Anything and Everything
I just realized that I’ve been keeping this blog alive for the past 5 years.
Despite my desires to migrate to the new hostname, I find it’s fairly easy to find several of my posts via google on THIS site. So here it’ll stay. Happy birthday, IT.thelibrarie.com!
It’s been a while since I had to deal with Citrix – metaframe 3.5 was the last I had used. Now they’re on XenApp 6, XenDesktop 5, and Xenserver something or other. But this problem has to do with the Citrix Licensing server
Version according to Citrix’s website: 11.6.1 for Windows
Version according to Add Remove Programs: 7.1.10007
Meh.
Anyway, after a forced reboot of the server, it looked like the SQL table/database for the licensing server was corrupted. The Citrix Licensing server would not start and it was throwing off an error 1067:
Error 1000 in the eventviewer - Faulting application name: lmadmin.exe, version:0.0.0.0, time stamp: 0x4a01594d.
Could not start the Citrix Licensing Service on Local Computer. Error 1067: The process terminated unexpectedly
I tried the “remove all of your license files and try to start the service” technique. I also tried re-downloading the citrix_startup.lic file and the opt file. No dice.
Uninstall and reinstall the License server. It even leaves your licenses in place. Then it worked like magic.
Man, I’m not very good at this PHP stuff in terms of starting from scratch. I can decipher what is going on, but my troubleshooting skills for editing my own work… suck.
I put up a survey site with very simple post of data into a mysql database from a PHP front-end. My boss tried it out and put an apostrophe in his comments section, which threw up the standard:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'm working hard')' at line 37
Ut oh. Showing SQL errors can lead to problems – injections, giving away data, etc. Since this was an internal-only site, it didn’t really matter quite as much, but I’d still like to allow people to utilize the apostrophe.
Add this into the inserting php page:
foreach ($_POST as $key => $value) {
$_POST[$key] = mysql_real_escape_string($value);
}
It is right after my “mysql_select_db(“dbname”, $con); statement.
We’re using a utility called Image for Linux (IFL) to image systems (ghost/backup/whatever). It’s not free, but it’s not expensive either – and it works pretty well.
However, IFL uses nmblookup to connect to network shares. So, if you’re on a separate VLAN or network as your destination, you will not be able to find the storage device.
In my case I have a NAS on a 10.1.0.0/24 and the end users are on a 10.2.0.0/24 – with Layer 3 switches.
Boot off of IFL
Alt + F2
mkdir /mnt/share
/sbin/mount.cifs //servername_orip/sharename /mnt/share
I sometimes save my password into firefox to make my life easier. Opera has a much better system for saving passwords, but I like my FF better.
I had a saved password and needed to retrieve the password (unmask it) for some documentation. Unfortunately I couldn’t remember which password I had used previously. Then I remembered a handy javascript that allows me to show the saved password.
Go to the site you want to retrieve the password
DO NOT login yet
Up at the address bar, overwrite what is there with:
javascript:(function(){var s,F,j,f,i; s = ""; F = document.forms; for(j=0; j
A lot of people ask what I use to protect my systems. I remember back a few years ago when I could say “nothing, I just don’t infect my machines by clicking ‘yes’ to everything on the web”. Unfortunately those days are long gone. Java, Flash, PDF, Operating System, Cross Site Cookies, and the like are all able to infect your system with potential “baddies” without any user input.
So, the question remains: what do I use?
It depends on what I’m going. But, from the internet on, let me lay it out for you.
I start with firewall rules. I allow, but log, everything outgoing, so long as it comes from the firewall box. If the router receives any requests from an internal IP other than the firewall box, it will log it and then deny the packets. The firewall box is a simple machine running only one item: untangle (7.4 at time of this writing). Untangle is an IPS/IDS solution that’s from open source software with a nice GUI interface.
After that, I have a wireless network and a wired network. They’re both on the same VLAN on the switch, so they can access almost anything. I had been running my wireless network on a separate VLAN, but transferring files between systems was becoming rather difficult. My wireless settings utilize a WPA2-Personal AES encryption algorithm. I also have implemented SSID hiding and MAC address filtering.
All DNS requests first hit my internal DNS server, and, if not found, are forwarded to the router. The router will only utilize OpenDNS DNS servers – any other requests on TCP or UDP 53 are dropped. So even IF you have your own DNS servers setup, you won’t be bypassing mine. OpenDNS is set to not allow for any malicious sites. Untangle is also set to IPS any malicious requests in quarantine and email me the results. If the Untangle box ever is compromised, I am also running a virtual machine Snort variant (snorby) with another system running syslog requests from all network devices. That way I can at least check what happened for later.
If any user wants to download something utilizing bittorrent (I use TED to download TV episodes I may have missed), I use a Virtual Machine running on top of Linux (or just Linux itself) to test out the products. It’s much easier to “fix” a virtual machine than it is to fix a real system (Delete!).
Each linux system is running ClamAV of some kind. Each Windows system is running Nod32.
Each windows client is also running the following software:
Threatfire
Secunia PSI
Malwarebytes
The one open system that anyone who visits can use is running Windows XP SP3 with SteadyState set to wipe everything after a reboot.
Paranoid? Sometimes. But there’s always a way to get into any system. I’m just trying to make it more difficult.
So what do you use? Comment and let me know.
Sometimes I forget how much we actually use LDAP in our daily lives. Active Directory is based on LDAP. Linux can use LDAP. Same for Mac. Cisco. Lots of stuff.
In the process of upgrading from a managed call center to an in-house Cisco call manager system, we find that we need to add a Unity user account and type in the LDAP path to this user (along with the path to the users we want to import).
Being as forgetful as I usually am, I had to open up adsiedit to find out the exact paths required.
OBJECT CLASS:
User, Group, Computer, or Container are all CN (Common Name)
Organizational Unit is OU
Domain is DC
So, in our case, I had to input “cn=Unity User,ou=Service Accounts,dc=domain,dc=com”
In order to test out if this works, as well as if a user actually has rights to see the LDAP information, I found a handy program called LDAP Administrator (or Viewer)
http://www.ldapadministrator.com/download.htm
Just feed that the information and it does the rest. It reminds me of a better ADSIedit program.