The ranting of an IT Professional


September 16, 2009  3:44 PM

The system detected a possible attempt to compromise security



Posted by: Jason Tramer
cifs, DNS, errors, event log, netlogon, The system detected a possible attempt to compromise security

I got the above error when trying to access a network share on a workstation. The event log was filled with Cifs and netlogon errors.  In doing some investigation I found that this machine had a manually set DNS entry which pointed to a former DC that had been demoted. What was interesting is that DNS resolution still worked (cached entries) but because it wasn’t authorized in AD the machine was getting cifs errors.

September 11, 2009  1:37 PM

Improvements in Watchguard 11 quick setup wizard



Posted by: Jason Tramer
11 XTM, DHCP, quick setup wizard, WatchGuard

One thing that Watchguard did well in there new software version was to include the option to enable DHCP as part of the quick setup wizard. Here is why this is great. Previously you would start up your watchguard in safe mode and hook your computer to it. You would then get an IP address from it (10.0.0.2) which you could use to start your quick setup wizard. You would then configure the internal interface with the IP you would actually want and the reboot the watchguard. However previously DHCP was always off meaning you would then have to go and manually configure an IP address on your machine to match what you configured the internal interface as if you wanted to continue. Needless to say this was a pain in the butt.


September 10, 2009  6:52 PM

Upgrading to Watchguard Fireware 11



Posted by: Jason Tramer
10.2, 11, firebox, Fireware, Upgrade, WatchGuard, XTM

In reviewing the release notes on the site and speakign to a watchguard rep the best upgrade path to the new fireware XTM version 11 is by first upgrading your existing firebox to version 10.2.9 and then upgrading to 11.

Upgrading directly from any version below 10.2.9 is not recommended and could cause the upgrade to cause the fireware image to become corrupted


August 31, 2009  4:45 PM

Running 16 bit applications in a 64 bit OS



Posted by: Jason Tramer
16 bit, 64 bit, Dosbox, vmware, Windows, workstation

So as many know Microsoft did not include any support for 16 bit applications in it’s 64 bit windows Operating Systems. What does this mean if you want to have a 64 bit OS but still need to run 16 bit applications? Well you have a couple of choices.

You could certainly use a product like VMware workstation or HyperV or such to run a virtual machine within your system that uses a guest OS that can run the software. This is a great solution but not a free solution.

If you are looking for a free solution I can recommend using an application called DosBox (http://www.dosbox.com/). This runs great inside my Vista 64 box and is completely free. I highly recommend it.


August 28, 2009  4:48 PM

WPA-TKIP is completely broken



Posted by: Jason Tramer
broken, cracked, encryption, Security, tkip, Wireless, WPA

Check it out:

http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf

This is serious stuff . If you are currently using this you should definitely switch to something more secure ASAP.


August 28, 2009  4:44 PM

BCP-610, no training material?



Posted by: Jason Tramer
BCP-610, Blackberry Certified Solution Designer, self-study, training

Ok this is really annoying. I can’t seem to find any training material for the BCP-610 exam. This is the design and architecture exam for Blackberry Enterprise Server in a MS Exchange environment exam.

The Blackberry website directs me to http://www.elementk.com/ for self study guides but there are none available for this exam. Blackberry offers a instructor led course on this subject but is not available now and lists no time in the future when it will be available.

How exactly are people supposed to be writing these exams if there is no material for it?


August 28, 2009  4:06 PM

Passed my BCP-410!



Posted by: Jason Tramer
BCP, BCP-410, BCP-610, BCSA, BCSD, Blackberry Certified Solution Designer, Blackberry Certified System Administrator

I wrote me BCP-410 exam to become a Blackberry Certified System Administrator today and I passed! The exam itself wasn’t too hard if you know your stuff. It was 67 questions and I had 90 minutes to write. The end result didn’t tell me what the pass score is but I scored at 75.8% so you can use that as a guide.

I had one question with a duplicated answer so I had to guess as to which one of two exact same right answers they were looking for, I did make a comment on that bug so hopefully they fix it.

Next comes exam BCP-610 to get my Blackberry Certified Solution Designer cert!


August 26, 2009  1:24 PM

A review of Snow Leopard



Posted by: Jason Tramer
Apple, Mac, OS, review, Snow Leopard

The Register has posted a first review of the new Mac OS called Snow Leopard.

The review itself is pretty interesting though I am have personally yet to be overly impressed with any of the Mac operating systems.

If your a Mac fan you will likely be stoked, if not then it might be a mild curiosity.

Check it out here:

http://www.reghardware.co.uk/2009/08/25/preview_os_apple_snow_leopard/


August 26, 2009  1:20 PM

Websense Web Filter 7.01 – Unable to download filtering database



Posted by: Jason Tramer
7.01, hot fix, known issue, unable to download filtering database, web filter, websense

I have been working with Websense to get a fix for an issue i have been having in Web filter 7.01 where I was unable to download the filtering database. This is apparently a known issue which has a hotfix. Here are the details of downloading and installing the hotfix.

Go to

http://eval.websense.com/download/patches/WWF_7.0.1_Hotfix_26_WISP_Trace_Issue_binaries.zip

1. Stop all Websense services.

When you stop all Websense services, the sequence of stopping them is important for the final three services only. Always end with the following services, in the order shown:

1. Stop Websense Policy Server.

2. Then, stop Websense Policy Broker.

3. Finally, stop Websense Policy Database.

Linux: Use the command ./WebsenseAdmin stop (Run the command from the /opt/Websense/ directory). This stops them in the correct sequence.

2. Back up the files listed below into a separate folder:

Windows:

The default location for Windows is: C:\Program Files\Websense\bin\

EIMServer.exe

EIMService.dll

NetworkAgent.exe

WsEventLog.dll

natuning.ini (if present)

Linux:

The default location for Linux is: /opt/Websense/bin/

EIMServer

NetworkAgent

libWsEventLog.so

natuning.ini (if present)

3. Extract the Hotfix zip file and locate the following files:

Windows:

EIMServer.exe

EIMService.dll

NetworkAgent.exe

WsEventLog.dll

natuning.ini

Linux:

EIMServer

NetworkAgent

libWsEventLog.so

natuning.ini

4. Replace the files listed above with the corresponding files included in the Hotfix zip file:

Default location in Windows: C:\Program Files\Websense\bin\

Default location in Linux: /opt/Websense/bin/

5. Make any needed configuration changes to natuning.ini.

If you have customized this file previously, start with your copy of the customized file, and then change or add settings that are provided by this Hotfix.

(a) To configure Network Agent to ignore HTTPS traffic:

Change the configuration variable ‘IgnorePort80′ to ‘IgnorePorts’ in the natuning.ini file. This parameter tells Network Agent to ignore traffic on any ports at the driver level.

For example:

IgnorePorts = 80, 443

(b) To prevent the IP addresses of the Network Agent interfaces from being displayed in Websense Manager:

Add the configuration variable ‘ShowNICsIP’ to the natuning.ini file and set it to false.

ShowNICsIP = false

In the natuning.ini file supplied with this hotfix both of these settings have been commented out. To enable one of the settings, simply remove the ‘#’ character from the beginning of the line.

6. Restart Websense services.

Windows: Use the Windows Services dialog box.

When you start all Websense services, always begin with the following services, in the order shown:

1. Websense Policy Database

2. Websense Policy Broker

3. Websense Policy Server (all copies)

Then, remaining services can be started in any order.

Linux: Use the command ./WebsenseAdmin start. This command starts the services in the proper sequence.


August 25, 2009  5:53 PM

The Pirate’s Bay: Down and Up in 24 hours



Posted by: Jason Tramer
court order, swedish ISP, The pirates bay

So yesterday Swedish ISP’s were forced by court order to shut down the service running The Pirate’s Bay. Twenty four hours later it is now back up and running on one of it’s fallback sites. Once again proving that the fight for copy-write protection will not be won with court orders or slapping huge fines on ten year olds.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: