Sunday, February 26, 2006

Lavie Happy, Claus Tired...


Yes dearest friends, we are still here. It's been very busy around the Valca homestead this past week....

Let's see...first announcement: Lavie has a brand new laptop. Last week I posted that we were planning on going out and looking at them. Well, we came back home with a laptop in tow. (I bet a lot of you saw that coming didn't you?) It is a Compaq Presairo V2575US model. Those who care can look up the link and check out the detailed specs, but to summarize: 1GB memory, 100GB HDD, 14" widescreen display, wireless, DVD/CD burner (with LightScribe), and oh yeah, it has a Turion64 processor. Geez, this thing is faster and more tricked out than my desktop. It came loaded with XP Home edition so we aren't pressing the 64bit processor yet. I think I will wait until Vista rolls out to upgrade it since (for now) Lavie won't be using any programs that can really take advantage of it. Here is a review of a similar model that is pretty close to our experience with it. Set up was much faster that the Dell. Almost no 3rd party ware and that was quickly removed with the Add/Remove list. Nothing sneaky found in the autoruns/startup groups.

I've had a really frustrating week at work last week. I've got a bunch of users who sit inside another location's network as part of the contract we maintain. They are our pc's but we get to use their network. It hasn't been a problem for years until two weeks ago when they upgraded a (yet undisclosed) component of their network. I suspect it was a switch or router. Anyway suddenly one of the programs they use (which uses IPX protocol) no longer connects up in a reliable manner. The office network team swears they have everything back to normal but it clearly isn't. My specialty is desktop support and security, not really networking. But I have been learning all about IPX protocol trying to troubleshoot the issue. See, if it was our network, we'd have it tested and inspected in about an hour, but this place is much different. IP works great and fast, just the IPX protocol is having issues. I can run ipx-ping and get good enough response times, but Win2K doesn't automatically pick up that there is an IPX protocol available. I have to go into the property settings and come back out (no changes necessary) for it to pick up the IPX network. Then I can do a ipxroute ripout (network) command and then run the ipxroute config to see that it found it correctly. It's this way across all the machines and even after doing a full system reload (just to test) the problem remains...so it is clearly an issue on the network side...kinda like the ipx network isn't broadcasting it's availability, but will acknowledge if it is requested. So since the location's network team swears nothing is wrong on their side, I'm working on a batch file to run at startup to clear the IPX settings on the board, then rescan and load the IPX network, so our app will work. It's very frustrating to have a site that was working perfectly fine go down due to a hardware upgrade. Oh well. I'm (kinda) having fun learning some of these arcane ipx command line tools....

Over at RetroThing, I found a link to the Casio VL-Tone. My brother and I had one of these things growing up. It was really fun to play with. I bet we tortured our poor parents to death. I really like the drum-beat that you could speed up the tempo with until it was almost unintelligiblly fast. Ah memories.

We missed a recent episode of LOST so I got searching for an episode summary guide (yes I could get it via iTunes but it's bound to rerun again soon). I found several fun things:

Episodes of Lost (season 2) - Wikipedia, the free encyclopedia
Episodes of Lost (season 1) - Wikipedia, the free encyclopedia

Download your own DHARMA countdown timer
Konfabulator Widget version

It's late. I have ton's more cool linkage I collected this past week, but my brain is tired, I still have five more loads of laundry to shuffle through the system, and I think I want to turn my brain off and watch "Lost in Translation" before going to bed.

I promise to share the linkage sometime mid-week-ish.

See you in the skies,
Claus

Saturday, February 18, 2006

Quick Posting



Today is shaping up to become a busy day.

Lavie really wants her own pc (she is feeling left out). So it looks like a small bonus she got will be coupled with any IRS tax refund to get her a laptop. I promised her we would stop by a few places so she can try them out (keyboard feel)--no final decision yet.

Alvis has a gift-certificate so that means a trip to the mall.

I just want to nest and catch up on almost 10 episodes (each) of Ghost in the Shell:2nd Gig, Fullmetal Alchemist, and Neon Genesis Evangelion I've VCR'ed over the past couple of months.

And there is that deferred Valentine's day dinner out I promised the girls....

So, in an effort to reduce the pile of links in my "To Blog" bookmark folder, hang on for a quick ride. Commentary will be held to a minimum but I will try to sort these a little bit.

Tax-time

Full Story - Tax Preparation Software Consumer Report [consumersearch.com]
It's Tax Time: We Review the Boxed Software [pcworld.com]
Nakama Yukie-Japanese tax-software girl video ad. [blog.q-taro.com] (direct Quicktime link)

I have personally been using TurboTax for ages. The interface is pleasant, the cost is reasonable, I don't have very complex income or deductions--so it takes me only an hour or two to complete. I really like being able to import most of my data from last years return data-file to speed the entry process. Last year I ponied up the extra $ to file on-line through their service instead of mailing my return in. It was easy and fast. Can't imagine dealing with these taxes any other way now.

Gadgets and Stuff

CX 200 Portable Director II Cell Phone Jammer [mobilemag.com]
Linksys Router WRT54GX2 [laptopmag.com]
Messages on the Mirror (Crayola window/mirror markers!) [jesser.org via Lifehacker]
Desitin as thermal compound [hackaday.com] (at very bottom of post)

That last one could have been helpful. After I RMA'ed my first Shuttle box and got it's replacement, the box shipped missing the thermal compound. I ran down to the local RadioShack and picked some up, but it just didn't do the job. I think their compound was too thin. So I tried a custom pc-shop on the other side of town and got some of their compound in a little squeeze tube. Much thicker and worked like a charm. I don't know, but it might be a good tip if you need some in an emergency. Desitin has zinc oxide which is used in many thermal compound products to conduct heat off the CPU to the heatsink. I wonder if the Dr. Smith's butt-creme we used on Alvis when she was a baby would work as well. That stuff is thick!

Software Tidbits

Linux distribution screenshots [osdir.com]
Microsoft releases Windows Defender (Beta2) (formerly Microsoft AntiSpyware Beta)
Neowin's Freeware Alternative List [compiled by Simon and sanctified at Neowin.net]
Google buys blog statistic company Measure Map [Google Blog]

While I choose Linux Live Cd's based on functionality, appearance is still important. Having a site like osdir.com that maintains screenshots, lets me see if a certain new distribution will fit my style or not. Even on broadband, it can take a long time to download a new Linux distribution. I really like the latest Microsoft Windows Defender build. It does away with the glaring event notifications that the previous version used. The interface is nice--though manual updates could be easier to locate (click the drop-arrow NEXT TO the "?" help icon on the top bar -- click "About Windows Defender" -- find and click the "Check for Updates" button at the bottom) and finally it is fast on the scan and seems to pick through the XP system-restore archives as well. I guess that is one benefit of using a MS product to scan an MS product. Lastly, I love to collect freeware and the list that Simon and sanctified made is really thorough. They seem to have worked hard to categorize the items. I'm going to spend more time on this in a future post. For now, it's a great resource to bookmark for you techies.

Consumer and Citizen Affairs

RIAA et al. says CD ripping, backups not fair use [ARStechnica.com]
Best Buy Dupes Customers into Worst Mag Subscriptions [consumerist.com]
Houston Police Chief Wants Cameras in Homes [slashdot.org]
NBC lawyers go after "Lazy Sunday" SNL-skit video distributors [Techblog]

Walk away Claus.....must fight the urge to rant....

Graphical Goodies

Flagrantdisregard's Flickr Toys [flagrantdisregard.com]
MyDeskCity wallpapers [mydeskcity.com] Note: site apears to be Chinese--sometimes slow.
Israeli Anti-Semitic Cartoon Contest [Drawn.ca]

Flagrantdisregard's Flickr toys are really cool. I have link to the Scout app on my sidebar. Other fun ones are Motivator, Trading Card Maker, Stream, and Mosaic maker. His blog is very warm and personal as well. Definitely worth a look. I've added Houstonian Jim Thomson's blog [jimthompson.org] to my haunts as well. Good stuff Jim! So the Danes published some editorial cartoons that a large part of the Muslim world found offensive. In response protest for these cartoons, buildings and embassies are burning, rioters are loose in the streets, people are being killed, and an Iranian newspaper starts a contest to mock the Holocaust. What do you do if you are an Israeli? Figure no one can make fun of themselves better than themselves and host a self-mocking anti-semitic cartoon contest of their own!

Got to love it!

See you in the skies,
--Claus

Friday, February 10, 2006

RSS Musings


Day Four of the Alvis ear ache watch.

I took off work again today to sit with Alvis. She is finally making progress. Lavie's parents came into town yesterday to watch her so I could run into work and get my desk cleared off. (Mostly successful). They took her back to our family doctor's office (the best doctor a family could ever wish for!) and got a new anti-biotic since the first one didn't seem to help. And she got some codine to help her with the pain. She slept much better last night. Maybe by Monday she will have this thing kicked. Nothing can make a parent feel so helpless when their child is in pain and you got the meds but they just have to have time to do their thing.

So while Alvis was parked on the couch watching Disney, Dad here did some house cleaning chores, cooked up some lunch, and surfed some web. Later we caught some episodes together of Azumanga Daioh. We laughed--and took turns napping as well. The rain was coming down. Could a rainy (sick-day) Friday get much better? Only if Lavie was here instead of at work!

Blog Tweaking
I spent some time doing some more updates to the template layout of the Grand Stream Dreams blog. First thing I did was to reogranize the Links sidebar and add some subject groupings. Then I added a few more favorites. Hopefully that will make it easy for visitors to navigate--and speed things up when I'm in the field and need a quick link.


I also played with the body font size some more. I kicked it down from 12.5px to 10px. Toni over at Kaonahsi Ga Suki gave me some positive feedback about my original font size, but I just had to tighten it up a bit. Hope it isn't too small for you all.

Lastly, I added a cool RSS icon to compliment my RSS Feed link. I think it looks pretty snappy. I got the icon from a package over on FeedIcons that Matt Brett developed. Snazzy!

RSS Reader Watch
I'm continuing to play with the GreatNews RSS (standalone) feed reader. I am now really conflicted about it! I've gotten so used to having Sage in my Firefox that I just can't leave it, but GreatNews is sooo much faster. I have the sinking feeling that I'm going to be switching over to it full time. For example, it can run on your USB stick (or even a copy of it)--so you don't have to leave it at home. I was getting pretty frustrated with it (for a moment) because all the feed items were not showing listed in chonological order, so the most recent post might not be at the front. I couldn't believe it was this way on purpose. I couldn't find any help on how to sort the silly GreatNews articles. Finally I clicked on the menu bar "View" and selected "News List." Ah...it displayed a list of the posts with a column format. On a hunch I clicked the "date" column and the posts were sorted by date; both in the News List and in the Main window view. Brilliant! Now I need to figure out how to turn off sorting the Channel feed view alphabetically as I want to re-organize my items by interest, not by letter.

I use Microsoft Outlook at work and currently use Sage as my RSS feed manager there. Although I may be switching over to GreatNews at work as well, I was curious if any Outlook plugins were available for RSS feeds as well. A quick search turned up four canidates. I haven't tried any yet, but some look promising: Attensa ($-for Outlook, free for web version), NewsGator ($-for Outlook, free for web version), blogbot (now free/open source), and RSS Popper (free). I'll let you know if I try any of them out. For a comprehenive list of RSS readers, try the Wikipedia's list of news readers.

XP Themes-International Style
While over at Lifehacker, I spotted a post on "Give XP a facelife". Jonaric points to a revised XP theme called "Royale." Now I must confess, I love Microsoft's XP system well enough, but I can't stand their XP theme. I have to roll it back to a modified version of "Classic" desktop theme style. I checked it out and found a related link there that had quite a few nice desktops--including this beautiful desktop I seen on a few Linux desktops as well. The site is actually Microsoft New Zealand. This got me wondering...do the Microsoft sites for other countries have any hidden gem desktop themes we might not normally see here in the States? I did a little focused Google search and found the following offerings. Disclaimer--I haven't tried installing any of these yet. And I would probably see if I could strip out the background files from the files instead of using the entire theme. Proceed at your own risk! All are on Microsoft websites.

1) Themes on the Microsoft Customer Outreach page (15-including the beautiful Chinese New Year Theme 2006).
2) Images of Ireland Desktop Theme, and
3) Microsoft's XP Desktop Enhancements page.

Winter Olympics 2006 Watch
We are geting ready to watch the opening ceremonies of the 2006 Winter Olympics. Google's blog posted a few of their resources; including an updated satelite image of Torino with a really clear and detailed view. Torino2006 website.

Tech-bit Odds and Ends
Build your own Google maps [mapbuilder.net]
Essential freeware utilities for your laptop [LaptopLogic.com] I really like their picks.
Laser Turntable for your vinal records [Ubergizmo.com]
USB Dongle-squid style [Ubergizmo.com] This could come in handy for laptop users.
nLite Windows Installation Customizer - Free [nliteos.com]
BackTrack live linux CD (beta) [remote-exploit.org] -- for pen testing and forensics work.
Repair your Windows Installation with Knoppix [PaulStamatiou.com] - good stuff to know.
Process Explorer version 10 released (free) [sysinternals.com] - all sysadmins should have this one!

Must Read Blog Post of the week
Google Desktop 3 raises privacy questions [blogs.chron.com/techblog] Dwight Silverman collects a number of thoughts regarding Google's latest Desktop search tool. He isn't wooed by the Google's offer/ability in its Destop Beta v3 version to "access your data anywhere" feature. I really like Google, but the possibilities for "data-abuse" are kinda unnerving (goverment or otherwise).

See you in the skies.
--Claus

Wednesday, February 08, 2006

Ear Aches and a Songbird is released



Day two of Alvis ear ache watch. She is still under the weather. Bummer.

Heard two stories on NPR that were interesting: "Solving the Mystery of Mother-Daughter Speak" and "Why Kids Hate to Wear Coats." I almost never wear a coat--unless it is like below freezing. I remember all those fights with mom and dad growing up over coats and cold-weather. Alvis is the same way. I don't really worry about it. If she doesn't want to wear one, fine. (And no, that's not the reason she now has an earache, mom!) I just make sure we take along a light-jacket (just in case she changes her mind). But if you think about it, we don't spend too much time outside. Just dashing from house to car and from car into school or work, then back to car and back to house. We don't spend much extended periods of time outside in the winter. I do keep a coat in the trunk of my car, just in case I end up with a breakdown and have to change a tire.

Anyway, while Alvis was napping after a heavy morning of channel-surfing between Disney Channel, Nickelodeon, and Animal Planet, I did a little web-surfing.

Yesterday I mentioned GreatNews. Two updates to my post regarding that product. First, I couldn't find a quick way to convert my RSS feeds in Sage over to it since it can only import XML format files. Well, turns out Sage has a built-in XML format export feature. A couple of clicks and I had all my feeds exported to GreatNews. Handy. Now I can do a better comparison between the two. I'll let you know as I spend more time with it.

I also mentioned that it allows users to organize feeds into folders, and that I wondered if I could do the same in Sage. My RSS feed list is about 40 feeds long (today). I have had them arranged based on hierarchy of interest; with my favorites at top and less frequently followed at the bottom. That's nice enough, but I still have to drag that slider bar down to scroll them all quickly. I opened up the Firefox Bookmark Manager, opened the Sage folder, then started adding folders and dragging/dropping the feeds accordingly. I very quickly had them all regrouped into about 10 folders. I ran a feed update and Wollah! it worked! Nice! Only bad thing is that the folder names don't go "bold" if they are closed and a feed inside is updated with new content. So you still have to expand to see if there are any updated feeds--but it is much easier to use now. (Note: While on the Sage site, I noticed the screenshot shows the feeds in folders--doh--wish I had noticed that sooner.)

Songbird is now out in an Alpha release. (Note: if beta programs scare you, then don't mess with alpha versions!) Songbird is an attempt to merge a Mozilla (Firefox) browser base with an open-source media player (ala iTunes). The interface is very iTunes'ish. The benefit is that it isn't DRM based like iTunes so you should have more control over what you do with your music. Interesting concept. I'll be keeping my eye on this--though I really do like iTunes. (Spotted over on DownloadSquad.) Right now it looks like the Songbird site is getting hammered right now....

More Video Funny:
Is your IT job creating communication issues with your significant other?
Terry Tate The Office Linebacker.

Tech tip finds:
GoogleSightseeing: Not a Google site, but see what gems can be spotted on GoogleEarth.
Browser Archive: Evolt.org is hosting (for your download pleasure) just about every web-browser there ever was.
Old Version and Wounded Moon: Two smackdown-good sites that host "older" versions of software. Sometimes newer isn't better and the distributors don't make those older versions accessible on their sites.
Azureus: Azureus is an open source bittorrent download manager. I don't really ever use bittorrent except when downloading some Linux Live CD distributions. When I do, this is what I use. Basically, with normal web downloads, you connect to the server and download the file--in one chunk--directly to your pc. When you have a really big file it can take a while--especially if that file is popular. Bittorrent managers identify the file you want to download, finds multiple copies of it on the web from other users, and downloads "bits" of the program from all over. It helps speed up transfer times and conserve network bandwidth. Paul Stamatiou took the time to write a nice guide on how new users can configure Azureus.

Hope you are enjoying clear skies!
--Claus

Tuesday, February 07, 2006

High in the Skies

It's a slow day at the house. I'm home with Alvis. She has an ear infection and can't go back to school until tomorrow.

So, while surfing the web I found a couple of interesting software picks--freeware of course!

First pick: Stellarium.
Stellarium is like having your own planetarium, on your pc. I really like this one. Set up was pretty easy. Once running I had to set the screen size to match my monitor size so it wouldn't look funky. Then I selected my home location using a world map. This is very easy, as opposed to figuring out your longitude and latitude locations. You can pick from several ground-scapes--mountains, fields, trees, etc. You can add/remove a fog effect. Once you get all the settings tweaked you are presented with a view of the sky and the stars and constellations are clearly marked. Planets are as well. You can rotate your view among the compass points. You can also speed up time so you can view the sky at a future point in time. Capture screenshots. Really fun. I don't have the fastest graphics card, but it didn't have any problem with drawing the images. It was all very smooth. The only "gripe" I have is that you can't run it in a window. You can alt-tab to other applications, but in my case--running a dual monitor setup--switching apps causes Stellarium to minimize to the tray. So apparently no checking out the constallions while surfing the web for more info on them.

Second pick: Celestia
Celestia is a real-time 3-D astronomy modeling program. It lets you get off the ground and out into space. You can fly anywhere in the galaxy. Zoom around planets, moons, and stars. For additional fun, you can install additional modules into Celestia from The Celestia Motherlode site including: Solar System objects, Spacecraft, Deep Space objects, and even fictional items from 2001: A Space Odyssey, Star Wars, other spacecraft and stations--and let's not leave out Star Trek!. For something really off-beat, try looking at the "Journey Through Planetary Space" based on a Jules Verne story. The default application includes a really fun tour overview. I encourage you to run this after you have loaded it. It gives a really great show of what this program can do. Highly recommended!

I took a couple of astronomy classes in college and really loved them. Many year ago I got into a "space" kick again and picked up a Meade Polaris telescope. I was able to actually see the moons around Jupiter. Really cool. The only negative thing was that the tripod and adjustment arms were made pretty cheap. It was hard to get anything really stable. And since the earth's rotation causes distant objects to drift out of the view relatively fast, it was hard tracking objects for an extended period of time. More expensive telescopes can be had with motors that do the tracking automatically, but my interest wasn't so great to spring for those. It came with a star-charting application (on a floppy!) that was pretty good. I long since lost the floppy and these are way-cool better. On clear nights, though it is fun to get out and look at the sky.

Sea and Sky has some good links for Astronomy Software. And Astronomy magazine is a great reference site for astronomy news and information.

Pick three: GreatNews
have about 25 Internet sites I keep an eye on all day long. Having to check each one via bookmarks for updates would be pretty annoying. By using an RSS feed reader, I can with once click, see which sites have updated items and what those items are. I tried GreatNews out for aGreatNews is an RSS news feed reader. It is a standalone application--meaning you don't run it in your web-browser. I have become really dependent on RSS news feeds at home and work. I while this morning. It is a really clean and well put together application--but I don't think I will switch just yet from Sage, the RSS feed reader that is an extension for Firefox. First, I do all my web-browsing in Firefox. I often play "follow-the-link" and end up on some real treasures. Sage allows me to quickly add the RSS feed and go. With GreatNews, I would have to browse in it to find new sites, or copy the feeds over from Firefox into GreatNews--they just aren't integrated with the way I surf the web. Also, I don't have a ton of feeds--yet. So Sage fits my needs for now. Finally, I had to hand copy each of the feeds I subscribe to in Sage over into GreatNews since it uses XML format files for import and Firefox doesn't export except in an HTML format. I suppose there might be some scripts to allow conversion, but I didn't find any quick and easy ones. That's not the fault of GreatNews, but makes switching a little more time-consuming. However, it did have some features that will keep it on my system: First it is FAST! I updated all the feeds I moved over into it in about a second or two. Sage can take up to a minute. Second, I really like the way GreatNews allows you to create folders and group feeds. That make so much more sense. I can arrange my Sage items up and down in a list, but I haven't been able to make groups/folders yet. Finally, it allows you to filter the views so that (if you want) you can view only new news items. Definitely worth a look.

SuperFunny
I don't watch the Super Bowl. I may watch some college football games, but I have long-since left professional football behind. Still, I had to keep the TV last Sunday afternoon so we could watch the commercials. Isn't that American? Now I find that GoogleVideo and iFilm both have almost all the commercials that aired during the Super Bowl on the web for viewing. Great. Now they tell me. Some are pretty funny. My favorites are a tossup between Mastercard's "Macgyver" and FederalExpress "Stick" ads.

Not Super Bowl related--just plain scary: Poodle Fitness Video.
Also crazy-wacky: Napoleon Numa Numa

Tech tip finds:
Another method to (maybe) make old Firefox extensions work in a new build.
Firefox 2.0 Alpha release this week?
Handbrake now out in a Windows version--great for porting your DVD/video content to your iPod Nano.

RocketBoom + CSI = Fun Cameo!
Last week Lavie and I were watching CSI and imagine our surprise when during the episode we caught Amanda doing a RocketBoom clip for the show! Neat! More info here. Naturally, she had to go and then run a RocketBoom spoof of the submission! Classic.

See you in starry skies!
--Claus

Sunday, February 05, 2006

Anti-Phishing--Gmail Style



I've been noticing a slow increase in the number of spam one of my Gmail accounts has been getting. Other users have also been reporting this trend.

Luckily, Gmail has some pretty good filters and has caught all the crud that has hit my account. I still go through it occasionally, just to make sure something didn't accidentally get caught by the filters.

Imagine my surprise when I saw I got 3 (THREE!) notices from PayPal that they caught a bad transaction back in 2005 and needed me to update my account or else it would be closed. GASP! SHUT DOWN MY PAYPAL ACCOUNT! OH NO! I BETTER GO AND FIX IT RIGHT AWAY! LET ME GIVE THEM ALL MY PAYPAL ACCOUNT INFORMATION SO THEY CAN PROTECT ME!

Lucky for me they provided a link to their secure site so I could log in....but wait....something was tickling my brain....was it:

1) The fact that I never had an PayPal account associated with that Gmail account? or,
2) The HONKIN' BIG BOLD RED Warning Gmail provided me on the email header?

Actually, for me, it was #1. But the more I looked at it, I thought #2 was really neat.

Also, this was just too good to pass up as an anti-phishing lesson. Now I know most of you are way too net-savvy to get caught by these things. In fact, IE7 incorporates some anti-phishing technology in their latest build. However, some of you may find this interesting.

First, I switched over and viewed the source-code of this HTML formatted email. The first place I wanted to examine was the "login-link" they provided to enable me to log into my PayPal's account site.

The code was crafted to display the following (legitimate) secure PayPal address:
https://www.paypal.com/cgi-bin/webscr?cmd=3D_login-run=

However, it had a href code to actual send the user to the following site: (Note: IP removed to protect the silly) http://xxx.x.xx.xxx/~mrtg/secured.transaction.com/webscr.ph=p?cmd=3D_login-run

Interesting. So anyone who decided to ignore Gmail's bold warning, and click through to what appeared to be a secure legitimate PayPal site would instead be routed to these, um, gentlemen.

OK, one IP address collected, what else? Ah! The Email-header!

As I posted before, the folks at Onimoto have a simple but good guide on how to trace an Email; including for Gmail. A quick search of the headers one of the Emails in question revealed the following (sanitized):

X-Gmail-Received: <<SNIPPED>> Delivered-To: <<SNIPPED>>@gmail.com Received: by xx.xx.xxx.xx with SMTP id <<SNIPPED>>; Thu, 2 Feb 2006 05:57:59 -0800 (PST) Received: by xx.xx.xxx.xx with SMTP id <<SNIPPED>>; Thu, 02 Feb 2006 05:57:59 -0800 (PST) Return-Path: Received: from xx.xx.xxx.xx (<<SNIPPED>>.dsl.sndg02.pacbell.net [xx.xx.xxx.xx]) by mx.gmail.com with SMTP id <<SNIPPED>>; Thu, 02 Feb 2006 05:57:59 -0800 (PST) Received-SPF: softfail (gmail.com: domain of transitioning service@paypal.com does not designate xx.xx.xxx.xx as permitted sender) Received: from xx.xx.xxx.xx by ; Thu, 02 Feb 2006 15:52:47 +0200 Message-ID: < <<SNIPPED>>@comcast.net> From: "Paypal Security Service" Reply-To: "Paypal Security Service" <> To: <<SNIPPED>>@gmail.com Subject: Notification of Limited Account Access (Routing Code: <<SNIPPED>>) Date: Thu, 02 Feb 2006 12:54:47 -0100 X-Mailer: Microsoft Outlook Express 6.00.2600.0000 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="--<<SNIPPED>>" X-Priority: 1 X-MSMail-Priority: High

This contained an IP trail of the bounces the email took from the sender to my Gmail account.

Once I had all the IP's noted, I was curious where the location of the sender was. I browsed over to ARIN (American Registry for Internet Numbers) and started entering the IP's I noted. Very quickly it became evident that the sender was based in Europe. It bounced from there through some email routers in California then dropped into my account. Fascinating!

Now what? Well I could just flush the emails, but that was too kind. I have to deal with this crap at work so I flipped over to PayPal. Following their links, the Good Guys of PayPal have set up a really nice Security Center web-page that explains phishing. I suspect they deal with this a lot. They actually ask users to forward these phishing Emails to them for review and response. Wow! Well, let's see what they would do with these messages. I copied them and forwarded them--headers and all.

To my delight and surprise, a few days later I got two (very personal) Email responses back from them! They confirmed (surprise-surprise) that they were indeed false Emails--not from PayPay. And, that they were actively working on getting those IP addresses shut down! Sweet work PayPal.

So, lesson to the wise. Keep your eyes open and your brains turned on when it comes to these kinds of Emails that will eventually trickle into your Inbox/Spambox from time to time. Don't panic. If you don't have time, just delete them and move on. If you want to do more, practice picking them apart and see if the Good Guy site has a place to report them. You're doing a good deed, if you do.

A few more Phishing Resources:
Phishing via the Wikipedia
How Not to Get Hooked via the US-FTC (really clever title there BTW guys...)
Help prevent identity theft from phishing scams via Microsoft
Anti-Phishing Blog

See you in the skies,
--Claus

Staying Secure - Virtually


(Back on line after that Blogger Outage thing...kinda threw off my blog post schedule.)

There are lots of bad things that can impact you pc: viruses, trojans, malware...beta software and just plain bad code. One of the ways you can mitigate negative impact on your dearly-beloved pc is to do your computing in a virtual environment. This post isn't intended to be a how-to-guide--think of it more like a "what-is-capable/FYI" guide.

The Wikipedia has a very good article about virtual machines. Basically, you can install a virtual machine on your pc, then use that to run a "virtual" system. I've heard these referred to as "sandboxes" -- although I think I would call them "Las Vegases" as in "what happens in Vegas, stays in Vegas." Get the drift? Because the virtual machine protects your "real" operating system, you can browse, load, run, uninstall, test, etc software to your heart's content. If something bad happens, it only croaks the virtual machine. You can either try to fix it, or delete the virtual system file and start over. I suppose something could leak out, but it is very rare and many IT security specialists like to use them, just for that very purpose.

There are a number of virtual machine software applications out there. I haven't had the chance to play with Microsoft's Virtual PC or BOCHS yet. I have used QEMU and VMware very successfully. I captured the image above off my desktop. It shows me browsing the web in a virtual machine session with the Damn Small Linux distribution on my Windows XP system.

As shown, one of the best places to try this concept out with Linux is to use a special build of the aforementioned "Damn Small Linux". It contains a package pre-wrapped with QEMU virtual machine. The trick to finding this one is to look for a download build with "embedded" in the name. The current version at this time is dsl-2.1b-embedded.zip Just go to the site, or click on this download link to their site and find a mirror. Then browse the tree until you find a version. This distribution is very good, but stripped down because of size constraints of the developers. So some Windows users may find the features a little lacking--however sysadmins and Linux folks will know that there are a ton of applications and features for use just under the surface.

The other virtual machine you can do a lot with is VMware. Along with their commercial software, they offer VMware Player. This is a free virtual machine you can download and install on your Windows pc as well. They kindly offer several virtual machine "images" for you to run on their software. If you are just getting your feet wet, and would like to have some added security while you surf the web, try out their "Browser Appliance" virtual machine. It allows you to run Firefox in a protected "virtual machine" state.

Once you have gotten the bug, some really clever users of VMware Player have figured out how to extend the capabilities. By using QEMU, you can create a blank "virtual hard-drive" file. Then, with a little knowledge gleaned from the "experts", you can modify the text file VMware uses to "boot" the virtual image. Why is this good? Well, stay with me on this....

Why would you care to make a blank virtual hard-drive file? So you can put just about any image or Windows/Linux OS (and I've heard Mac software can be run as well.) on it you'd like! I've successfully created a "virtual Windows XP" image, running on my real Windows XP system! Or try out some Linux distributions. If you are really clever and patient, you can actually create a "perfect OS image" (whatever that is to you) and save that file. Then if you bomb out or toast your virtual machine, delete the existing file, and restore it with the copy you made prior to your "testing!" It is really handy in enterprise environments for image creation.

There is a lot of stuff you can do. Go read the link above, then check out these additional VMware guides from John Bokma, Lorenzo Ferrara, and Alessandro Perilli. Each of them has done incredible work building and documenting VMware Player image creation and usage. Follow their links as they can point you to additional VMware resources. There are even some web-based and some local-install applications you can find that will help create the initialization file for you--although it's very easy to do yourself.

Once you have seen just what VMware's software is capable of, I strongly urge you to purchase their full VMware Workstation software. It lets you do all the things these methods do, and then some. Well worth the purchase price--and we have to support the good folks and companies that offer their products to the masses for free.

It is really fun and addicting trying to find out all the things you can do with virtual machines. I love testing Linux distros using this method on my Windows XP system. Plus it is a good training tool as well. Want to see just how well your malware recovery tools/abilities are? Create a virtual Windows system (XP/2000/etc) and then save the image file (as a backup). Now go out and hose your "virtual system" with malware and try to clean it up. Tired? Just delete the image and roll back a copy of your backup image file and start fresh and clean!

On a related note...the other day, I was reading the latest (IN)Secure magazine edition. In it, I was introduced to a product from Trustware called BufferZone. It is a very clever alternative to using "virtual machines" to protect your main O What Trustware's BufferZone software does it to act as a "lifeguard" and filters each program you execute. Those that you trust get full rights to do what they want on your system; those that you don't get restricted. Because it runs on the real system, there are no file or application sharing barriers. It is a novel concept. The company actually claims that if you use their application, you no longer need any anti-virus or malware software. I don't know if I would be that brave--no matter how good their product is--but that's just my personal comfort level at work. Trustware offers both Home and Corporate versions. A trial version is available as well for download. I haven't tried it myself, but may just do so...

Claus's LifeHacker favorites articles roundup of the week (or so....)

PStart--application-launcher for stuff on your USB drive.
Survive IT lockdown--yeah, I know, as a sysadmin I really shouldn't tell you how to do this...but I really need you to mess up your pc so I can keep my job!
Hybrid myths revealed--for supporting feedback, listen to this interesting NPR audio-report.
Tax prep software reviewed--maybe next week....
MacGyver Tip: Dishwashing liquid ice pack--I'm going to the store tonight to try this one out!
Secure VNC remote access--TightVNC remote control wrapped up in Hamachi. Yummy good.

Stay safe....
--Claus

Friday, February 03, 2006

IE7Beta2 "standalone" - It was a dark and stormy night...

Yes, indeed folks it is possible. You can (mostly) get the new IE7 Beta 2 Preview (IE7B2p) release to run in standalone mode. But let me warn you kiddies first with some information before you get all freaky over this. My story begins like this...It was a dark and stormy night...

Really, it was dark and stormy last Tuesday. I was surfing the net and found a link on Ed Bott's page alerting the world that Microsoft just released a public release version of the next Internet Explorer. Version 7. A quick traipse over to the MS IE7 Beta page found this was indeed true (although it is a "preview" release of IE7 Beta2).

I posted a quick comment to my friends at the TechBlog and Dwight soon was spreading the news.

I did some more searching and came up with a few good reference links:. IE7Beta2 Install Tips and AMCP Tech Blogs Quick review.

In the process I stumbled upon Scott Hanselman's post on how to make a standalone version of IE7B2p. See, I like standalone (or portable) applications. I don't like installing applications deep into my system when they can run by themselves. This is kinda a side-hobby of mine. Plus from what I read, IE7Beta2p would overwrite my IE6 install. Although I am a Firefox guy, MS has hooked IE6 pretty good into the OS, and when IE6 gets cranky, baaaddd things can happen to you system, man. I know, I've looked into the eyes of that beast and it changed me. Sorry, where was I? I went ahead and followed Scott's tips and had it up and running as promised.

So then I got all excited and made some--um--gushy--comment posts. Then I checked back at Scott's site (in IE72Bp) and what was this? Additional comments saying that it might impact IE6. Hmmm. That wasn't there a minute ago...(Note to self: Don't post over-enthusiastic public comments before you proof-tested something for a few days--at least.)

So I checked and sure-enough, closing IE7B2p and firing up IE6 found issues. It launched, but locked up. System reboot opened it up faster, but bookmarks didn't work. I was worried. Then Scott pretty much retracted all he said. Bummer.

So I decided to get IE7B2p off the system. Um. How? Ok. Not real clear in the release notes...Did some checking and found these IE7B2p removal notes at Neowin.net (contained registry hack as well if needed). Did a full system install of IE7B2p and then went to Add/Remove Program list, ticked the "show updates" box at the top and found/uninstalled the beast. Reboot. System normal-IE6 playing normal. Danger averted.

But I was still bummed. I'd tasted the glimmer of hope that IE7 could run without a system install. I'm not the type to just let some problems left alone.

So yesterday, I'm still tracking the comments on Scott's Ie7B2 post and a commenter posts a link to (programmer?) Jon Galloway's blog ToString() where he has a post Runing IE7 Beta 2 Preview next to IE6 (the right way). Obviously I haven't had enough punishment. So this time I read the article carefully and check all the cross links. Ok. I'm just stupid enough to try it again. This time I am pleased to say it works (except some functions that break running it this way.)

Here is the trick:
Download IE7B2p via the MS IE7 Beta page.
It is a compressed file, so use your 3rd-party file extraction program (I use 7-zip) to unpack the files into a new folder.
Open notepad and create a blank text file. Save the file in the folder where you unpacked IE7B2 and name it "iexplore.exe.local".
Now browse over to Jon Galoway's extra post IE7 Standalone Launch Script. Read it carefully several times until you understand it.
Now follow his directions to make the ie7fix.reg file and save it in your IE7B2 folder.
Now follow his directions to make the IE7.bat launch script file. Save it in your IE7B2 folder.
Follow all these steps?
Now take a deep breath--repeat out loud--"I'm doing this because I'm a geek, stupid or brave and can't hold anyone responsible for what my own actions may now do to my system"--and run the IE7.bat file.

A DOS box will open (leave it open!) then IE7B2p will open. Try it out! Impress the family and co-workers. Mess with the IT staff by saying you clicked IE and now it launches like this--I promise it will freak them out!
When you are done, close IE with the little red x-box in IE7. The DOS box will run some more scripts and clean up the mess you just made and then close (hopefully)!

Try launching IE6 and it should be back as normal.

Cool! I've tried this on a couple of XP SP2 systems--and all seemed well. It's not a "full-test" of IE7B2p as it disables some features that otherwise would work in a full install. But it is cool. Good luck if you are brave enough to try it and props to Jon for sharing this tip.

Now--to hunt down this little tidbit "The IE6 Cumulative Security Update (Dec 13) broke the IE Standalone Mode that's been around since IE3 and is a big help in designing for forward compatibility." You mean there is a IE Standalone Mode since IE3? Hmmmm.

I hear a quest coming on!

See you in the skies!
--Claus