Computer security

I see that there’s now a UK version of the “PC vs Mac” adverts. These are pretty similar to the original American versions, although there are fewer UK ones so far. Still, I think that they’re quite funny, and I actually prefer the UK ones, mainly due to the actors involved (Mitchell and Webb); the “I’m a PC” guy is very enthusiastic about his stupid ideas. Sample quote: “Eye of the tiger! Claw of the eagle! Tentacle of the octopus!”

As a counterpoint to the “Viruses” advert, there’s a Ctrl+Alt+Del strip which offers an alternate theory, and I think that’s also quite funny. (I read that before I’d seen any of the adverts, which may have coloured my opinions a bit.)

More generally, while I found all these things amusing, and I’m sure that there are plenty of valid reasons for choosing a Mac, I wasn’t particularly convinced by any of the technical arguments involved, particularly when it comes to security. Basically, I think that a lot of this comes down to the way you configure your system, rather than the choice of system.

Continue reading “Computer security”

Windows Vista: first impressions

Two weeks ago I went off to a Microsoft event in Reading: “Ready for a New Day: Microsoft’s Launch of Exchange, Office and Vista”. That was quite interesting, and I came away thinking that there are enough useful features to justify an upgrade. They gave me a freebie copy of Windows Vista and Office 2007 for attending; that’s quite a nice touch, especially since the event itself was free. Now that I’ve been doing some presenting myself, I could sympathise with the people at the front when their demos didn’t quite work properly, and I particularly liked the heartfelt cry of “Thank you, demo gods!” when something went smoothly.

Speaking of Vista, I recently received an email from Microsoft, offering me a place on a beta certification exam. I passed the MCDST exams for Windows XP a couple of years ago and Microsoft are now preparing the equivalent MCITP qualification for Windows Vista. The idea of the beta exam is that they can get an idea of whether the questions are too easy/difficult by trying them out on people with a (roughly) known skill level. Anyway, I’m flattered to be invited, and it’s a free exam, so I’ve signed up for that on 5th January. The only snag is that there aren’t any study guides etc. available yet (the people who write them will probably be doing the beta exams too), so I’ll need to prepare for it on my own. Still, I’ve passed all my previous Microsoft exams on my first attempt (8 so far), so I’m quietly confident about this one.

Vista won’t be available as a retail product until January 27th, and Microsoft haven’t sent out any DVDs to business customers yet, but companies with volume licencing deals can download it. I’ve been playing with it on my home machine, so that I can get a feel for it before I do any big deployments at work; here are my thoughts so far.

Continue reading “Windows Vista: first impressions”

Printer feed

People often approach me about IT problems (either at work, or friends/relatives outside work). However, sometimes I find out about these problems by chance: I’ll see something odd, and the person will say “Oh, yeah, that always happens”.

I was chatting to someone recently, and while I was there I saw that they had a problem with their printer. Whenever they printed something it said “Insert paper and press GO” before every page. (The printer tray had plenty of paper in it.) On this particular occasion, they were printing out a 62 page document, so they were stuck standing next to the printer so that they could keep jabbing this button. I enquired further, and they said that it had been like this for months. I admire their patience – I would have been tempted to throw the thing out of a window after a week of that! Anyway, I went away to do some digging through the manual, and discovered that the printer settings include “Manual feed = ON”. I changed this to “OFF”, and they can now send documents through which print out all the pages without any button pressing required.

RAM upgrade

I installed some extra memory in a PC this evening, which turned out to be a bit more interesting than I’d expected.

The initial status was that it had 128Mb of RAM. I had a 256Mb chip, which would increase it to 384Mb. Windows XP was running very slowly, so I figured that tripling the memory should help.

The machine turned out to have four chips in there already, so I figured that they were probably 32Mb each. I took one of them out, and replaced it with the 256Mb chip, and booted back up again. It now reported 224Mb altogether. Something’s not right there… It turns out that the existing chips were: 1 x 128Mb, 1 x 64Mb, 2 x 32Mb. Given this odd combination, I’m guessing that someone tried to upgrade it piecemeal in the past, rather than it arriving from the manufacturer like that. Admittedly the chips weren’t clearly labelled, so I had to go digging on the web for the serial numbers, but I think that kind of effort is worthwhile rather than just sticking them in and hoping for the best.

On closer inspection, I discovered that the 32Mb chips were only PC-66 rather than PC-100 (i.e. they run at 66Mhz rather than 100Mhz), so the motherboard didn’t support them, and they in fact seemed to be crippling the memory banks overall, effectively sabotaging other chips. So, I could have boosted the memory just by removing them, even without the new chip; this would have taken it from 128Mb to 192Mb. Anyway, the upshot of this is that the machine now has 448Mb of RAM, so it should run significantly faster now.

This is actually the first time I’ve encountered this problem, so it’s something to be careful of. It’s ok to use a higher speed, e.g. PC-133 chips in a PC-100 motherboard, although it’s a bit of a waste since the chips will still only run at 100Mhz, but you can’t get slower chips to run at a faster speed. (If you’re buying new memory, I strongly recommend Crucial – they’re a bit more expensive than some other companies, but they will tell you exactly what you need for your motherboard, and I’ve never had any of their chips failing on me.)

Upgrading to Visual Studio 2005

Today I got my copy of Visual Studio 2005 through the post, so I’ve been having a play with that, by upgrading some of my VB.NET 2003 projects. Unfortunately, I got a rather confusing error message from them, and I couldn’t find much info on the web, so I’m documenting it here for other people’s benefit.

The error is something like this:
‘FMain’ is a type in ‘Presentation’ and cannot be used as an expression.
where FMain is the name of my startup form and Presentation is the name of the project. However, there’s no line number given, and I can’t find any code that refers to the form.

If I then go to Project Properties, and check the box for “Enable application framework”, that displays an error message that says “Startup object must be a form when ‘Enable application framework’ is checked.” In my case, the startup object is a form (i.e. it inherits from System.Windows.Form), but if I find a different form that the framework checkbox will accept then that also fixes the compilation error.

You can create a new form, set that as the startup object, then enable the application framework, and this is pretty much guaranteed to work. Once you’ve done that, the “startup object” dropdown list is renamed to “startup form”, and it is filtered to what VB considers to be a valid list.

It turns out that the “Sub New” method in the startup form has to be Public (rather than Friend). That’s the default for new forms, but I’ve been changing that for all of mine in the past, to improve security (“don’t expose any more info than you need to”). Similarly, this Public constructor can’t take any parameters.

Anatomy of a hack: mail server

Today I’ve been fixing a problem with my mail server after someone “hacked” (cracked) it. I’m reconstructing the chain of events as best I can, but the causality wasn’t obvious at the time.

Background: this machine is running Windows Server 2003 SP1 with Exchange Server 2003 SP2.

A few weeks ago, someone gained unauthorised access to the server over the internet. I’m not sure how exactly, but I suspect that they used a buffer overflow in IIS (since the server runs OWA). The server is up to date with all the relevant security patches, so that shouldn’t be possible, but something obviously went wrong.

Continue reading “Anatomy of a hack: mail server”

Firewall blacklist

One of my current projects is configuring ISA 2004 as a firewall. Without wanting to get sidetracked into advocacy debates, all I’ll say is that:
a) It’s a lot better than ISA 2000.
b) It’s annoying that it doesn’t support more than one internet connection, so hopefully they’ll fix that in ISA 2006.

Anyway, today I got hold of some blacklists (i.e. a long list of dodgy websites), and set up rules to block them. While I generally think that enumerating badness is a doomed endeavour, enumerating goodness is a bit tricky for websites, so this seems like a reasonable step (in conjunction with other rules). So, once I’d imported these lists, I then tested them, by trying to access the blocked websites on my PC. This is where typos can cause problems…

Me: “Let’s see, http://www.killerporn.com/ … aargh!”
Server: “Tum te tum, I’m blocking http://www.killerpornstars.com/ as ordered.”
Me: “Ok, let’s add this site to the list as well, then try that again…”

Similar problems occured with the various permutations of “0Adult-manga.com”. So, when the report gets run tonight, my traffic may look a bit dodgy tomorrow. In the sense of “My eyeballs are bleeding!”

Ah well, it’s a living.

(Just to state the obvious, I don’t recommend following those links, especially if you’re at work!)

HP printer drivers

Here’s an obscure problem that had me banging my head against the wall until I figured out the solution.

If you add a printer to Windows XP/2003 (and possibly other versions too), and choose to share it, there’s an option to install additional drivers. That way, someone running NT4 can connect to it, and automatically get the drivers from your machine. That’s the theory.

In practice, it goes like this:
1. Tick the box for “NT4 support”.
2. Get prompted for the necessary driver files.
3. Go to HP website, find/download relevant files.
4. Tell Windows where to find the files, by browsing to the relevant .inf file.
5. Get the error message “Windows cannot locate a suitable printer driver”.

The issue is that the device name inside the .inf file has to exactly match the device name in Windows XP.

Taking the HP 895Cxi as an example, the original line in the HPDJ.INF file says:
DEVICENAME=”HP DeskJet 895C Series Printer”

I then had to modify this to say:
DEVICENAME=”HP DeskJet 895Cxi”
at which point everything worked fine.

N.B. You can comment out a line in a .inf file by putting a semi-colon at the start, so that’s a useful approach in case you’re worried about breaking anything.

That’s the second time I’ve come across this problem, but there was enough of a time-lag in between that I only remembered “I have to hack around inside the .inf file”. So, now I have a permanent entry to remind me, and hopefully this is useful to someone else too.

Make-shift repairs

“The three most dangerous things in the world are a hardware engineer with a software patch, a computer programmer with a soldering iron, and an end user with an idea…”
(Anon)

Back in my undergrad days, there was one fine Sunday morning when I needed to swap a couple of hard drives around, i.e. the master would become the slave and vice-versa. This was specified with jumpers, but unfortunately I didn’t have enough to actually do the job (you only needed one for “master mode” vs two for “slave mode”, and the stingy manufacturer hadn’t given me a spare). Hmm. However, one of my friends from the CompSci course had come over to visit, and he came up with a solution to this problem. I had an old (broken) pair of headphones, so we cut a piece of cable off that and trimmed away the plastic to get some copper wire. This then got wrapped around the relevant pair of pins, and we stuck some blu-tack on top to hold it in place. Job done! After all, that’s all that a jumper really is, i.e. a conductive wire inside some insulation. Later on, one of my flatmates (an engineering student) woke up, and was horrified at this bodge-job. Meh, that’s what you get for having a lie-in 🙂 Anyway, this worked smoothly until I outgrew the drive.

Today I had a vaguely similar problem, where I couldn’t plug a keyboard into the back of a server (PS2 socket). On closer inspection, it turned out that the black plastic pin from a previous keyboard had broken off inside the socket, so it was stopping the new plug from actually going in far enough. I tried to fish it out with blu-tack, but sadly this trusty source failed me; the hole was too small to push my finger in, and a paper clip couldn’t push enough in. I did a Usenet search (on the grounds that I’m rarely the first person to encounter any specific problem), and someone had suggested putting a small amount of superglue on the end of a toothpick. In theory, this could work well – the glue will stick very strongly to the broken piece of plastic, and pull it out easily. In practice, I suspected that my hand would twitch at the wrong time, and I’d wind up with a toothpick welded into the socket, and protruding a couple of inches out of the back of the machine; not a great improvement. I didn’t have any tweezers that were small enough to fish it out, and trying to pry it out with a paper clip didn’t work; I was able to chip a couple of bits off it with a scalpel, but that was pretty haphazard.

Plan B: It turns out that the black plastic pin isn’t actually essential, i.e. it’s not metal, so it’s not carrying any current. Its only purpose is to help you get the cable positioned properly, since it will only go into the socket if it’s the right way around. So, all I needed to do was trim that pin down to a shorter size, and I’d be able to get the plug into the socket. (Fortunately, I have plenty of sacrificial keyboards lying around.) This is another case where health and safety guidelines don’t quite apply; I had to put my hand all around the plug, so even though I was cutting away from my body, I was still cutting towards my fingers. Anyway, I managed to trim it down without any bloodshed, which was a relief. And that did the trick – I was able to actually use the keyboard after that.

So, singalong at home! “Oh, I’ve been trimming at the cables…” (to the tune of “I’ve been working on the railroad…”)

Everything I need to know I learned from MacGyver 🙂