the rate at which segments are received, including those received in error. This count includes segments received on currently established connections

Server\ Bytes Total/sec - the number of bytes the server has sent to and received from the network. This value provides an overall indication of how busy the server is
Server\ Bytes Received/sec - this counter is self evident
Server\ Bytes Transmitted/sec - this counter is self evident

Network Interface\Output Queue Length - is the length of the output packet queue (in packets). If this is longer than two, there are delays and the bottleneck should be found and eliminated, if possible. Since the requests are queued by the Network Driver Interface Specification (NDIS) in this implementation, this will always be 0.
Network Interface\Packets Outbound Discarded - is the number of outbound packets that were chosen to be discarded even though no errors had been detected to prevent transmission. One possible reason for discarding packets could be to free up buffer space.
Network Interface\Packets Outbound Errors - is the number of outbound packets that could not be transmitted because of errors.You should check if someone upgraded the network driver recently.
Network Interface\Packets Received Discarded - is the number of inbound packets that were chosen to be discarded even though no errors had been detected to prevent their delivery to a higher-layer protocol. One possible reason for discarding packets could be to free up buffer space.
Network Interface\Packets Received Errors - is the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

Hard Disk Bottlenecks Performance Counters

2011-03-03T13:46:00.000+02:00

Hard Disk Bottlenecks

Physical Disk\Disk Transfers/sec – watch this counter for each physical disk and if it goes above 25 disk I/Os per second then you've got poor response time for your disk

Physical Disk\Idle Time - measures the percent time that your hard disk is idle during the measurement interval, and if you see this counter fall below 20% then you've likely got read/write requests queuing up for your disk which is unable to service these requests in a timely fashion;then is time for a new faster hard disk.

PhysicalDisk\Avg. Read Queue Length Should be less than 2

PhysicalDisk\Avg. Write Queue Length Should be less than 2

PhysicalDisk\ %Disk Time more than 50% indicates a bottleneck

diskperf - is a command line tool that can be used to start disk performance counters from cmd

Note. No counters should be monitored alone you need counters of all groups processor,memory,hard disk,network interface to make a valid decision .Otherwise you might be fulled by the results of only one counter

Memory Bottlenecks Performance Counters

2011-03-03T13:41:00.000+02:00

Memory Bottlenecks

Memory\Available MBytes - if this counter is greater than 10% of the actual RAM in your machine then you probably have more than enough RAM and don't need to worry ;set an alert to trigger if it drops below 2% of the installed RAM ;

Memory\Pages/sec - indicates the number of paging operations to disk during the measuring interval ; you should create an Perfmon Alert for this counter when number of pages per second exceeds 50 per paging disk to alert you that you need more RAM.

Memory\PageFaults/sec - is the sum of hard and soft page faults

Process\Working Set - determine which process is consuming larger and larger amounts of RAM

Memory\Cache Bytes - which measures memory leaks; a reboot solves memory leakage into the non-paged pool;

Memory\Committed Bytes - If the value for committed bytes is greater than physical memory, then more RAM would help ;

Memory\Transition Faults/sec - which measures how often recently trimmed page on the standby

list are re-referenced ; if this counter value increases over time you have insufficient RAM

Page File\Usage (_Total) - create an alerter to notify if it exceeds 70.Then is the case to move the page file to another drive or split it across drives.

Hardware Bottlenecks Performance Counters

2011-03-03T13:38:00.000+02:00

Hardware Bottlenecks

System\Context Switches/sec -measures how frequently the processor has to switch from user- to kernel-mode to handle a request from a thread running in user mode ; the heavier the workload running on your machine, the higher this counter will generally be, but over long term the value of this counter should remain fairly constant ;you should create a baseline and then create a Perfomance Monitor Alert for this counter.

Processor\Interrupts/sec (_Total) -if this counter with the above counter suddenly start increasing

it may be an indicating of a malfunctioning device ;over 40% you have a driver or hardware problem

Processor\Privileged Time (_Total) – if this counter increases too then you might have problemems with a device driver.

System Availability and Processor Performance Counters

2011-03-03T13:35:00.002+02:00

System Avalilability

System\System Up Time - how many Seconds passed since your server's last restart

Process\Elapsed Time – time since winlogon process has started;monitor processes associated with specific applications and services to monitor the availability of these applications and services

Processor Bottlenecks

Processor\ Processor Time (_Total) - measures the total utilization of your processor by all running processes ;if you have a server with multiple processor then this counter measures the average processor utilization of your machine ;50%-healthy,50%-90% monitor or caution;over 91% critical the processor can't handle it.

Process\Processor Time – see what processes utilize most of the processors power;use all instances when you want to detect which process consumes most processor time;(Process Store – Excange,Process Inetinfo – IIS)

Processor\Privileged Time (_Total) - processor utilization for kernel processes;the server is underpowered;constantly over 75% indicates a bottleneck

Processor\User Time (_Total) - show processor utilization for user-mode processes ;if this counter is high you have to many roles installed on this server

System\Processor Queue Length - how many threads are waiting for execution ; if you have multiple roles installed and the counter value is over 8 you have a problem;if you have multiple processors or cores this number will be divided amongs them;then the queue lenght per processor/core must not be over 2;

How do I enable the NUM LOCK key for the logon screen in Windows 7?

2011-03-03T13:09:00.008+02:00

In Windows 7 NUM LOCK is disabled by defaul at logon.To enable NUM LOCK before a user logs on, follow these steps:

Step 1 - Run Registry Editor.Open Run(windows key+R or Start-->AllPrograms--> Accessories-->Run) and type regedit.

Step 2 - find the following registry key: HKEY_USERS\.Default\Control Panel\Keyboard.

Step 3 - Change the value for InitialKeyboardIndicators from 2147483648(you may have value 0 here) to 2.
Done.Reboot your PC and presto!!Num Lock ON at welcome screen.

Post update 14.7.2011 if you install windows 7 sp1 the num lock is active at startup by default

How to clear corrupted Messages from the Hub or Edge Submission Queues

2011-02-25T13:57:00.006+02:00

If you have ever tried to delete messages stuck in an overflowing Exchange 2007 submission queue you will notice that you can not simply delete the messages as you can for other queues.
In order to clear the Exchange 2007 submission queue you will have to create a new queue database from scratch. This may cause some mail loss but will allow you to get your mail queues functioning properly again.
First you need to be member of the apropriate Security Groups: Local Administrator for Edge Transport Server and Local Administrator+Server Administrator for Hub Transport Server.

Step 1 Stop the Microsoft Exchange Transport service like this:
Computer Management -->Services-->Locate and stop the Microsoft Exchange Transport Service
or from Exchange Managemet Shell type: Stop-Service MSExchangeTransport

Step 2 Navigate to the Queue folder location. By default the folder is located here:
C:\Program Files\Microsoft\Exchange Server\Transport Roles\Data\
Here you will find a folder named Queue .Rename this folder give it a name like Queue2.Create a new empty folder named Queue.

Step3 start the Microsoft Exchange Transport service like this:
Computer Management -->Services-->Locate and start the Microsoft Exchange Transport Service
or from Exchange Managemet Shell type: Start-Service MSExchangeTransport
Confirm mail flows both inbound and out of your server.(In other words the messages from the queues are disappearing.)

Done.How this pelped you :)

How to configure Exchange 2007 Hub Transport role to receive mail from the Internet

2011-02-24T20:17:00.009+02:00

First step is to modify the default receive connector in Exchange Management Console:

Exchange Management Console --> Severs Configuration-->Hub Transport-->Receive Connectors-->Default Your_server_name-->Propreties-->Permission Groups check Anonymus Users

The "Default" receive connector on Hub is configured for other Exchange servers to authenticate, but it does not accept anonymous e-mail by default.See Image Bellow

This step you can't do from the Exchange Management Shell because the command Set-ReceiveConnector parameter -PermissionGroups takes only one value.In other words you can specify only a single group like AnonymousUsers but you need the other groups to remain checked (ExchangeUsers, ExchangeServers, ExchangeLegacyServers).

Second Step configure the send connector to send messages to the internet:
Exchange Management Console -->Organization Configuration -->Hub Transport-->New Send Connector: type the name of the connector and choose the Internet type see image below:

In order for all outbound mail to pass through the connector, the address space of the connector should be * and the type SMTP.See image below:

The network tab allows you to specify whether you'll use a smart host to relay your messages, or if you'll handle the delivery yourself (using DNS).The source server specifies which Exchange server or servers in your organization will be responsible for sending Internet email.
Note: For Romania RDS ISP users SMTP port 25 is blocked you have to use your ISP smart host to relay messages to the internet.RDS's smart host fully qualyfied name is smtp.rdslink.ro.
See image below:

If you want to know more about how to test if port 25 is blocked by your ISP read this article is awsome http://www.postcastserver.com/help/Port_25_Blocking.aspx

Configure the smart host authentication to none.See image below:

Then Next-->New-->Finish

Or to configure the send connector from the Exchange Management Shell type:
new-SendConnector -Name 'to internet' -Usage 'Internet' -AddressSpaces 'SMTP:*;1' -DNSRoutingEnabled $false -SmartHosts 'smtp.rdslink.ro' -SmartHostAuthMechanism 'None' -UseExternalDNSServersEnabled $true -SourceTransportServers 'SERV642'

Third Step if you do not want to be bombarded with spam you should enable the antispam filters on the hub transport servers like this:
Open the Exchange Management Shell and type:

cd "C:\Program Files\Microsoft\Exchange Server\Scripts" 

after that type: Install-AntiSpamAgents.ps1
now restart the transport service: restart-service msexchangetransport
Once you complete these steps, you will see the Anti-spam tab enabled in the Exchange Management Console.See Image Below:

And of course configure the antispam agents but that is another topic.

Forth Step By default, your new Exchange 2007 servers will only accept e-mail destined to the Windows domain that the server was a member of. In order to accept email destined to your external SMTP domain, you will probably need to create a new Accepted Domain:
Open the Exchange Management Shell and type:
New-AcceptedDomain -DomainName xyz.com -Name xyz
or
Exchange Management Console -->Organization Configuration -->Hub Transport--&gt--> then select Accepted Domains tab--> New Accepted Domain (Choose Authoritative Domain)

Notes:Because your server is sitting directly on the Internet, you may want to change the advertised FQDN that is sent in HELO/EHLO commands in SMTP. The user interfaces for both send and receive connectors allows you to configure this.
Because you will not be using Edge Server, you have no need for the Microsoft Exchange EdgeSync service. You can set this service to disabled to prevent it from starting and using system resources.
You can do this from Power Shell or Exchange Management Shell .Type this:

Set-Service MSExchangeEdgeSync -startupType Disabled
Stop-Service MSExchangeEdgeSync

I think almost everyone knows how to disable and stop a service from Computer Management-->Services-->Microsoft Exchange EdgeSync (disable and stop)

Final Suggestions - make sure that your DNS MX record is correct and that your firewall is letting the connection inbound to port 25.(The easiest method if you already have a mail server is to either reuse that server's IP, or update the firewall rule to point to the new Exchange 2007 server's internal IP.)

Venus Project - Future by design

2011-02-24T13:56:00.000+02:00

Venus Project is awsome please help them make a better future for all human beeings not just for some

2011-02-11T13:38:00.000+02:00

Get Flash to see this player.

How to Register Exchange 2007/2010 Server Roles with Security Configuration Wizard(SCW)

2010-12-17T15:36:00.020+02:00

The Security Configuration Wizard(SCW) automates security best practices to reduce the attack surface for a server. The Exchange Server role extensions enable you to use the Security Configuration Wizard(SCW) to create a security policy that is specific to the functionality that is required for each

Microsoft Exchange server role. The extensions are provided with Exchange 2007 and must be registered before you can create a custom security policy.

Step 1. Install an Exchange server role\roles.Install the Security Configuration Wizard(SCW) you will find it in Control Panel-->Add/Remove Programs-->Add/Remove Windows Components-->select Security Configuration Wizard and click next

Note:You must perform the registration procedure on each Exchange 2007 server to which you want to apply an Security Configuration Wizard security policy.

Step 2.To do this step you must be memeber of Local Administrators on the Exchange Server you want to apply the security policy and Exchange Server Administrator .On a server with the Edge Transport Role installed you need to be member of Local Administrators.open cmd and type:

scwcmd register /kbname:Ex2007KB /kbfile:"C:\Program Files\
Microsoft\Exchange Server\scripts\Exchange2007.xml"

Note:the command above works on Windows Server 2003-based or Windows Server 2003
R2-based computer that is running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role.

scwcmd register /kbname:Ex2007EdgeKB /kbfile:"C:\Program Files\

Microsoft\Exchange Server\scripts\Exchange2007Edge.xml"

Note:the command above works on Windows Server 2003-based or Windows Server 2003 R2-based computer that is running Edge Transport Server role.

Step 3. To verify that the command has completed successfully examine the SCWRegistrar_log.xml file that is located in the C:\Windows\Security\Msscw\Logs folder

Step2 For Windows Server 2008-based computer that is running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role is like this:

scwcmd register /kbname:Ex2007KB /kbfile:C:\Program Files\

 Microsoft\Exchange Server\scripts\Exchange2007_WinSrv2008.xml"

For Windows Server 2008-based computer that is running the Edge Transport server role is like this:

scwcmd register /kbname:Ex2007EdgeKB /kbfile:"C:\Program Files\

Microsoft\Exchange Server\scripts\Exchange2007Edge_WinSrv2008.xml"

Note:Step1. and Step3 are the same as for Server 2003-based or Windows Server 2003 R2-based computers

Hope this helped you.Thanks for reading.

How to enable Active Directory Schema Management Console

2010-12-16T16:53:00.003+02:00

Step1. Open Run and type : regsvr32 schmmgmt.dll

Note: If you do not register the schema dll it will not appear in mmc Add/Remove Snap-in

Step2. Open run and type: mmc

Step3. In Management Console go to File-->Add/Remove Snap-in-->select Active Directory Schema and click add then click close then click ok

Step4. File -->Save--> call it schemamgmt or whatever and save it in C:\Windows\System32 folder.(beacause that folder has the Path variable set so you can launch the mmc console without typeing the whole path)

Congratulations now when you open run and type schemamgmt.msc it will launch your Active Directory Schema Management Console.

Hope this helped you.Thanks for reading

How to Install first Exchange 2007 Server from the command line

2010-12-15T18:43:00.006+02:00

Before you install Exchange Server 2007/2010 verify that you have Windows Server 2003 at least sp1 or Windows Server 2003 R2 with sp1.You have installed MMC 3.0(Microsoft Management Console), .Net Frameworks 2.0 and Windows Power Shell.The SMTP and NNTP services must NOT be installed.
Note:
For Mailbox Server Role you need IIS 6.0 installed and COM+Access and World Wide Service components active + the things needed for a tipical install.
For Client Access Server Role you need IIS 6.0 installed and World Wide Service,RPC over HTTP and Asp.NET 2.0 components active + the things needed for a tipical install.
For Unified Messaging Server Role you need Microsoft Windows Media Encoder,Microsoft Windows Media Audio Voice codec,Microsoft Core XML Services (MSXML 6.0)+ the things needed for a tipical install.
For Hub Transport role you need nothing more.
For Edge Transport you need Active Directory Application Mode (ADAM) installed on a stand alone server which is not part of the domain and is located in a dmz or perimeter network.

1.Open cmd and navigate where your Exchange setup folder is or if you have it on cd navigate from cmd in that folder.
2.now type: setup /PrepareAD
3.setup /mode:install /roles:MailBox /OrganizationName exmydomainname
Note:If you want to specify more roles type like this:

setup /mode:install /roles:MailBox,ClientAccess,HubTransport,ManagementTools  /OrganizationName exmydomainname

Note: the prepare AD command must be run in the same site with your domain's Schema Master Server and you must be a member of Enterprise Administrators and Schema Administartors Active Directory groups to run this commands.If there are errors verify your Event Viewer -> Application Log to view them.

Hope this helped you.Thanks for reading.

I quit my job finally I can take no more

2010-12-15T17:09:00.006+02:00

I'm so sick of working for people who demand more and pay less!! If you want to give us more tasks then don't cut our salaryes give us moore money dumb ass! It's to much to ask to have a good paid job these days in Romania what the f*$#k ??
I can't live with what you are giving me!Well I guess it's time to move one.
Please if someone knows some good jobs please tell me.In Romania things aren't going so well so I'm really interested in leaving this country.A good IT job in Canada,Australia or England would be so cool if I could find... I have 2 college degrees in IT, and I have a Microsoft System Administrator(MCSA)and a MCTS.

Thanks for reading my lament :) It's time to update my CV and go job hunting.

Nessus Install the easy way

2010-09-21T15:05:00.001+03:00

1. Download nessus from here.
2.If you are a home user you can register for free to get an update code
3.I'm on Linux so i just double clicked the package and it installed .
4.Activate your account, simply execute the following command :

sudo /opt/nessus/bin/nessus-fetch --register 8BE6-8F7C-8032-5805-D15B(your code here)

5.Add a new administrator user

sudo /opt/nessus/sbin/nessus-adduser (it will ask for a user name and a password )

6.Login from browser - type: https://localhost:8834/

7.If it doesn't work try restarting the nessus service some times it is blocked after installation like this:

sudo service nessusd restart

8.To check for updates manually try this:

sudo /opt/nessus/sbin/nessus-update-plugins

9.How to configure nessus for advanced options.In there you will find the options and a brief explanation.
sudo /opt/nessus/etc/nessus/nessusd.conf

jacksum is a better utility for file integrity cheking

2010-09-21T13:54:00.004+03:00

If you want to verify file download integrity you must install jacksum.
Jacksum supports 58 popular standard algorithms (Adler32, BSD sum, Bzip2's CRC-32, POSIX cksum, CRC-8, CRC-16, CRC-24, CRC-32 (FCS-32), CRC-64, ELF-32, eMule/eDonkey, FCS-16, GOST R 34.11-94, HAS-160, HAVAL (3/4/5 passes, 128/160/192/224/256 bits), MD2, MD4, MD5, MPEG-2's CRC-32, RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320, SHA-0, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, Tiger-128, Tiger-160, Tiger, Tiger2, Tiger Tree Hash, Tiger2 Tree Hash, Unix System V sum, sum8, sum16, sum24, sum32, Whirlpool-0, Whirlpool-1, Whirlpool and xor8).

How to use:

1.sudo aptitude install jacksum

2.jacksum -a md5 Nessus-4.2.2-ubuntu910_i386.deb -this command lists the md5 checksum hash

3. Or for sha1 like this jacksum -a sha1 Nessus-4.2.2-ubuntu910_i386.deb

How to configure rsyslog for basic remote logging

2010-03-16T16:35:00.001+02:00

1.How to enable a basic remote logging via TCP port.
Step 1 (of course you need at least one rsyslog server an one client)
What to do on the server machine to recive rsyslog messages

sudo nano /etc/rsyslog.conf

If the following lines exist uncomment them if not add them:

$ModLoad imtcp
$InputTCPServerRun 10512

Save the file and exit.

Step 2 - restart rsyslog service like this:

sudo service rsyslog restart

Step 3 - the client side
Edit the rsyslog file like this:

sudo nano /etc/rsyslog.conf 

After all the rules in there you add this lines:
*.* @@192.168.1.52:10512
# if you need to forward to other systems as well, just
# add additional config lines:
*.* @@other-server.example.net:10512

Save and exit.Restart rsyslog like I showd you in Step 2.

Note that rsylog messages from the client will be writen in the same files as your local log.

How to find if your system is infected with a rootkit

2010-03-16T16:12:00.000+02:00

Fo that you must install a program named chkrootkit:

sudo aptitude install chkrootkit

How to use?

sudo chkrootkit

If it finds any rootkits except at firmware or hypervisor level it will let you know.For more info on what is a rootkit read this link.

How to verifyi the integrity of critical files on a Linux system

2010-03-03T19:26:00.003+02:00

AIDE is the name file integrity verification is the game :)

The Advanced Intrusion Detection Environment (AIDE) is a free replacement for the popular file integrity verification tool known as Tripwire. It creates a database from regular expression rules that it finds in a configuration file. Once this database is initialized, it can be used to verify the integrity of critical system and user files. AIDE uses most of the popular message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) for checking file integrity. Additional algorithms may also be easily added. All of the traditional file system attributes may be checked for inconsistencies as well.

1.How to install AIDE

sudo aptitude install aide (yum install aide.x86_64 on fedora) 

2.How to configure AIDE

AIDE has 2 configuration files and one folder:

/etc/default/aide                           The AIDE general configuration file. 

/etc/aide/aide.conf                       The AIDE rules configuration file.
/etc/aide/aide.conf.d/ Here is specified what files will AIDE scan and with what rules. 

or if you are on fedora linux there is only one file :

/etc/aide.conf The AIDE configuration file.

3.How to use AIDE

First you must check to see if AIDE's database is present

cd /var/lib/aide

ls -ltr

If you see the file aide.db in the output of the ls command or the directory is empty, then proceed to the initialization step. If, instead, you see the file aide.db.new, then you need to rename the aide.db.new file to aide.db using this command:

sudo mv /var/lib/aide/aide.db.new /var/lib/aide/aide.db

If there is no database you must initialize AIDE like this:

sudo aide.wrapper --init (or if this doesen't work try aide --init if you are on fedora linux)

Now you are ready to do an initial check on files and folders of your system like this:

sudo aide.wrapper --check (or aide --check if you are on fedora)

If all is well in the directories, and files being monitored, you will see this message when the check completes:

### All files match AIDE database. Looks okay!
If not you will see the files that have changed from last time you ran AIDE.

4.If you modify any aide configuration file on ubuntu you must run the update-aide-conf for the configuration changes to take effect:

sudo update-aide-conf

Note : On ubuntu AIDE is very well configured and is aded as a cron job to be run daily with the update parameter.
It is also wise to copy /var/lib/aide/aide.db on a usb stick or on some safe external support and copy it back to your sistem when you want to check for system changes.

How to set default password expiry for all new users

2010-03-02T16:15:00.001+02:00

There is a file in etc named login.defs where you can specify your options
1.Open the file with your favorite editor:

sudo nano /etc/login.defs

2.Search for the following lines:

PASS_MAX_DAYS   99999 (maximun days before password expires)
PASS_MIN_DAYS   0           (minimum days before the password can be changed)
PASS_MIN_LEN    5            (minimum password lenght)
PASS_WARN_AGE   7          (expiration warning how many days before your password will expire)

Edit them to your likeing and save the file.There are many moore options you can set in this file.For more detail type :

man login.defs

What is passwd and how to use it

2010-03-02T13:10:00.007+02:00

The passwd ulility is a must know utility for manageing users passwords.

passwd [-k] [-l] [-u [-f]] [-d] [-n mindays] [-x maxdays] [-w warndays] [-i inactivedays] [-S] [--stdin] [username]

-k The option -k, is used to indicate that the update should only
be for expired authentication tokens (passwords); the user
wishes to keep their non-expired tokens as before.

-l This option is used to lock the specified account and it is
available to root only. The locking is performed by rendering
the encrypted password into an invalid string (by prefixing the
encrypted string with an !).

--stdin This option is used to indicate that passwd should read the new password from standard input, which can be a pipe.

-u This is the reverse of the -l option - it will unlock the
account password by removing the ! prefix. This option is avail-
able to root only. By default passwd will refuse to create a
passwordless account (it will not unlock an account that has
only "!" as a password). The force option -f will override this
protection.

-d This is a quick way to delete a password for an account. It will set the named account passwordless. Available to root only.

-n This will set the minimum password lifetime, in days, if the
user’s account supports password lifetimes. Available to root
only.

-x This will set the maximum password lifetime, in days, if the
user’s account supports password lifetimes. Available to root
only.

-w This will set the number of days in advance the user will begin
receiving warnings that her password will expire, if the user’s
account supports password lifetimes. Available to root only.

-i This will set the number of days which will pass before an
expired password for this account will be taken to mean that the
account is inactive and should be disabled, if the user’s
account supports password lifetimes. Available to root only.

-S This will output a short information about the status of the
password for a given account. Available to root user only.

Examples

1.Change your current password.Open a shell and type:

passwd

2. How to lock an accont

passwd -l john

3.How to set the minimum and the maximum time before a password must be change + a warning to the user set to warn him about 7 days before expiration time.

passwd -n 4 -x 120 -w 7

4.How to see a users configuration

passwd -S john
john PS 2010-02-23 4 120 7 -1 (Password set, SHA512 crypt.)

- you can see if the account has a password(PS), creation date,minimum password age(4),maximum password age(120),warning day (7),time before the account is rendered inactive after the password has expired (-1 means instantly)

How to manage your password information with chage

2010-02-26T19:31:00.010+02:00

The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password.

chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] user

Examples:

1.How to set the minimum password expiration date and the maximux expiration date for a user named john:

chage -m 3 -M 30 john

2.How to make a user's account inactive 1 day after his password has expired

chage -I 1 john

3.How to create a expiration date for the user and warn him with 3 days before that his account will expire.

chage -E 2010-03-20 -W 3

4. How to list user information

chage -l kate
Last password change : Mar 02, 2010
Password expires : Jun 30, 2010
Password inactive : Jul 01, 2010
Account expires : Jul 02, 2010
Minimum number of days between password change : 4
Maximum number of days between password change : 120
Number of days of warning before password expires : 7

5.How to remove password inactive and account expires settings.

chage -E -1 -I -1 kate

chage -l kate
Last password change : Mar 02, 2010
Password expires : Jun 30, 2010
Password inactive : never
Account expires : never
Minimum number of days between password change : 4
Maximum number of days between password change : 120
Number of days of warning before password expires : 7

Note : Only chage can help you set an account expiration date passwd can't.

How to use nmap security scanner

2010-02-23T18:48:00.006+02:00

Nmap is a "Network Mapper", used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren't advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.

Nmap features include:

Host Discovery - Identifying computers on a network, for example listing the computers which respond to pings, or which have a particular port open
Port Scanning - Enumerating the open ports on one or more target computers
Version Detection - Interrogating listening network services listening on remote computers to determine the application name and version number
OS Detection - Remotely determining the operating system and some hardware characteristics of network devices.

Typical uses of Nmap:

-Auditing the security of a computer, by identifying the network connections which can be made to it
-Identifying open ports on a target computer in preparation for auditing
-Network inventory, Network mapping, maintenance, and asset management
Auditing the security of a network, by identifying unexpected new servers.

Nmap options
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL : Input from list of hosts/networks
-iR : Choose random targets
--exclude : Exclude hosts/networks
--excludefile : Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sP: Ping Scan - go no further than determining if host is online
-P0: Treat all hosts as online -- skip host discovery
-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers : Specify custom DNS servers
--system-dns: Use OS's DNS resolver
SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags : Customize TCP scan flags
-sI : Idlescan
-sO: IP protocol scan
-b : FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:
-p : Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
-F: Fast - Scan only the ports listed in the nmap-services file)
-r: Scan ports consecutively - don't randomize
SERVICE/VERSION DETECTION:
-sV: Probe open ports to determine service/version info
--version-intensity : Set from 0 (light) to 9 (try all probes)
--version-light: Limit to most likely probes (intensity 2)
--version-all: Try every single probe (intensity 9)
--version-trace: Show detailed version scan activity (for debugging)
OS DETECTION:
-O: Enable OS detection (try 2nd generation w/fallback to 1st)
-O2: Only use the new OS detection system (no fallback)
-O1: Only use the old (1st generation) OS detection system
--osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
Options which take are in milliseconds, unless you append 's'
(seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T[0-5]: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup : Parallel host scan group sizes
--min-parallelism/max-parallelism : Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout : Specifies
probe round trip time.
--max-retries : Caps number of port scan probe retransmissions.
--host-timeout : Give up on target after this long
--scan-delay/--max-scan-delay : Adjust delay between probes
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu : fragment packets (optionally w/given MTU)
-D : Cloak a scan with decoys
-S : Spoof source address
-e : Use specified interface
-g/--source-port : Use given port number
--data-length : Append random data to sent packets
--ip-options : Send packets with specified ip options
--ttl : Set IP time-to-live field
--spoof-mac : Spoof your MAC address
--badsum: Send packets with a bogus TCP/UDP checksum
OUTPUT:
-oN/-oX/-oS/-oG : Output scan in normal, XML, s|
and Grepable format, respectively, to the given filename.
-oA : Output in the three major formats at once
-v: Increase verbosity level (use twice for more effect)
-d[level]: Set or increase debugging level (Up to 9 is meaningful)
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
--resume : Resume an aborted scan
--stylesheet : XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Insecure.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
-6: Enable IPv6 scanning
-A: Enables OS detection and Version detection
--datadir : Specify custom Nmap data file location
--send-eth/--send-ip: Send using raw ethernet frames or IP packets
--privileged: Assume that the user is fully privileged
--unprivileged: Assume the user lacks raw socket privileges
-V: Print version number
-h: Print this help summary page.

How to use NMAP
1.How to scan your network to see which hosts are up:

nmap -sP 192.168.1.0/24 (it will scan ip-s from 192.168.1.1 to 192.168.1.254 to see which hosts are up)
Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-23 19:05 EET
Host 192.168.1.12 is up (0.0010s latency).
MAC Address: 00:25:9C:27:E5:01 (Cisco-Linksys)
Host 192.168.1.50 is up (0.00021s latency).
MAC Address: 00:24:8C:5D:EC:6C (Asustek Computer)
Host 192.168.1.51 is up.
Host 192.168.1.53 is up (0.0013s latency).
MAC Address: 08:00:27:C1:3B:9D (Cadmus Computer Systems)
Nmap done: 256 IP addresses (4 hosts up) scanned in 2.88 seconds

2. Now we scan 192.168.1.12 using a SYN scan [-sS] and -A to enable OS fingerprinting and version detection.The results will be saved in a file named nmap.log.

nmap -sS -A -oN nmap.log 192.168.1.12

Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-23 19:12 EET
Interesting ports on 192.168.1.12:
Not shown: 998 closed ports
PORT     STATE SERVICE VERSION
80/tcp   open http    Linksys WRT54GL wireless-G router http config
|_ html-title: 401 Unauthorized
| http-auth: HTTP Service requires authentication
|_   Auth type: Basic, realm = WRT54GL
5431/tcp open http    Belkin/Linksys wireless router http config (Linux 2.4; UPnP 1.0; BRCM400 1.0)
MAC Address: 00:25:9C:27:E5:01 (Cisco-Linksys)
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.18 - 2.4.35 (likely embedded)
Network Distance: 1 hop
Service Info: Devices: WAP, router

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 15.74 seconds

3.How to scan a host for open ports ,network services,os version,ipid:

nmap -sS -P0 -A -v 192.168.1.53

Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-23 19:38 EET
NSE: Loaded 30 scripts for scanning.
Initiating ARP Ping Scan at 19:38
Scanning 192.168.1.53 [1 port]
Completed ARP Ping Scan at 19:38, 0.06s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 19:38
Completed Parallel DNS resolution of 1 host. at 19:38, 0.05s elapsed
Initiating SYN Stealth Scan at 19:38
Scanning 192.168.1.53 [1000 ports]
Discovered open port 22/tcp on 192.168.1.53
Completed SYN Stealth Scan at 19:38, 1.41s elapsed (1000 total ports)
Initiating Service scan at 19:38
Scanning 1 service on 192.168.1.53
Completed Service scan at 19:38, 0.05s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against 192.168.1.53
Retrying OS detection (try #2) against 192.168.1.53
Retrying OS detection (try #3) against 192.168.1.53
Retrying OS detection (try #4) against 192.168.1.53
Retrying OS detection (try #5) against 192.168.1.53
NSE: Script scanning 192.168.1.53.
NSE: Starting runlevel 1 scan
Initiating NSE at 19:38
Completed NSE at 19:38, 0.24s elapsed
NSE: Script Scanning completed.
Host 192.168.1.53 is up (0.00085s latency).
Interesting ports on 192.168.1.53:
Not shown: 999 closed ports
PORT   STATE SERVICE VERSION
22/tcp open ssh     OpenSSH 5.1p1 Debian 6ubuntu2 (protocol 2.0)
| ssh-hostkey: 1024 51:08:cd:ba:ad:5a:4d:87:20:5b:41:ee:f2:34:80:e5 (DSA)
|_ 2048 a2:7c:9e:22:7e:9c:3f:2e:7d:46:d6:1a:29:f1:c2:c8 (RSA)
MAC Address: 08:00:27:C1:3B:9D (Cadmus Computer Systems)
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.00%D=2/23%OT=22%CT=1%CU=41757%PV=Y%DS=1%G=Y%M=080027%TM=4B8412B
OS:0%P=x86_64-redhat-linux-gnu)SEQ(SP=C5%GCD=1%ISR=C0%TI=Z%CI=Z%II=I%TS=8)S
OS:EQ(SP=C6%GCD=1%ISR=BF%TI=Z%CI=Z%II=I%TS=8)SEQ(SP=C6%GCD=1%ISR=C0%TI=Z%CI
OS:=Z%II=I%TS=8)SEQ(SP=C5%GCD=1%ISR=BF%TI=Z%CI=Z%II=I%TS=8)OPS(O1=M5B4ST11N
OS:W5%O2=M5B4ST11NW5%O3=M5B4NNT11NW5%O4=M5B4ST11NW5%O5=M5B4ST11NW5%O6=M5B4S
OS:T11)WIN(W1=16A0%W2=16A0%W3=16A0%W4=16A0%W5=16A0%W6=16A0)ECN(R=Y%DF=Y%T=4
OS:0%W=16D0%O=M5B4NNSNW5%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(
OS:R=N)T3(R=Y%DF=Y%T=40%W=16A0%S=O%A=S+%F=AS%O=M5B4ST11NW5%RD=0%Q=)T4(R=Y%D
OS:F=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O
OS:=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W
OS:=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%R
OS:IPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)

Uptime guess: 0.004 days (since Tue Feb 23 19:33:04 2010)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=197 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux

Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 15.74 seconds
           Raw packets sent: 1103 (52.340KB) | Rcvd: 1076 (46.596KB)
vices available

How to manage service in fedora

2010-02-18T18:36:00.001+02:00

1.Open a shell and login as root
2.The service command

service --status-all (it shows you the status of the services)
service sshd restart (you can use start,stop,restart,reload)

3.The chkconfig command - run with no parameters it shows all the services and their status in all the runlevels.You can turn on or off a service as well in the desired runlevel.

chkconfig 

chckconfig --level 5 sshd on (this option will automaticly start ssh server at boot in the default fedora runlevel)

4.The ntsysv command - it opens a menu where you can set your options.
ntsysv (this will help you set up if a service should start or not at boot in your default runlevel)

How to use GnuPG/GPG to encrypt and sign your files

2010-02-12T17:24:00.024+02:00

GNU Privacy Guard (GnuPG or GPG) is a free software alternative to the PGP suite of cryptographic software.GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ "owner" identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.

This tutorial is for linux users.
1.Open a shell and type :

gpg --gen-key

This will produce a menu asking you what type of algorithm you want.

Please select what kind of key you want:

Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)

Your selection?

DSA, aka Digital Signature Algorithm, is an algorithm which is used for signing messages, whereas ElGamal useable for encryption as well as signatures. (A good discussion of the encryption options available is located here).The default should be fine, although any key length longer than 2048 will be ignored for the DSA algorithm (ie: your ElGamal key will be 2048 bits, but the DSA one will still be 1024). This is because DSA keys cannot be larger than 1024 bits, although they can be as small as 512 bits (but this would not be useful in a real world setting).

Next, you choose the length of your key.

SA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits

The problem with larger keys is that they will empty the entropy pool quickly during generation. You can get around this by having several people log in and do their work, which seeds the entropy pool on Linux (and other) systems. For this example key, I'll leave it at the default of 2048 bits.
Note: an entropy pool is used by the random number function on most operating systems. It is important to keep it random because keys generated from non-random numbers can be cracked much more easily. Linux (and other systems such as OpenBSD) keep the entropy pool fed by monitoring the input of the random device in a computer system: the human.

Please specify how long the key should be valid.

        0 = key does not expire

       d = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0) 1y
Key expires at Wed 16 Feb 2011 04:58:53 PM EET
Is this correct? (y/N) y

If you don't think you'll use your key much, but do want to be able to use it at any time, don't set your key to expire. If you are paranoid about security, you might want to set your keys to expire after a period (1 year to 3 years depending on key usage). Remember that you can always manually expire keys at a later time through key revocation.
Regardless of what expiry setting you choose, GnuPG will ask you to confirm it.

Key does not expire at all
Is this correct (y/n)?

Next you enter your user ID for the key.

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
"John Lock "
Real name:
Email address:
Comment:

If you entered the data as follows:

Real name: John Lock
Email address: john_lock@yahoo.com
Comment: just beleve
You selected this USER-ID: "John Lock (just beleve) "

Your ID would be: My name (me). GnuPG will then allow you to correct any mistakes, generate the key, or abort.

Next will be your passphrase. It is very, very important that you choose a strong one you can remember. Without this passphrase, anyone who can copy your PGP keys will be able to impersonate you (such as your local sysadmin on a shared system). If your system is cracked, a passphrase on your key ring might be the only thing stopping the cracker from impersonating you. The caveat is that if you forget your passphrase, you will not be able to use your own keys.
After this, GnuPG will generate your keys. You should see a message like this:

We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.

You will see some characters scroll by. If GnuPG can't get enough random characters, you'll see a message like this:

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need NN more bytes)

Don't panic! Just run some programs,type some random characters in the shell, etc. If you have installed egd (the entropy gathering daemon [scroll down page for egd info and files]), play some music into the microphone. Once GnuPG is done, you should see this message:

public and secret key created and signed.

Congratulations. You now have a pair of keys. One is private, and one is public. Think of them as a birth certificate, library card, and drivers' licence rolled into one.

2.Generate a revocation certificate

After your key pair is created you should immediately generate a revocation certiﬁcate for the primary public key using the option -gen-revoke.If you forget your passphrase or if your private key is compromised or lost,this revocation certiﬁcate may be published to notify others that the public key should nolonger be used.A revoked public key can still be used to verify signatures made by you in the past, but it cannot be used to encrypt future messages to you.It also does not affect your ability todecrypt messages sent to you in the past if you still do have access to the private key.

gpg --output revoke.asc --gen-revoke key_id(you can put the user id and it will work )

Example:

gpg --output revoke.asc --gen-revoke 915E0CF3

3.Exchange keys with your friends

To communicate with others you must exchange public keys.To list the keys on your public keyring use the command-line option -list-keys.The number 915E0CF3 in the example below is your public key's id number.

gpg --list-keys

pub 2048R/915E0CF3 2010-02-16 [expires: 2011-02-16]
uid John Lock (just beleve)
sub 2048R/597A4582 2010-02-16 [expires: 2011-02-16]

Now to export the key in armored format(is better to be armored if you email the key or if you publish it on the web) :

gpg --output johnlock.asc --armor --export key_id

Now you must give this key(johnlock.asc) which is in your home folder to your friend.If you send it by mail then you should call him/her and tell her the fingerprint.If the fingerprint is ok then the certificate is realy from that person.How to see the fingerprint of a key:

gpg --edit-key john_lock (you can use the id like this or gpg --edit-key 915E0CF3 )
Command> fpr (this will list the keysfingerprint)

4.Importing a friends public key

Let's presume that your friend gave you his public key named jack.asc.pub.

gpg --import jack.asc.pub

After checking the ﬁngerprint, you may sign the key to validate it.Since key veriﬁcation is a weak point in public-key cryptography, you should be extremely careful and always check a key’s ﬁngerprint with the owner before signing the key.

gpg --edit-key jack_shepard (or key_id)

Command> sign jack_shepard (or_key_id)

Once signed you can check the key to list the signatures on it and see the signature that you have added.Every user ID on the key will have one or more self-signatures as well as a signature for each user that has validated the key.

Command> check

Then you can set a trust level for your friends key:

Command>trust jack_shepard(or key_id)

After that save and exit.

Command> save

Note . It is a good practice to sign and trust someone else's public key then to export that persons key and send it back to them.That is how you rase the credibility of your public key by letting other people sign it and send it back to you.

5.Encrypt/Decrypt documents

a.Encrypt a document
If you want to encrypt a document for someone else use his public key you just imported in the previous exercise.If you want to encrypt a document for yourself use your public key.
Note if you encrypt the document using someone else's public key only that person can decrypt that document.

gpg  --output doc_name.gpg  --encrypt --armor --recipient  key_id  doc_name

b.Decrypt a document

gpg --output doc_name --decrypt doc_name.gpg

6.Symmetric encription

If you do not need to send the document to anyone and is your private document you can use symmetric encryption.

gpg  --output doc_name.gpg  --armor --symmetric   doc_name

Enter Passphrase:type_the_password_you_want(it is a new password don't use youre public key password)

To decrypt type:

gpg  --output doc_name  --decrypt   doc_name.gpg

Enter Passphrase:

7.Making and verifying signatures

A digital signature certiﬁes and time stamps a document. If the document is subsequently modiﬁed in any way,a veriﬁcation of the signature will fail.A digital signature can serve the same purpose as a hand-written signature with the additional beneﬁt of being tamper resistant. The GnuPG source distribution,for example,is signed so that users can verify that the source code has not been modiﬁed since it was packaged.
Creating and verifying signatures uses the public/private key pair in an operation different from encryption and decryption.A signature is created using the private key of the signer.The signature is veriﬁed using the corresponding public key.
How to create a signature file:

gpg --output doc_name.sig --armored  --sign doc_name

The document is compressed before being signed, and the output is in binary format.
Given a signed document, you can either check the signature or check the signature and recover the original document.To check the signature use the -verify option. To verify the signature and extract the document use the -decrypt option.The signed document to verify and recover is input and the recovered document is output.
To verify signature type:

gpg --verify doc_name.sig

To decrypt the document type:

gpg --output doc_name --decrypt doc_name.sig

A common use of digital signatures is to sign usenet postings or email messages. In such situations it is undesirable to compress the document while signing it.The option -clearsign causes the document to be wrapped in anASCII-armored signature but otherwise does not modify the document.

gpg --clearsign doc_name (this will create a signed document named doc_name.asc)

Detached signatures

A signed document has limited usefulness.Other users must recover the original document from the signed version, and even with clearsigned documents, the signed document must be edited to recover the original. Therefore, there is a third method for signing a document that creates a detached signature, which is a separate ﬁle.A detached signature is created using the -detach-sig option.

gpg --output doc_name.sig --detach-sig doc_name

Both the document and detached signature are needed to verify the signature.The -verify option can be used to check the signature:

gpg --verify doc_name.sig doc_name

8.Exporting a key from a key server

Exporting a key:

gpg --send-keys --keyserver keyserver.ubuntu.com

Importing a key:

gpg --recv-keys --keyserver keyserver.ubuntu.com

9.Key Management and examples

gpg --edit-key key_id     Present a menu which enables you to do all key related tasks:

sign    Make a signature on key of user name If the key is not yet signed by the default user (or the users given with -u), the program displays the information of the key again   together with its fingerprint and asks whether it should be signed. This question is repeated for all users specified with -u.
lsign    Same as --sign but the signature is marked as non-exportable and will therefore never be used by others. This may be used to make keys valid only in the local environment.
nrsign    Same as --sign but the signature is marked as non-revocable and can therefore never be revoked.
nrlsign    Combines the functionality of nrsign and lsign to make a signature that is both non-revocable and non-exportable.
revsig    Revoke a signature. For every signature which has been generated by one of the secret keys, GnuPG asks whether a revocation certificate should be generated.
trust    Change the owner trust value. This updates the trust-db immediately and no save is required.
disable
enable    Disable or enable an entire key. A disabled key can not normally be used for encryption.
adduid    Create an alternate user id.
addphoto    Create a photographic user id. This will prompt for a JPEG file that will be embedded into the user ID. Note that a very large JPEG will make for a very large key.
deluid    Delete a user id.
delsig    Delete a signature.
revuid       Revoke a user id.
addkey       Add a subkey to this key.
delkey    Remove a subkey.
addrevoker [sensitive]    Add a designated revoker. This takes one optional argument: "sensitive". If a designated revoker is marked as sensitive, it will not be exported by default (see export-options).
revkey    Revoke a subkey.
expire    Change the key expiration time. If a subkey is selected, the expiration time of this subkey will be changed. With no selection, the key expiration of the primary key is changed.
passwd    Change the passphrase of the secret key.
primary    Flag the current user id as the primary one, removes the primary user id flag from all other user ids and sets the timestamp of all affected self-signatures one second ahead. Note that setting a photo user ID as primary makes it primary over other photo user IDs, and setting a regular user ID as primary makes it primary over other regular user IDs.
uid n    Toggle selection of user id with index n. Use 0 to deselect all.
key n    Toggle selection of subkey with index n. Use 0 to deselect all.
check    Check all selected user ids.
showphoto    Display the selected photographic user id.
pref    List preferences from the selected user ID. This shows the actual preferences, without including any implied preferences.
showpref    More verbose preferences listing for the selected user ID. This shows the preferences in effect by including the implied preferences of 3DES (cipher), SHA-1 (digest), and Uncompressed (compression) if they are not already included in the preference list.
setpref string    Set the list of user ID preferences to string, this should be a string similar to the one printed by "pref". Using an empty string will set the default preference string, using "none" will set the preferences to nil. Use "gpg -v --version" to get a list of available algorithms. This command just initializes an internal list and does not change anything unless another command (such as "updpref") which changes the self-signatures is used.
updpref    Change the preferences of all user IDs (or just of the selected ones to the current list of preferences. The timestamp of all affected self-signatures will be advanced by one second. Note that while you can change the preferences on an attribute user ID (aka "photo ID"), GnuPG does not select keys via attribute user IDs so these preferences will not be used by GnuPG.
toggle    Toggle between public and secret key listing.
save    Save all changes to the key rings and quit.
quit    Quit the program without updating the key rings.
   The listing shows you the key with its secondary keys and all user ids. Selected keys or user ids are indicated by an asterisk. The trust value is displayed with the primary key: the first is the assigned owner trust and the second is the calculated trust value. Letters are used for the values:
-    No ownertrust assigned / not yet calculated.
e    Trust calculation has failed; probably due to an expired key.
q    Not enough information for calculation.
n    Never trust this key.
m    Marginally trusted.
f    Fully trusted.
u    Ultimately trusted.

gpg --delete-key key_id (deletes a public key you don't need)

For mor information check this out is the online man page:
http://www.squarebox.co.uk/cgi-squarebox/manServer/gpg.1

For windows users there is gpg4win if they want to use gnupg.

What is md5sum

2010-02-11T14:44:00.005+02:00

md5sum is a computer program that calculates and verifies 128-bit MD5 hashes, as described in RFC 1321. The MD5 hash (or checksum) functions as a compact digital fingerprint of a file. It is extremely unlikely that any two non-identical files existing in the real world will have the same MD5 hash (although as with all such hashing algorithms, there are an unlimited number of files that will have any given MD5 hash).
Because almost any change to a file will cause its MD5 hash to also change, the MD5 hash is commonly used to verify the integrity of files (i.e., to verify that a file has not changed as a result of file transfer, disk error, meddling, etc.). The md5sum program is installed by default in most Unix, Linux, and Unix-like operating systems or compatibility layers. BSD variants (including Mac OS X) have a similar utility called md5. Versions for Microsoft Windows do exist (see external links at the bottom of the page).

Example
1.If you download for example ubuntu-9.10-desktop-i386.iso and want to verify the integrity of the file open a shell and type:

md5sum ubuntu-9.10-desktop-i386.iso

the out put will be:

8790491bfa9d00f283ed9dd2d77b3906  ubuntu-9.10-desktop-i386.iso

Ok now go to this page UbuntuHashes and search for the md5hash for your distribution compare with your result.If they match then the file is ok.Some sites like snort provide the md5 hash in a file for download.To check the integrity of the file you just downloaded you must download the .md5 file too and use md5sum like this:

md5sum snort-2.8.5.3.tar.gz -c snort-2.8.5.3.tar.gz.md5

For windows you can use:
Jacksum - Jacksum is a free and platform independent software for computing and verifying checksums, CRCs and message digests
Fsum - a command line utility to check the md5hash.
HashCheck - is another utility to check the md5hash from explorer.
MD5Summer - is another standalone utility utility to check the md5hash.

What is TCPDUMP and how to use it

2010-02-11T12:45:00.009+02:00

TCPDUMP is a packet analyzer that runs under the command line.It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.I has a version for windows too named WinDump.

What is it good for?

Tcpdump is frequently used to debug applications that generate or receive network traffic. It can also be used for debugging the network setup itself, by determining whether all necessary routing is occurring properly, allowing the user to further isolate the source of a problem.
It is also possible to use tcpdump for the specific purpose of intercepting and displaying the communications of another user or computer. A user with the necessary privileges on a system acting as a router or gateway through which unencrypted traffic such as TELNET or HTTP passes can use tcpdump to view login IDs, passwords, the URLs and content of websites being viewed, or any other unencrypted information.

Examples:

I.To see on which network interfaces tcpdump can capture packets type:

sudo tcpdump -D

Output of the above command :

1.eth0

2.any (Pseudo-device that captures on all interfaces)

3.lo

II.How to capture packets from a interface

sudo tcpdump -i eth0 or if you want the output saved in a file for later analysis type sudo tcpdump -i eth0 -w tcpdumpfile.log

III.How to see data in human readable format while captured:

sudo tcpdump  -l  |  tee dat

IV.Print packets ariveing from ubuntubox1(192.168.2.3) or departing from it using the host name or the ip:

sudo tcpdump host ubuntubox1 

or like this:

sudo tcpdump host 192.168.2.3

V.To print traffic between ubuntumaster and either ubuntubox1 or ubuntubox2:

tcpdump host ubuntumaster and \( ubuntubox1 or ubuntubox2 \) 

VI.To print all IP packets between ubuntubox1 and any host except ubuntumaster:

tcpdump ip host ubuntubox1 and not ubuntumaster 

VII. How to print packets that are send and recived from port 22:

sudo tcpdump port 22 -w tcpdump.log

VIII. How to print trafic showing the ip-s of the sender and reciver

sudo tcpdump -nS 

sudo tcpdump -nnvvS (to see a good amount of traffic with verbosity and no name)

IX.How to print traffic from only a source or destination ignoring one side of the host conversation

sudo tcpdump src 192.168.2.4

sudo tcpdump dst 192.168.2.5

X.How to capture traffic from an entire network

sudo tcpdump net mynetworkdomain.com

or like this:

sudo tcpdump net   192.168.2.0/24

XI.How to print a specific number of packets from a specific protocol (protocols supported are TCP, UDP,ICMP,ARP and IP):

sudo tcpdump -c20  TCP

XII. How to filter traffic based on source port and destination port

sudo tcpdump src port 22 and dst port 22

Note you can combine options using expressions.Accepted expresions are: and,or,not.

If you save the output to a file with -w option, it is not human readable.You must use another software like WireShark to be able to see it in human readable format.

Open SSH basic security

2010-02-10T20:08:00.002+02:00

For the ssh to be secure any competent network admin will tell you to do the following:
Open a shell and type :
sudo nano /etc/ssh/sshd_config (this is the openssh-server configuration file)
1.Find the line where you see port 22 and change the port number to another number example port 2232 (the number must be higher than 1024).Now when you log to this sistem you must specify the port number like this:

ssh -p 2232 cata@ubuntubox1

2.Find the line where you see PermitRootLogin yes and change to no .If you do this nobody can ssh login with the root user.
3.Try to use passwordless authentication and in the sshd_config set PasswordAuthentication no.

How to configure password-less authentication with Open SSH

2010-02-10T19:44:00.003+02:00

In my experience as a network admin is not a good ideea to let users login with their machine credentials so I will show you how to ssh login using public key and private key authentication.
Note . I presume that you have already installed the openssh-server package.
1.Open a shell and type
ssh-keygen (this is the ssh utility for PKI authentication.It will generate a public key and a private key.)

Generating public/private rsa key pair.

Enter file in which to save the key (/home/cata/.ssh/id_rsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in id_rsa.

Your public key has been saved in id_rsa.pub.

The key fingerprint is:

7a:df:3b:ac:6f:72:24:44:31:9d:c1:61:bb:59:9f:61 cata@krishnamurti2

The key's randomart image is:

+--[ RSA 2048]----+

|          o+++   |

|          .o+.   |

|         .  . .E |

|          .  +..o|

|        S.  o  ..|

|       .  . .    |

|      . .  +     |

|       . ...=    |

|          o*+o   |

+-----------------+

2.Lets presume you want to login without a password to the pc named xubuntu(192.168.2.55).

ssh-copy-id -i ~/.ssh/id_rsa.pub cata@192.168.2.55 - this will copy your public key(id_rsa.pub) to the remote sistem and generate the file /home/cata.ssh/authorized_keys where your public key will be inserted.

3.Restart ssh server on the remote host :

suso service ssh restart

4.Now from your shell type:

ssh 192.168.2.55 (and you will be loged in without a password)

5.If you want to test that everything is ok type:

ssh-add -l (this will show you all the public keys thata are stored in your public agent)
If there are no keys here and ssh-copy-id has made an error to add a public key manualy do this:

ssh-add

If you want to delete a key from the agent do this
ssh-add -d or ssh-add -D (deletes all keys)
Recommandation
Change your public key password at least once a year .To change the password without generating a new key type:

ssh-keygen -p

How to copy files with SCP

2010-02-10T17:10:00.005+02:00

1.Copy a file to another host:

scp sourcefile user@host:/directory/TargetFile

2.Copying file from host:

scp user@host:/directory/sourcefile TargetFile

Note that if the remote host uses a port other than the default of 22, you can specify it in the command.
For example, copying a file from host:

scp -P 2222 user@host:/directory/SourceFile TargetFile

Virtual Box How to change screen resolution in a Ubuntu 9.10 guest system

2010-02-05T16:19:00.003+02:00

Two days ago I installed a ubuntu 9.10 virtual machine.The process of installation went great except for the video driver.I have a Sapphire ATI HD 4850 HD 512 DDR3 with an and a Samsung SyncMaster T240HD monitor 1920x1200 maximum resolution.And yet the secreen maximum resolution was 800x600.
So after some reading of Virtual Box manual i found the answer.

You must install the Guest Drivers in the Ubuntu guest machine and create a xorg.conf file.

Step 1 - Start the virtual machine and mout the VBoxAdditions.iso
If you can't find it on the menu you will have to find the image and mount it .If your on a windows host you will find it in your VirtualBox instalation folder mine is on d:\VirtualBox\.If you are on linux host you will find it in /usr/share/Virtual Box/ folder.

Step 2 - install the guest adition drivers
Open a shell and type:

cd /media/cdrom0/
ls -ltr
If you are on 32 bit machine you must install VBoxLinuxAdditios-x86.run like this:
sudo sh VBoxLinuxAdditios-x86.run
After the install completes reboot the sistem
Step 3 - create a xorg.conf file
Open a shell and type:
sudo gedit /etc/X11/xorg.conf
Now copy this lines bellow in the xorg.conf file you just created and save the file.

Section "Device"
   Identifier   "Configured Video Device"
   Driver    "vboxvideo"

EndSection


Section "Screen"
   Identifier    "Default Screen"
   Device    "VirtualBox graphics card"
   Monitor    "Generic Monitor"
   DefaultDepth    24
   SubSection "Display"
     Depth    24
     Modes      "1920x1200"
   EndSubSection
EndSection

Under modes put your own monitor resolution.Log out and after that you will be able to change the screen resolution using Sistem-->Preferences-->Display

Xinetd the super server

2010-02-04T20:36:00.006+02:00

Xinetd performs the same function as inetd: it starts programs that provide Internet services. Instead of having such servers started at system initialization time, and be dormant until a connection request arrives, xinetd is the only daemon process started and it listens on all service ports for the services listed in its configuration file. When a request comes in, xinetd starts the appropriate server. Because of the way it operates, xinetd (as well as inetd) is also referred to as a super-server.The only reason for the existence of a super-server was to conserve system resources by avoiding to fork a lot of processes which might be dormant for most of their lifetime. While fulfilling this function, xinetd takes advantage of the idea of a super-server to provide features such as access control and logging. Furthermore, xinetd is not limited to services listed in /etc/services. Therefore, anybody can use xinetd to start special-purpose servers.

CONTROLLING XINETD
SIGHUP causes a hard reconfiguration, which means that xinetd re-reads the configuration file and terminates the servers for services that are no longer available. Access control is performed again on running servers by checking the remote location, access times and server instances. If the number of server instances is lowered, some arbitrarily picked servers will be killed to satisfy the limit; this will happen after any servers are terminated because of failing the remote location or access time checks. Also, if the INTERCEPT flag was clear and is set, any running servers for that service will be terminated; the purpose of this is to ensure that after a hard reconfiguration there will be no running servers that can accept packets from addresses that do not meet the access control criteria. SIGQUIT causes program termination. SIGTERM terminates all running servers before terminating xinetd. SIGUSR1 causes an internal state dump (the default dump file is /var/run/xinetd.dump; to change the filename, edit config.h and recompile). SIGABRT causes an internal consistency check to verify that the data structures used by the program have not been corrupted. When the check is completed xinetd will generate a message that says if the check was successful or not.
xinetd.conf is the configuration file that determines the services provided by xinetd. Any line whose first non-white-space character is a ’#’ is considered a comment line. Empty lines are ignored.You can find it in /etc/xinetd.conf. The file contains entries of the form: service { ... ... }
The necessary attributes for a service in xinetd.conf are:

socket_type 

 user (non-internal services only) 

server (non-internal services only) 

wait  protocol (RPC and unlisted services only)

  rpc_version (RPC services only) 

rpc_number (unlisted RPC services only)

port (unlisted non-RPC services only)

EXAMPLE

# # Sample configuration file for xinetd

defaults
{
log_type = FILE /var/log/servicelog
log_on_success = PID
log_on_failure = HOST
only_from = 128.138.193.0 128.138.204.0
only_from = 128.138.252.1
instances = 10
disabled = rstatd

}

service ftp
{
socket_type = stream
wait = no
nice = 10
user = root
server = /usr/etc/in.ftpd
server_args = -l
instances = 4
log_on_success += DURATION HOST USERID
access_times = 2:00-9:00 12:00-24:00
}

For more details see http://manpages.ubuntu.com/manpages/lucid/en/man5/xinetd.conf.5.html

How to run a software with .sh or .run extension

2010-02-04T19:51:00.001+02:00

Open a shell and go to the folder where the executable aplication is then type:

1. sudo sh soft_name.sh
or like this
2. sudo ./soft_name.sh

For a software with *.run extension is done the same.

TCP Wrappers

2010-02-03T18:09:00.021+02:00

If you want to set up a very good security you must build a layerd security.Tcp Wrappers is like a basic firewall that protects your network services.

A basic security before you set up ipfilters firewall looks like this:
xinetd -->TCPWrappers-->network service (layerd security)
To create the TCP Wrappers rules edit these two files:

hosts.allow and hosts.deny

These two files, located in your /etc/ folder, allow you to limit or permit connections from specific hosts or ips. Using these two files you could setup a whitelisting basic firewall or blacklist.

Here is the format:

daemon_list : client_list [ : shell command]

daemon_list - is a list of one or more daemon process names (argv[0] values) or server port numbers or wildcards.
client_list - is a list of one or more host names, host addresses, patterns or wildcards that will be matched against the client host name or address.
shell command is optional
List elements should be separated by blanks and/or commas.

Wildcards

Here are lists of wildcards support by tcp wrappers:

ALL The universal wildcard, always matches.
LOCAL Matches any host whose name does not contain a dot character.
UNKNOWN Matches any user whose name is unknown, and matches any host whose name or address are unknown.
KNOWN Matches any user whose name is known, and matches any host whose name and address are known.
PARANOID Matches any host whose name does not match its address.

Shell commands

I never used theese but you can open a shell type man hosts.allow to find out more

Example of editing rules for TCP Wrappers:

Open your favorite editor and open the hosts.allow file

sudo nano /etc/hosts.allow

ALL: 127.0. (the 127.0. range is allowed)

telnetd : 192.168.0.2 (specific IP) 192.168.0. (specific range) EXCEPT 192.168.0.10 (range exceptions)

sudo nano /etc/hosts.deny

ALL : ALL (denying all services to all hosts)

How to test if tcpwrappers is working:

1.Open a shell and type:

tcpdchk -v (tcpdchk examines your tcp wrapper configuration and reports all potential and real problems it can find. The program examines the tcpd access control files (by default, these are /etc/hosts.allow and /etc/hosts.deny), and compares the entries in these files against entries in the inetd(xinetd) network configuration file.)

2.Open a shell and type:

tcpdmatch in.telnetd 192.168.0.2 (tcpdmatch predicts how the tcp wrapper would handle a specific request for a service.The program examines the tcpd access control tables (default /etc/hosts.allow and /etc/hosts.deny) and prints its conclusion. For maximal accuracy, it extracts additional information from your inetd(xinetd) network configuration file.When tcpdmatch finds a match in the access control tables, it identifies the matched rule. In addition, it displays the optional shell commands or options in a pretty-printed format; this makes it easier for you to spot any discrepancies between what you want and what the program understands.)

 How to check if a service is compatible with tcpwrappers:

1. Not all the services are compatible with TCP Wrappers , so to see which services are compatible open a shell and type:

ldd /usr/sbin/telnetd | grep libwrap (this example tests the telnet service)

In the example above we see that the telnetd (telnet server) is referring to the libwrap.so, so we can tell that any restrictions in hosts.allow and hosts.deny are applicable to that service.

How to verify if a service is running

2010-01-21T20:35:00.001+02:00

1.Type this command to see all the services status:
sudo service --status-all
2.To verify the status of one service type:
sudo service cups status
2.The service command can be used to start or stop a service if you know the service name :
sudo service cups stop (stops the printing service)
sudo service cups start (starts the printing service)

Hot to manage Services in Ubuntu the easy way

2010-01-21T16:56:00.001+02:00

If you are tiered to start or stop a service running /etc/init.d/apache2 start {start|stop|restart} you can do this:

Step 1 :
Install the service manager utility sysv-rc-conf like this:
sudo apt-get install sysv-rc-conf
Step 2:
Run the application :
sudo sysv-rc-conf
= - start a service from the list
- - stop a service from the list
SPACE key - to stop automatic start of a service in diffrent runlevels
q - exit application
h - help

Done.

What should I do if I can't remove or reinstall Microsoft Office ?

2010-01-14T09:52:00.002+02:00

For Office XP or Office 2003

1. Insert the first disk of your Office CD set in the CD-ROM drive.
2.Right click and open the cd. DO NOT RUN THE INSTALLER.
3. Search for the file : Offcln.exe.(you can use the search from explorer).Run it.

Hot to change the runlevel in Ubuntu 9.10

2010-01-13T17:21:00.006+02:00

1.To change the runlevel you must edit this file rc-sysinit.conf.

Edit the file as administrator like this:

sudo gedit /etc/init/rc-sysinit.conf

Find the folowing line an put the runlevel number you want.

env DEFAULT_RUNLEVEL=2

Carefull do not let spaces between equal sign and the number.That is it.Reboot and done.

2.If you want to change runlevels just for this session do this:
sudo init 3 (runlevel numbers 2-5)
runlevel (this command will show you what runlevel you are running in now)

Grub 2 Bootloader File Structure

2010-01-13T16:09:00.002+02:00

GRUB 2 incorporates a totally revised folder and file hierarchy. The menu.lst of GRUB legacy is no longer used.
To find out where GRUB 2 is installed, the user can run the following commands: sudo grub-probe -t device /boot/grub for the device and sudo grub-probe -t fs_uuid /boot/grub for the UUID.

The main folders and files used by GRUB 2 include:

/boot/grub/grub.cfg
This is the file most closely resembling GRUB's /boot/grub/menu.lst. This file contains the GRUB 2 menu information but unlike GRUB's menu.lst the grub.cfg file is not meant to be edited.
Each section is clearly delineated with "(### BEGIN)" and references the file in the /etc/grub.d folder from which the information was generated.
grub.cfg is updated by running the update-grub command as root. The update-grub command is a stub for sudo grub-mkconfig -o /boot/grub/grub.cfg. For standardization, the command update-grub will be employed, run as "root" with the sudo.
The file is automatically updated with kernel installations/removals or other updates which would affect its output.
By default, and whenever the update-grub command is executed, this file is made "read-only". This is in keeping with the intent that the file should not be edited manually.
The user will also see a multitude of *.mod files in the /boot/grub folder. These files relect the modular nature of GRUB 2 and are loaded as necessary by the GRUB 2 bootloader.
/etc/default/grub
This configuration file contains information formerly contained in the upper section of GRUB Legacy's menu.lst and items contained on the end of the kernel line. The entries in this file can be edited by a user with administrator (root) privileges and are incorporated into grub.cfg when it is updated. Specific configuration settings are detailed in the Configuring GRUB 2 later in this section.
/etc/grub.d/ (folder)
The files in this folder are read during execution of the update-grub command and their instructions are incorporated into /boot/grub/grub.cfg.
The placement of the menu items in the grub.cfg menu is determined by the order in which the files in this folder are run. Files with a leading numeral are executed first, beginning with the lowest number. 10_linux is run before 20_memtest, which would run before 40_custom. If files with alphabetic names exist, they are run after the numerically-named files.
Custom entries can be added to the 40_custom file or in a newly created file. Based on its name, 40_custom entries by default appear at the bottom of the menu. A custom file beginning with 06_ would appear at the top of the menu since its alphanumeric sorting would place it ahead of 10_ through 40_ files.
Only executable files generate output to grub.cfg during execution of update-grub.

The default files in this folder are:
00_header Sets initial appearance items such as the graphics mode, default selection, timeout, etc. These settings are normally imported from information from /etc/default/grub. Users normally do not need to make changes to this file.
05_debian_theme The settings in this file set splash image, text colors, selection highlighting and themes. In the absence of a splash image, this file sets a monochromatic theme for the initial menu display. How to set font renderings and splash images are discussed in detail in the Splash Images & Themes section.
10_hurd Locates Hurd kernels. Not currently used.
10_linux Locates kernels on the root device for the operating system currently in use. It takes this information and establishes the names displayed on the menu for these kernels.
20_memtest86+ Searches for /boot/memtest86+.bin and includes it as an option on the GRUB 2 boot menu. There is currently no line option to remove this entry from the menu. The display of memtest86+ can be inhibited by removing the executable bit from this file: sudo chmod -x /etc/grub.d/20_memtest86+ and then running sudo update-grub.
30_os-prober This file with os-prober, which searches for Linux and other operating systems. Results are placed in grub.cfg based on the scripts in this file. The file is divided into 4 sections, representing the types of operating systems handled by the scripts: Windows, Linux, OSX, and Hurd. Variables in this file determine the format of the displayed names in /boot/grub/grub.cfg and on the GRUB 2 menu. Users familiar with basic scripting can alter these variables to change the format of the displayed menu entries. Alternatively, the user can insert an entry into /etc/default/grub which disables this script. (See below)
40_custom A template for adding custom menu entries which will be inserted into grub.cfg upon execution of the update-grub2 command. The contents of this file, below the "exec tail -n +3 $0" line and the default comments, are imported directly into /boot/grub/grub.cfg without any changes.
Files in these folders must be executable to be used by update-grub. Files which are not executable will be ignored. To make a file executable, run sudo chmod +x /etc/grub.d/folder/filename

Linux runlevels

2010-01-13T15:12:00.001+02:00

There are six default runlevels in the Linux base system.

0 (zero) is basically the shutdown runlevel.

1 (one) is single user mode.

2 (two) is a multi-user mode, minus NFS support.

3 (three) is a multi-user, command line based mode.

4 (four) user-defined / undefined.

5 (five) multi-user, graphical mode. This is generally the default runlevel on desktop / laptop machines.

6 (six) is basically the reboot runlevel.

poza

2009-10-20T13:00:00.001+03:00

How do I add more swap memory in ubuntu?

2009-08-11T12:44:00.003+03:00

You entered the wrong swap size no problem I'll show you how to increase your swap
I will create a 512Mb swap file:
Enter in bash this line:

1. sudo dd if=/dev/zero of=/mnt/512Mb.swap bs=1M count=512
2. sudo mkswap /mnt/512Mb.swap
3. sudo swapon /mnt/512Mb.swap
4. gksudo gedit /etc/fstab
add this line in the fstab file you just launched:
/mnt/512Mb.swap none swap sw 0 0
5.Reboot

How to create a large file in Ubuntu

2009-08-11T12:24:00.002+03:00

Use the dd command

Here is the syntax of the dd command to create the file.
I will fill the file with NULL characters.
dd if=/dev/zero of=test.tst bs=1k count=4700000
if = input file
of = output file
bs = block size
count = file size in kb
the file size is given by multiplying bs and count

Example create a 1 GB file:
dd if=/dev/zero of=file_1GB.txt bs=1m count=1k

How to create a large file in windows command line

2009-08-11T12:20:00.002+03:00

To create a large file of 1MB do this:
Run->cmd
fsutil file createnew c:\myfile.txt 1000000

To create a large file of 100MB do this:
Run->cmd
fsutil file createnew c:\myfile.txt 100000000

and so on.The number at the end tels you how big the file will be

How to compact files and folders at the Comman Line

2009-07-25T14:52:00.001+03:00

COMPACT [/C | /U] [/S[:dir]] [/A] [/I] [/F] [/Q] [filename [...]]

/C Compresses the specified files. Directories will be marked
so that files added afterward will be compressed.
/U Uncompresses the specified files. Directories will be marked
so that files added afterward will not be compressed.
/S Performs the specified operation on files in the given
directory and all subdirectories. Default "dir" is the
current directory.
/A Displays files with the hidden or system attributes. These
files are omitted by default.
/I Continues performing the specified operation even after errors
have occurred. By default, COMPACT stops when an error is
encountered.
/F Forces the compress operation on all specified files, even
those which are already compressed. Already-compressed files
are skipped by default.
/Q Reports only the most essential information.
filename Specifies a pattern, file, or directory.

Used without parameters, COMPACT displays the compression state of
the current directory and any files it contains. You may use multiple
filenames and wildcards. You must put spaces between multiple
parameters.

User State Migration Tool-How to migrate user accounts and user settings

2009-07-11T12:20:00.001+03:00

Log on to the source computer as an administrator, and specify:

scanstate \\fileserver\migration\mystore /i:miguser.xml /i:migapp.xml /o
Log on to the destination computer as an administrator.
Do one of the following:
- If you are migrating domain accounts, specify:
  
  loadstate \\fileserver\migration\mystore /i:miguser.xml /i:migapp.xml
- If you are migrating local accounts along with domain accounts, specify:
  
  loadstate \\fileserver\migration\mystore /i:miguser.xml /i:migapp.xml /lac /lae

Can't Creat a Performance log alerter

2009-07-04T16:56:00.002+03:00

Start the Performance Logs and Alerts service by using the Local System account instead of the Network Service account:

Click Start, click Run, type services.msc in the Open box, and then click OK.
In the Name list, double-click Performance Logs and Alerts.
Click the Log On tab, click Local System account, click Apply, and then click OK.
Quit the Services dialog box, and then restart the ISA Server performance counter log.

Changing System Restore Options in the Windows Registry

2009-07-03T22:09:00.002+03:00

In most situations, the default System Restore operation is satisfactory. However
there might be situations in which you need to change how System Restore functions. There are four settings that you can change in the Windows Registry tha affect the intervals System Restore uses when creating automatic restore point and the disk space it uses.
Each of these settings is located in the HKEY_LOCAL_MACHINE\SOFT
WARE\Microsoft\Windows NT\CurrentVersion\SystemRestore subkey.
These settings include the following:
1.RPSessionInterval This setting specifies the intervals, in seconds between scheduled restore-point creations during an active user session. The default value is 0 seconds (disabled).
2.RPGlobalInterval This setting specifies the time interval, in seconds, a which scheduled restore points are created (regardless of whether or no there is an active user session). The default value is 86,400 seconds (24 hours).
3.RPLifeInterval This setting specifies the time interval, in seconds, for which restore points are kept. System Restore deletes restore points older than the specified value. The default value is 7,776,000 seconds (90 days).
4.DiskPercent This setting specifies the maximum amount of disk space on each drive that System Restore can use. This value is specified as a percentage of the total drive space. The default value is 12 percent.

Group Policy Verification

2009-07-02T16:10:00.004+03:00

1.Type in Run--> rsop.msc and press enter.This will launch the Resultant Set of Policy wich will show you what group and security policyes are in efect on your PC.
2.Or you can run it from a Run-->>mmc from File menu add/remove snap-in select Resultant Set of Policy snap-in and ok. Right click on Resultant Set of Policy to generate the policy data for local or remote computer(folow the wizard).
3.Windows XP Professional also supplies a tool named Group Policy Result Tool,which is a command-line utility that helps you determine which policies are actually applied to a computer. You can start this tool by typing Gpresult.exe at the command prompt(run-->cmd).

Repair a network connection

2009-07-01T20:10:00.002+03:00

1.See if the cable is pluged in or if is not broken someware.
2. ping your domain controller,your dns server and your gateway(if you have them if not skip this step). ex: cmd -->ping 192.168.1.1(dns ip adress)
3. Attempts to renew the connections DHCP lease:
ipconfig /renew command at the command prompt.
4. Flushes the Address Resolution Protocol (ARP) cache,
arp -d command at the command prompt.
5. Reloads the NetBIOS name cache:
nbstat -R command at the command prompt.
A NetBIOS name update is also needed, which is using the nbtstat –RR command.
6. Flushes the Domain Name System (DNS) cache:
ipconfig /flushdns command at the command prompt.
7. Registers the computer’s DNS name:
ipconfig /registerdns command at the command prompt.
8.If non of this works you shoud see if the network card drivers are ok or the network adapter is ok.

list the file and print shares on the computer

2009-06-30T23:16:00.000+03:00

The Net View command is a command that you can use to test TCP/IP connec-
tions. To use the command, log on with the proper credentials that are required to
view shares on a remote or local computer, open a command prompt, and type
net view \\ComputerName or net view \\IP Address.
The resulting report lists the file and print shares on the computer. If there are no file or print shares on the computer, you see the message There Are No Entries In The List.

File Encription with Cipher

2009-06-29T14:23:00.004+03:00

The Cipher command provides the capability to encrypt and decrypt files and folders
from a command prompt. The following example shows the available switches for the
Cipher command:

cipher [/e | /d] [/s:folder_name] [/a] [/i] [/f] [/q] [/h] [/k] [file_name [...]]

/e Encrypts the specified folders. Folders are marked so any files that are added later are encrypted.
/d Decrypts the specified folders. Folders are marked so any files that are added later are not encrypted.
/s Performs the specified operation on files in the given folder and all subfolders.
/a Performs the specified operation on files as well as folders. Encrypted files could be decrypted when modified if the parent folder is not encrypted. Encrypt the file and the parent folder to avoid problems.
/i Continues performing the specified operation even after errors have occurred. By default, Cipher stops when an error is encountered.
/f Forces the encryption operation on all specified files, even those that are already encrypted. Files that are already encrypted are skipped by default.
/q Reports only the most essential information.
/h Displays files with the hidden or system attributes, which are not shown by
default.
/k Creates a new file encryption key for the user running the Cipher command. Using this option causes the Cipher command to ignore all other options.
file_name specifies a pattern, file, or folder.

Create a Run Shortcut

2009-06-27T18:11:00.000+03:00

You can create a shortcut to the Run command. Simply select the Run command on the Start menu, and drag it to the Quick Launch toolbar or to Desktop. The new shortcut uses the same icon, so it's easy to identify.

Hot to use Run As in Comman Prompt

2009-06-26T14:47:00.001+03:00

About runas

Enables a user to execute a program on another computer as yourself or as another user.

syntax

RUNAS [/profile] [/env] [/netonly] /user: program

/profile if the user's profile needs to be loaded
/env to use current environment instead of user's.
/netonly use if the credentials specified are for remote access only.
/user should be in form USER@DOMAIN or DOMAIN\USER
program command line for EXE. See below for examples

Examples:
runas /profile /user:mymachinename\administrator cmd
runas /profile /env /user:mydomain\admin "mmc %windir%\system32\gpedit.msc"
runas /env /user:user@domain.microsoft.com "notepad \"my file.txt\""

How to permit restricted users to creat shared folders

2009-06-26T13:09:00.004+03:00

Create permanent shared objects

This user right determines which accounts can be used by processes to create a directory object in the Windows 2000 Server, Windows 2000 Professional, Windows XP Professional, and Windows Server 2003 family object manager.

You can configure this security setting by opening the appropriate group policy object and expanding the console tree as such: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Create Permanent Shared Objects (add users group or domain users group).Reboot PC done.

How to use 7 zip in ubuntu linux

2009-06-02T11:54:00.003+03:00

Type: sudo aptitude install p7zip p7zip-full p7zip-rar
You can Right Click and Extract or in Shell .

How to extract files in Shell:

Extracting

Extracting is simple. From the shale, navigate to the folder where the arhive(rar,zip etc.) are located (type "cd /path/to/folder" for example without quotes). Then, type:

7z x YourFileName.rar

If your archive is split into multiple volumes, specify the lowest numbered volume.

7z x YourFileName.7z.001

If you want to extract to another location simply add "-o" follow by that location to the end of the command:

7z x FileName.7z -o/home/user/Desktop/foldername

I can't open my stick from my computer

2009-01-23T11:06:00.002+02:00

Today I met a stick malware that stops your from accesing your USB from my computer.
This is a malware that is very annoing and is spreads very fast thru your stick.No antivirus i tried coul'd find it.The problem is that it spreads on the computer that you put your stick in and if another person puts his stick in the infected computer it infects that stick too.
I found a malware remover ComboFix.exe that removes it finnaly.Good luck

Ubuntu Server Time Syncronization in command line

2008-07-24T14:17:00.003+03:00

Can't sync the time in ubuntu server? try this
1 Open a terminal window
2 type this command: dpkg-reconfigure tzdata
3 Follow the directions in the terminal.

If you want to keep it in sync install a ntp server

1.open terminal
2.type sudo apt-get install ntp ntpdate
3. sudo nano /etc/ntp.conf and add the adresses of ntp servers

Windows domain using a ntp time server how to

2008-07-17T10:45:00.008+03:00

If you want your Domain Controllers to be in sync especially if you are in Eastern Europe Contry's windows 2000 server does not know when the time changes on the other hand the windows 2003 server knows and where i work they are primary and aditional DC.
So what to do make them bouth use the same external ntp time server.

Step 1

Run-->cmd

Step 2

Type net time /setsntp:1.ro.pool.ntp.org (ntp_server adress)

Step 3 restart the time service

net stop w32time
net start w32time

Step 4

Verify the ntp server was added to registry.Type:
net time /querysntp

If you want to stop using ntp server type:
net time /setsntp
and restart the time server like i showd you above.

According to posts in Usenet newsgroups, the following sequence of commands (entered at the command prompt) fixes timekeeping problems under Windows XP:
net stop w32time
w32tm /unregister [ignore error message]
w32tm /unregister [enter a second time]
w32tm /register
net start w32time

Change Microsoft Office 2007 License Key

2008-07-17T10:44:00.001+03:00

Follow these steps:

1. Close all Microsoft Office applications.

2. Click Start, click Run, type regedit in the Open box, and then click OK.

3. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\12.0\Registration

Note You may also find another subkey that resembles the following subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\Registration\{91120000-0011-0000-0000-0000000FF1CE}

4. If you find additional subkeys that reference Microsoft 12.0 registration, open each subkey, and then identify the product by the ProductName entry.
For example: ProductName=Microsoft Office Professional Plus 2007

5. When you find the subkey for the product from which you want to remove the existing product license key, delete the following entries:
* DigitalProductID
* ProductID

6. Exit Registry Editor.

The next time that you try to run an Office application, you will be prompted for a new product license key. Then, you can enter the product license key.That's it.

How to find open ports on a computer on windows machines

2008-07-10T17:35:00.001+03:00

To find open ports on a computer, you can use netstat command line.

1. To display all open ports, open DOS command, type netstat and press Enter.
2. To list all listening ports, use netstat -an |find /i "listening" command.
3. To see what ports your computer actually communicates with, use netstat -an |find /i "established"
4. To find specified open port, use find switch. For example, to find if the port 445 is open or not, do netstat -an |find /i "445".
5. You can use PULIST from the Windows Resource Kit to find which process is using a specified port. For example, pulist |find /i "4125" may display

Keeping the mounted partition at startup in Ubuntu

2008-06-24T14:10:00.004+03:00

If you want the mounted share to be remembert bu Ubuntu you must put a line in fstab.
Step 1

create a file named lets say credentials in that file enter this 2 lines:

username = administrator(or your admin username)
password =yourpassword

and save file

Step 2

Start the terminal

sudo gedit /etc/fstab

Step 3

Write the following in the fstab file you just opened:

#Samba Share
//windows-server-name/share1 /share1 smbfs credentials=/home/cata/credentials 0 0

save the file and reboot .It is permanently mounted.The user name and password are loaded from the file you created earlier.

unmount the partition

2008-06-24T11:03:00.002+03:00

Enter in console and type:

umount /share1

thats it.enjoy

Mounting a windows share in ubuntu

2008-06-23T17:08:00.013+03:00

Tired of navigating the network for a Windows shared folder all the time under Ubuntu?

Well then I'll show you the equivalent of Windows xp's map network drive in Ubuntu 8.04.It is called mount with smbfs.

Step 1

Enter in a Terminal window

Create a directory where the share will be mounted. lets say sudo mkdir /share1(share1 is my mount point)

Step 2
Type this instruction:

mount -t smbfs -o username=administrator //windows-box-name/share_name /share1

Step 3

you will find your share in /share1 mounted and presto.Done.Enjoy. :)

How To Install Epson perfection 3490 Photo scanner on Ubuntu 7.10

2008-06-17T11:07:00.000+03:00

1. Install sane-utils from synaptics package manager
2. Install the driver under Windows and find esfw52.bin from the installation directory or extract it from a cab in Epson drivers CD.
3. Place it in /usr/share/sane/snapscan.
4. Edit /etc/sane.d/snapscan.conf and replace the firmware directory in the first lines with /usr/share/sane/snapscan/esfw52.bin. Save and close the file.
5. Xsane should work just fine now!

Ubuntu Server Gutsy - installing a desktop

2008-03-25T10:21:00.000+02:00

sudo apt-get install ubuntu-desktop

and the dependencies:

apt-get install x-window-system-core xserver-xorg gnome-desktop-environment

sudo apt-get install ubuntu-desktop
sudo apt-get install gdm
sudo /etc/init.d/gdm start
sudo dpkg-reconfigure xserver-xorg

Gdm is what handles your x system starting automatically instead of entering start x at the command line each time you boot. The reconfigure runs the xserver setup so you can configure your system monitor, video card etc.

Move the Favorites folder

2008-02-27T09:47:00.001+02:00

1.run->regedit

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

There you will find the path
Replace the path and presto

ex:C:\Favorites

Remove corrupted Adobe Acrobat 8.0

2008-01-31T09:18:00.001+02:00

Remove Adobe Acrobat 8.0 using the uninstaller

The uninstaller is designed to remove everything installed by Adobe Acrobat 8.0. When you start Adobe Acrobat 8.0 for the first time, or when you modify the preferences, new folders and files may be created. To ensure the complete removal of all additional folders and files, proceed to "Remove remaining folders and files for Adobe Acrobat 8.0" below after you use the uninstaller. Before attempting to manually remove Acrobat use kb400654, "Troubleshooting general uninstallation issues for Acrobat and Adobe Reader (8.0 on Windows)" to determine there is not general system issue preventing the uninstaller from completing successfully.

To use the uninstaller:

Choose Start > Control Panel.
Double click Add/Remove Programs.
Do one of the following:
- If you installed Adobe Acrobat 8.0 from the Adobe Acrobat 8.0 CD/DVD, then select Adobe Acrobat 8.0 and click Remove. Follow the on-screen instructions to remove Adobe Acrobat 8.0.
- If you installed Adobe Acrobat 8.0 from the Creative Suite CD/DVDs, then select Creative Suite and click Remove. Follow the on-screen instructions to remove the Adobe Acrobat 8.0 component.

Note: When you run the uninstaller, you will be prompted to remove, keep, or transfer activation. If you plan to reinstall Adobe Acrobat 8.0 on the same machine, you may want to keep your activation. However, after you complete the manual removal, you will most likely need to re-activate Adobe Acrobat 8.0. If you plan to install Adobe Acrobat 8.0 on a different machine, you should transfer your activation.

Preparing the computer to remove Adobe Acrobat 8.0 Professional

Before proceeding with the following steps we highly recommend printing the directions. Restarting in Diagnostic or Safemode typically disables internet access.

Delete Adobe Acrobat Speed Launcher from Documents and Settings\All Users\Start Menu\Programs\Startup.
Enable diagnostic or safemode for Windows.

To enable diagnostic mode for Windows XP:

Quit all applications.
Choose Start > Run, type msconfig in the Open text box, and click OK.
Click the Startup tab and Services tab. Record all unselected items.
Click the General tab, and choose Diagnostic startup.
Click OK, and restart Windows.

Note: Upon reboot, you'll be notified that the System Configuration Utility has made changes to the way that Windows starts up. Click OK, and when the System Configuration Utility appears click Cancel.
Right-click icons in the Notification Area (called the System Tray in earlier versions of Windows) to close or disable any startup items that are still active.

To reenable startup items and services for Windows XP:

After completing all of the steps in this document reenabled startup items for Windows XP.

Choose Start> Reun.
Type msconfig in the Run dialog box, and click OK.
Click the General tab, and choose Normal Startup.
Deselect any items that you wrote down in Step 3 of the previous section.
Click Apply, and restart Windows for the changes to take effect.

Remove Adobe Acrobat 8.0 registered files using the command prompt

Acrobat registers a numerous files with the operating system during the installation. These files must be removed in order to successfully remove the application. Registered files can be removed from the operating system with the shell is not running.
Press Control-Alt-Delete and choose Task Manager.
On the Processes tab, select explorer.exe and choose End Process (this will make items on your desktop disappear).

Important: The Task Manager should remain open during this process
Click Yes in the warning box.
Choose File > New Task.
Under Open, type cmd and click OK.
Minimize the Task Manager.
Type cd "C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements" and press Enter.
Type del ContextMenu.dll and press Enter.
Type cd "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX" and press Enter.
Type del AcroIEHelper.dll and press Enter.
Type del AcroPDF.dll and press Enter.
Type del pdfshell.dll and press Enter.
Type exit and press Enter.
Maximize the Task Manager.
In Task Manager, choose File > New Task.
Type explorer.exe and click OK. (Your desktop should reappear.)
Exit the Task Manager.

Grant full control permissions to all installed files and folders

Give Administrators Full Control of the Resources folder and replicate permissions down to child objects.

To Reset Permission Using Windows Security

Click Start > Run, type cmd, and click OK.
Type each of the bold command below and press enter:
- If any error messages are received after typing any of the below command verify the command and try again.

c:
cacls "C:\Program Files\Adobe\Acrobat 8.0\Resources" /T /E /C /G administrators:F
exit

Important: Enter spaces between /T, /E, /C, and /G in the third line.

Remove remaining folders and files for Adobe Acrobat 8.0

Back up any personal files you want to save from the following directories, and then remove the listed folders and files:

Program Files\Adobe\

Acrobat 8.

Program Files\Common Files\Adobe\

Acrobat

Program Files\Common Files\Macrovision Shared\

FLEXnet Publisher

Program Files\Internet Explorer\PLUGINS\

nppdf32.dll

Documents and Settings\[User Name]\Application Data\Adobe\

Acrobat
Designer
Adobe PDF

Documents and Settings\All Users\Application Data\Adobe\

Acrobat
Designer
Adobe PDF
ALM

Documents and Settings\All Users\Application Data\FLEXnet\

adobe_00080000_tsf.data

Documents and Settings\All Users\Desktop\

Adobe Acrobat 8 Professional.lnk

Documents and Settings\All Users\Start Menu\Programs\

Adobe Acrobat 8 Professional.lnk
Acrobat Distiller 8.lnk
Adobe LiveCycle Designer 8.0.lnk

Windows\system32\spool\drivers\w32x86\3\

ADGELP.INI
ADPDF8.BPD
ADPDF8.PPD
ADREGP.DLL
ADUIGP.DLL
Ps5ui.dll
Pscript.hlp
PSCRIPT.NTF
PSCRIPT5.DLL

Windows\system32\spool\drivers\w32x86\

ADGelP.INI
ADPDF8.PPD
ADReGP.dll
ADUIGP.DLL
PS5UI.DLL
PSCRIPT.HLP
pscript.ntf
PSCRIPT5.DLL

Windows\system32\

adobePDF.dll

Program Files\Netscape\Netscape Browser\plugins\

nppdf32.dll

Remove remaining registry entries for Adobe Acrobat 8.0

Remove the application registry keys from the registry, if they are available.

Note: You must be logged into the computer as an Administrator to modify your registry.

Disclaimer: This procedure involves editing the Windows registry. Adobe doesn't support editing the registry, which contains critical system and application information. For information on the Windows Registry Editor, see the documentation for Windows or contact Microsoft Technical Support. You may not have all of these files.

Important: Make a backup copy of the registry before you edit it.

Choose Start > Run, and type regedit in the Open text box; click OK.
Navigate to one of the registry keys listed below and select it in the left panel; it will appear in the registry editor as a folder.
Choose Edit > Delete. Click Yes in the Confirm Key Delete dialog box.
Repeat steps 1-3 as needed for any remaining registry entries.

Remove the following registry entries

HKEY_CURRENT_USER\Software\Adobe\Acrobat Distiller
HKEY_CURRENT_USER\Software\Adobe\Acrobat Elements
HKEY_CURRENT_USER\Software\Adobe\Acrobat PDFMaker
HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat
HKEY_CURRENT_USER\Software\Adobe\Designer\8.0
HKEY_CURRENT_USER\Software\Adobe\PDF Settings
HKEY_CURRENT_USER\Software\Adobe\ALM\AcrobatProfessional-8.0-ALL

HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Distiller
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Elements
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat PDFMaker
HKEY_LOCAL_MACHINE\Software\Adobe\Adobe Acrobat
HKEY_LOCAL_MACHINE\Software\Adobe\Repair\Adobe Acrobat
HKEY_LOCAL_MACHINE\Software\Adobe\Designer\8.0
HKEY_LOCAL_MACHINE\Software\Adobe\PDF Admin Settings
HKEY_LOCAL_MACHINE\Software\Adobe\PDF Settings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\ UserData\S-1-5-18\Products\68AB67CA330100007706000000000030
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ {AC76BA86-1033-0000-7760-000000000003}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ Adobe Acrobat 8 Professional

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\68AB67CA330100007706000000000030
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\68AB67CA330100007706000000000030

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\PDFMaker.OfficeAddin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Excel\Addins\PDFMaker.OfficeAddin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\MS Project\Addins\PDFMaker.OfficeAddin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\PDFMOutlook.PDFMOutlook
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\PowerPoint\Addins\PDFMaker.OfficeAddin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Publisher\Addins\PDFMaker.OfficeAddin

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Adobe Acrobat

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ {191DA03B-FBE7-4579-B64D-273DC8358F1B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ {907131E3-3ECF-4027-B0EB-3324883441D1}

Complete the removal

Empty your Recycle Bin and restart your computer.And next time you install a cracked version don't upgrade online...

Was this helpful to you? let me know. :)

Defragmentation Fix

2008-01-17T12:55:00.000+02:00

Today I tried to defrag a colleague's pc and i couldn't .So I tried to find the problem and after many tries i found the solution using DOS command:
Run--->cmd

fsutil Dirty Query C:

that shown me the drive was dirty message.That means that you should run scandisk to repear the problem.After I ran ScanDisk the defrag worked like a charm.I hope this tip was useful to you.

outlook express interface not registered error message

2008-01-09T16:04:00.000+02:00

I've encountered this kind of problem before and I have the solution. What you need to do is to try re-registering the Ole32.dll file because there could be a corrupt registry entry. This is done by using the run window - press the window key + R and you should paste in there the following line: Regsvr32.exe %Windir%\System32\Ole32.dll
Just hit OK and your problem should be solved.

Best Anty Spyware

2008-01-07T09:25:00.000+02:00

The top 5 antispyware for this period are:
1.Spyware Doctor
2.Spyware Terminator(free)
3.Spyware Blaster (free)
4.Spy Sweeper
5.SpyBot Search&Distroy(free)

As you can see the majority of antispyware are free.I use Spyware Terminator and I must say it does a very good job.I recommend it

Clearing Arp Cache

2007-08-21T11:38:00.000+03:00

If you can't repair your network connection and you need to clear your ARP cache here is the tip:
run-->cmd
there you enter :

C:\>netsh interface ip delete arpcache
Ok.

To verify if it worked type:
arp -a

If it didn't work repeat the procedure.

If stil no change try to remove the cable for 1 minute
and then try again with the procedure described above.

Windows xp and Windows 2003 creating an alias

2007-08-21T10:49:00.000+03:00

You want to create a program alias for an application or commonly accessed file?

Example i want to use the Run dialog to launch winamp how do i make this alias?

Step 1
enter in Run the folowing command : regedit
Step 2
Edit -->Find enter App Paths
Step 3
There left click on App Paths new-->key and give the key the name winamp.exe(all the aliases must have .exe after the name to work)
Step 4
Click on winamp.exe key you just created there you will see on the left side a default key.
double click on it and there in the Value Data: field enter C:\Program Files\Winamp\winamp.exe
That is it.
Enter in run the word winamp and presto it launches the program.
Cool no?