Perimeterless Network

home | rss feed

Microsoft Download Manager

Well, I only have to bring up a painful subject and Microsoft reacts right away...

Grab the Microsoft Download Manager

UPDATE:The download page seems to be missing now but the direct linki to the software still seems to work. MSDownloadManager.msi

What Internet Explorer is Still Missing, Part #2

Some time ago in the early IE7 days I wrote an article about the definetely required functionality the Microsoft browser was still missing. IE8 then added some of the missing features.

Today, in the pre-IE9 days some things have changed but others have not. After all these years there still is no download manager integrated into Internet Explorer. The feature to resume an interrupted download is so normal these days that this fact could be the big laugh of the day.

Anyway, there is something from MS that uses the BITS feature from Windows. Sadly, it is OEM only but I am sure you will find someone with an account to grab the download. Check this link:

http://bink.nu/news/microsoft-bits-ie-plug-in.aspx

and get the download here:

http://oem.microsoft.com/downloads/bitsfiles.exe

You'll then get a decent context menu entry and a nice little GUI telling you about the download status. OK, I guess I can now omit my Windows wget port. Btw, this has been tested on a 64-bit Windows 7 Enterprise box invoked from the 32- and the 64-bit iexplore.exe. The bits_ie.exe is a 32-bit executable.

Microsoft Word and Open Office Envelope Printing

Again this is ment as a quick reminder.

Printing envelopes is a lot of fun these days since office software does all the required steps automagically. Anway, you should know the envelope size and indentations of sender and recipient adresses. And since I usually cannot find a ruler here is my setup for Microsoft word and Open Office:

Envelope: C6 11,4 x 16,2 cm (A4 folded along and acros)

Change of blogging engine

After a few years of sporadic blogging I analyzed the way I use a blog. I finally came to the conclusion that a full featured blogging engine like Wordpress is way too much for me.
Especially security concerns made me finally switch to Blazeblogger. It's all made of scripts that generate static content. Hard to find a more secure solution in my opinion. Only drawback is that there are no comments possible. I think I will think of an email solution to handle this.

Speaking of comments: so far I migrated all old posts to Blazeblogger. Still, comments have not been migrated yet and pictures still link to the old URL.
As long as this s current status the old website is still available.

UPDATE (2009-11-09):

Pictures are migrated but no comments so far. Anyway, I will disable the old site now and migrate the comments one day ;-)

Minimize Thunderbird to System Tray on Linux

I still wonder why such a functionality is not implemented in every mail app (Outlook does it after all). So since I had to search twice and always had a hard time finding this add-on for… well, Firefox I thought I write a short article that may help others looking for the same information.

So you are looking for a solution to minimize Thunderbird to your systray on a Linux box, right? Well, search no further go here:

 

FireTray

 

So forget about AllTray, Traybiff, or other mail notifiers. They all suck.
Btw I tested this on Ubuntu 9.04 and 9.10 where you might want to select the option “Close button minimizes to tray” (thats the way I like it).

 

Tags: firefox, Linux, mozilla, seamonkey, systray, thunderbird, tray, ubuntu

Office Communications Server (OCS) 2007 (R2) and Linux Client

It is always amazing what the community out there is creating while I am asleep. I just wondered if there is a way to natively connect a Linux machine to an OCS 2007 (R2) Installation. And well yes, there is.

SIPE is a protocol extension for the Pidgin Instant Messanger and on my standard Ubuntu 9.04 system I just followed the instructions on the SIPE website (installing the required packages and a simple configure, make, make install process) and off I was. A new protocol Microsoft LCS/OCS is available.

So far I tested this connecting through a NATed network to the OCS R2 Edge Servers (not internally). OK, there is no Audio or Video (A/V) support and there are still problems with ACLs and presence information but in general instant messaging and presence works.
And it’s nice to be able to change the user agent manually. So if your client version gets banned you simply change it to the latest Microsoft Office Communciator (MOC) string and you should be fine again.

Ah yes, there is a Windows Version, too.

Great work! Keep it up.

(Advanced) Using Nmap Results With Nessus Batch Scanning

I’m refering to an article I read on the Nessus blog: Using Nmap Results With Nessus Batch Scanning. Since they don’t seem to offer comments I decided to write this short article.

First of all it is important to have read this info: Nmap from within Nessus

Combining the information of these two articles I’d like to add that you should also use the -v option when running nmap. This is because otherwise the file containing the grepable results will not contain a comment line starting with “Ports scanned: ” following the information about all scanned ports. The “nmap.nasl“ script contains a part where it says:

if (egrep(string: res, pattern: '^# +Ports scanned:+TCP\\(65535;')) 
     full_scan = 1;
else
     full_scan = 0;

So as you can see “nmap.nasl” uses this for some extra info

The next point is that you usually use such a construct in batch mode (yeah, I not only read the title but wrote it). I for one care this for them… uh, nevermind, wanted to say that you usually start such a scan with the command line nessus client. It got slightly updated and lots of stuff is now found in “.nessus” files. They are “XML” and may contain the targets.

But I for one do not wanna have this information inside a “.nessus” file but inside a plain text file I can also feed to Nmap (-iL option). Since the “nmap.nasl” script checks if the current target is found in the grepable results file you have to supply the target info to Nessus. This is done with the command line option --target-file.

This is somewhat redundant info and it would be nice if you could also feed the grepable results file as an input file to Nessus but on the other hand, what is this option “Do not scan targets not found in the file” for?

To make a long story short I suggest at least these command line options for Nmap and Nessus:

nmap -v -sV -O -P0
nessus --dot-nessus <file.nessus> --target-file <file>
          --policy-name <name>

Remote KVM VMs, bridged Networking, and RH Virtual Machine Manager

Remember the good ole times when there was only one single virtualization solution to chose from? Well, today there is VMWare ESX, Microsoft Hyper-V, Citrix XenServer, Sun xVm/VirtualBox, and lot’s of others with different approaches. And the craziest part is their giving it all away for free (or parts of it). It’s almost impossible to check all of them out.
I decided to follow the Red Hat way and check out KVM because to me it seems as the only really free solution (maybe Xen) that takes the hypervisor approach and allows virtualization w/o the need to make changes to the guest OS.

One thing first: Using KVM still requires a lot of commandline tasks, especially when used in a client/server scenario. Not everything can be configured inside the available GUIs. But hey, there is SSH and you may connect to the remote machine this way anytime. Still, the client GUI is used to do the standard tasks: create, start, stop, monitor virtual machines, networks, and storage locations.
In fact, this article is about the commandline part

So here is my setup:

• Debian 5 Server
• Debian KVM and libvirt-bin packages
• Ubuntu 9.04 Client
• Ubuntu virt-manager package

I use SSH as a protocol between the Virtual Machine Manager and the remote host mainly because it’s the easiest way to get a quick solution running.

Besides the current limitations of the Virtual Machine Manager (crashes every once in a while) and libvirt (currently not able to pass -std-vga or -vga option to KVM although a patch is available) one main problem I had was to configure bridged networking so that guests could use the host interface w/o NAT. The workaround I use is as follows:

1. Create a VM with a supported network type inside Virtual Machine Manager
2. Connect to the host via SSH and navigate to /etc/libvirt/qemu/machinename.xml
3. Look for the <interface> section. I change it to look as this:
   

   <interface type='bridge'>
   <source bridge='br0'>
   </interface>
   

This requires you to have a bridge interface up and running on the host. Mine is called “br0″ as you can see. Setting up bridge interfaces differs in the distributions. A good place to start is libvirt’s Wiki: Netowrking, the Qemu Wiki, and the KVM FAQ about guest networking

Last thing is to restart libvirtd (Debian system)

/etc/init.d/libivirt-bin reload

Ah right, there is this directory /etc/libvirt/qemu/networks. I tried to create a network here that then would probably be usable inside Virtual Machine Manager but I couldn’t get this to work w/o too much code manipulation. Problem is that the interface type in the machine.xml file would be “network” and not “bridge“. Furthermore, a manipulated network.xml file does not show up inside VM Manager. Whenever you manipulate inside libvirt’s XML files you may end up with your devices, VMs, networks not showing up inside VMM anymore.

And if you’re having problems getting a host only network to run I suggest you check out the mcast option. Instead of an interface like the one above you use this:

<interface tpye='mcast'>
  <source address='230.0.0.1' port='12345'/>
</interface>

If you need separated “host-only” networks simply change the multicast IP or the port. But you probably only made a mistake with the IP address anyway (Darn! But it might be heplful one day).

So here is a list of tasks I currently still do on the commandline:

• Create bridge interfaces (obviously)
• Create differential / immutable disks
• Copy/clone VM settings
• hmmm…. I’ll think of some more

SMB/CIFS Download Manager

With this article we’re going back to the origins of the “Perimeterless Network“. If you (like us) are living the idea of the “Perimeterless Network” you sure can access your SMB / CIFS shares from anywhere in the world. Fo security reasons connections are protected with IPSec, right?

Now, for testing purposes I had to download a large DVD image from a remote file server and since I am accessing the Internet by WLAN and IPSec slows down the connection, too, I thought of using a download manager. The best choice would be a handy command line tool like wget. I did remember a tool called smbget I had used before which actually is part of the Samba Suite. But the only Windows binary I could find was at http://paully.com/smbget/ and on that page it says:

“For me it was very useful to transfer big files with size about 1 gigabyte over the our intranet through Samba from Germany to Belarus and from Belarus to Germany. If remote file is not available the application will try to download it until the job is done ”

OK, Belarus is not really what I’d call a democratic country so I was a little anxious about downloading a pre-compiled binary from such a source. Furthermore, I don’t know if Windows binaries are always larger than BeOS, BSD, and Linux ones but in this case the difference was huge. Anyway, if the source is not available anymore I am hosting the Windows Zip here.

Internet Explorer 8 (IE8) RC1 Inline Search

Some might remember my post quite some time ago about what is still missing in Internet Explorer. Major criticism was the antiquated search box. What can I say, finally someone chastened the IE developpers and they integrated an inline search that will fit most needs. Good job!

It took me a while to remember this new feature since I still had the IE Inline Search plug-in activated. But once I deactivated it I got enlightened.

So, who still needs Firefox and for what reason? Only speaking for Windows systems, of course. And leave me alone with Google Chrome, Apple Safari, and Opera.

About

Originally this site was intended as a project site. The goal was to define standards for the perimeterless network using open-source software. To be honest I simply do not have the time for such a thing. So what is left is a blog with sporadic posts that are either helpful for myself or I think are helpful for others, too since I had a hard time finding information on the Internet. Think of it as a knowledge base.
Ehm yes, somtimes I write down my two cents on any topic that may go through my mind at that point in time ;-)

Categories

• creative commons (1)
• data privacy (1)
• fun (1)
• hardware (3)
• linux (6)
• mailing (1)
• microsoft (15)
• music (2)
• office (1)
• podcasts (1)
• programming (5)
• software (19)

Archive

• May 2010 (1)
• April 2010 (2)
• December 2009 (1)
• October 2009 (2)
• July 2009 (4)
• February 2009 (3)
• January 2009 (2)
• December 2008 (2)
• September 2008 (1)
• August 2008 (2)
• May 2008 (3)
• March 2008 (2)
• October 2007 (1)
• September 2007 (3)
• July 2007 (2)
• March 2007 (1)
• February 2007 (3)

Links

• BlazeBlogger
• Styleshout

Recommended

• Anywhere Access
  Microsofts vision of the perimterless network
• De-Perimeterisation
  Explenation of the term de-perimterisation or anywhere-access
• Jericho Forum
  Open Group's point of view