Some users may have noticed problems loading this website.

I've been getting 0xc0040034 and FWX_E_SEQ_ACK_MISMATCH on my ISA 2004 Server (Enterprise) on Windows 2003.  IIS/ISA returns 404s on every other request on the published IIS webserver.

Relevent Network layout: DSL --> ISA (not-teamed)--> (teamed)IIS

I suspected that this was due to the network card teaming present on my published IIS box.  I've gone to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, created a DWORD value called DisableTaskOffload, and set it to 1, on both my ISA and my IIS 6.0 box.  This setting did nothing.

I've also tried to change to DISABLE TCP/IP filtering on my gateway/ISA box!  (Properties of the NIC).  Still seems to be doing the same thing =(

ISA 2004's IP Preferences also has any filtering disabled on it now.

 

Okay, so the Windows XP with SP2 computer boots up, and tells you that HAL.dll is missing or corrupt.

Here's what I recommend you to do.  (No quotes around anything, of course.  Make sure you replace all %variables% with the appropriate path for your machine =).

1. Boot into the recovery console off a Windows XP SP2 CD.  (Hit repair during setup...) Now, we're ready to do some work.
2. First, check to make HAL.dll exists.  Should be in %windows%\system32.  If its not there, copy it over from %windows%\ServicePackFiles\i386 if possible.  You can also do an expand ("expand x:\i386\hal.dl_ %windows%\system32") of the file off a Windows XP CD with SP2.  (Make sure you're using the same CD version as the OS that was installed on the system!).
3. Once that's done, nuke the boot.ini file on the root. Do "attrib -r -h -s -a boot.ini".  Then delete it.
4. Rebuild the MBR.  "bootcfg /list" and then "bootcfg /rebuild"  Load options, you'd want "/fastdetect"
5. Run chkdsk /f
6. Run fixboot
7. Keep in mind - bad hardware is also a potential cause.  The drive you're using may just be on its last legs.

 

[2]Consider it pure joy, my brothers, whenever you face trials of many kinds, [3]because you know that the testing of your faith develops perseverance. [4]Perseverance must finish its work so that you may be mature and complete, not lacking anything. [5]If any of you lacks wisdom, he should ask God, who gives generously to all without finding fault, and it will be given to him. [6]But when he asks, he must believe and not doubt, because he who doubts is like a wave of the sea, blown and tossed by the wind. [7]That man should not think he will receive anything from the Lord; [8]he is a doubleminded man, unstable in all he does.
 

Oh Boy!

http://news.bbc.co.uk/1/hi/health/4473641.stm

Gene therapy as treatment for Alzheimer's.

"Memory tests suggest the gene therapy has slowed cognitive decline by as much as 50%...  Brain scans also show that the patients' brains are more active than before... "If validated in further clinical trials, this would represent a substantially more effective therapy than current treatments for Alzheimer's disease," he said..."

 

If you're running IIS 6 (Windows 2003+) and ISA 2000+ on the same box, and you want to publish the webserver, you should check this out:

IIS 6.0: Setting Metabase Property DisableSocketPooling Has No Effect

http://support.microsoft.com/kb/813368/EN-US/

How to disable Socket Pooling

http://support.microsoft.com/kb/238131/EN-US/

Long story short:

1. Go into inetpub/adminscripts folder and "cscript adsutil.vbs set w3svc/disablesocketpooling true" does nothing.
2. So, get to a DOS window, and do a httpcfg set iplisten -i x.x.x.x (where x.x.x.x is the IP you DO want HTTP.sys to listen on).  You'll get a "... completed with 0".  That's normal.  Now restart web service and/or the box if necessary! ("net stop http /y" and then "net start w3svc" and any other dependent services you have installed.)

 

I installed StarDock's new Multiplicity on my Windows 2003 server that sits on my desk, and also on my IBM T40 laptop.

I rebooted the server (since I was going to use it as a secondary machine).  I connected to it via my laptop... so far so good...

Blammo.  I can't login to the server!  Moving the mouse on my laptop correctly controls that machine - but I can't type in my password to login to the console!

I finally ended up Terminal Servicing (Admin mode) to the machine and uninstall the software and rebooting.  Strange, NumLock worked, as did CAPS LOCK but I wasn't able to login no matter what I did.  CTRL+ALT+DEL worked on both the actual machine keyboard and via remote control, but I could not type anything.  Or delete anything.

Version 1.0 never works right. StarDock's products seem like no exception. Why do companies release incomplete, buggy applications? They totally just bought out this software package and slapped their name on it.  The UI is nice - configuration was painless... but it was completely useless to me.

*sigh*

I guess I'll wait for the next version.

Upon reboot, I logged in, updated WinAmp on it to the latest version, then enjoyed some MostlyClassical.com.  Vivaldi's flutes calmed my annoyances at dirty software.  And now some Amadeus Mozart will put me to sleep.  Time to hit the sack! =)

 

ISA 2004's lockdown mode can be quite annoying sometimes.

ISA 2004 Lockdown http://support.microsoft.com/default.aspx?scid=kb;en-us;838711

ISA 2004 Routing problems?

Routing problems http://support.microsoft.com/default.aspx?scid=kb;en-us;884496

Replacing a NIC in your ISA 2004 box?

Replace NIC http://support.microsoft.com/default.aspx?scid=kb;en-us;840698

Looking for phone information for North America?

Phone Lookups http://members.dandy.net/~czg/lca_index.php

 

How to prevent cache pollution... http://support.microsoft.com/default.aspx?scid=kb;en-us;241352

I'd never leave a DNS server directly exposed on the internet.  Proper network design, in my opinion, requires that some kind of filtering/IDS be sitting in front of such a box.  Doesn't matter if its DNS, HTTP, FTP, running BIND, M$, with Apache, IIS, SQL, mySQL, etc... Why would you leave it sitting there all alone?  At least have Snort running on the same subnet to alert someone if junk traffic comes in!

Anyway - check your DNS servers... make sure they're clean!

Its my practice to have strict regulations for server traffic.  Especially ones that are published to the internet through some NAT/proxy/port forwarding.  My internal servers have no direct internet traffic unless its initiated from the outside.  For maintenance (You check your boxes nightly, don't you? :P), I open rules for antivirus/IDS rule updates, software patches, and then lock the thing down again (no unsolicited outbound traffic).  I don't know what kind of servers you run, but why would you allow unsolicited HTTP outbound on your webserver?  Or leave port 135 open?  Slap an ISA Server in front of it if you MUST have port 135 available.

I think the most dangerous thing is how eager some system administrators are to "get the job done".  Just "opening the port to the world" is absolutely ridiculous.  I don't care how secure it is, be it FTP, SSH, MS SQL, FileMaker, VNC, remote desktop... why would you leave such ports wide open?

Enforce perimeter security!  I use a simple dyndns.org DNS verification on my servers where possible.  So ports are only open to certain DNS names (the rules are updated every 5 mins or so...).  So if I'm on the road, my DNS updater client updates my roaming DNS entry, I wait a few minutes, and then I have full access to the ports.  Then slap on the extra encryption/security on the actual protocol. (POP3S instead of POP3, SMTPS instead of SMTP, HTTPS instead of HTTP.)  Don't let ANYONE get to a Terminal Services (or equivalent login prompt) unless they're at the right IP address.  Then make sure those passwords are secure.

Yes, technology is meant to be ubiqutous, but so is properly implemented and designed security.  If you can't secure it, don't open the port.  Sure, it "would be nice" if users can do *blah blah blah* from home - but at what cost?  Do not compromise security for functionality - a properly implemented network has security and functionality working hand in hand.

Baseline your systems and verify compliance to the baseline network port profile, monitor all threads and processes for unrecognized/unauthorized activity.

Because if you don't -- I'd hate to be the one explaining why your servers were hacked/compromised.  Its so easy to blame the software manufacturers, isn't it?  To blame Microsoft for not writing "secure" code.  "Oh there's another security patch...! Tsk tsk tsk..." Most of these patches wouldn't even affect a properly configured server. Why blame Microsoft for ANOTHER Outlook security problem if you're the one allowing EXEs that are CLEARLY packaged trojans? Or not even monitoring inbound attachments? Why would you allow inbound VBS scripts?

Wireless networks are also headaches.  Keep MAC address authentication enabled, and SSID broadcasting disabled.  Plug access points into managed switches and keep another ACL on the port to make sure only authorized traffic is flowing.  WEP encryption is useless - it just slows you down.  If you need to transmit secure data, plug/route your wireless VLANs into a VPN server and force VPN tunnels on all traffic into your internal network.

Carefully designed network perimeter security is key.  You need attachment inspection on your SMTP gateways - packages like F-Secure for Exchange, Antigen for Microsoft SMTP has worked wonderfully for me.  As for spam... heh... Symantec Brightmail or GFI MailEssentials?  The folks at Finjan also seem to have their act together.

I'm tired of hearing people tell me how insecure Microsoft products are - because they're not.  Microsoft systems get compromised because the "system administrators" fail to not only look after the systems, but to design a tight network in the first place.  It doesn't matter who writes the OS, or if its open or closed source.  You're asking for trouble if you leave critical network assets unprotected and unmonitored.

 

I have this friend who is afraid of cotton balls.  She claims that they're "disgusting".

She wanted to look at my Lact-Aid, so she opened up the bottle.  She saw a cotton ball inside... and jumped up.  "Ewww! Cotton balls!"

I've never seen this strange behaviour before.  Most unusual.

Cotton balls are apparantly "itchy" and "weird".  It was enough to scare her out of her chair and jump up and run to the other side of the room until I promised to hold it away.

"Awww! I hate cotton balls!  They're so gross!"

I should bring her to cotton ball shopping... http://shopping.msn.com/marketplace.aspx?pmpType=1&pcId=8414&catId=1018

I wonder what she'd do if I set that page to her startup page on her Mac.  (ugh.)

 

The Adobe PDF IFilter plug-in enables you to index PDF files in your site in Microsoft Index Server, so visitors to the site can search for text within the PDF files. By default, Index Server can search only HTML and *.doc files. To enable it to search files in other formats, Microsoft distributes filter specifications that let other developers create filter plug-ins. Adobe has used these specifications to create the PDF IFilter specifically for searching PDF files.

http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

http://www.adobe.com/support/downloads/detail.jsp?ftpID=2611

 

Windows Installer 3.1 now available

http://support.microsoft.com/?id=893803

Microsoft Windows Installer 3.1 shipped as part of Microsoft Windows Server 2003 Service Pack 1 (SP1) and is now available as a redistributable system component for the following operating systems:
- Microsoft Windows 2000 Service Pack 3 (SP3)
- Microsoft Windows 2000 Service Pack 4 (SP4)
- Microsoft Windows XP
- Microsoft Windows XP Service Pack 1 (SP1)
- Microsoft Windows XP Service Pack 2 (SP2)
- Microsoft Windows Server 2003
Windows Installer 3.1 is a minor update to Windows Installer 3.0. Windows Installer 3.0 was released in September 2004. Windows Installer 3.1 contains new and enhanced functionality. Windows Installer 3.1 also addresses some issues that were found in the Windows Installer 3.0 release.

 

Microsoft Exchange Server User Monitor

http://www.microsoft.com/downloads/details.aspx?familyid=9a49c22e-e0c7-4b7c-acef-729d48af7bc9&displaylang=en

Use the Microsoft Exchange Server User Monitor to gather real-time data to better understand current client usage patterns, and to plan for future work. Administrators can view several items, including IP addresses used by clients, versions and modes of Microsoft Office Outlook, and resources such as CPU usage, server-side processor latency, and total latency for network and processing with Outlook 2003 version MAPI

 

http://www.cookingforengineers.com/
 

On this computer, I have 3 Terminal Services windows open, IRC open in one of the TS windows, 2 copies of Internet Explorer open, hugs open in a putty/SSH session, Notepad for random notes, Microsoft Infopath as I pull expense information for tax purposes, a FTP client synchronizing files, 4 MSN windows open, 5 Trillian message conversations, Microsoft Outlook, a command window, and calculator.

I also have another desktop with LCD monitor sitting on my desk.  It has MP3s playing with 4 Windows Explorer windows open to my file server for any other media I'd like to play (movies, etc.)  I'm also burning DVDs with Nero.

This is why I have 1.5 GB of RAM on my IBM T40.  Why I have to replace my keyboard on my laptop every 6 mos because its worn out. I don't own a computer/server with any less than 768 MB of RAM.

Translation: Nerd Attention Deficit Disorder

Guilty as charged.

See: http://www.randsinrepose.com/archives/2003/07/10/nadd.html

 

I was looking at B-Trees for my midterm; this site was quite helpful!

http://www.engin.umd.umich.edu/CIS/course.des/cis350/treetool/index.html

 

T568A
		Pin #	Conductor Color Code
		1	white/green
		2	green
		3	white/orange
		4	blue
		5	white/blue
		6	orange
		7	white/brown
		8	brown

 

T568B
		Pin #	Conductor Color Code
		1	white/orange
		2	orange
		3	white/green
		4	blue
		5	white/blue
		6	green
		7	white/brown
		8	brown

 

Deployed RTM.  Nice.  No issues.

*knock on a large piece of wood*

Update: Had problems with NewsBin Pro.  Program bombs out on execution.
Resolution: Go into System, Advanced, Performance Settings, Data Execution Prevention.  Added it to the exclusion list.

Also check out: http://support.microsoft.com/?scid=kb;en-us;896367&spid=3198