Saturday, October 31, 2009

Happy Halloween!

Another chance for us to dress our kids in funny costumes, occupy them for a whole evening, get them all tired out and eat their candy when they go to bed. :D

Givers of candy, I have this request for you! I realize that America is obese, and I understand that proper education and discipline as a child will help to stem this epidemic. Trust me when I say, I am doing my part to make sure that my children are not in receipt of too much candy!

How you ask? Well, I secretly remove some of the candy from their stash, a little at a time so as not to be noticed. This way they feel like they ate it all, but in reality, they only eat a portion of it.

No! Of course I don't eat it! *wipes mouth*.

My request is that you help me out a little bit here... Here's a list of candy that don't That's hard to dispose of undetected... Yeah, that's it.

These nasty little buggers get sticky and leave marshmallow all over my fac... ah... hands. Very difficult to take care of undetected.

If you purchased candy corn, you may as well keep it. Take a look around the house and see what else you got. I completely understand that you bought these with the best of intentions, and it may be the only "candy" type food you got, but be creative! Sugar cubes or packets? Tea bags? (Earl Grey are nice. That is to say, they're the easiest to squirrel away from the kids while staying under the radar). Chicken nuggets? You get the idea.

Anything with coconut in it is bogus. Stay away from this at all costs. Why? I don't like them. And that's a legit reason, cause just the smell of them makes me wretch, so being stealthy is very difficult with a fist full of mounds bars. I can't think of a good use of a coconut that involves eating them. I think the professor made a HAM radio out of a couple, didn't he? That's acceptable.

Seriously, could there be a more disgusting "candy"? It's like they didn't have quite enough coagulation agent to make another batch of silly putty, so they feed it to the indiscriminant. I don’t even like that junk in my house, let alone my bell… Kid’s bellies.

It’s been a few years since I’ve seen this, but several times over the years someone’s tried to pass of raisins and apples as Halloween booty? What are you, new? You want your place toilet papered? Weren’t you ever a kid? Did you like getting produce on Halloween? The fourth grade versions of yourself would kick your ass for that. That’s like giving a little boy clothes for Christmas.

If you’re into disappointing children (which I’ll admit can be rewarding from time to time…) keep it up. You’re just giving them things to throw in the compost heap. By the time they get through the real stuff, the nature’s bounty you handed out will be turning brown and sprouting hairs. Look, Thanksgiving is just around the corner, keep that junk for pies and breads. Halloween is about glucose packed goodies, not health foods.

* * * * *

Now that you know what not to give out, here’s how to do it right.

This is not one of those holidays where you go to the dollar store to buy your supplies. Penny pinching is going to get you in trouble. Not quite as much trouble as giving out V8 juice or celery of course, but old stale no-name chocolate bars are only just so-so. May not get you egged, but don’t be surprised to find your morning newspapers in the bird bath for the next couple of months.

That said, you don’t have to go top shelf either, once you pass a certain level you’re in the clear. Sure, we’ll tak… Ah, they’ll take Symphony bars, toblerone, and Lindt chocolates, but your return on investment isn’t going to be that much higher. Remember, going above and beyond isn’t going to get your lawn mowed or your gutters cleaned. You’re never going to get positive karma out of this… Your job is just to not get assaulted by angry Junior-high kids equipped with shaving cream.

Think of the standard names. These are the candies you see lining the aisle as your leaving the super market. Hershey’s, Reece’s, NestlĂ©’s Crunch, Kit-Kats, Snickers. These are perfect examples of middle-of-the-road treats to give out. This will keep your yard free of any kind of delinquent Halloween tomfoolery.

The little bite sized ones are fine, those will get you a pass. You don’t have to go full sized, or king sized.

If you disagree, and still would rather give out vitamin filled tree-droppings, do yourself a favor: Turn your porch light off, and don’t answer your door. You’d much rather the kids think you’re not home, as opposed to trying to get them to slim down.

Friday, October 30, 2009

Love / Hate

I love
Rainy sundays when nothing is planned. Cold. Raw. The smell of wet dirt permeating the air outside, while I'm inside in pajamas with a steaming cup of coffee. (Especially during Football season!)

I hate
Trying to read something that’s be written with no regard for grammar. Must have punctuation. Must have individual, identifiable paragraphs.

I love
My family. My wife and children are what keeps me going.

I hate
The following phrases: “Same difference”, “don’t hate the player, hate the game”, “six of one, half dozen the other”, “working hard or hardly working”.

I love
Windows 7.

I hate
Running behind schedule.

I love
When someone who talks trash gets bit on the ass by it.

I hate
When I get bit on the ass by my own trash talk. (which is why I almost never do it!)

I love
Working from home.

I hate
The fact that I have to work to survive, even though:

I love
My job and the work that I do.

I hate
When people say they hate closed-minded people. Doesn’t that make them closed-minded toward people who are closed-minded??

I love
The work of George Carlin, Bill Cosby, and Mel Brooks.

I hate
Saying goodbye.

I love

I hate
The fact that I can’t get my dog to stop digging holes in my yard… Grr… It’s a good thing:

I love
My dog.

I hate
The fact that people are capable of such tremendous evil, and inflicting such horrible pain.

I love
Watching my children grow up.

I hate
That my children are growing up so fast.

I love
To listen to stories of old times told by people who are older than me. Time is by far the best teacher.

I hate
My dependence on spell check. (F7 for your Microsoft Word users!)

I love
The fact that I can type almost as fast as most people talk.

I hate
Moxy and Mr. Pibb

I love
Pepsi, Mountain Dew, Dr. Pepper.

I hate
The fact that I love soda so much!

I love
Singing along to the radio when I’m alone in the car, pretending I’m the lead singer rocking out in front of thousands of fans.

I hate
My singing voice.

I love
The quote: Nature and wisdom never are at strife.

I hate
The quote: Necessity is the mother of invention. There’s much more to invention than simple necessity. I think sometimes the mother is greed, sloth or jealousy… then sometimes it could also be compassion, love, or empathy. Just because something was invented doesn’t mean it was a necessity. Perhaps just a creature comfort. I don’t NEED super comfy pillows, but boy am I glad someone invented them!

I love
My super comfy pillows. o

I hate
Being lied to.

I love
Peanut butter cups.

I hate
That so many kids have peanut allergies now that schools are sometimes required to be peanut free.

I love
Solving problems.

I hate
Being yelled at.

Thursday, October 29, 2009

Visa Gift Card

I learned something today, and I learned it the hard way...

Don't EVER use a Visa (or any other) gift card at the gas station pump.

I ran out to the Hess Express up the street, and popped the card into the pump, fulling expecting it would ask me to go in and see the cashier. It did not disappoint.

What I didn't know is that the pump automatically tries to charge $75 to the card. I happened to have $73, so it didn't go through. This caused a problem because the bank still had Hess's request for money in their system, but since there wasn't enough Hess assumed the transaction was over, and there was no reason to request the money fromt he bank.

The bank now has the entire balance of my gift card in a "pending" status. What's worse, they won't cancel it, because for all they know, Hess just hasn't come to claim their money, and I've got a tank full of gas...

What's worse, they consider this problem my fault for not abiding by the user rules. Call me crazy, but I'd think if you're going to pedal a product that has rules like this, you should also send along a copy of said rules. Nowhere on any documentation I recieved, does it say this. It DOES say it on the website however... Fat lotta good that does me.

The only thing I can do is wait for the pending transaction to expire. Could be 2 days, could be 5 days, could be 12 days...

Wednesday, October 28, 2009

Create and hide a local admin

It was recommended by Kaseya that you create a local user on your endpoints and set that as the agent credentials.

This script creates a username, makes it a local administrator, makes sure the password never expires, and sets the account so that it doesn't show up on the fast user switching screen for those machines that use the welcome screen.

First, create open notepade and create the following VBS:

' nopwdexp.vbs
' Windows NT/2000/XP/2003 Administration Script
' Turns off password expiry for the specified account
' Usage: cscript //nologo nopwdexp.vbs /domain:domainname /user:username
' Written by Mark Wilson, 10 September 2004
' This script is provided as is without warranty of any kind. Mark Wilson
' further disclaims all implied warranties including, without limitation, any
' implied warranties of merchantability or of fitness for a particular purpose.
' The entire risk arising out of the use or performance of the script including
' any associated documentation remains with the user of the script.

Option Explicit
On Error Resume Next
' Set constants
Const ufDONT_EXPIRE_PASSWD = &H10000
' Set variables
Dim colNamedArguments
Dim strDomain, strUser
' Read command line named arguments
Set colNamedArguments = WScript.Arguments.Named
' Report missing domain argument
If colNamedArguments.Exists("domain") Then
WScript.Echo "Missing argument: /domain:domainname"
End If
' Report missing user argument
If colNamedArguments.Exists("user") Then
WScript.Echo "Missing argument: /user:username"
End If
PasswordNeverExpires strDomain, strUser
Sub PasswordNeverExpires(domainname, username)
' Sets the do not expire password flag if not already set
Dim objUser, objUserFlags
' Read user properties
Set objUser = GetObject("WinNT://" & domainname & "/" & username & ",user")
' Examine flags set against account
objUserFlags = objUser.Get("UserFlags")
' If password expiry is allowed, then set password never to expire.
If (objUserFlags And ufDONT_EXPIRE_PASSWD) = 0 Then
' Password does expire
' WScript.Echo objUserFlags
objUserFlags = objUserFlags Or ufDONT_EXPIRE_PASSWD
' WScript.Echo objUserFlags
objUser.Put "UserFlags", objUserFlags
WScript.Echo domainname & "\" & username & " password has been set never to expire."
' Password does not expire
' WScript.Echo objUserFlags
WScript.Echo domainname & "\" & username & " password was already set never to expire."
End If
End Sub
Sub Usage()
' Reports the correct command line syntax
Wscript.Echo VbCr
WScript.Echo "nopwdexp.vbs"
Wscript.Echo VbCr
WScript.Echo "Usage: cscript //nologo nopwdexp.vbs /domain:domainname /user:username"
End Sub

Make sure the file is named nopwbexp.vbs, and upload it to your kaseya server.

Then import this scritp, making sure to edit the username and password as applicable:

Script Name: Create and hide local admin

Script Description: This script creates and then hides a local administrator account.

This script should be run on every new Managed Services machine, unless you're using a domain admin credential.

IF True
Execute Shell Command - (Continue on Fail)
Parameter 1 : net user /add *USERNAME*
Parameter 2 : 1
OS Type : 0
Execute Shell Command - (Continue on Fail)
Parameter 1 : net user *USERNAME* *PASSWORD*
Parameter 2 : 1
OS Type : 0
Execute Shell Command - (Continue on Fail)
Parameter 1 : net localgroup Administrators *USERNAME* /add
Parameter 2 : 1
OS Type : 0
Write File - (Continue on Fail)
Parameter 1 : c:\temp\nopwdexp.vbs
Parameter 2 : VSASharedFiles\nopwdexp.vbs
OS Type : 0
Execute Shell Command - (Continue on Fail)
Parameter 1 : wscript //B c:\temp\nopwdexp.vbs /domain:%computername% /user:peadmin
Parameter 2 : 1
OS Type : 0
Set Registry Value - (Continue on Fail)
Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\userList\peadmin
Parameter 2 : 0
Parameter 3 : REG_DWORD
OS Type : 0

This script runs quickly. After it's run, set the agent credentials in the Agent tab, and you're good to go!

Event ID: 1023 Perflib errors

Below is the script we use to remedy the event 1023 error on our servers when we come across it. As usual, don't forget to edit the email address.

Script Name: Event ID: 1023 Clean up Perflib errors on C, D, E

Script Description: This script fixes permissions on sqlctr80.dll file under SQL directories that causes problems with Kaseya and generates PERFLIB errors in the application event log
IF True


Get Variable

Parameter 1 : 4

Parameter 2 :

Parameter 3 : agentDrv

OS Type : 0

Get Variable

Parameter 1 : 6

Parameter 2 :

Parameter 3 : machineName

OS Type : 0

Execute Shell Command

Parameter 1 : forfiles.exe -p c:\ -s -m sqlctr80.dll -c "cmd /C cacls @PATH /e /g 0x22network service0x22:r >> #agentDrv#temp\sqlfiles.txt"

Parameter 2 : 1

OS Type : 0

Execute Shell Command

Parameter 1 : forfiles.exe -p d:\ -s -m sqlctr80.dll -c "cmd /C cacls @PATH /e /g 0x22network service0x22:r >> #agentDrv#temp\sqlfiles.txt"

Parameter 2 : 1

OS Type : 0

Execute Shell Command

Parameter 1 : forfiles.exe -p e:\ -s -m sqlctr80.dll -c "cmd /C cacls @PATH /e /g 0x22network service0x22:r >> #agentDrv#temp\sqlfiles.txt"

Parameter 2 : 1

OS Type : 0

Get Variable

Parameter 1 : 1

Parameter 2 : #agentDrv#temp\sqlfiles.txt

Parameter 3 : Sqlfiles

OS Type : 0

Send Email

Parameter 1 : *EMAIL@ADDRESS.COM*

Parameter 2 : #machineName#

Parameter 3 : #Sqlfiles#

OS Type : 0

Delete File

Parameter 1 : #agentDrv#temp\sqlfiles.txt

OS Type : 0


Migraine Sufferers have different brains

Section Of Brain That Processes Pain Thicker In Migraine Sufferers

(WebMD) Researchers have identified specific differences in the brains of migraine sufferers linked to the processing of sensory information, including pain.

In earlier research, Harvard Medical School investigators used magnetic resonance imaging (MRI) to show structural differences between the brains of people with and without migraines.

Specifically, the imaging showed thickening in a specific area of the brain related to the communication of sensory processing called the somatosensory cortex (SSC).

It is not clear if migraines cause the brain changes or if the brain differences cause migraines, researcher Nouchine Hadjikhani, M.D., of the Martinos Center for Biomedical Imaging at Massachusetts General Hospital tells WebMD.

"That is the big question," she says. "A person could be born with these cortical differences, making them susceptible to migraines later in life. But we just don't know."

Migraines and the Brain

In the newly reported imaging study, researchers compared the brains of 24 people with migraines and 12 people without them. They found that the SSC was an average of 21 percent thicker in migraine sufferers. The thickness changes were especially pronounced in the part of the SSC related to sensation of the head and face.

Most study participants with migraines had experienced the severe headaches since childhood, suggesting that long-term stimulation of this sensory area of the brain could lead to structural changes, Hadjikhani says.

The study is published in the Nov. 20 online issue of the journal Neurology.

Other studies have also shown differences in cortex thickness in patients with multiple sclerosis and Alzheimer's disease.

But it is also possible that the structural changes precede migraines and actually cause them to occur.

Hadjikhani and colleagues hope to shed light on this 'chicken and egg' conundrum in a much larger study.

Imaging studies on young children who are at high risk for having migraines later in life because their mother or father had them may also help answer the question of which comes first.

"If we already see these changes in children who have never had a headache in their life, that will tell us something," she says.

Whatever the outcome, it is increasingly clear that the brain's sensory processing center plays an important role in migraines.

Treat Migraines Aggressively

It is also now clear that the brains of migraine sufferers are different from those of people without the severe headaches.

In an unrelated study, researcher Mark C. Kruit, M.D., and colleagues from Leiden University in the Netherlands identified tiny brain lesions in the brains of a significant percentage of migraine sufferers who underwent MRI.

In an interview with WebMD in 2004 , Kruit predicted that the imaging studies would "change the common perception that migraine is a trivial problem with only transient symptoms."

The studies also point to the importance of aggressively treating migraines , Hadjikhani says, to both prevent the headaches from occurring and to manage the pain when they do occur.

She reasons that if frequent migraines cause structural damage to the brain, having fewer migraines and migraines with less intense pain may prevent this damage from happening.

"It is important not to let the pain get out of hand," she says.

By Salynn Boyles
Reviewed by Louise Chang
©2005-2006 WebMD, Inc. All rights reserved.

Read this article at it's orginal location here.


With the weather getting warmer, the ticks are coming out in full force. Living in eastern MA, I've dealt with ticks many times before. This year, I've been seeing a lot of deer ticks, and that's got me concerned.

Here's a helpful article from Northern New England dot com:

Ticks (also known as arachnids) are a fact of life here in New England, and, in fact, in many places on earth. Golfers, hikers, hunters, bird watchers and anyone that spends time outdoors should be aware of ticks.

Globally, there are some 400 species of ticks on this planet. Here in northern New England, we have about a dozen different species lurking in the woods, forests, and grass.

Not much is usually heard about ticks, but the fact is - knowing about ticks is extremely important and potentially life saving. Ticks, like mites are external parasites that live off the blood of mammals, birds, and even reptiles and amphibians. Ticks are also vectors of several diseases, including the potentially fatal Lyme disease.

Often tick species take their name from their favorite host, so we have bird ticks, woodchuck ticks, rabbit ticks, moose ticks, and dog ticks. Other New England varieties of tick include; one star tick, tiny black-legged tick - the local variety, of which is commonly referred to as a "deer tick".

Ticks are rather unique in that all ticks must stalk and feed from a host vertebrate three times in their lifetime, as larva, again as a nymph, and finally as an adult. It is in the third and final phase of the deer tick's life that is the most dangerous to humans.

Ticks & Lyme Disease

An infected tick can spread Lyme Disease. Not all ticks are infected with Lyme Disease. A tick bite can be difficult to detect. Anyone who spends time outdoors (hikers, golfers, hunters, bird watchers, bike riders, etc. ) should learn how to check themselves for fleas, ticks and insect bites and should take the time to perform this precautionary measure. The actual size of an adult tick in about the size of this 0, or the size of a pin head.

Most cases of Lyme diseases are from the Northeast. Nearly 90% of all Lyme disease cases have been reported in the Northeastern part of the US. Many people are being infected from ticks in their own yard.

Ticks are blood-feeding parasites that are often found in tall grass, stone walls, fallen leaves, and shrubs where they wait to attach themselves to a passing host, like you or your pet. Physical contact is the only method of transportation for ticks. Thankfully, ticks can not jump or fly, although they may drop from their perch and fall onto an unsuspecting host.

Tick Removal

To remove a tick use a small set of quality tweezers: grab the head of the tick and slowly pull it out. Crushing or irritating the tick by using heat or chemicals should be avoided, because these methods may cause it to regurgitate its stomach contents into the skin, increasing the possibility of infection. Very small ticks and larval ticks can be removed by scraping them off.

Lyme disease (which is found in deer ticks) cannot be transmitted once the tick body is removed even if the mouthparts break off and are still in the skin. Prompt removal is important; infection generally takes an extended period of time, over 24 hours for Lyme disease which is why carefully checking yourself after hiking, hunting or outdoor activities is so important.

Tick Population Factors

Ticks of all types depend largely upon water and moisture for survival. More ticks will survive a mild winter than a cold one. A long dry summer will have a devastating effect on tick populations, conversely a wet and warm spring will help hatch an abundance of ticks.

Reposted from here.

The Bridgewater Triangle

Story reposted from:

The Bridgewater Triangle Area
Although not an 'official' Vile Vortex, the inland Bridgewater Triangle is likely one of the world's most concentrated areas of diverse paranormal reports.

Located just 30 miles south of Boston, this 200-mile square area has the Massachusetts towns of Abington, Freetown and Rehoboth at its angles. The town of Bridgewater is located nearly dead center within the triangle and the area also encompasses six other Massachusetts towns: Raynham, Taunton, Brockton, Mansfield, Norton and Easton1.

Mysterious Landmarks

The Hockomock Swamp
The Hockomock Swamp, a 5000+ acre area lies within the western section of Bridgewater Triangle and is the hub of many paranormal reports. Also the site of an 8,000-year-old Native American burial ground, when archaeologists opened the graves of Grassy Island, the red ochre within the tombs bubbled and then mysteriously disappeared. Photographs taken of the excavation would not develop1.

The swamp remains shrouded in superstition. Called, "the place where spirits dwell" by the Wampanoag Tribe of the Native American Algonquian nation, the Wampanoag avoided the Hockomock Swamp and the area remains a place filled with foreboding2.

Dighton Rock
On the banks of the Tauntaon River, Dighton Rock lies across from the Grassy Island Burial Grounds of Hockomock Swamp. Numerous inscriptions of unknown origins are carved into the face of the rock. Although various speculations attribute them to Native Americans, Vikings, and even Phoenicians, their identity has never been specifically determined 3.

Profile Rock
Profile Rock is another Bridgewater Triangle landmark that has gained a paranormal reputation. Located in Freetown, from a nearby hill, the rock shows a clear portrait of a Native American face looking out from the stone. Long before Massachusetts colonists arrived, the Wampanoag people considered Profile Rock sacred. Local legends claim that Native American ghost dancers in warrior dress dance around Profile Rock3, 4.

Anawan Rock
Located in Hockomock Swamp along Route 44 in Rehoboth, Anawan Rock is named for Chief Anawan and is the site where Chief Anawan surrendered to the colonists, ending "King Phillip's War". Legend says that the angry spirits of Chief Anawan's warriors continue to haunt the area, starting spectral fires and "ghost dancing".

Bridgewater Triangle Phenomena
Paranormal researcher, Loren Coleman, who named the Bridgewater Triangle in the 1970, revived public attention to the many paranormal reports emanating from the area.

Aside from the number and diversity of paranormal reports, what is phenomenal about the Bridgewater Triangle is that the first report of paranormal activity was made over three centuries ago, in 1760.

At 10 am on May 10, 1760, a "sphere of fire" was reported to hover over New England and emit a light so bright that is cast shadows in the morning sun. Reportedly, the light was seen from both Bridgewater and Roxbury3. Since then, the area has spawned a diversity of reports that include paranormal events that range from ghost dancers to UFOs to Cryptozoological sightings.

Bridgewater Triangle UFOs
The 1760 report is likely the first documented UFO report on the planet. However, it certainly wasn't the last UFO report to come out of the Bridgewater Triangle.

•Halloween 1908 marked another UFO sighting, documented in local newspapers.
•In 1968, five people claimed that they saw a strange ball of light floating among the trees in a wooded part of Rehoboth3.
•In the 1970's, UFO sightings were frequently reported to occur in different areas of the Bridgewater Triangle1. In one 1976 report, two UFOs were seen landing along Route 44 near Taunton.
•In 1994, a Bridgewater Law Enforcement Officer reported seeing a triangular shaped craft with red and white lights.
•The town of Raynham frequently receives reports of glowing balls of light, floating over the ground at the local dog track3.

Mysterious Creatures
Cryptozoological sightings are numerous and varied in the Bridgewater Triangle. In 1970, reports of a big-foot like, 7-foot tall hairy monster and its footprints instigated both the Bridgewater and Massachusetts State Police canine unit to conduct a search for a bear. However, neither man nor bear was ever found.

In 1978, paranormal researcher Joseph M. DeAndrade claims to have observed another such creature as it slowly walked into the brush of the Hockomock Swamp, about 200 yards from his location. He chronicled his sighting in his 1997 book, Passing Strange: True Tales of New England Hauntings and Horrors8.

Not all of the creatures that allegedly inhabit the Bridgewater Triangle are land-bound. Since 1971, several sightings of phenomenally large, black birds, with wingspans that stretched from eight to twelve feet, have been reported as well. Coincidentally, the first of these reports originated from Bird Hill in Hockomock Swamp. In 1984, two of these avian creatures were allegedly seen fighting in mid-air.

Bridgewater Triangle Ghostly Specters
Besides the legends that tell of Native American ghost dancers, reports of several contemporary ghostly specters come from the Bridgewater Triangle.

•A mysterious redheaded hitchhiker haunts a stretch of Route 44 in Rehoboth.
•A ghostly phantom appears in Hockomock Swamp near Route 138.
•From Freetown, a ghostly trucker is rumored to speed along the winding Copicut Road, blaring his horn and threatening passing motorists.

1. “Bridgewater Historical tidbits.” Bridgewater Public Library 4 Jun 2003. 8 Aug 2008 .
2. “The Bridgewater Triangle” Terrifying Tales-Encounters With The Unexplained. 2 Apr 2008. 18 Apr 2008 .
3. Christopher W. Pittman. “The Bridgewater Triangle.” Massachusetts UFO Resource Site 2000. 27 Apr 2008 4. “Bridgewater Triangle.” Wikipedia, the free encyclopedia. 2008. 8 Aug 2008 .
5. Christopher Balzano. “The Cursed County.” Massachusetts Crossroads n.d . 8 Aug 2008 .
6. Brian MacQuarrie. “The old haunting grounds.” The Boston Globe 30 Oct 2006. 8 Aug 2008 .
7. “Paranormal Adventures in the Bridgewater Triangle." I Want to Believe 10 Apr 2006. 8 Aug 2008 .
8. Ed Hayward. “Bigfoot of Bridgewater, Hockomock Crock?.” Bigfoot Encounters n.d . 9 Aug 2008 .

443!! OMA!! OWA!! OMG!!

One of my clients today was having an issue where their outlook web access mysteriously stopped working.

I RDPed to the server, and found that the Default website had stopped. I right clicked, hit start and was presented with the error message: "the process cannot access the file because it is being used by another process".

I checked all other IIS websites, and found nothing that might be causing the problem... So I turned to my good ol' standby: Google.

I found some Microsoft KB articles that instructed me to run some netstat.exe commands to find the problem... Trouble is, the results were many. Many many. I couldn't find anything in there. I felt like I was drinking from a firehose.

Eventually, I stumbled upon this utility called currports.exe. It's a quick download, runs fast, and reports to you in a nice little console, all ports that are currently being used, and what process is using them.

I found out that the client had installed a utility called E-BLVD. Looks like a remote control utility that works over the SSL port.

Moral of the story, if you want to achieve something like remote control to your server, consult your IT department, or you just might bring down some important services. In this case, not only did OWA stop working, but so too did OMA. We have owners with no emails to their moble devices, which is never a good thing!

Computer Viruses... Am I at Risk?

One of the most common things I see as an IT professional is infection. Viruses, Spyware, Key-Loggers, etc. Infections like this can cause serious issues on your machine and lead to costly downtime. Depending on the severity of the infection, the cure can take a long time, which in turn ends up becoming expensive!

Unfortunately there is no 100% bulletproof protection from these things. Your anti-virus can’t cure a virus it’s never seen, so viruses on day-1 can go by unnoticed all together. However, there are steps that you can take to help avoid the initial infection. An ounce of prevention is worth a pound of cure!

Even though an anti-virus software isn’t much protection against brand-new viruses, they’re usually updated only a couple hours after they’ve discovered the threat. It’s very important that you have an anti-virus software installed, running, and updating. Don’t assume that because you installed an Anti-Virus software two years ago, that it’s protecting you. Make sure that you check the program to find out when the last time it was updated.

If you are looking for an Anti-Virus program, make sure you do your homework! There are lots of programs out there that say they’re anti-virus, like “Anti-virus XP”. These programs only look like anti-virus programs. They’re actually viruses! These are called Rogue Anti-Virus programs. Make sure to ask your IT professional, or a knowledgeable source if the program you’re considering is legitimate.

Some legitimate Anti-Virus names:
  • TrendMicro
  • AVG
  • Norton
  • McAfee
  • Avast

Even if your Anti-virus is up and running, updating and catching threats, you can’t rely on it alone. Anti-Spyware programs can be effective in removing things that aren’t technically viruses. Things like spyware can sneak into your machine the same way viruses do, but they don’t always set off alarms like a viruses.

Once again, there are programs out there that pretend to be anti-spyware programs, but are actually spyware themselves.

Some legitimate Anti-Spyware names:
  • Malwarebytes’ Anti-Malware
  • Super Anti-Spyware

Computing Practices
As I’d stated earlier, an ounce of prevention is worth a pound of cure.

  • Do not click on any popup advertisements. If you get a popup, click on the outer-most edge of it as though you’re trying to resize the window to activate it as the current focus, and press Alt+F4. This should close the popup window.
  • Never open attachments you weren’t expecting, especially if it’s from someone you don’t know. If you aren’t expecting an attachment, email the sender back and ask what it is, and if they meant to send it. No one can fault you for being cautious.
  • Be careful installing browser add-ons from websites that say “you must install this software to properly view this webpage” unless you’re sure of exactly what the software is.
  • X-rated, or serial number cracker websites are always laden with viruses. It’s best to stay away from them.
  • Never use peer to peer programs for the downloading of files. Programs like Limewire are littered with infected files.
  • As always, if you’re uncertain of something, always ask someone knowledgeable. As an IT professional, I’d much rather tell someone “It’s a bad idea to open that file” rather than “That file you opened infected your computer, and fixing it could take hours”.

Spam Filtering

Over the past decade, email has become a major form of communication, and a crucial tool for businesses the world over. People share thoughts and ideas, plan projects, build relationships, market their products, network with colleagues, stay in touch with loved ones, all at the click of a mouse. But what happens when the emais are dangerous??

According to a
Heinz Tschabitscer with in an article posted here, back in 2008 there were around 210 billion emails sent per day. A little quick math here, divide that by the 86,400 seconds in 24 hours, that’s 2.43 million emails sent every second. That’s an awful lot of emails! Most of these emails never actually make it to their destinations of course, as around 70% of that number (in 2008) was spam. Since 2008, the numbers have only increased.

As you may imagine, with an increase in spam, comes an increase in anti-spam. There are several different ways of fighting spam.

Client-Side Software
Client-Side Software refers to a solution on the local machine to address spam issues after the message has been delivered to its destination. This does not prevent the message from reaching the end user, but allows for relatively safe management of spam and messages that may contain malware.

These solutions are generally low-cost, and common in small companies and residential environments, especially where mail is hosted offsite and retrieved via pop3 or imap.

Email Clients
Email clients, such as Microsoft’s Outlook, have some basic spam filtering capabilities built in. You can mark a message, a sender, or an entire domain as a spam source, and then anything that comes in from that source will hence forth be delivered to the email client’s “junk” or “spam” folder.

  • The benefit to this is if you’re using an email client anyway, the functionality is built in. There’s nothing to purchase or install separately, and if that client is outlook, updates come in with the Windows Updates.
  • If you already have an email client that has this functionality, there’s no cost associated with updating the rules.

  • This feature is not very accurate however and a lot of messages that are actually legitimate correspondence can be flagged as spam. Conversely, many messages that are actual spam can be overlooked, and will be delivered as normal.
  • In this situation, the message will still come into your organization and be delivered to your computer. If it’s identified as spam, the infectious content will usually be blocked from running, but you still have to manage it. You still have to decide if you’re going to leave the message in the folder or delete it. Also, this message required internet bandwidth to come in, only to be discarded or set aside. True, one little message isn’t going to do anything, but if you’re getting a lot of spam, or you’re a member of a large corporation, chances are there’s a lot of spam coming in, and it’s cutting into your internet speed, as well as storage space.

Client-Side Anti-Virus/Anti-Spam
A lot of today’s anti-virus programs come with anti-spam modules built in. These programs will keep a keen eye on your inbox, watching traffic come in and go out searching for messages it thinks may be spam. What it does when it finds something it thinks may be spam is a behavior you can usually set within the software. Typically, it will create a “spam” folder, or use the one that was created by the email client, though it can be set to simply delete the message.

Some Client-side Anti-Virus solutions that include anti-spam functionality include
Trend Micro’s Internet Security, and McAfee’s Internet Security.

Some Client-side Anti-Spam solutions include Sunbelt Software’s Ihatespam and Spam Blackout

  • This functionality is usually more accurate than the simple email client filtering capabilities, and is updated as often.
  • This does not require installation on a server or any complicated networking changes. This is also typically an inexpensive solution.

  • With the exception of better accuracy in spam identification (which is more robust than the email client, still can leave something to be desired) this method shares the cons of the email client. You still have to manage the messages yourself, it’s still delivered to the mailbox, and the message is still a burden on storage space and internet speed.
  • These solutions require regular updating, and there could be a cost associated usually in the form of a yearly subscription.

Server-Side Software
A Server-Side software solution involves installing software on the mail server. The software will integrate with the mail server software, and scan messages as they arrive and/or leave. This method is most commonly used by small to medium companies who host their own mail, although some outsourced mail companies, like
Mi8 may use it as well.

Server-Side software includes Anti-virus solutions, like Trend Micro’s
Office Scan, and Anti-spam solutions like GFI Mail Essentials.

  • These solutions prevent the message from being delivered to the end-user’s mailbox, lightening the load on that user’s mail storage.
  • This provides a single point of management for delivery rules and spam identification. The administrator need only create one rule which then applies to all recipients. In most cases, users can be permitted to view the messages they would have received to determine if they were falsely identified as spam.
  • The software can also be set up so that the messages are only reviewable by the administrator.

  • Even though this method lightens the load on the mailbox storage for the end users, the message is still delivered to the site, cutting into internet bandwidth. Also, depending on the quarantine rules on the software it can still require disk space for storage.
  • These solutions require regular updating, and there could be a cost associated usually in the form of a yearly subscription.

Hardware Spam Firewall
Basically a computer dedicated to scanning your mail as it comes through your firewall, an anti-spam device is a common solution for a medium sized business. There are many brands, some of the most popular include
Barracuda, Cymphonix, and Spamwall.

These devices are akin to your common network router, but they have a more sophisticated operating system. This device sits just inside your network, and your router sends all mail packets to it for scanning. The device finds the messages it thinks is spam, sets them aside, and then passes the good ones along to the mail server.

  • These devices, if configured correctly can be highly effect and accurate.
  • This provides one central location for your IT team to manage spam. You’re able to set one rule that will apply to all.

  • These solution can be relatively expensive, requiring new hardware and installation.
  • These devices require physical installation, and unless the person doing the install is familiar with the infrastructure and understands networking principals, this can be a daunting task.
  • These solutions require regular updating, and there could be a cost associated usually in the form of a yearly subscription. Beyond updating spam definitions, these devices will sometimes require operating system updates and service packs. This is not always available automatically, so an administrator will be required to update the operating system.
  • Even though this method lightens the load on the mailbox storage for the end users, the message is still delivered to the site, cutting into internet bandwidth. Also, depending on the quarantine rules on the software it can still require disk space for storage.
  • If the software is set so that only the administrator can review the quarantined messages, it adds another task to someone’s plate.

In a third-party solution, your mail messages are checked before they ever hit your mail server. This third-party receives your mail before you do. This is achieved by making a change to your public MX record. Instead of having resolve to your public IP address, it will be changed to resolve to a location that will be given to you by the third-party. Your mail is routed to the third-party’s servers where it’s scanned for spam content, viruses and malware, and it is then delivered to your mail server.

Similarly, your mail server can also be set up to send all your company’s mail through this third-party, and then your firewall can be locked down to allow outbound email only from the mail server. This can prevent machines on your network that may be infected with malware from sending out spam. This can help make sure that your IP address is not

Some third-party spam solutions include
MxLogic and Postini.

  • This solution does not require any changes to hardware or software on your end. There are no devices to install, no software to install, and spam gets stopped before it reaches your internet connection. Your bandwidth is not impacted. Your storage space is not impacted.
  • Users can log into the third-party’s system and manage rules and alerts for themselves.
  • The messages are stopped before they’re delivered to your site, freeing up bandwidth.
  • The messages are stored on the third-party’s end, so there’s no impact on your storage.
  • Management of rules and quarantined messages are available to both the end user for their own messages as well as an administrator for global administration.

  • These services are generally more expensive than the other options, usually requiring a monthly subscription.
  • Configuration includes editing of public DNS settings, which is not something that is recommended unless the person making the changes if familiar with such things. A misconfiguration can lead to downtime.
  • Configuration of the mail server is required for outgoing messages to be routed through the third party, which is not something that is recommended unless the person making the changes if familiar with such things. A misconfiguration can lead to downtime.
  • This setup adds one more point of failure to the message’s journey. If the third party needs to update systems, or has an outage of some sort, this can cause mail to be delayed. Make sure you ask the third party what their policy on downtime is, and how often it’s likely to occur.

Email having become such a widely used medium for us in business and our personal lives, all of the solutions listed have value of some sort. If you’re unsure what solution is right for you, consult with your administrator or a knowledgeable source.

Oxygen from Christopher Hendryx on Vimeo.

Warriors of the .Net

Ever wonder how the internet works? See here:

Lucky Number 13

For most, 13 is a number associated with a great deal of superstition. For my family, it's a lucky number!

When I was born in 1979, the youngest of my brothers was 13. When I was 13, his first son was born. When his first son was 13, my first daughter was born.

A few years back, my mother in law hit for a decent (not incredible, but considerable) sum of money at Foxwoods on Friday the 13th. (Don't bother calling, it's long gone!)

Tuesday night, my wife and I were going to bed, and her water broke. We didn't know what to think though, cause it wasn't a rush of water like you see in the movies, just a trickle, and she was only in week 34. We went to the hospital anyway and when we got there, they put us in examination room 13. I knew the baby was coming at that point, and turns out I was right.

After the initial exam, we were sent to wait in room 5013.

I think it's safe to say, the number 13 will always be my lucky number.

Comcast Vs. Megapath

A client of mine is experiencing the following message every time he emails someone with a Comcast account:

Subject: Delivery Status Notification (Delay)

This is an automatically generated Delivery Status Notification.



Delivery to the following recipients has been delayed.

The message eventually times out.

I called his ISP, Megapath, and was transfered to Technical support. The tech ( Vern ) said "Ugh, please have the client forward the delay message to and ask them to figure out why Comcast is blocking us AGAIN."

This went on for some time. Eventually, we found that Comcast was blocking all mail from our location on port 25. We were advised to change it to 587 on the exchange server, and everything started flowing again.

Bacon Cheeseburger on donuts...

So someone had told me once about a bacon cheeseburger they'd seen at Fenway Park... The burger in question had Krispy Kreme donuts instead of a bun. I wasn't quite sure I believed it myself, so I did some research, and found the following...


Only in America could you find something so disgusting. Probably comes with a large immodium and a side of lipitor.

Found here:

Server available by IP, but not name

I got a ticket recently for a problem I’d never seen before. The user had worked fine on Friday, but now on Monday things weren’t working quite right.

There were several shares on “Server” that were mapped to his machine, but when he browsed to them, there were no shares. The one share that was available was only there because he had offline files set to synchronize to it, so he was only seeing the information that he had cached locally. There were several other users on these shares, so I knew the problem had to be with his machine.

I found that I was about to browse to these shares via IP address, but not computer name. I could however get to outlook web access by going to http://server/exchange, so clearly the DNS information was correct... Still though, I flushed dns, I ran an nbtstat –RR, I change IP addresses, I set the machine static, I removed the computer from the domain and re-joined I even tried putting an entry for the server into the host file. Nothing worked.

In the end, the problem turned out to be with the offline files. Fortunately the user didn’t need them, and wasn’t sure what they were for anyway, so we turned them off, and all the network shares suddenly appeared.

Emails not arriving

Twice this week I've had clients complain that emails from outside their exchange organization stopped coming into their inbox. I went through a lot of troubleshooting only to find that the answer was far simpler than any kind of DNS misconfiguration or silly Exchange issue... Outlook's Junk mail rules. Both of these clients were set up like this:

The issue here is of course, two things. First, it's set to simply delete anything that is suspected of being spam. The second is that it's set to identify anything that was NOT put on the safe sender list as spam. Emails from senders they'd never set as a safe sender would be simply deleted before they ever saw them. Neither of these clients were likely to have made this setting change themselves, so I don't know what may have done it other than a Microsoft Patch, but I haven't looked into it.