The world seen from an IT consultant's perspective

The Machine SID Duplication Myth

2009-11-05T23:04:00.000+01:00

When you clone machines you use NewSID. But why?

Mark's Blog : The Machine SID Duplication Myth: "NewSID has never really done anything useful and there’s no reason to miss it now that it’s retired."

Here you can read why the author new NewSID retired this fine tool.

Multicast test client

2009-11-04T23:28:00.001+01:00

Microsoft got a tool to test multicast support in the network.

ASE update

2009-10-21T12:36:00.000+02:00

I have attended an ASE update now and from what I have heard these are the most exiting news.

ASE is an acronym for Accredited Systems Engineer. Back in the good old days with Comaq this was a certification we needed to proove that we knew Compaq servers. Today with HP I am not so sure. But I did attend.

1. Brocade is selling host bus adapters. They are cheaper than those offered today and easier in integrate into your existing Brocade SAN.

2. The future networks are more converged. Your SAN and regular network are one. This is years to date as many required standards are not complete yet.

3. ProCurve - the network division are dedicated to open standards, leaving good rock solid proprietary standards from Cisco out.

4. The high end ProCurve switches supports a server module. Nothing exiting yet but they have partnered with good nische vendors like F5 and Riverbed. Can we expect to see the Big-IP LTM running on a switch soon?

5. New architecture like virtual connect and 10g flex will make our days much better. Now we can move physical servers between chassises without reconfiguration. I did not attend this session so I don't know any details on this topic.

6. Windows 7 and Server 2008 R2 works like a charm. IPv6 required for DirectAccess. To what extent is not known. (Like IPv6 support on the public Internet.) BranchCache(tm) caches files and web sites locally - at a site.

7. With Software Assurance on Windows 7 you get lots of extra for management; inventory, system center for desktops, extended group policy support.

8. Windows 7 is built on Windows Vista technology. Most Vista software works out of the box on 7, except for firewalls, antiviruses and other low-level applications.

In short: lots of new thing to learn!

A bad RocketPost review

2009-10-19T22:55:00.000+02:00

I found this piece of software called RocketPost from Anconia. A software that makes all your blogging go much easier.

From their web page it seems to have almost all the features that I want from this sort of software.

So I downloaded it and gave it a try. It did not work. It failed to work with Blogger that is one of the most popular blogging software out there. It probably failed because I use Firefox as my default browser. I just could not log in.

So I uninstalled it.

How Windows came to be? - a Windows OS history

2009-10-17T00:02:00.000+02:00

How Windows came to be? - a Windows OS history: "Everything started in 1980 when IBM approached Bill Gates and his new company, Microsoft, on a meeting about home computers and Microsoft products."

Read about the history of Windows. Fun reading for nostalgics.

How to add a root CA to a Java keystore

2009-10-16T09:41:00.001+02:00

I had to add a new issuer of certificates to the list of trusted root certificates in Java. The issuer was CN=UTN-USERFirst-Hardware.

To do this you first have to identify what version of Java you are running. Under your Java installation you have to locate a file cacerts (%JAVA_HOME%/jre/lib/security)

You also need to get the root ca certificate, often downloadable somewhere from the Internet. A copy of the URN-USERFirst-Hardware root certificate is found here. Download the file and save it somwhere safe.

When ready do this:

keytool -keystore ..\cacerts -import -file ..\rootcert -alias utnfirsthardware

When asked for a password, the default password is changeit. Unless you or someone else has changed the password this should work.

System Center Online Desktop Manager Beta is Coming Soon

2009-10-14T09:07:00.000+02:00

System Center Online : System Center Online Desktop Manager Beta is Coming Soon: "The System Center Online team has been working hard in preparation for its next beta release of System Center Online Desktop Manager, expected in the fall of this year."

Microsoft is moving more and more towards the service segment. What partners will be left? This blog is just an example of the direction Microsoft is moving towards.

What is an ISP looking glass

2009-10-12T11:58:00.000+02:00

Many ISP's provide something they call a looking glass.

a mirror; usually a ladies' dressing mirror
Source: Google

This is not what an ISP got. This is something that makes you look into their internal network from the outside.

A Looking Glass is a piece of software running as a CGI on an ISP's webserver that allows external users to get a look at routing and network behavior within their network. The software is usually a Perl script that resides in the CGI bin of a web server. The script executes shell commands, accesses a remote router, performes either a ping, trace, or one of several show commands allowing a view of the IP and BGP route tables. The CGI then returns the information as a web page.

Looking Glasses are most commonly used for verifying routing between providers, and for verifying that routes are propagating correctly across the Internet.

Source: InetDaemon

Why intrusion detection?

2009-10-12T08:33:00.000+02:00

IDS has been around for many years now. Intrusion Prevention came right after and tried to solve the fact that an IDS only detects an abnormality but does nothing with it. These detectors are commonly installed on the perimeter firewall or close to it.

IDS was an attempt to automate the process of identifying attacks in the network. It looked for incorrect use of various IP protocols, port scans and other things that could easily be detected using a signature. Improvents to the IDS was things like IPS or IDP - where they actually prevent things instead of just detecting threats.

Do we need an IDS?

For most cases I'd say no. The reason for this are;

1. Novadays most attacks are directed towards the client PC. This is a laptop that are on the Internet. We need to protect the client at all times, just not when on the company network.

2. Many viruses , hoaxes and trojaners are mutable and not detectable by an IDS. Security needs to be on the client.

3. With widespread use of encryption, like https leaves the IDS useless. It can not see the inside of the payload.

4. An IDS is just one of many tools you can use to protect your computer. (Get them all from one vendor - it will work together.)

Because of this the focus has been moved from the network and the perimeter on to the PC's on the network. Many vendors have all-in-one solutions for viruses, spam, threats and other potential dangerous attacks.

Be safe - buy yourself a good all-in-one protection package!

A Review of the Pirated Copy of Windows 7 I Bought On eBay | Cracked.com

2009-10-09T08:30:00.000+02:00

Read this review and find out how Windows 7 is going to affect all our lives.

A Review of the Pirated Copy of Windows 7 I Bought On eBay | Cracked.com: "he official release of Windows 7 is only a few weeks away, and if you’re anything like me, you’re probably asking yourself what effect this will have on your lives."

Enable SAN on Windows Certificate Services 2003

2009-10-06T18:39:00.002+02:00

If you ever need to issue certificate with subject alternate names added to them from your favourite Microsoft Windows 2003 Certificate Services you have to enable it using this command.

CERTUTIL -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2

UNLOCKER

2009-10-05T09:32:00.000+02:00

In case you can not delete a file...

UNLOCKER 1.8.7 BY CEDRICK 'NITCH' COLLOMB: "Cannot delete file: Access is denied There has been a sharing violation. The source or destination file may be in use. The file is in use by another program or user. Make sure the disk is not full or write-protected and that the file is not currently in use."

Unlocker solves all your file delete related problems.

Do not reply

2009-10-05T08:20:00.000+02:00

If you get an email like the one below do not reply. It is a hoax.
________________________________________
Fra: Chevron Texaco [office@chevrontexaco.com]
Sendt: 3. oktober 2009 17:25
Emne:

Your e-mail address just won you £950,500.00 GBP in our July 2009
Grant/Donation Award held by The Chevron Texaco.
To claim your donation, contact Mr. Gary Williams,
Executive Secretary,

Mr. Gary Williams
Email: chevrontex1@gmail.com
Dept. 1.

With:
1.Name :
2.Address:
3.Age/Sex:
4.Phone / fax Number:
5.Country Of Residence.

Regards,
Mr. Richard Philips

-----Unmodified Original Message-----

.NET micro framework

2009-10-01T22:35:00.002+02:00

Microsoft is always looking to extend their .NET platform.

The .NET Micro Framework is ideal for hobbyists who are looking for a fast, reliable way to develop custom hardware controllers for a variety of applications.

But I did not expect Microsoft to look at embedded hardware development something that hobbyists do on their spare time.

But way cool! :)

How to create an SSL certificate with OpenSSL for use with Apache

2009-09-29T15:33:00.000+02:00

Here are the easy steps needed to create a certificate for use with Apache using OpenSSL.

First you need to create a private key to use with your certificate.

openssl genrsa 2048 > priv.key

You then need to make a Certificate Signing Request (CSR) where you fill in a lot of information. The most important information to fill in is the Common Name (eg, YOUR name). Type in the name of the web server (www.helge.net) or similar.

openssl req -new -key priv.key -out cert.csr

You can now send your CSR to an online certificate authority. They will know what to do with it. In return they will send back a certificate you can use with your web server.

More detailed information can be found here.

Mass mailers review

2009-09-27T14:09:00.000+02:00

This article will talk about things to look for when using mass mailer software. We will look into the difference between Microsoft Outlook, Microsoft Publisher and SmartSerialMail. The first two are popular software that come with Microsoft Office. The last one is something you will have to buy.

Shortcuts to parts of the article:

3rd party database integration
HTML code
Plain text code
Personalization
Bandwidth considerations
Compare the different applications
How Outlook works
How Publisher works
How SmartSerialMailer works

Integration with third party email-databases

In many cases you want to send out e-mails to other people than your primary contacts. Like responses to a survey on the Internet where the contact information is stored with an SQL server.

Often the software will import the email-database into its own format. When handling the life-cycle management of an e-mail you probably want to work directly towards the external database so changes applied there also are applied for the next distribution.

Some mass mailer software can read NDR's and update the database (block the e-mail address for future messages), but it won't do you any good if these changes are overwritten in the next import.

HTML code

If you like HTML coding you need full control of all aspects of the HTML code for the mail being sent. Many e-mail clients can only do simple formatting, which is very limited compared to what you can do with, for example, inline CSS.

Plain text

The plain text representation of an e-mail is always sent with the e-mail and is often just the text displayed with all formatting removed. Many clients can still only read the plain text version so you probably want to make a version of your message readable to those clients as well.

Most often you want to change how links to external pages are displayed and how tables are displayed in plain text.

Personalization of e-mails

If you want to make a personal invitation, like greeting the recipient by its first name or showing what e-mail address this e-mail was sent to you need personalization.

Bandwidth requirements

If you do this from home or any other place where you have limited bandwidth think of how the mails are sent. Is it sent one by one or many at one time?

If you have 100 recipients and sent out an e-mail that is 50kB in size you will transfer over 5MB to the Internet. This can take some time. If your recipient list is large enough - is your time window large enough for this?

If your mail software sends out one SMTP mail for these three recipients; a@a.com, b@a.com and a@b.com the SMTP server will optimize these reciptients into two SMTP messages when relaying; one for each domain.

If you send out one by one the relay will also do so.

Comparison guide

Feature	Outlook	Publisher	SmartSerialMail
3rd-party integration	No	Import	Import
HTML customization	No	No	Yes
Plain text	Automatically	Automatically	Full control
Personalization	No	Yes	Yes
Bandwidth	Efficient	Depends	Inefficient

Outlook

Outlook (in both Exchange and SMTP server mode), Outlook Express and Windows Mail are very similar when it comes to how e-mails are handled.

Outlook can import contacts from some external systems, but not databases. You have no control of how the embedded HTML code is made. The code is often ugly and unnecessary complex.

The plain text version is generated automatically based on the contents.

As you have no personalization options available if uses your bandwidth very effectively.

When your message is mostly text from top to bottom Outlook is a great tool.

Publisher

Microsoft Publisher works well with Outlook. As there is no mail support within Publisher it relays on MAPI to send mails. Outlook and Outlook Express are both MAPI enabled.

You have absolutely no control over the HTML code that is generated but you have a WYSIWYG GUI that does all the work for you. If something can't be displayed using HTML Publisher will create an image of the text and display it instead. (Like text rotated left.)

The plain text version tries to place the text at the same place as the HTML version. This gives you lots of spaces between sections of text. This format is not optimized for mobile phones or other clients with small display.

Publisher also has a design checker that informs you about potential problems with the format of your mail, like overlapping images.

You can choose if you want to personalize the message or not. But you have to do so if you want to use address book except for Outlook. The feature is called e-mail merge. If you choose to merge you can use your Outlook contact list, any SQL data source or create your own list.

SmartSerialMail

This mailer works only with its own database. You can however import from many different data sources, including the Outlook personal address book.

You create your e-mail using an HTML editor with basic formatting from the GUI. You can edit the HTML code directly so if you know how to code HTML modifications are easy.

The plain text version is either made automatically from the HTML version or you can make your own version that fits your needs.

Personalization is supported as you can use any field that you have in the database.

The bandwidth requirements are the highest of them all as each mail is sent on its own - leaving no room for good network performance.

This mailer has some unique features that still makes it interesting. It can handle bounced messages and automatically exclude that e-mail from receiving any further emails. It can also read a POP3 account and handle e-mail based subscriptions. This makes the recipient life cycle management easy.

How to specify MSI properties with Group Policy

2009-09-14T10:03:00.001+02:00

Often you will find that vendors that have created Windows Installer files for their application only tell you how to change their settings from the command line. A typical example could be like this:

msiexec /i mypackage.msi ALLUSERS=1 LICENSE=a-key-here

This is very good as it makes it easy to automate installation. But what should I do if I want to automate using Group Policy???

I have mentioned Orca several times as a good tool to modify existing MSI installs.

What you have to do is to open the MSI file in Orca and create a new transform. Go then into the Property table. If you find the property you want to add, change the value there. If not, add a new row and enter your information. Your changes are recorded with green bars.

When done, save your transform. This transform can then be added to group policy.

Nokia E75 camera rotates image wrong

2009-09-14T07:34:00.000+02:00

Sometimes at least. Look at the pictures above. Both images were shot with the keyboard closed and the shoot-button on top.

Even so one image was rotated. The other came up right.

I have tried to turn off every "rotate" function within the camera. But no luck yet...

Mail2blogger and image attachmens

2009-09-12T19:57:00.000+02:00

First: the image above does not have anything to do with this blog post. It is just an image I have attached with this email that was converted into this blog post. The image is of my dog Inka, looking around in a train in Oslo.

Bloggers email support is good. You send an email and get it published as a post.

Emails sent in plain text is converted as plain text to your post. This email was sent in plaintext format. Html tags such as <b> are treated as text and displayed on the page.

E-mails sent in html format are treated as html and the body are copied over to your post. Not sure what happens to inline css just now. You can use all your favourite tags such as a, b, table, p among others.

But what about attachments? Earlier I thought that html files as attachments worked as with email. But it don't. I have also tried with word documents without any success. They are just removed.

Jpeg images on the other hand are kept and inserted into your post. The images are placed on top of your post before any text, just as my dog above.

The image is uploaded to your own server if you have one in two versions; one scaled down and one full size. The generated code places each image inside a p tag with a class=mobile-blogger.

For me it makes it much easier to publish some kind of photo when on the run. Bloggers own documentation is not clear on what formats are supported. I can't find any references to image uploads at all.

Creation

2009-09-02T17:37:00.000+02:00

Creation on Vimeo: "Creation"

Indeed a very nice ad. I love this style on ads.

GPO, GM and samplers

2009-08-24T10:27:00.000+02:00

Lately I have reviewed some MIDI/sequencer sampler software. I have fallen in love with Garritan Personal Orchestra when looking for DAW software. They just released a new version - GPO4 - as I already have mentioned.

GPO makes very good sounds for piano, cellos, violins and most of the other instruments they have in their orchestra. And most of the instruments works as expected without any problems at all.

There is to things that I really miss out, and it is:

Percussion - mapped to General MIDI. Today all percussion instruments has to be remapped from general MIDI standards.
Guitars. I love the sound of a good guitar.

To solve this I found a very nice tool called ForteDXi. It is a sampler (DXi interface) that gives you all general MIDI instruments not found anywhere. It is loaded with 128 high-quality sampled instruments, and offer a sound quality far better than the standard Windows Midi Synthesizer.

New version of Garritan personal orchestra is released

2009-08-20T23:23:00.003+02:00

World famous Garritan just released a new version of their fine personal orchestra.

There are many changes, most noticeably is that they have replaced their Kontakt player with ARIA. You can also purchase and download the suite online now.

I am exited to try it out soon! I tried out the previous version about a year ago.

Tracktion 3 MIDI is buggy

2009-08-17T01:02:00.001+02:00

After using Traction 3 for almost a year (read my conclusion here) solely for mixing audio I started on a MIDI project. I tried out with Garritan Personal Orchestra (read more about options I have tried here).

Traction often crashes when I try to load MIDI files downloaded from the Internet. The files plays correctly with MIDI-OX and Windows Media player.

When Traction manages to read the MIDI file (it happens on one of ten tries) I can work on my MIDI project and try to map instruments to Garritan. This works almost well. Some times when I try to load instruments then Traction crashes again.

Basically I can not work with MIDI using Tracktion.

Looking into the forums for help just confirms that other people also has similar problems. The product has not been updated for over a year, and there seems to be nothing new from the Mackie web site.

For now I am looking into REAPER to see if it any good and can replace Tracktion...

MSN and error 8100030d when logging in

2009-08-16T21:47:00.000+02:00

I received this error when logging in into MSN. Looking for this error message on the Internet gave me nothing to work on except for the fact that it seems network related.

So I started looking into what can block the messenger. I have three options:

The PC it self. As this was a problem on more than one PC I did not believe that the problem was here.
The local firewall.
My ISP.

My router is a Fortigate box running a relatively new FortiOS 3.0 image. I went in to the protection profile for my outgoing traffic and found that the profile protects me from MSN traffic.

I am not sure why this happens but it was "solved" by deactivating the Messenger scan from within the Fortigate.

STOP F4 with Internet Explorer

2009-08-13T12:54:00.001+02:00

If you experience blue screens when running Internet Explorer 8 on Windows 7 (and probably some other versions of Windows) read on.

Do this.
Then run ATF-Cleaner to clean up your temporary files.

Good luck.