Microsoft Word and Open Office Envelope Printing
Again this is ment as a quick reminder.
Printing envelopes is a lot of fun these days since office software does all the required steps automagically. Anway, you should know the envelope size and indentations of sender and recipient adresses. And since I usually cannot find a ruler here is my setup for Microsoft word and Open Office:
Envelope: C6 11,4 x 16,2 cm (A4 folded along and acros)
Change of blogging engine
After a few years of sporadic blogging I analyzed the way I use a blog. I finally came to the conclusion that a full featured blogging engine like Wordpress is way too much for me.
Especially security concerns made me finally switch to Blazeblogger. It's all made of scripts that generate static content. Hard to find a more secure solution in my opinion. Only drawback is that there are no comments possible. I think I will think of an email solution to handle this.
Speaking of comments: so far I migrated all old posts to Blazeblogger. Still, comments have not been migrated yet and pictures still link to the old URL.
As long as this s current status the old website is still available.
UPDATE (2009-11-09):
Pictures are migrated but no comments so far. Anyway, I will disable the old site now and migrate the comments one day ;-)
Minimize Thunderbird to System Tray on Linux
I still wonder why such a functionality is not implemented in every mail app (Outlook does it after all). So since I had to search twice and always had a hard time finding this add-on for… well, Firefox I thought I write a short article that may help others looking for the same information.
So you are looking for a solution to minimize Thunderbird to your systray on a Linux box, right? Well, search no further go here:
So forget about AllTray, Traybiff, or other mail notifiers. They all suck.
Btw I tested this on Ubuntu 9.04 and 9.10 where you might want to select the option “Close button minimizes to tray” (thats the way I like it).
Tags: firefox, Linux, mozilla, seamonkey, systray, thunderbird, tray, ubuntu
Office Communications Server (OCS) 2007 (R2) and Linux Client
It is always amazing what the community out there is creating while I am asleep. I just wondered if there is a way to natively connect a Linux machine to an OCS 2007 (R2) Installation. And well yes, there is.
SIPE is a protocol extension for the Pidgin Instant Messanger and on my standard Ubuntu 9.04 system I just followed the instructions on the SIPE website (installing the required packages and a simple configure, make, make install process) and off I was. A new protocol Microsoft LCS/OCS is available.
So far I tested this connecting through a NATed network to the OCS R2 Edge Servers (not internally). OK, there is no Audio or Video (A/V) support and there are still problems with ACLs and presence information but in general instant messaging and presence works.
And it’s nice to be able to change the user agent manually. So if your client version gets banned you simply change it to the latest Microsoft Office Communciator (MOC) string and you should be fine again.
Ah yes, there is a Windows Version, too.
Great work! Keep it up.
(Advanced) Using Nmap Results With Nessus Batch Scanning
I’m refering to an article I read on the Nessus blog: Using Nmap Results With Nessus Batch Scanning. Since they don’t seem to offer comments I decided to write this short article.
First of all it is important to have read this info: Nmap from within Nessus
Combining the information of these two articles I’d like to add that you should also use the -v option when running nmap. This is because otherwise the file containing the grepable results will not contain a comment line starting with “Ports scanned: ” following the information about all scanned ports. The “nmap.nasl“ script contains a part where it says:
if (egrep(string: res, pattern: '^# +Ports scanned:+TCP\\(65535;'))
full_scan = 1;
else
full_scan = 0;
So as you can see “nmap.nasl” uses this for some extra info
The next point is that you usually use such a construct in batch mode (yeah, I not only read the title but wrote it). I for one care this for them… uh, nevermind, wanted to say that you usually start such a scan with the command line nessus client. It got slightly updated and lots of stuff is now found in “.nessus” files. They are “XML” and may contain the targets.
But I for one do not wanna have this information inside a “.nessus” file but inside a plain text file I can also feed to Nmap (-iL option). Since the “nmap.nasl” script checks if the current target is found in the grepable results file you have to supply the target info to Nessus. This is done with the command line option --target-file.
This is somewhat redundant info and it would be nice if you could also feed the grepable results file as an input file to Nessus but on the other hand, what is this option “Do not scan targets not found in the file” for?
To make a long story short I suggest at least these command line options for Nmap and Nessus:
nmap -v -sV -O -P0
nessus --dot-nessus <file.nessus> --target-file <file>
--policy-name <name>
Remote KVM VMs, bridged Networking, and RH Virtual Machine Manager
Remember the good ole times when there was only one single virtualization solution to chose from? Well, today there is VMWare ESX, Microsoft Hyper-V, Citrix XenServer, Sun xVm/VirtualBox, and lot’s of others with different approaches. And the craziest part is their giving it all away for free (or parts of it). It’s almost impossible to check all of them out.
I decided to follow the Red Hat way and check out KVM because to me it seems as the only really free solution (maybe Xen) that takes the hypervisor approach and allows virtualization w/o the need to make changes to the guest OS.
One thing first: Using KVM still requires a lot of commandline tasks, especially when used in a client/server scenario. Not everything can be configured inside the available GUIs. But hey, there is SSH and you may connect to the remote machine this way anytime. Still, the client GUI is used to do the standard tasks: create, start, stop, monitor virtual machines, networks, and storage locations.
In fact, this article is about the commandline part
So here is my setup:
- Debian 5 Server
- Debian KVM and libvirt-bin packages
- Ubuntu 9.04 Client
- Ubuntu virt-manager package
I use SSH as a protocol between the Virtual Machine Manager and the remote host mainly because it’s the easiest way to get a quick solution running.
Besides the current limitations of the Virtual Machine Manager (crashes every once in a while) and libvirt (currently not able to pass -std-vga or -vga option to KVM although a patch is available) one main problem I had was to configure bridged networking so that guests could use the host interface w/o NAT. The workaround I use is as follows:
- Create a VM with a supported network type inside Virtual Machine Manager
- Connect to the host via SSH and navigate to
/etc/libvirt/qemu/machinename.xml - Look for the
<interface>section. I change it to look as this:
<interface type='bridge'> <source bridge='br0'> </interface>
This requires you to have a bridge interface up and running on the host. Mine is called “br0″ as you can see. Setting up bridge interfaces differs in the distributions. A good place to start is libvirt’s Wiki: Netowrking, the Qemu Wiki, and the KVM FAQ about guest networking
Last thing is to restart libvirtd (Debian system)
/etc/init.d/libivirt-bin reload
Ah right, there is this directory /etc/libvirt/qemu/networks. I tried to create a network here that then would probably be usable inside Virtual Machine Manager but I couldn’t get this to work w/o too much code manipulation. Problem is that the interface type in the machine.xml file would be “network” and not “bridge“. Furthermore, a manipulated network.xml file does not show up inside VM Manager. Whenever you manipulate inside libvirt’s XML files you may end up with your devices, VMs, networks not showing up inside VMM anymore.
And if you’re having problems getting a host only network to run I suggest you check out the mcast option. Instead of an interface like the one above you use this:
<interface tpye='mcast'> <source address='230.0.0.1' port='12345'/> </interface>
If you need separated “host-only” networks simply change the multicast IP or the port. But you probably only made a mistake with the IP address anyway (Darn! But it might be heplful one day).
So here is a list of tasks I currently still do on the commandline:
- Create bridge interfaces (obviously)
- Create differential / immutable disks
- Copy/clone VM settings
- hmmm…. I’ll think of some more
SMB/CIFS Download Manager
With this article we’re going back to the origins of the “Perimeterless Network“. If you (like us) are living the idea of the “Perimeterless Network” you sure can access your SMB / CIFS shares from anywhere in the world. Fo security reasons connections are protected with IPSec, right?
Now, for testing purposes I had to download a large DVD image from a remote file server and since I am accessing the Internet by WLAN and IPSec slows down the connection, too, I thought of using a download manager. The best choice would be a handy command line tool like wget. I did remember a tool called smbget I had used before which actually is part of the Samba Suite. But the only Windows binary I could find was at http://paully.com/smbget/ and on that page it says:
“For me it was very useful to transfer big files with size about 1 gigabyte over the our intranet through Samba from Germany to Belarus and from Belarus to Germany. If remote file is not available the application will try to download it until the job is done ”
OK, Belarus is not really what I’d call a democratic country so I was a little anxious about downloading a pre-compiled binary from such a source. Furthermore, I don’t know if Windows binaries are always larger than BeOS, BSD, and Linux ones but in this case the difference was huge. Anyway, if the source is not available anymore I am hosting the Windows Zip here.
Internet Explorer 8 (IE8) RC1 Inline Search
Some might remember my post quite some time ago about what is still missing in Internet Explorer. Major criticism was the antiquated search box. What can I say, finally someone chastened the IE developpers and they integrated an inline search that will fit most needs. Good job!
It took me a while to remember this new feature since I still had the IE Inline Search plug-in activated. But once I deactivated it I got enlightened.
So, who still needs Firefox and for what reason? Only speaking for Windows systems, of course. And leave me alone with Google Chrome, Apple Safari, and Opera.
The Bitlocker Odyssey or How I Killed Five Hours of my Time
(…and yours if you are going to read this )
My Windows Vista System had some strange side effects and so I decided to do a reinstall. After having postponed this action many times I finally started yesterday.
First I thought it would be nice to have SP1 slipstreamed into the installation sources but it seems as if Microsoft does not support this anymore. I think they provide slipstreamed sources themselves. Still, there exits two ways to do so: the manual and the vLite way. vLite is the Vista version of nLite. Both are tools to create custom Windows Installation Sources.
Since VLite ist pretty much straight forward I decided to go that way. Still, the process takes around two hours!!! So get a can of tea (I suggest a FTGFOP Darjeeling)…
Once, this process finished I needed a tool to burn the ISO image. I like InfraRecorder which is the first decent GUI to the open source cdrtools I’ve seen.
I did the first try with maximum speed and a second one with the lowest possible speed and both burning processes finished successfully. Still, when launching the installation process I always got the error that it “Cannot find the file D:\Sources\Install.wim. Error code 0×8007000” after I entered the license key. Well, I remember we had burn issues with Vista ISOs and the solution usually was to use a different burn software and to burn at single or double speed but I got pissed and so I continued using the RTM image w/o SP1 I had. Two hours later I had a fresh Vista installation and SP1 was applied manually. And guess what? Of course I didn’t do a backup of the slipstreamed ISO I created and so I couldn’t use it inside a virtual machine to at least test if the slipstreaming process was a success.
Anyway, during installation I left around 1.5 MB of unallocated space on my hard drive because I knew BitLocker would need this as an unencrypted boot partition. But it seemed as if I didn’t leave enough space because when I startet the BitLocker Drive Preparation Tool it said it would shrink my system partition. Since I didn’t want that I directly canceled the process and checked what was wrong. This turned out to be the worst thing I could have done because it left me with an unallocated hard drive space that wasn’t enough for the BitLocker boot partition and a system partition that Vista could not shrink anymore.
Exaleading around a little bit I tried the following:
- Disabled paging and delete pagefile.sys
- Disabled hibernation and deleted hiberfil.sys
- Used JKDefrag (supposed to be able to move the NTFS MFT file)
All the above didn’t work. If you want to try yourself maybe this link is of help.
So what else could I do. Use something like Partition Magic, of course. I used the open source live CD gparted before but this time I tried Parted Magic.
And I tell you it rocks, perfect hardware discovery and after two hours I had a NTFS partition resized with gparted.
Congratulations to the Internet Explorer 8 Developer Team
In the early beta phase of Microsoft Internet Explorer 7 I posted some improvement thoughts to the official developer newsgroup and never got any response or feedback.
One thing I find pretty important is the option to close only the current tab if you click on the global close ‘X’ in the top most right corner if you have more than one tab open. In IE7 it would only ask you if you really want to close all tabs. If you accidentally clicked on the global close icon but only wanted to close the current tab you had to say ‘No’ and then close the actual tab.
But hey, guess what it looks like in IE8 beta (Konqueror style, woohooo) :
Update:
Wow, we’re really getting somewhere here. Playing around with IE8 beta a little more I discovered that the search box in the upper right corner has a sort auf auto correct mechanism. For example you type ‘target audiecne‘ instead of ‘target audience‘ in the box with Google as your search provider and then Google offers you to correct your search with a link above all the results of your original search query.
If you would like to use the corrected search query in the search box you had to copy’n'paste in the pre IE8 era but now IE8 is doing it for you. I already love this browser.
About
Originally this site was intended as a project site. The goal was to define standards for the perimeterless network using
open-source software. To be honest I simply do not have the time for such a thing. So what is left is a blog with sporadic
posts that are either helpful for myself or I think are helpful for others, too since I had a hard time finding information
on the Internet. Think of it as a knowledge base.
Ehm yes, somtimes I write down my two cents on any topic that may go through my mind at that point in time ;-)