Saturday, August 25, 2012

Power Pile of Links

Chain links _ Flickr - Photo Sharing!_2012-08-25_17-32-04CC attribution: "Chain links" by HowardLake on flickr.

Got to go into the office tomorrow for one of those rare (for me) weekend special project rotations.

So I’m afraid a have just a bit less time that usual to spend on the blogging front.

Today’s offering is a large mix that covers LiveCD’s, some WinPE stuff, virtualization, new utility “how to” videos, third-party plugin updates, browser bits, networking, admin tips, password hint leakage, forsec, and a bit of graphical goodies.

ForSec LiveCD’s 

PALADIN 3.0.1 Forensic Software - Paladin just released version 3.0 of their LiveCD. You must have set up a free user account first and log in to access the PALADIN Download page. Changes in 3.0 & 3.0.1 are:

Version 3.0 New Features -

-- PALADIN Toolbox has been ported to Ubuntu 12.04

-- Network Share Icon has been added to the desktop to access network volumes that have been added via the MOUNT Tab

-- Boot support for current Intel Macs (including the newer MacBook Airs)

Release Notes

3.0.1 - Fixed issue where Unallocated Image function was producing 0 byte files.

Road to DEFT 7.2 and more DEFT Linux - Computer Forensics live cd - Deft 7.2 is scheduled for release in September 2012 and will mark a milestone of sorts. It will be the last x32-bit system release. Starting with 8.0 builds, they are going for x64 system support builds only. Shouldn’t be a deal-breaker, just keep a 7.x version handy as well.

DEFT 7 Cyber Forensic Tool Overview (by Casey Mullis) - LoveMyTool blog. Since we were speaking of DEFT, Casey Mullis gives a nice walkabout of DEFT 7 with nice screenshots if you are interested.

ESSPEE - Penetration Testing & Forensics - SourceForge.net - Updated to “R1 x86”. This is a new distro to me and is based on BackTrack 5 for pentest/for/sec work. Uses the “Unity” desktop interface.

Back|Track 5 R3 - new release. More details BackTrack 5 R3 Released!, BackTrack 5 R3! — PenTestIT, and from this H Security: News and Features post, BackTrack 5 R3 adds tools for Arduino and Teensy attacks. Choose your path carefully! Available in both KDE or Gnome flavors, with x32 or x64 platforms. In case you can’t decide, you may want to first look at this general KDE and Gnome Comparison post by ubuntucat.

WinPE Stuff

The few of you who regularly read this humble blog may have seen some recent activity in the comments sidebar. Turns out we had a recent celebrity visitor "Steve” from RMPrepUSB who posts a crazy-number of posts and tips on WinPE and USB booting in general.

Steve left a tip regarding use of the imagex.exe argument “/norpfix” switch when capturing images…specifically as it applies to junctions when the image is applied to a differently-named volume.

What is /norpfix switch, and what does it do? - Blogs from Zhou, Minxiao

In case you are interested, RMPrepUSB is a super cool tool to format and create bootable USB media. Lots of bells and whistles here and extreme tippage and tutorials for you WinPE fans.

If I’m not careful I can loose hours at a time gong though Steve’s extensive tutorials. Here are justa few you might find interesting:

Windows 8 and WinFE - Windows Forensic Environment blog. Brett Shavers tips us to a cmd script from Troy Larson (The WinFE dude) that allows creation of a WinFE build from Windows 8 RTM. New to WinFE building? Well then, see also:

How to sync time in Windows PE - WindowsNetworking.com

VirtualBox and VMware Player updates

Pretty good synchronization getting these updates out guys!

First up, VirtualBox 4.1.20 is out.

Next, VMwarePlayer is rolled up to v5.0 with some significant changes.

For VirtualBox, be sure you download and upgrade your Oracle VM VirtualBox Extension Pack at the same time. Likewise VMware users should also be sure to install the latest VMware Tools in your VMware hosted virtualized client OS for peak performance.

Defrag Tools Video

Defrag Tools - Microsoft Channel 9 - neat source for fresh reviews of MS tools and techniques now has two more quality videos up.

Update those Browser Plugins!

I’m thinking I’ve put in close to three hours this past week updating our home systems as well as Dad’s system to ensure they have the latest Flash/Java/etc. updates.

Adobe closes numerous critical holes in Reader and Acrobat - Update - The H Security: News and Features

There are lots of places and ways to download and get the updates; inside app updaters, direct from the software builder’s site, or from third-party locations like filehippo or majorgeeks.

I generally tend to just rock over to filehippo and pull them down. I suppose there is a risk they could have been corrupted or “seeded” with unwanted bits, but so far I’ve not had any problems and their Plugins Downloads page makes nice “one-stop” shopping.

At work it is hard keeping up with what “build” version we need to upgrade these to as for Flash there are both 11.3.x and 11.4.x versions which may cause problems for certain in-house software applications if compatibility is not verified first. However, most home-users should probably be on the 11.4.x run right now.

Likewise there are both Java 1.6.x builds and 1.7.x build branches. Again, most home-users should probably be on the 1.7.x builds.

Regardless, once you are done with your patching, hop your Windows IE, Mozilla Firefox, and Google Chrome browser(s) over to Qualys BrowserCheck and run a quick free check to make sure they are sufficiently patched.

Additional Browser Notes

In my recent post Greased Monkey Business I celebrated the joy of finally finding a custom Grease Monkey script I could use that would justify adding it to my Firefox browser; Removing UTM data from URLs automatically for cleaner bookmarks. It has been a lifesaver to my blogging work.

So this past week I gave a second banana to the Monkey; Scrub Google Redirect Links for Greasemonkey from “ping”.

Check out this MakeUseOf post that goes into the details: How To Copy Crap-Free URLs From Google’s Search Results

Comodo IceDragon 14.0 released -- get it NOW! - BetaNews notice of the Comodo tweaked Firefox 14 browser release. (actually it is version 14.0.3). Direct download is available from this Comodo forums link: Comodo IceDragon ver. 14.0.3 is now available for download!!

BrowsingHistoryView - Nirsoft - Version 1.0 new utility release to view browsing history of all your web browsers. Nir Sofer has been offering browser-specific utilities to view browsing history, but this gem covers the four major ones at once; Internet Explorer, Mozilla Firefox, Google Chrome, and Safari. New Web browser history viewer - NirBlog

Network Fun

NetworkMiner 1.4 Released - NETRESEC Blog - New release improves handling of fragmented IPv4 packets. Hurray! Also no longer checks for pcap extension; works as long as it is a valid libpcap file, DHCP options are extracted, new parser for a particular protocol. There are also some nice GUI improvements.

Trace File Case Files - Sharkfest 2012 (by Jasper Bongertz) - video presentation of using Wireshark to trace out real-world problems and solve them.

Wireshark Security Update - ISC Diary. Wireshark builds got updated to squash bugs and patch vulnerabilities. Go get busy…Wireshark · Download

Notes for the Sysadmins

Simple but Extremely Useful Windows Tricks - Open Security Research - Nice list of handy Windows tips.

Why The Size of My Partition is Maxed Out at 2 Terabyte and How to Get Over it - Windows7hacker. Just guided Dad though adding a second internal HDD to his Vista system. He’s getting into digital photography and while he has lots of room left on his OEM primary HDD, adding a 2nd drive gives him an exclusive place to drop the files. I guess we could have gone with a external USB drive, but the internal was faster in the long run for large file transfers. Talked him into a 7200 RMP 1TB SATA drive. With some guidance got him to get it successfully installed. Then via a quick remote-control session, got it formatted, labeled, and added to the OS fine. Considered going for a 2+TB drive for a few more bucks, but this was easy enough. Next time I will have to follow the link tippage and set up a GPT disk if the conditions warrant.

Microsoft updated SkyDrive.com - Borns IT & WIndows Blog (Google Translated) - Nice review of the new SkyDrive updates.

RegKeyFixer - reboot.pro - sweet little tool by Joakim similar to Sysinternal’s RegDelNull. Related: Reghide

ForSec Links

Password hints easily extracted from Windows 7, 8 - Ars Technica

All Your Password Hints Are Belong to Us - SpiderLabs Anterior

A Fistful of Dongles: AFoD Interview with Eric Zimmerman - A Fistful of Dongles - Eric Huber interviews F.B.I Special Agent Eric Zimmerman. Great article (and Eric wears a mean flat-top to boot!). Many years ago I had applied to the F.B.I. hoping for a career there following in the steps of my grandfather who was a former Special Agent under Hoover. Alas…it was a path not to be.

ShellBag Analysis - Windows Incident Response Blog

SetRegTime - Windows Incident Response Blog

Linkz for Tools - Journey Into Incident Response Blog - Corey Harrell has some info on this post, particularly those tipping us time-challenged guys to the Time Zone Converter – Time Difference Calculator and Time Zone Map. Also valuable is the final section “Process, Process, Process” which strikes home the critical value of knowing in advance HOW you are going to do exactly WHAT it is you want to accomplish; supporting examples include links to the Forensic Process Lifecycle (PDF) from Lance Mueller at ForensicKB, the previously GSD blogged SANS DFIR Poster 2012 (PDF) download, and Corey’s own Journey into IR Methodology scratchpad.

Man versus AntiVirus Scanner - Journey Into Incident Response Blog - Corey shows of the value of having skillz and technique and a rock-solid process in a John Henry’esqe dance against an anti-malware scanner. Really a great tutorial and exercise.

Registry Decoder 1.4 Released and Updated Registry Decoder Live - New versions are available. I noticed that in the past separate downloads were available for x32 and x64 however I don’t see that in this release. I’ve not followed up yet to see if the newer version handles both automatically or not.

Generating computer forensic supertimelines under Linux: A comprehensive guide for Windows-based disk images - Forensic Focus. ForenicsRichard has also released the Shell (Bash) and C Source code as well.

Finding Smoking Gun and going beyond that – Helpful Forensic Artifacts - Hexacorn blog - another strong article supporting previously mentioned themes of having a process to use in looking for clues which here are referred to has HFA’s (Helpful Forensic Artifacts) to guide the overall investigative and analysis journey and discovery.

HexDive 0.4 - New update at Hexacorn to a tool which extracts strings from a file/sample for additional review. Corey recommends using BinText or Strings to further review the output.

The “Hikit” Rootkit: Advanced and Persistent Attack Techniques (Part 1) - Mandiant M-unition blog

The “Hikit” Rootkit: Advanced and Persistent Attack Techniques (Part 2) - Mandiant M-unition blog

Grab Bag

Change the Windows Logon Screen Background - CybernetNews tips us to Luke Payne Software » Logon Screen Rotator. While I do rotate my Win 7 desktop login picture periodically, (right now it it Tardis based), generally I keep it stable. This is a cool tool however for those who like a bit more variety.

Organize & Manage Huge Photo & Video Databases Using Snaps - AddictiveTips reviews the Snaps - Photo management application.

Microsoft Reimagines Paint - Next at Microsoft - New “version” of the perennial “Paint” app. (Win 8 only).

Tip o' the Week #133 - The Art of Cut n' Paste - The Electric Wand

Cheers!

--Claus V.

Video Encoding tip…if at first you don’t succeed…

Our place of worship records video/audio records of the services as well as some special events.

The setup is pretty low-quality and simple.

Multiple remote-controlled cameras feed their signals into a standard video mixing board (Panasonic AV-HS400AE) where we can flip between signal inputs and do some standard wipes/PIP/transition-fades,etc.

From there we output the “mixed” SD signal into a consumer-grade DVD recorder along with audio out of the audio sound board.

When the event is over we finalize the DVD disk.  We can then make copies upon request for the membership.

So last Sunday, one of the young college-aged men in the church proposed to his girlfriend in a pretty spectacular way after the service was over. Since it was in the sanctuary, we got it all on video.

We made some copies of the DVD, but he also wanted to have a digital copy to upload and share with family around the country.

So I had to convert the DVD into a digital file version.

No problem…done it lots of times.

I popped the DVD into our A/V system PC, fired up VLC Media Player and verified the DVD played and the material was actually captured to DVD as expected; it was.

Then I ran Format Factory and selected the option to covert DVD to a digital file format; I think I picked WMA at first. I’ve used Format Factory for quite a while and it has always proved useful in ease of use, configuration details and conversion formats available. Never had any issues.

The conversion completed without errors, however when I went to replay it in VLC, it played fine for a bit, but then started to grind to a halt on the video playback.  I skipped ahead and it played fine but then started grinding to a halt. Hmm.  The system is x64 Win 7 with a i7 processor and 8 GB RAM and a high-end video card, so resources weren’t the problem.  I tried recoding it again in a few different formats and with different quality and sizes and the problem kept happening.

I was able to determine that the grind-down happened during fades between camera shots. Hmm.

I apologized that I couldn’t seem to do an immediate conversion that same day, but would try some more at home over the weekend to see if I could resolve the issue.

I have more than a few additional video format converters I use from time to time;

Each have their own pros/cons.

However for some reason I reached for Kirara Encoder; probably because it runs natively in x64 and I wondered if the additional encoding juice might help.

I fired it up, noted an update was available, snagged it and brought it current and relaunched.

I had also noticed a lot of optical drive activity while encoding before, so back at home I first ripped the optical DVD into an ISO file format to hopefully speed up the file access process.

Then I mounted the ISO file as virtual DVD.

Then I pointed Kirara Encoder to the virtual DVD, selected the VOB file (160MB), and after selecting the video output format (AVI) I wanted, let it rip.

Kirara chewed up the file and had it converted so fast on my laptop (i7,8GB RAM,X64) it amazed me. It was really, really fast.

I then went to replay the converted video file in VLC and it played smooth as buttah! Hurray!

That was so fast I then converted it into MOV, MP4, WMV and FLV formats for good measure. Too easy! All played perfectly with no issues. Quality was fantastic.

Feeling way ahead of the game at this point, I launched Windows Essentials Movie Maker and imported the AVI file, trimmed it up a bit, added an opening title and closing credits. I then exported it in both MP4 and WMV formats optimized for uploading to YouTube and/or Facebook, whichever.

I then burned all the files (including the ripped DVD ISO file) to a CD ROM disk for hand-back to the young groom to be.

For some reason, Format Factory just couldn’t easily encode the DVD video file during the fade transitions. If I had a deeper technical knowledge of what I was doing I probably could have customized the settings to work past it. However, Kirara let me be a hero-monkey (monkey sees the light come on, monkey presses the correct button, monkey gets the banana) without any drama.

So now, Kirara has moved to the top of the heap of video converters I will reach for the next time I need to do any video conversions.  It also has some advanced settings to change image quality (hue/saturation/gamma/contrast/brightness) and stuff.

More views and reviews on Kirara here:

Cheers!

--Claus V.

Friday, August 24, 2012

I’m probably the only Sysadmin bothered by this TV ad

A certain American automaker is running a summer advertising series you may have seen in some edited form or other where the host mills around and “interviews” various folks.

In the main advertisement opening there is a very brief shot of the well-known and respected host quipping about grillin’.

And it bugs me every time!

My what a nice rack you have there Mike!

Luckily, both Brian Adkins (who kindly provided the video above to YouTube) and Gizmodo writer Sam Biddle also seem to be eagle-eyed on this particular grilling technique likely learned from a hungry sysadmin trapped in a network room with a lot of food but no pit.

While Mike’s technique and equipment probably won’t earn him a guest spot on Barbecue University with host Steven Raichlen anytime soon, I have to confess, it appears that use of a “baker’s” wire rack (also seen in network rooms holding server and system equipment) apparently is not completely a made-for-TV gimmick after-all.

…though I have to confess, Warren Schwartz’s rack and technique looks more sexy!

That one actually looked quite professional and culinary-grade. Never one to shirk from a mystery, it took me just a bit of detective work, but between shots of the grill seen above used by chef Warren Schwartz and images in the Gizmodo comment section I was able to trace down what is probably the actual grill used by Warren.

Turns out it seems to be a Big John 5 foot Charcoal Grill from Big John Grills & Rotisseries.

Who knew?!

So the next time you sysadmins want to impress the other techies at your backyard barbeque, see if you can pull one of these Big John babies out!  Who knows, maybe Mike will show up and help you flip.

However, judging from his grill work in the ad versus his handiwork as seen in his role as a host in another show, his dirty-job handling skills might be better put to use opening up your PC and server cases and blowing out all the dust and guck from inside them while he’s there!

CC attribution: by "eurleif" (Leif K-Brooks) on flickr.haydvu4z.joh

Now that’s a dirty job!

Though in my mind, Mike’s grill will still be associated with use as a server rack.

--Claus V.

Bonus Link: What’s on the grill in France? via Justinsomnia

Now that’s my kind of grill and delectables! -Yummers

Windows 8 Linkage: In Which a Name is Chosen

CC attribution: The Window by Tiberiu Ana on flickr.

e02jdv1e.fhy

As you may recall, when we last left the Windows 8 naming saga, there was much prognosticating and reading of those chicken gizzards in a cast-iron pan out in the back shed with herbs over a fire…oh…wait…the announcement is in? All right! Out with it man!

Well…that was a bit of a letdown.

-10 for originality Redmond. Really?

Moving on…now…where did I put that ground cornmeal and hushpuppy mix? That divination work out back was making me hungry…

Here is the latest collection of Windows 8 linkage for review, education, and general future reference if the Valca clan ever decided to roll this way.

Still not convinced yet. I’m betting Windows 7 is the new Windows XP.

Win8 - Start Here - Get It

Win8 - Related Products and Services

Win8 - Install It

Win8 - Under the Hood

Win8 - To Go

Win8 - Tweaks 

Win8 - Deeper Insights

Win8 - Usage Tips

Win8 - Miscellanea, Rumors, & General Grumblings

Windows 8 - GSD Previously Posted

Cheers!

--Claus V.

Sunday, August 12, 2012

Weekend Linkfest

The Mars lander has been a fantastic success this week and the brainz has been on NASA overload. Couple that with some Perseid watching out back with Alvis last night and things are super fun.

Here is a fresh linkage roundup this week.  I recommend a slice of Key-Lime pie with it.

New Microsoft videos and Miscellaneous presentations

Network Bits

Tool and Utility Roundup

Windows Live Essentials Updates

I was surprised to see news that Windows Essentials 2012 got some updating this week. The primary focus seems to be in Movie Maker and Photo Gallery. I thought most of it was to re-brand and distance from the “Live” naming, but there were some pretty big enhancements.

When I applied the Windows Essentials updater, I noted that many other Essentials apps also got an updating, including my fav Windows Writer. Unfortunately, trying to find a useful change-log for the updates is next to impossible, so your guess (at this time) is as good as mine as to what actually the upgrade enhances.

Introducing the New Windows Photo Gallery and Movie Maker_2012-08-07_20-28-51

The Web-Life

Just saying….

Security and Patching Watch

Forensics

Cheers.

--Claus V.

Sunday, August 05, 2012

Stormy Sunday Linkfest

Here is a roundup of a LOT of Sysadmin/For-Sec linkage I’ve tucked away over the past couple of weeks.

It stormy outside, dry inside, and the Olympics churn on on the tele. Perfect time for a super-fast linkfest dump.

Noteworthy For the SysAdmin

For the Network Watchers

ForSec Focused

USB Imaging

Utilities and Miscellanea

Cheers!

--Claus V.

Innounp Update Tip

I use Universal Extractor from LegRoom.net pretty often to tear open setup packages of software.

There are lots of install packages that use 7-ZIP formats, quite a few MSI based installers, primarily from Microsoft, but more time than not, many packages are wrapped by Inno Setup.

Universal Extractor hasn’t been updated for quite some time. And in many cases, if you stick with the default package, you will encounter a Inno packed set that it can’t open up.

Luckily, because there are so many supported formats Jared Breland has packed in there, it generally is pretty easy to figure out what component you need to update, check that source location, and swap the older one out with a newer one.

Accordingly, I keep a very close eye over at innounp so I can always have the newest version of an Inno unpacker tucked into my Universal Extractor.

Current version of Innounp is 0.37 supporting Inno Setup versions 2.0.8 to 5.5.0.

Cheers.

--Claus V.

Browser Options

There are so many different alternative Windows web-browsers out there, I won’t event begin to attempt to capture them all.

Instead, this post is my reference list of alternative web browsers I would be most likely to use in regular browsing sessions.

Each have their own benefits and drawbacks.  Just depends what the need is.

Which Firefox is right for you -- 14, 15, 16 or 17? - BetaNews - Nick Peers rounds up differences in the current release, beta, alpha, and nightly builds.

Mozilla Firefox, Portable Edition - At this moment, I’ve pulled back a bit from my usage of the “nightly” builds and am back on the main current release level. This is a portable version great for running on your system directly or off a flash-drive.

Comodo IceDragon ver. 13.0 - This is Comodo’s security-designed take on Mozilla’s Firefox. Has some additional features such as Comodo Secure DNS and Site Inspector. More in this WindowsClub post.

Private Browsing - PortableApps.com - Take your standard release-level portable Firefox build, tweak the settings, add in a Flash blocker, disable plugins and local extensions, cram in a privacy-enhancer block-list, a separate profile, and a custom icon to remind you this isn’t your regular firefox, and you have a browser with your privacy in mind. Not this isn’t a “Tor” proxy supported build, though you could add that in if you wanted. It’s more to prevent tracks from being left behind on systems you use it on as well as keeping your browsing a little more directed-ad free. If you want a Tor-based browsing solution, check out the Tor Browser Bundle for one solution.

I hesitate to mention, but will anyway, there are also custom-builds of Firefox for x64 bit operation. I’ve used variants of these in the past, generally with no issues, but these are pretty much hard-core enthusiast builds; so don’t come crying to me if you break something or take your eye out with them; Waterfox and The Pale Moon Project. Check out these great posts about Waterfox to get some background if you are still interesting in running with scissors.

Google Chrome Portable - PortableApps.com. Main release level public build…portable.

Iron Portable - PortableApps.com - Portable version of SRWare Iron browser. This is based on Chromium and removes some of the default “usage tracking” bits that could be a concern for users of the Chrome browser. Although I use Firefox for my primary web-browser, I use Iron Portable now for my general web-surfing; particularly when I am on media-rich/enhanced websites, YouTube, etc. More in this WindowsClub post.

Dragon Internet Browser – This is Comodo’s security modded version of the Chrome browser. Tweaks to offer additional privacy for Chrome users, verifies Domains and alerts on differences in SSL certificates, blocks some cookies and web-trackers, monitors and blocks browser downloading tacking for privacy.

Opera, Portable Edition - Opera. Portable. Enough said.

Maxthon Portable - PortableApps.com. This interesting build uses both the Trident and the Webkit rendering engines to ensure maximum single browser compatibility with web pages.

Sandcat Browser - Syhunt. This is a very interesting portable penetration-testing oriented web-browser. Supports live HTTP Headers, request editor, fuzzer, JavaScript Executor, Lua executor, PageInfo extension, HTTP brute-force, CGI scanner scripts, and much more. Built on the Chromium browser.

--Claus V.

Saturday, August 04, 2012

Free Quality On-Line Learning Resources

I was reading the local on-line news and found this curious article:

Rice joining other elite schools offering free online courses - Houston Chronicle

Rice is not my alma mater (go Cougs!) but even I must confess Rice University is an elite school.

I did some digging and found the web-site they (and other schools) are offering their courses through.

Coursera 

What seems to make the classes offered by Coursera so amazing isn’t just that they are from highly respected and well know colleges and universities, but these aren’t just “giveaway” on-line classes.

No. You need to enroll and the regular class sessions run over a number of weeks.

I looked at some of the IT/Security related ones as they are my current career field, however, they also have many other categories such as biology, economics, business/management, education, medicine, mathematics and physics. Cool!

You may not be able to apply them to a degree, but ongoing educational opportunities like this are incredibilly valuable…both to your career or just keeping the brain-cells active and challenged…especially if you select courses outside your comfort zone.

Check these IT-related offerings out to see what classes are current active or starting soon.

I’m overwhelmed to find this opportunity.  I’m resolved to take at least one class starting either this fall or winter to begin challenging myself.  Maybe programming in Python?

Likewise, if this structured approach isn’t your bag, our favorite TinyApps bloggist has uncovered another amazing source of IT-tech training material. These are less interactive and more watch-n-learn, but still look pretty useful…especially covering subjects you may not be as familiar (or fresh) in.

Take a look at these categories over at TheUrbanPenguin; Linux, Windows, Novell and Citrix

Finally, Code Academy now has a (free) Python course that seems to cover some of the basic foundations. I’m not a Python coder, but I see many projects I do use rely on Python.

Finally, these fresh offerings from Aaron Margosis aren’t really classes, but are educational nonetheless;

  • From TechEd: Legacy Web App Issues, Sysinternals Gems, webcast with Mark Russinovich - Aaron Margosis' "Non-Admin" and App-Compat WebLog
    • Defense Against the Dark Ages: Your Old Web Apps Are Trying to Kill You - Video 1hr, 15m - “The Web browser is the primary path that malware uses to get on users’ computers. Web browser security (especially Internet Explorer’s) has improved dramatically in the past few years to defend against evolving threats. However, continuing to build and maintain Web apps using old practices defeats many of these improvements and leaves your users’ computers more vulnerable than ever. In this session, you will learn why those formerly accepted (or at least tolerated) practices are surprisingly harmful and now must be updated. You will also learn ways to update web apps quickly so that you can adopt more secure practices without stopping your business.”
    • Sysinternals Primer: Gems - Video 1hr, 15m - In the latest edition of the popular Sysinternals Primer series, join Aaron (Mark Russinovich’s co-author of The Windows Sysinternals Administrator’s Reference) as he goes mining for gems. Uncover buried tips and tricks to get the most out of popular tools such as Process Explorer and Process Monitor. Discover treasures among the least-known Sysinternals utilities – tools that you would have been using if you had only known about them sooner. The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial series focuses primarily on the utilities themselves, deep-diving into as many features as time will allow.”
    • Webcast: Mark Russinovich and Aaron Margosis: Sysinternals, Stuxnet, AMA -  Video 52m - “Mark Russinovich and Aaron Margosis discuss Sysinternals tools, computer viruses, hackers, hacking and more with Charles Torre.  Questions from a live virtual audience are addressed.”
    • TSSessions Utility - “TSSessions is a utility I wrote to enumerate terminal services sessions, window stations and desktops.“

Get learning!

--Claus V.

FreeCommander micro-tip

I’m a SuperFan of the FreeCommander freeware file manager.

I have quite the collection of Windows file manager applications and each one has its own coolness factor.

But when it come down to just the daily file management operations, I reach for this one every single day.

The tabs, features, tools, and customizations just make it hands-down awesome.

Developer Marek Jasinski has been hard at work for some time on the next version, FreeCommander XE.

He offers frequently updated Preview Release versions in both installers and “Portable” versions.

I’ve actually been running a non-public “donor” build of FreeCommander XE for quite a while and it has been very stable and fast on my Windows 7 (x64) system.

So when I finally got around to putting a recent copy on an XP system, I was startled to get the following error dialog window when launched.

"The Procedure Entry point ConvertToGlobalHandle could not be located in the dynamic link library KERNEL32.dll".

Super-strange. Interestingly, I could close the error dialog and the application otherwise seemed to function fine. It just appeared at launch.

I did some Google work and eventually found the cause via a similar error reported in the ImgBurn (a optical-media burning/ripping software I also recommend and use):

Imgburn error, entry point not found - ImgBurn Support - ImgBurn Support Forum

The error comes from ImgBurn, but it's not really ImgBurn's fault.

I ran into a similar symptom running ImgBurn under WinXP 32-bit.  In my case, the missing dynalink error dialog box on ImgBurn startup was caused by a copy of the Win9x-specific SvrAPI.dll in the c:\Windows\system32\ directory.

SvrAPI.dll dynalinks to the Win9x Kernel32.dll's ConvertToGlobalHandle() API.  But the Kernel32.dll of NT-based Windows OSes, like WinXP and Win7, doesn't export ConvertToGlobalHandle().  So if you try to load the Win9x SvrAPI.dll on an NT-based Windows OS, you get a missing dynalink error dialog box.  Removing c:\Windows\system32\SvrAPI.dll, which is not used under NT-based Windows OSes, fixes the problem.

Under Win9x, SvrAPI.dll exports the subset of the Net...() APIs available on that platform.  Under NT-based Windows OSes, NetAPI32.dll exports a much fuller set of the Net...() APIs.  ImgBurn, correctly, attempts to explicitly load some OS-specific DLLs via LoadLibrary(), like SvrAPI.dll and NetAPI32.dll.

This issue is not really a bug in ImgBurn since SvrAPI.dll should typically not be installed on an NT-based Windows system.  However, ImgBurn could work around this issue by attempting to load NetAPI32.dll first and only attempting to load SvrAPI.dll after NetAPI32.dll fails to load.  It looks like the explicit loading of SvrAPI.dll was added in ImgBurn 2.5.6.0.  ImgBurn 2.5.5.0 does not attempt to explicitly load SvrAPI.dll, and so does not generate the missing dynalink error dialog box.

I went digging on my Windows XP system system32 folder and -- sure enough -- found the SvrAPI.dll file there.  I renamed mine “SvrAPI.dll.old” instead of deleting it.

Re-launched FreeCommander XE and no more error. Mkay.

That has been about three weeks ago and I can’t find any harm has been done with “disabling” the file like I did. No telling what application I had previously installed that put it there. YMMV.

I was going to post a followup bug note in the FreeCommander Forums about the issue, but found someone else had already ran into the same issue (note to self, check in the program forums first) and reported the behavior and presence of the SvrAPI.dll file; also linking back to the ImgBurn forum link I found.

FreeCommander Forum • View topic - Entry point ConvertToGlobalHandle not located

Hopefully this or the forum link will help others who encounter this weirdness.

FreeCommander and FreeCommander XE (still in beta).

Highly Valca recommended!

--Claus V.

GSD Hurricane Tracking Links – 2012

nmev1i1k.h2uCC attribution: by "An Honorable German" (Charles McCain) on flickr.

Looks like I skipped doing a GSD Hurricane Tracking Links page update in 2011. I guess that’s because the tropics were very quiet for us last year. That’s a Good Thing ™.

Today the Valca clan spread from Houston into the remote reaches of Louisiana now watch with interest the multiple Atlantic Basin churnings.  So it seems fitting to fire up the engines, check and re-check the 2010 GSD hurricane linkages, and get this post into the skies.

Refresh your bookmarks!  (Or at least your link to your GSD Hurricane tracking post!)

Gulf Coast Watch List

Here is the updated list of hurricane links I am watching at home and work. There have been some changes--and additions--due to business model changes at some locations. And I’ve come across a few new and worthy sites to track the impending winds.

Listed in order of my current personal preference…

IBISEYE.com -- Your Atlantic Hurricane Season Tracking Map Source – An awesome site that mashes up tracking data on hurricanes and points of interest, along with Google Maps. Heavy on the JavaScript but makes up for it in pure visual delight. Not only are hurricanes and projected paths displayed, but also counties are added as they fall under various storm watches and warnings. Zoom in/out for more detail.

Google Earth – Google Earth remains in 2nd place in the list this season only because IBISEYE provides (IMHO) the best “at-a-glance” charting of big-picture storm data. Couple that with the wicked-awesome Google Earth Network Link For Entire Basin (direct download link) KMZ files provided by the Tropical Atlantic website and you are ready for some major storm-path modeling. When a storm comes, you can also go to the specific storm page and download/use the KMZ files for just that storm as well. Once you download the file, be sure to save it “permanently” in your Google Earth preferences so it will be available and “updatable” with the latest data when needed. Lay in some of the FEMA flood hazard layers for more usefulness. Finally, supplement it some more with tools from these Google Earth Blog links: Storm Tracking With Google Earth & More tools to help track Hurricane Irene

SciGuy Blog – Chon.com’s Eric Berger - It’s probably not a good idea to attempt to interpret all these charts and data on your own to make life-impacting decisions as a hurricane bears down on you. Fortunately, Eric continues to faithfully provide Houstonians and neighbors beyond his outstanding details, commentary, live chat-sessions, and analysis of all science and prognostication tropical. Highly recommended as a filter of reason and temperance in a media-market filled with over-hype, smashing graphics, and fear-factor extremes. Besides that, you can count on Eric to provide great meteorological linkage to excellent source material like this GFS global model or this the European model. It’s a must-follow/must-RSS feed blog for all Texas Gulf Coast residents. Period. (see also Jeff Masters’ Wunder Blog : Weather Underground).

Skeetobite Weather - New (to me) charts and data site found by keeping a keen eye on Eric Berger’s hurricane posting data linkage. Good stuff here with nice clean graphs, graphs, and data linkage.

Tropical Atlantic: NHC Model Data for Tropical Storms – TropicalAtlantic – For folks who need to have more than one storm-track model.  Look at the top of the page to select any current storms.  Then you can select either the “in-browser” Google Maps mash-up or the Google Earth TMZ builds.  Additional NOAA summary of storm-track models. Also, Tropical Atlantic: Information About Atlantic Hurricanes – main-page. 

Hurricane and Storm Tracking - Terrapin's site remains a dear favorite. It is lean and simple and allows for quick location of information without lots of graphic overkill. The storm-track plots come in two flavors, a simple historical and future projection track that is static as well as a java-based animated one. Loads fast and updated as new forecasts are posted.

National Hurricane Center - Website maintained by the National Weather Service. Lots more linkage on the sidebar for hurricane related topics and preparations. The main page has links to a number of graphics and advisories.

(NHC's) Atlantic Graphical Tropical Weather Outlook - A sub-page of the site listed above. This is pretty cool. Any current tropical systems are overlayed on a satellite image with an icon. Hovering over the icon pulls up a quick update view. Clicking on the update popup then takes you to the system's detailed page.

Moreweather.com -- Tropical Atlantic Weather Page - T-Storm Terry Faber has created a great hurricane system page here. Not only does it have lots of links to any active systems, but it also contains links to radar and satellite images, many in great details and high resolution. The hurricane tracking maps and projections are there, of course. T-Storm Terry also provides links to other sources of information as well as historical data on previous storm systems.

Tropical Weather : Weather Underground - This is a fantastic site that has the widest range of linkages, maps, images, models, and everything. Just about the only thing it doesn't provide is winds blown into your face through the monitor. Which is why I put this at the bottom and not the top: there is just so much information it overwhelms.

Oklahoma Weather Lab | Hoot - Models: GFS Model Upper-Level Wind 850mb provided us great forecast models of the high/low pressure zones and ridges leading up to Ike’s eventual landfall and really helped us understand the forces driving its path.

Tropical Cyclone Guidance Project | Real-Time Guidance - NCAR Research Applications Laboratory - “The real-time guidance system generates an individual page for each active storm in the North Atlantic, Northeast Pacific, and North Central Pacific basins. Each individual storm page features the latest plots of model guidance and intensity forecast aids for that storm, as well as other diagnostic and observational information.” - added 08/10/2012 via a tip from SciGuy blog Eric Berger. Drill down into great plot track guidance models.

WeatherBELL Models - Amazing collection of high-quality weather models and data. Until you get focused, you can easily get lost for hours in the charts, visual model animated “loops”. My head is spinning and I’m afraid I will start to be dreaming in whirls of colors! - added 08/10/2012 via a tip from SciGuy blog Eric Berger.

Experimental forecast Tropical Cyclone Genesis Potential Fields - Department of Earth, Ocean, and Atmospheric Science, Florida State University - Great supplemental animated and static image data on a lot of key tropical weather-related information points. - added 08/10/2012 via a tip from SciGuy blog Eric Berger.

Atlantic and Caribbean Tropical Satellite Imagery - Satellite Services Division / Office of Satellite Data Processing and Distribution and Gulf of Mexico Imagery - Satellite Services Division / Office of Satellite Data Processing and Distribution from the NOAA.  Special thanks to GSD frequent commentator “Bozo” for sharing this great source of satellite images from NOAA with me last year.

National Weather Service - another top-level landing point to drill down deeper into forecast maps, radar imagery, etc. - added 08/25/2012

National Weather Service Doppler Radar Images - link to various NWS/DoD Radar sites. Select your focus then add additional details and information via the bottom control bar as well as run loops from the left control bar. - added 08/25/2012

Tropical Cyclone Heat Potential Page: Global Fields - Select your basin map field on the left (such as the Gulf of Mexico). Put very simply, understanding what the water temperatures are and combining them with storm-track information might help one forecast potential intensification/intensity of a tropical storm. Of course lots of other factors play into the mix as well… - added 08/25/2012

Gulf of Mexico AVN Color Imagery - Satellite Services Division - nice radar loop imagery with options to add additional data markers to the base image. Provided by the NOAA Satellite and Information Service/NESDIS) (AVN=Aviation) - added 08/25/2012

Gulf of Mexico Visible Imagery - Satellite Services Division - nice visible satellite loop imagery with options to add additional data markers to the base image. Provided by the NOAA Satellite and Information Service/NESDIS) - added 08/25/2012

Latest Satellite Imagery - NOAA site that has links to a large number of additional satellite imagery. Neat stuff. - added 08/25/2012

NEXSAT, NRL/JPSS Next Generation Weather Satellite Demonstration Project - Super-duper cool satellite images and loops. Again drill in to get to the NEXSAT area of interest (such as the Gulf of Mexico), then use the controls above and to the left as needed to tweak your views. - added 08/25/2012

NCEP Central Operations - National Weather Service link - Pick the option you want above the map, then select the type and area. Finally make one or more final option picks and you get some very helpful graphs. - added 08/25/2012

Weather & Climate Data - COLA - Additional links for current conditional analysis, forecasts, climate outlooks and hurricane intensity models. - added 08/25/2012

Galveston Bay Operational Forecast System (GBOFS) - NOAA Tides and Currents for the Galveston Bay area - super neat tidal and water level information useful for those who dwell on the rim of Galveston Bay. Also reports wind and current data with animated loop views available. - added 08/25/2012

Northern Gulf of Mexico Operational Forecast System (NGOFS) - NOAA Tides and Currents for the wider upper Gulf of Mexico costal areas. - added 08/25/2012

Texas Storm Surge Models - Wunderground - For additional storm surge inundation maps for US coastlines, see this page Storm surge imagery for the U.S. coast | Weather Underground - added 09/01/2012

U.S. NEXRAD and TDWR Radar Stations - Wunderground - I’m linking to the main map from which specific radar stations can be chosen depending on your area of attention; though the Houston Hobby and Houston-Galveston interest me the most. The radar images have lots of cool tweaks you can perform on them so spend some time getting to know them! - added 09/01/2012

Computer models - USATODAY - old but a good starting point introducing foundations to weather forecast models. - added 08/25/2012

Stormpulse / Hurricane tracking, mapping - Sadly, Stormpulse has now been diminished to the bottom of the pile. The site developers have modified their business model (you go dudes!) to now be solely subscription-based access. There are some time-limited free-trials you can access. Currently they are not offering any “consumer-level” subscription services and the basic package is probably still too pricy for all but the most crazy consumer weather-heads. All that said, they do still have a “live” mini-display view on their home page that contains a fair amount of the imagery and tracking projections that we all used to love. If you are desperate and pine for the days of Stormpulse of old, then hop over there and just zoom up your browser window display size to your heart’s content.

Local Winds

For local Houston area facts and updates, most of the local news stations have their web-sites powered up.

Even More Weather

I have found these additional links pretty cool:

Road Kill

Again as it bears repeating, you just don’t want to be caught off guard when one of these comes knocking

--Claus V.