RafaelWolf.com

I found an interesting site the other day (forwarded to me from a colleague found here –> WizCrafts).  I decided to implement their IP block technique on my CPanel server.  I happen to host on my own CPanel server (http://flophost.com if you’re interested ) and as a result I have ssh access to it BUT as most CPanel hosting providers go you likely won’t!

Note, I had problems actually implementing a “global” IP block policy because of the way CPanel operates in conjunction with IPTables on my server (or so I suspect!).  If I had a separate firewall I could better implement a global IP block (because it would be separate from CPanel) but I don’t for now so I’m encouraging all to follow these steps to implement the IP block not only with sites I’m using but for others who host on CPanel servers.  If you don’t use CPanel you could likely tweak your .htaccess file in the same way but you’d have to figure out if that’s how your web hosting panel does things and if it doesn’t this .htaccess method should still work anyway…try it and see.

Here we go!

1. Download my example file here (note it’s a text file) –>  .htaccess example
2. Edit the text file to meet your needs, maybe you want to delete, add or modify the list?  Check WizCrafts site for updates!
3. Backup your original .htaccess file, rename it to something like .htaccess.original or download it to a safe place just in case (I recommend downloading it for safe keeping and taking it off your server EVEN THOUGH you’ll get an error if trying to view it; it’s good practice to keep things tidy!)
4. In the “Wizcrafts_htaccess.txt” file you’ll need to edit just a few lines to match your CPanel installation
   • AuthName YOURDOMAIN.COM<–GOESHERE<–also delete the “GOESHERE” part
   • AuthUserFile /home/yourusername/public_html/_vti_pvt/service.pwd
   • AuthGroupFile /home/yourusername/public_html/_vti_pvt/service.grp
5. Now upload this to your “public_html” folder, rename the “Wizcrafts_htaccess.txt” file to just .htaccess and look at your IP Deny Manager in CPanel.

* Troubleshooting, if you get an “Internal Server Error” like I did it turned out to be my comments bleeding over into being uncommented.  I had a line like this…

# My cool comment, I’m blocking xyz IP’s from
such and so country
# Next comment would come along
then it would bleed over into uncommented land

Turns out that will throw the server into error because it doesn’t understand or know what “such and so country” is SO if you have an “Internal Server Error” after you implement this look over your file and make sure your comments aren’t wrapping!

I am posting what might seem “trivial” information sometimes but believe it or not some people need the help AND I often use my own site as a source of documentation so if you’re wondering how to install Flash Player 10 on Ubuntu here’s all you need to know…

1. Open a terminal / command shell
2. Type:  sudo -i
3. Type in your password, this will get you root access
4. Type in:  wget http://fpdownload.macromedia.com/get/flashplayer/current/install_flash_player_10_linux.deb
5. Type in:  dpkg -i install_flash_player_10_linux.deb

Open your web browser to this link and see the fruits of your labor.

Click here –> Test Flash Version

Now you can play Mafia Wars or Farmville to your hearts content on your Ubuntu install

Are you looking for the Windows live mail auto complete database file location?  Then you’ve found the right place!

It’s here or in a spot similar since your SID will be different than the one I have listed:

C:\Users\odlprofilehere\AppData\Local\Microsoft\Windows Live Contacts\{262c4685-xx99-6666-blah-moreblahblah}\DBStore

C:\Users\newprofilehere\AppData\Local\Microsoft\Windows Live Contacts\{12168aeb-uu88-9999-blah-moreblahblah}\DBStore

I had used the Windows 7 migration tool called “Easy Transfer” although it was fairly easy it didn’t transfer everything.  So Micro$oft lets rename it the “Fairly Easy Transfer” utility!  The one thing it didn’t pickup was the Windows Live Mail auto complete database so who can really complain? 

What I did was close Windows Mail, opened two instances of Explorer so I had each afore mentioned  folder side by side.  I then renamed:

Backup———–> Backup_old
LogFiles———-> LogFiles_old
contacts.edb—-> contacts.edb_old <–I think this is the only one that truly matters
contacts.pat—–> contacts.pat_old
dbstore.ini——-> dbstore.ini (I didn’t think I needed to rename this one)
edb.chk  ———-> edb.chk_old

I then copied them from “C:\Users\odlprofilehere…” to “C:\Users\newprofilehere…”

* I’d also like to mention that you might have several folders with the funky SID (Security ID) numbers in your profile “Windows Live Contacts” folder.  What you have to do then is figure out which one is the newest and the ONLY way I could do it is by checking the date on “contacts.edb“.  I don’t truly know if anything but the “contacts.edb” file matters, I suspect the ONLY file that’s important is the “contacts.edb” file but I didn’t spend time figuring it out.

Reopen Windows Mail and test it out by beginning to type in an email address, you should see the drop down you’re used to!

As always feel free to comment or add your own tip if you have a different experience!

In the past I’ve created batch files to do some scripted redundant scheduled task for me, usually it’s related to backing up folders or files but I have a colleague who set one up when his server reboots or specific users log on to their systems on his terminal server.  When the script is done I usually have it call and execute an email VB script letting me know the task was completed with a specific message telling me what happened.

I ran into a bit of a problem recently with  Server 2008!

In the past I’ve used these well written, simple and useful scripts from Paul Sadowski but they failed to work on Server 2008.  Here’s the link to Paul’s site, all his stuff works GREAT on Server 2003 or Windows XP and I continue using them on those systems.  –> Link.  By the way, my scripting ability is limited so I have to once again thank people like Paul and James (who’s script I ended up using) for posting their scripts online for us to use!

If I tried executing his scripts on Server 2008 I’d get weird errors like these:

• “The server rejected the sender address. The server response was 530 5.5.1:
• “Send Error: The server rejected the sender address. The server response was: 550 Access denied – Invalid HELO name (See RFC2821 4.1.1.1)”
• “550 Access denied – Invalid HELO name”
• “CDO.Message.1 error ’80040213′ The transport failed to connect to the server”

* Also keep in mind that all these errors were not specifically from Paul’s scripts that he so kindly shared, most of them were due to me trying to edit and tweak his existing script in an attempt to eliminate the errors which I did a poor job of doing

I decided to start over and I stumbled upon James Koopman’s script:  http://www.jameskoopmann.com/?p=20

Thanks James for your excellent script!  You can download his script from the site above or download the script I edited and used (sensitive security information gone of course!) here –> Server 2008 compatible Email VBscript

For your information my script does NOT use a local email server, most of my problems were because I wanted to use an external email server.  The above errors are due to not having a username type in correctly, the wrong password, trying to use ssl or NTLM when you should use the “1″ option for clear text.  A security wonk might balk at the idea of a clear text email authentication BUT I’d also like to remind the wonk that the script sitting on the physical server isn’t encrypted either although it’s in a safe place .  This solution “works”, it’s not the best but it’s not the worst.

Good luck out there!

To all my brothers and sisters out in Internet land!  I had an unusual time finding this download, I finally found it on some obscure Micro$oft website but have since lost the actual link.  I tried to find the link for a colleague and I gave up shortly thereafter realizing I already had the file and that I could just send it to him.  If you’re looking for the RoboCopy Gui (which also includes robocopy.exe) get it here!

–> RoboCopy Gui

Robocopy is a great utility, it’s a bit more robust than xcopy, it has some great options like backup mode which from what I gather uses the system account to leverage shadow copy for backing up files with different permissions than the user you’re running your script with.  It’s good stuff all around.

Here’s an example robocopy script I happen to use, it backups up end user files once a week.  I run it 4 times per month and store the data in 4 different locations, week1, week2, etc, etc.  It backs user data up, then my next line says to move the log to a different location and finally it calls my email notifier letting me know the job was complete.

• robocopy “\\myserver\users” “E:\myusers_Users_Backup\Week1″ /E /SEC /COPYALL /V /XO /LOG:”Week1_backup.log” /FFT /Z /B /ZB /R:10 /W:30
• move /Y “C:\Documents and Settings\Administrator.MYDOMAIN\Application Data\Microsoft Robocopy GUI\Scripts\Week_1_backup.log” “E:\Users_Backup”
• call “\\myserver\myshare\somesubfolder1\User Documents\Week_1_Email_Notification.vbs”

I did a brief search online for an IE8 ADM file for group policy.  I didn’t particularly find anything of interest and the one I did find had errors in the file and wouldn’t work so in my impatience I decided to extract the IE8 installer from Microsoft and see what it had to offer me.  I found what I needed!

If you just want to get this over with and download IE8′s ADM group policy file, right click here and select “save as” –> Link

For the more adventuresome that want to know how you get it or if you want to get it because you don’t trust the link to that Trojan horse above (joking) then this is how you do it!

1. Download IE8′s package from Micro$oft –> Here
2. Make sure you have an archive utility like 7-zip or winrar that can extract exe files
3. Open this folder on your network “\\domaincontrolernamehere\c$\WINDOWS\inf”
4. On your domain controller rename the “inetres.adm” to “inetres.adm_original“
5. Now navigate to the folder with the extracted files, the brand new IE8 extracted contents
6. Copy the “initres.adm” in that folder to your domain controllers inf folder “\\domaincontrolernamehere\c$\WINDOWS\inf”

* I’d also recommend copying this to your local clients (your computer) “C:\Windows\inf folder” just in case you’re managing group policy from that client.

Now, open your GPMC (Group Policy Management Console) and you should see all new options.  Note that the IE8 ADM is compatible all the way back to IE6 or so I’ve read on MSDN forums.

Installing Skype on Ubuntu

Not sure anyone really has a problem with this BUT I thought I’d post it anyway.  The only “problem” I had were a few Skype dependencies that Ubuntu 10.04 didn’t already have installed.

1 – Open a terminal (I usally call it a command shell or shell)sudo -i

2 – Type in your password so you can work as “root”

3 – apt-get install libqt4-dbus libqt4-network libqt4-xml libqtgui4 libaudio2
* I noticed these dependencies not installed on my machine

4 – Download Skype:  wget http://www.skype.com/go/getskype-linux-beta-ubuntu-32

5 – dpkg -i skype-ubuntu-intrepid_2.1.0.81-1_i386.deb

6 – From a command shell type:  skype

Get it while it’s HOT!  For years ClamAV has probably been protecting you to some degree without you even knowing it.  It has historically been used for appliances like email servers, web servers, file servers, etc and usually only on a Linux OS.  Why?  Because that’s where it all started .

At one point they had a Windows version of ClamAV called ClamWin but it must have been a few years ago it vanished (or at least seemingly vanished) because they decided to develop it further.  I have been keeping my eye open and occasionally checking for a Windows version and it’s now finally out!

If it’s good enough to scan your email it’s good enough to protect the desktop.  I suppose there are several schools of thought on this.  One saying you’ll want one AV scanner to scan inbound files on the server, a different one on the firewall (if it has that feature) and yet another on the desktop.  Sure – but for home losers like us anything that’s both good and free works for me!

The good thing about ClamAV for windows:

• Real-Time Scanning
• Simple feature set
• Folder exclusion
• Open Source

The bad thing about ClamAV:

• Doesn’t seem to do a “full system scan” from the gui, I have a batch file to help you though (for WindowsXP, ClamAV version 1.0.26, feel free to edit for your OS’s directory path –> Here)
• Currently have to be “online” for it to scan (they plan on offline in the future)

I’d HIGHLY recommend it though, it’s good enough for me!  –> Download

Note:  Getting into BIOS on a Zotac Mag – Delete Key, keep on pressing it till you get in!

I recently bought a Zotac Mag (<– USA site, their Japanese site is horrible), it’s a micro PC (although most call them “mini pc’s“) you can use it for an everyday desktop or if you know how you can turn it into anything you want because; for its size it’s relatively quick.

The one from NewEgg where I purchased it was a decent package.

• Intel 330 Atom (Dual Core)
• 160 Gig SATA hard drive
• 2 Gig of RAM
• $308 out the door including tax + shipping

One problem though (well, not the “only” problem), was how to upgrade the BIOS without using the Windows utility they include.  After racking my brain on this one for literally HOURS and trying different things I put in a support ticket out of frustration.  I suppose that for a “geek” putting in a support ticket with a vendor is the modern equivalent of a guy asking for directions because he’s lost while driving and scouring his routes over on the map to no avail.  Shortly after submitting my support ticket though I took another look at the current BIOS boot options.  There is was, their BIOS makes NO SENSE.

What their BIOS does (and no other BIOS to my knowledge) is only lets you boot your “1st device” and it doesn’t show USB disk devices as a bottable device.  By default the first boot device is the on board internal hard drive and even though you may have a USB Pen drive plugged in it doesn’t see it.  How completely dumb is that?  If you have a USB floppy, CD or DVD ROM drive it shows up in the list as an option to make them 1st, 2nd, 3rd, etc but a USB Pen drive IT DOENS’T DO!!!

So – here’s what YOU need to do for upgrading your BIOS in a Zotac Mag because their BIOS is completely, mmmmmm – dumb (to be kind).  I suppose this isn’t totally without Windows since I have a few laptops with Windows my instructions for making the boot disk leverage those to make the pen drive BUT I know you can also do the same thing from Linux…I just didn’t have to

1- Have a pen drive with at least 256 meg of storage (it’ll get erased so backup your files)

2 – Download Ultmate Boot CD (the 4.11 ISO)

3 – Download Pen Drive Linux

4 – Download the latest BIOS from Zotac

5 – Extract the BIOS zip file from Zotac

6 – Use Pen Drive Linux to create your bootable USB version of Ultimate Boot CD (UBCD)

7 – Create a folder on the pen drive called “BIOS”

8 – Follow this set of instructions:

• Put your Pen Drive in the Zotac and fire it up
• To get into the  Zotac BIOS keep pressing the “Delete Key”
• Once you’re in the BIOS Menu:  Boot > Hard Disk Drives > Change “1st Drive” to your bootable Pen Drive with UBCD on it > Escape key >      Escape Key > confirm you want to “Save and Exit” which will reboot your Zotac Mag.  Note that this has NOTHING to do with the “Boot Device Priority” where a “normal BIOS” would have put your pen drive.  This will make the Zotac use your Pen Drive as the main hard drive, you won’t even see the onboard hard drive in the boot priority list after making this change BUT it’ll get reset back after the BIOS upgrade automatically.
• UBCD boots off of pen drive – Get into the Dos Utilies, select Free Dos, don’t touch your keyboard just let it time out on the defaults.
• Execute these DOS Commands because the first prompt is a Q: drive…
• C:
• cd BIOS
• afudos old.rom /o
• afudos putnameoframfilehere.rom /B  /P  /N  /X /C
• Reboot with a control + alt + delete

* Note that “afudos xxxxx.rom /o” simply backs up your current BIOS in case anything should go badly.

Done – let me know how it goes because I couldn’t find ANYTHING on the net about this problem, remember…I wasted HOURS of my life on it. Remember me in your will

I needed to merge 2 PDF files and found two cool methods of doing so.

GhostScript available here –> Link

GhostFriend available here –> Link

If you’re going to use GhostFriend you need GhostScript anyway.  Once you install GhostScript you can simply merge your PDF’s via the command line.

GhostScript:

gswin32c.exe -sDEVICE=pdfwrite -dQUIET-dNOPAUSE -dBATCH -sOutputFile=YourMerged.pdf 1st.pdf 2nd.pdf 3rd.pdf

* Note:  gswin32c.exe is found in the BIN folder wherever you install GhostScript and the “1st.pdf, etc” section above are the PDF’s you want to merge, the 1st being the first in the file and so on…
* Note:  You can also use a full path for your PDF like this …-sOutputFile=YourMerged.pdf “c:\temp\1st.pdf”, etc, etc…

GhostFriend:

GhostFriend needs a few files to work (I copied 4 but I’m not sure it needs all of them).  I copied this list of files from the GhostScript BIN folder to the folder with GhostFriend in it.  GhostFriend doesn’t install – it’s just and executable which is nice because if you’re not an administrator or power user on your PC you can use it without the blessing of your IT Staff

File List to copy into the GhostFriend directory:

• gswin32c.exe
• gswin32.exe
• gsdll32.lib
• gsdll32.dll

Once you do that simply double click “GhostFriend.exe” and you have a BRILLIANT gui to help you merge your PDF’s via GhostScript.