Microsoft Web Deploy – Bad Application, or the Worst Application?

Down load Microsoft Web Deploy to your toilet today!

Background I’m migrating a bunch of corporate websites hosted on Win2k8 and IIS7 to a new server running exactly the same. I’m sticking with the same environment because there are some things I really don’t want to risk breaking — we just needed faster hardware and more spindles. I figured I’d use MS Web Deploy 3.5 to move all the IIS settings from one server to the other (a task that was gloriously simple in IIS6). Web Deploy adds the following option to the IIS Manager context menus for the server and individual sites: It looks great! Simple and straightforward. Export or import. Indeed it’s a simple interface. I wanted to export everything, so I chose to deploy from the … Continue reading

Making ejabberd 14.12 work with Microsoft Windows Active Directory LDAP

Wireshark tcpdump LDAP example

Why ejabberd? My office uses Google Talk for intra-employee instant messaging. This Monday all users got a broadcast message from Google saying that the Google Talk desktop client will cease working on February 15. (Though this may be an old automated notification from when Google was threatening to EOL Talk last February.) Update (2015-03-09): They finally did kill Talk for Windows as of February 23, 2015. Of course we can’t take the risk of Google actually shutting down our IMs, and I personally don’t like the new Hangouts Chrome app. Moreover, we want to limit employees to only messaging other people in our organization. We also don’t necessarily want Google being a party to all of our communication. That means … Continue reading

Sprint / Netgear 6100D 4G Antenna Installation (Video)

What’s all this, then?

Back in August I reviewed the Netgear 6100D from Sprint and followed up with a post detailing some advanced configuration options.

The Video

I also installed a flat panel 4G antenna from 4G Antenna Shop. I made a video detailing the unboxing and installation (which I just got around to editing together):

It’s my first video of this sort, so if you have any feedback please let me know in the YouTube comments or by email!

4G Antenna Shop

I didn’t get into it in the video, but overall I’d recommend 4G Antenna Shop. The cable and antenna I got were both of very high quality and definitely worth the price.

Their customer service was great; I had a couple of questions about my order, and one of their guys (Robert) got back to me within 15 minutes and was extremely helpful. They shipped really quickly, too.

I did have two minor issues, both of which I talk about in the video:

During checkout they give you the option of selecting your device so that they can provide the correct adapters to go from the cable (if you order it through them) to the device. At the time I’d ordered, they had an option for “Netgear Sprint Spark LTE”, which I thought was the Netgear 6100D. There was no separate option for the 6100D, but it turned out that they were referencing a different product, and so I received the wrong adapters. (They’ve since added the 6100D as an option.)

I chalked this up to being mostly my fault, as I didn’t know that there was another Netgear LTE device out there for Sprint Spark.

My other issue was with the packing job. Again, it’s a minor complaint because nothing was damaged, but the box arrived pretty beaten up with holes in the top from the antenna mount having poked through. There was no packing material to keep the box rigid, and the antenna and cable were just sorta rattling around inside.

Bear with Me…

Oh, and sorry if I rambled on a bit in the video. If you couldn’t tell from a lot of my other posts on here, I have an aversion to brevity. :)

I’m hoping to get some more how-to and instructional videos out there in 2015, so please subscribe to my YouTube channel!

(Hey, I’m allowed to shill for myself, right?)

Bash “Shellshock” Bug – Quick Vulnerability Test and Patch

Shellshock

This is not meant as a comprehensive guide to the Bash “shell shock” bug, but as a quick reference to test and patch for the vulnerability. First, test your version of Bash with this line: env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” If you get the world “vulnerable” in your output then you need to update Bash: vulnerable this is a test If your output contains errors followed by “this is a test”, then your Bash version is not vulnerable: bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test Check to see if your distribution has an updated/fixed version of Bash available in its repository. … Continue reading

SAN with Linux Cluster and CLVM: Is it Necessary?

remove_clustering_services

To answer the title of this post in one word: No. But as with all things computer related, that “no” needs to be followed by the caveat: “Well, it depends upon your needs.” From what I’ve seen, Linux clustering was designed primarily for high-availability services, with only a secondary effort to share disk resources across nodes. I have tried — and would never use in production — Linux clustering services for a VM host cluster. I know other people have done it and will continue to do it, but a properly configured (and managed) VM cluster does not need true clustering. (Again, “depending upon your needs”). Linux clustering requires fencing. (It didn’t always, but now it does). Fencing is a … Continue reading

Google Chrome Reports “Duplicate headers received from server”

Chrome Duplicate Headers Message

It seems that this error message has been around since version 16 of Chrome, and was first reported sometime in 2011. The error message basically says that it received two Content-Disposition headers, and that the response was blocked to prevent HTTP response splitting attacks. However, in most cases this error isn’t caused by malicious code, but rather because of an innocuous comma in the filename parameter of the Content-Disposition header. Here’s an example of an actual response header I received while downloading a resume from a popular career site: Content-Disposition: attachment; filename=Beresky_Resume,6pg.docx That was the only Content-Disposition header in the entire response, which raises the question: Why is this a duplicate header? Because according to the HTTP 1.1 specification, section … Continue reading

Getting Started with Free CDN from KisoLabs

KisoLabs Homepage

When I was a teenager I had a basement full of computers. (Which is to say that my parents had a basement full of computers.) It was just a hobby at first, but computers eventually turned into an obsession and a profession for me. I liked every aspect of computers, from building hardware to networking to programming. Stay tuned for the bottom of this article where I’ve posted a referral code good for a $50 KisoLabs account credit. In those days (the mid- to late- 90s) DSL was the only way to get affordable static IPs, and I suffered with 192K SDSL (and later, 384K). Content was a lot lighter back then, but I was still suffering the same problems … Continue reading

I propose a new approach to email reputation that allows the (legitimate) little guys to compete

spam_score_ss

I have a problem… I administrate roughly fifteen domains that send email on a regular basis.   Outbound email is handled by two corporate (and one personal) email servers running Zimbra and Exchange, as well as a couple of mail exchangers that handle automated email from web servers. I also don’t send spam.   All automated emails include a clear unsubscribe link, which is a single-click mechanism resulting in an immediate blacklisting of the user’s email address.  Automated emails also include the name and mailing address of the company from which they were sent, as per US federal law.  Corporate and personal emails are used responsibly;  In other words they are not used for blind solicitation nor for any other purposes … Continue reading

Finding Out the IP Address of a New Piece of Tech from eBay

brocade_traffic_screencap

I’ve been through this many times over, and thought I would share:   I just bought a pair of HP Storageworks 4/8 SAN (AKA: Brocade Silkworm 200E) switches off of eBay.  They were listed as “powered up / as-is” by the seller, but the price was too good not to take a risk on them working properly. Of course, they came with no documentation, and not even a label to identify the IP address they held in their original home.  (I have had luck with other items where the IP and even login/password were labelled onto the front of the case). Most times, the following will work flawlessly: Connect your new piece of tech’s management interface (in this case, we’ll use … Continue reading

Delivering Pre-Compressed (gzip) Javascript with PHP only

There are plenty of results in Google for delivering compressed Javascript files using PHP.  However, most of those techniques involve compressing the JS file(s) on the fly. I was looking for a method that would meet the following criteria: The JS file should be pre-compressed using gzip. The gzip version of the JS file should only be delivered if the client’s browser supports gzip. The code below has some pitfalls: It will not work with a CDN or any external content server that does not support PHP. It is more difficult to maintain than compressing on the fly at the web server level (as you must maintain the compressed version of the JS file. I’ll use my quick and dirty … Continue reading