Microsoft Security Bulletin MS08-067

In an attempt to keep this post short and sweet I will cover a few of the basics regarding this bulletin. Microsoft discovered a remote code execution flaw in the Server service on versions of Windows 2000 and up. Originally, this flaw was exploitable only if your system had ports 139 and 445 exposed to the net. Fast forward to today, and there are virus’ embedded in numerous files including keygens, cracks, and various forms of email attachments. In short, the patch is necessary on all systems in your organization even if the above mentioned ports are closed. Microsoft’s announcement is here.

Please be aware that out of 15 servers that I initially patched, 2 became unavailable after rebooting to apply the patch. The systems that had this problem had no obvious similarities that I could detect. After the reboot communications to and from the server being blocked/prevented. Pinging another host on the same LAN from the server was not even possible. Removing the patch and rebooting resolved the issue on both servers. After that, I reinstalled the patch, rebooted and everything is working properly.

–Himuraken

Dell Inspiron Mini 9 Quick Review: Windows XP

I promised a review of the Mini’s once I received them and I just haven’t had time to get it done. So here is a quick review of the Mini that shipped with Windows XP preloaded. My Mini / Linux preload review will be posted once Dell decides to fullfil their orders.

The unit was shipped in a box that is roughly the same dimensions as an adult sized shoe box although it is about half the height. The box weighs in right around 4 lbs and includes the netbook, AC adapter, limited paper documentation, and the restore CD’s.

Specifications:
Manufacturer: Dell
Model: Inspiron Mini 9
Color: Obsidian Black Gloss Finish
CPU: Intel Atom N270 @ 1.6GHz
RAM: 1GB DDR2 @ 533Mhz
Screen: 8.9″ Wide Screen WSVGA TL
Video: Intel Graphics Media Accelerator (GMA) 950
Audio: Realtek HD onboard
Hard Drive: 16GB Solid State Drive (mini-card Module/PATA)
OS: Windows XP Home Edition
WiFi: Broadcom 802.11g Mini Card
LAN: Realtek 10/100 Mbps
Cam: Integrated 1.3M Pixel Webcam
Ports: 3 USB, VGA out, single slot multi-card reader, mic, & headphone
Battery: 32WHr 4-cell
Weight: 2 lbs 5 ounces

The unit shipped with a fair amount of bloatware from Dell including MS Works. I removed all of the excess crap that the unit shipped with. The only add-ons have been Firefox, Office 2007 Enterprise, and ClamWin AV. The unit is just about as silent as it gets courtesy of the internal solid state disk.

Time Tests
All tests were performed with the unit running off of battery power.

Cold boot from power button to fully loaded Windows XP desktop including WiFi link:
Result: 41 seconds

Resume from hibernation:
Result: 19 seconds

Full shutdown time from power down to LED turning off:
Result: 34 seconds

Time to open Microsoft Word 2007:
Result: 1 second*

* Please note that I ran this test multiple times using an accurate stop watch and the results were between 1.0 seconds and 1.2 seconds.

I wanted to provide these numbers for those out there that are considering purchasing the unit and are looking for some real world numbers and scenarios.

I will create a second review once the Linux based system arrives and compare the results afterwards.

–Himuraken

Resize NTFS partitions using the GParted live CD

Working late tonight… I have a client that has a Dell PowerEdge 2800 server that is running out of disk space on the OS partition. The physical disk setup is a RAID 5 logical drive on 3 physical drives which is handled by the PERC 4 RAID controller. Dell shipped the unit with a 12GB / 120GB split with Windows 2003 Server loaded on the smaller C partition. Nowadays 12GB is certainly not enough room for the fully service packed 2003 operating system plus the usual array of management, AV, and backup utilities. Up to this point, everything that could be moved to the larger storage partition has been, including: Windows Server Update Services, Symantec Corporate Edition, and the systems page file. That was a time buying workaround, but the free space is ever decreasing with each wave of Microsoft updates. Now for the fun part.

I backed up the C and D partitions using the Acronis True Image Enterprise boot disk by creating a complete system image and storing it on an external USB drive. After that, I mounted the drive and its partitions on a Windows system and verified that the images contained the appropriate data in an uncorrupted state. I downloaded and burned a copy of Gparted live CD. You can download a copy for yourself here. After booting the server using the live CD, I was pleasantly surprised to see that it loaded the necessary drivers to see my logical drive from the PERC 4 card. Using the GUI provided by the live CD, I shrank the overly large storage partition down by about 15GB’s. Once that completed I went ahead and increased the size of the smaller operating system partition. It really is quite simple, you just choose the partition or drive that you want to resize and move the sliders left and right to shrink or grow the size. After applying my changes, I rebooted the server and watched the server boot into Windows 2003 Server. I ran a chkdsk just to verify that everything is in order as far as Windows is concerned. Result: Simple and flawless NTFS resizing done without the need to purchase any proprietary disk management software.

I highly recommend this live CD for anyone that needs to modify drives or partitions on a regular basis. You simply cannot beat the price and compatibility, the tool works on all modern file systems/drives.

–Himuraken

Dell Inspiron Mini 9 on the way! Part2

Update for anyone interested…

I ordered a Mini9 with XP for my wife, and a Mini9 Ubuntu for myself. Both were ordered around 8:00pm on the first day they were available for purchase. With the exception of OS both units are identical, 16GB SSD, 1.3 webcam, and 1GB of RAM. Within an hour I had my estimated shipping dates: Sep 19 for the XP and Oct 10th for the Ubuntu. The XP system shipped an entire day early on the 18th. As of October 11th my ship date had been changed from October 10th to November 7th. After calling Dell and politely working my way up the ranks of support and managers, I was told that the webcam / Ubuntu combo is causing the hold up. Apparently, and this is from the words of a Dell Support Manager, they haven’t gotten the webcam working yet. This was after being told that the OS wasn’t readily available….right… So they went on to explain that once they figure out how to get the webcam working in Linux, they will ship it. Props go to Dell for offering products that they claim work, exist, etc,…Taking my money…Not shipping a product… And not even sending an email to explain the hold up.

On top of everything else, I tried to get Dell to throw me something for my troubles. A T-shirt, Bluetooth upgrade, or even a stinking USB drive for being a patient customer / reseller. Yeah, they offered to cancel my order if I wanted… Nice.

Searching the web will yield various results as to the actual hold-up. The only piece of seemingly factual information that I was able to find suggested that the hold-up was due to a shortage of chassis plastic or some such.

Considering the numerous issues with shipping, partitioning, and manufacturing; things look pretty sloppy for Dell as far as I am concerned.

As of right now I have not canceled my order…yet.

–Himuraken

Dell Inspiron Mini 9 on the way!

Yesterday Dell released the Inspiron Mini 9 which falls into the sub-notebook / mini-notebook category. It appears to be Dell’s first approach to make something similar to the EeePC. The unit has the option of being shipped with a stripped down version of Ubuntu 8.04 LTS or a stripped copy of Windows XP. The base price is currently at $350.00 for the 512MB / 4GB SSD model running Linux. Since I am always on the road and my signifigant other is a college student, we decided to purchase two of them on opening day. I ordered both units with 1GB of RAM, 16GB SSD (Solid State Hard Disk), and built in webcams. One of the systems was ordered with Windows XP while the other is coming with Ubuntu. I will give additional details and a review once the systems have been received.

A few quick things that I learned while ordering:

Apparently they will only sell the Windows unit with the upgraded 8GB hard because Windows XP and the bundled Microsoft Works & McAfee AV use up much of the drive. I have heard reports that even the 8GB drive is heavily consumed by the OS and additional software. This is one of the reasons I chose the 16GB drive in each machine.

The Windows based system with the 8GB drive apparently comes standard with the 0.3 megapixel camera. The same is not true with the Linux system.

For some unknown reason the Windows machine costs less to upgrade from the 8GB SSD to the 16GB than the same upgrade on the Linux box.

Perhaps they are feeling sorry for the people that order the system that comes with the preload bloat. XD

–himuraken

Leopard Server directory and file ACL removal

I found this terminal command for quick removal of ACLs from files and directories in mass. Found a need for this when restoring a system from a time machine backup that corrupted permissions on some files. (leopard 10.5.2) The restore added ACL’s to files that should never have them.The following works because one chmod will be executed for each directory, like we want:

find . -type d -exec chmod -a# 0 {} \;

Just replace the ‘type d’ above with ‘type f’ to remove the ACL for regular files.

–DocB

Info provided from unbounded.org

Proxim Wireless Training – Day One

After a 5 hour flight from RSW with a short stop in Miami, Kyle and I arrived at Dulles International Airport around 11:00pm last night. I realized I made a major planning mistake when our cab driver quoted us $80.00 to get to our hotel. Supposedly there were two airports between us and the Marriot in Greenbelt. We finally settled in to our room a little past midnight. The hotel is nice, though our room smells a bit like mothballs when you first enter. Kyle slept well, I didn’t. It could have something to do with the freight train that was laying in the bed beside me. Ear plugs are now on the Walgreens shopping list.

Well, after a satisfying 4.5 hours of sleep we made it down to the first day of training. Today was targeted towards sales guys. Most of it was an overview of their product line with an emphasis on wireless back haul, but there was some useful information. Tomorrow should be pretty intense, though I think I know more than two other guys in the class. After class we rested up and headed down to DC. 40 minutes on the metro and a lost credit card later we had arrived at our location… a nondescript bar on L street. The vodka-redbull did wonders for the body. Three Makers on the rocks, two pints of Stella and three games of “Big Buck Hunter” later we headed back to the hotel. We opted for a 1.2356 mile walk from the Metro station over a $5 cab ride. The walk helped clear the head.

So, the first day was good, slightly uneventful, but good. Oh, and I found my Credit Card once we got back to the hotel room. Too late though I had already canceled it.

–BuddyM