Archive for March 2008

Password Reset

March 31, 2008

Had to reset the admin password on a public computer recently that had been setup a couple months back and the admin password lost. Ran across this tool which worked on Vista, the Offline NT Password & Registry Editor Bootdisk. Worked perfectly to reset the admin password and allow us to get into the system and copy off what was needed. If you’re not comfortable with Linux systems, no problem…it has a step by step walk through….and if that’s not easy enough, it defaults to the most used choices.

They don’t make computers like they used to

March 28, 2008

Have you ever noticed how the old computers seem to last forever while newer computers tend to die? While doing some work up in Gainesville this week I ran across some systems that I honestly thought were only found in museums these days. One system, amazingly running Windows XP, actually had a 6GB hard drive. Not a partition, but the physical drive has a total capacity of 6GB. I didn’t think anyone was still running on these. Another system was chugging along with 128MB RAM, slow…but working.

On the other hand, I have new servers from the popular OEM’s that have memory, drives, and various other parts die within the first year. So I have to ask, do they just not make them like they used to? Or am I just getting old and starting to think like that in general?

Filtering Contact form spam

March 23, 2008

Several web sites have been getting lots of bogus crap sent in through the web forms lately. After going through them I noticed a few things and put together some filters to try and reduce the amount of spam. While these aren’t perfect by any means, they seem to be helping so far. Due to the web site audiences not always being “computer friendly” I didn’t want to use CAPTCHA as I think it would just prevent more real submissions. Here’s the filters I put in place so far:

  1. Timestamp the form
  2. Validate the first and last name
  3. Check for html/code

I put a very simple timestamp on the submission form that takes the current time and adds one hour. This value is then compared to the actual time on the submission page, if the current time is less than this value, the form is considered valid. This is basically checking that someone isn’t just saving the form and using it repeatedly.

$formexpires = (3600 + idate(U));

I noticed that in almost all of the spam forms, the first and last name used were identical. So this became my second filter. In the example below, I’m converting the strings to all lowercase just in case they start having caps in the future.

if (strtolower($firstname)==strtolower($lastname))
    {
    echo ‘First & Last names are identical, probably spam.’;
    } else {
    echo ‘Name check ok.’;
    }

Last but not least, all the fields are checked for code being submitted. This is common practice in web forms. All I’m doing is comparing the original field with the cleaned field, if they’re the same (meaning no code) then it passes. If there was code removed and they don’t match, it’s probably spam.

$origcomments = $comments;
$comments = strip_tags($comments);

if ($comments==$origcomments)
    {
    echo ‘No code detected in comments.’;
    } else {
    echo ‘Code detected in comments, probably spam.’;
    }

I’m sure there are more elegant things that can be done, I’ll definitely be looking to improve and add onto the filters but this seems to be a good start. One thing I should add is that the actual form page does make use of a JavaScript form checker to be user friendly and help catch the honest mistakes in a user-friendly manner. These are all filters on the actual process page designed to fight spam.

SBS 2008 Interview and Demo

March 20, 2008

An interview with Sean Daniel, Program manager for Small Business Service, and an demo of some of the new features (focused on the new SBS 2008 Backup) was posted to Technet Edge. It’s about 10 minutes long but gives a quick overview of the new features.

Microsoft expands desktop virtualization

March 19, 2008

Microsoft announced about a week ago that it acquired Kidaro, a desktop virtualization company. While Kidaro products are more geared more for enterprise  customers, they do have some interesting options for smaller businesses that have certain virtual needs. I’m interested to see what, if any, changes Microsoft makes to Kidaro ToGo which allows you to run a virtual Windows off a USB key.

Granted this has been around on the Linux side for a long time now but the way this is implemented is a little different. Rather than having a window running the OS and everything contained within it, this actually integrates your virtual environment with the native Windows. So you can launch applications side by side. They’re differentiated by a colored border to identify what is running on the local desktop and what is on the virtual system.

Power alert scripts

March 19, 2008

I like to put as little extra software on servers as possible…the less stuff that’s on the system, the less there is to go wrong and have to update. So I really like the simple scripts Sean Daniel posted for sending out alerts when a UPS goes into battery mode and when it’s shutting down the system.

The following is the VBS script for use on an SBS box and he has another for use on Windows Home Server (servers without Exchange):

Dim MyMail
Set MyMail = CreateObject("CDO.Message")
MyMail.From = "administrator@contoso.com"
MyMail.To = "user1@domain.com;4251234567@txt.com"
MyMail.Subject = "Power Outage Shutdown"
MyMail.TextBody = "Power not restored. Server shutting Down."
MyMail.Fields("urn:schemas:mailheader:X-MSMail-Priority") = 2
MyMail.Send
Set MyMail = Nothing

FolderShare Update

March 18, 2008

FolderShare has released a new version, 14.0.1325.0310. Still considered beta but working fine. One thing I did notice is that Windows 2000 is no longer supported. Like the new logo though.

fsanim