Indemnity83

In the past year or so I’ve made a few time-lapse videos and I thought I would share the very basic method in which I’ve created all of them using something as simple as Windows Movie Maker. I did use Photoshop as well in this tutorial to get the images to the right size and shape, but its not a requirement to making the video.

A word of warning, this tutorial goes VERY fast. Its designed to be more of an overview than a step by step guide. If you have any questions though feel free to ask in the comments below and I’ll see if I can add to this guide some with more video’s or explanation.

The other day my boss asked me if it was possible to batch convert a whole bunch of images. He had a folder of TIFF images that needed to be converted to JPEG images at 100 DPI. Since I was already at home I quickly threw together this little video to outline how the process is done using Photoshop.

Look for more of these sub 5-min video tutorials in the future, as I think its a great way to express a task without boring the learner with paragraphs of text.

The first in what will hopefully be a series of articles disusing software choices, configurations and setup instructions to create a basic small business server in Linux. The plan, in the end is to have a server that can perform all the basic functionality that any small business might need. Things like email, file shares, disaster recovery, printer sharing and even a proxy server with logging. The most challenging part of the build will be making it transparent to the end-user that this isn’t a Windows domain.

I choose to use Debian as my server OS for a couple reasons but mostly because its widely used and actively updated as well as being lean and mean, the perfect platform to build from. The easiest way to install Debian (4.0 as of this writing) is the network install CD. You can download the CD ISO for your architecture here. I’ll be setting up my server with the help of virtualization, since I don’t have the spare hardware, and I can take snapshots of the machine before experimenting with a piece of software, or configuration.

So the first step is to configure a server. I recommend a server with at least 5GB of disk space and 256MB of RAM. Likely, if you are going to put this into production, you’ll want more RAM, but for our development and testing purposes this should be more than enough. Also, don’t forget to segregate it on your network. Some services (DHCP in particular) can only be on one machine in any network, and if you set it up in two places you’ll create a very large mess.

Your going to need to make a few choices, so lets go over them now. First off, the server is going to need a name and in my line of work I’ve seem some interesting ones. Some people like to be funny and creative giving their servers names like “Yoda”. Personally and from experience strategic names are much more useful and a generic server like this will be named sv01 (for server 01). You’ll also need to pick a domain name now. I highly recommend you use a ‘.local’ domain name. Keep it simple, it will be a saving grace in the long run. In my case, I’m going to use indemnity83.local. You’ll also want to pick a username convention now (since you will create your first user during the install). I’m a fan of the first initial last name convention, so my first user will be kklaus. Lastly, an IP Scheme for your network which is outside of the scope of this. If you don’t know what to use, just follow my example. I’m going to use a 10.0.0.0/24 scheme where 10.0.0.1 is my gateway, and I’ll put other network equipment at 1-9, servers from 10-19, printers from 20-29 and 30-99 will be for DHCP.

Now on to the installation of Debian. I’m going to be brief about the installation. There isn’t anything complicated here. Use the information you decided on above to fill out any questions.

• Configure the network (possibly, this will be configured automatically). Setting the ip address to 10.0.0.10, netmask to 255.255.255.0, the gateway to 10.0.0.1 and the name server to 208.67.222.222 (openDNS.org for now)
• Enter the hostname and domain name you choose previously when they are asked for
• Partition the hard using the “Guided – use entire disk” option, and “All files in one partition”
• Choose the correct timezone for your location
• Setup the root password, and the first user (use yourself as the first user and your user name convention from before).
• After the base system is installed, choose a mirror (which one doesn’t matter much) and if you want to participate in package-survey, but don’t select anything at the software selection screen.
• Finally, install the Grub boot loader

Once you are done with the installation, the rest is just some basic changes to get the system ready for whatever you want to throw at it next. Log in as root and setup apt by editing the /etc/apt/sources.list file and removing any line that references the CD. Once you’ve done that you can run apt-get update to update apt’s package list and apt-get upgrade just to make sure everything you’ve got is up to date.

apt-get update
apt-get upgrade

Next, there are some things about vim-tiny that bug me, and sudo is likely missing so I would install those two applications:

apt-get install vim-full sudo

You’ll need to add yourself to the /etc/sudoers file, simply copy the line for root, substituting your username for root and save the file. If you are using VMWare, you may also want to install the VMWare tools on this system now. There is a supurb guide here you can use to get them installed.

And thats it, you now have a basic Debian server installation ready to be built into a rock solid and free small business server.

This post is pretty old, and I’ve very un-loyaly switched to an iPhone since I wrote this so I have no clue if it still applies. So just a heads up, take it with a grain of salt.

I have loyally touted around my Blackberry Curve (8310) now for almost exactly a year now (358 days to be exact). But recently, because of some problems I was having, and an upcoming need for my current contact list to be on my computer I decided I would install the Desktop Manager software and get my Blackberry contacts synced up with my Vista contacts. Support for syncing with Vista contacts was added to the Desktop Manager software in version 4.3, and the current version at the time of this writing is 4.7, so this isn’t a new feature.

Before anybody hops on the comments below and starts giving me a lecture on why I should just use Outlook instead let me explain. I know Outlook is better than the provided applications in Vista but frankly, the contacts and mail program in Vista suits me just fine for at home. To be frank, I don’t need or want the bulk of Outlook, for work I use Evolution.

Setting up the sync job was easy enough, but when I tried to do the sync I got an error: “Connector Specific Error”. Ugh. Why can’t it ever just work?

Some digging online and in the sync log wasn’t much help. The only real information in the local log is:

Internal Error #4238.
Translation Canceled!

Which is also a dead end Google search. So, being me I started troubleshooting the problem. Long story short, it seems to be a problem with contact photos. It looks like there is a bug in the way that Intellisync enumerates the Vista contacts database. It looks to me like the contact photo doesn’t get flushed when Intellisync moves to the next record. You can check by creating two Vista contacts, the first (alphabetically) with a linked picture, and the second without and push those to your Blackberry, the second contact will end up with the photo from the first contact (assuming the sync doesn’t fail). I’m not sure what about this bug causes Internal Error #4238 (it doesn’t fail on the first Vista contact without an image, but it does always fail on one without an image).

The solution? I don’t really have one. But I do have a couple workarounds, both exploiting the fact that this bug doesn’t occur if every contact has a linked image. First things first though, some prep work. Go to your Vista contacts, and backup all the contacts into a safe place, we are going to be doing some file manipulation here and you wouldn’t want to be without a backup. Next, if you want to get contacts from your blackberry, move all your Vista contacts somewhere outside of the contacts folder (the desktop works good for this) and sync the Blackberry. This will create new Vista contacts for all of your Blackberry contacts. Now you can move the contacts from your desktop back into the contacts folder and do some cleanup to get a single full listing in one place.

The only problem is that Intellisync makes a mess with any photos you had on your Blackberry for contacts. If you open up your Pictures folder you’ll see a bunch of numerically named folders, each with a single contact picture in it. Personally, this doesn’t work for me so I moved all the images into a single folder. If you do this though, dont forget to re-link the Vista contact with the image. I also added new images to a large number of my contacts while I was here.

Workaround #1: Use Outlook

Intellisync’s Outlook enumerator doesn’t seem to have this bug.

Workaround #2: Don’t sync images

If you go into the advanced settings of the address book sync, you can adjust the field mappings and simply turn off the mapping for contact image.

Workaround #2: Give every contact an image

This workaround is more suited for people who have images on nearly all their contacts already. The easy solution is to use a generic image (like this one) for any contact that you don’t have a picture for. This will satisfy the intellisync program without any serious trickery.

Workaround #3: Do a two part sync

This work around isn’t for the feint of heart, but was what I ended up doing because I made sweeping changes to my contact list after I got it in Vista. First, I copied all my contacts to the desktop. Next, I deleted every contact in the contacts folder that DID NOT have an image and setup a one-way sync to my blackberry. I even told Intellisync to replace the list on my device. Once those contacts were on the phone I reset the sync settings, moved the contacts from my desktop back into the contacts folder and removed the field mapping for contact images in Intellisync and performed another sync to get the remaining contacts on the phone.

This worked for me, but it does have the downside that if I add images to contacts I have to repeat the whole process just for a single image. I tried to find contact information for Intellisync so I could report the bug to them, but the Intellisync domain seems to point to the Nokia servers and there isn’t anything on Nokia’s website of use. I didn’t search much harder after that since I’m planning to be using something diffrent in a few days anyway to make calls

I have often received a call, or gone out to a site where there is a print job stuck in the print que on the server that is holing up everything. You can try to cancel the job at the printer, or at the server. You’ve tried to restart the server and restart the printer but the print job just sits there staring at you the whole time. While not as bad as upsetting as the famed “PC LOAD LETTER” error it can still make you want to chuck your printer and/or computer off the roof.

So how do you purge the vexing print que? It’s actually easier than you might think. It only takes three lines typed in to your command prompt (you can do it through the Windows GUI too, but its easier this way).

First though, before we can execute anything you need the command prompt. And while this tutorial works for Windows XP, Windows Vista and Windows 7, but there are two different ways of getting to the command prompt with the privileges we need.

Windows XP

1. Log into the computer with a user that has administrative privileges (most accounts do, so if you’re not sure just use the account you normally log in with).
2. Click on Start -> Run
3. Type “cmd” in the run box and click OK

Windows Vista & 7

1. Click on the start orb and type “command” in the search box
2. Once you see command prompt in the list of results, right-click on it and select “Run as Administrator“
3. You will likely be prompted for an administrator confirmation, or a password. Type your password or click Continue.

Clear the Print Que

Now that you’re at the command prompt, simply type these three commands to clear everything out of the que.

NET STOP spooler
DEL %SYSTEMROOT%\System32\spool\PRINTERS\* /Q
NET START spooler

Tada! Your printer can go back to printing now.

What does it do?

I’m glad you asked, its always good to know whats going on before you blindly type things in. Here’s whats going on. There is a service (a program that runs the background all the time) called the print spooler (or just spooler). Its job is to take print jobs from programs and send them to the printer. When you print something from a program like Word the spooler service creates two temporary files in %System32%\spool\PRINTERS and if everything is running well, it then sends this file over whatever connection the computer as to the printer (USB, Parallel or TCP/IP).

Sometimes though (more often than it should) the spooler service gets stuck on one of these temporary files. and it gums up the process. unfortunately though if you try to just delete the files Windows wont let you because they are in use by the spooler service. So the above commands tell Windows to close the spooler service (which releases the files), then we delete all the files that are in the print que, and finally we start the spooler service back up so we can continue printing.

Updated March, 2011 for Window 7

WARNING: This article is very old, and very out of date … there have been substantial improvements to wireless security since I wrote this and frankly, I don’t recommend this solution as ‘secure’ anymore. You should probably move along, or at least take these paragraphs with a heap of salt.

When you are being chased by a lion, you do not have to out run the lion, you need only to out run the antelope in front of you.

I’m sure you’ve heard a joke similar to this at some point in your life, and I think its a good synonym to security (in all facets, not just computers). Your goal, when trying to secure something, is to make so the would-be thief, or hacker decide you are not the easiest target, and move on to an easier one.

This guide, is in my opinion a marriage between simplicity of use, and high level security. There are more secure ways to do this, but they come at a cost of being difficult to manage. As well, while the step-by-step instructions are written for the Linksys WCG200 cable gateway, the concepts are applicable to any consumer level, or small business wireless access point.

Alright… you read? Lets go…

My approach to securing a wireless access point involves 3 separate security measures, all working together to keep your bits and bytes off somebody else’s hard drive. Think of it like the questions from The Holy Grail. Any hacker must overcome all 3 measures, independently, in order to gain access.

Here is how you can picture these security measures working together to keep your information, and connection safe. Imagine you are a person, wanting to get into a club. The club is the internet. The very first thing you have to do is find the front door. Its hidden. You have to know where it is, and what combination of bricks to push in order to open it (this is the hidden SSID security). Once you get inside the front door, the bouncer asks for your name, and checks if its on the list before he’ll let you talk to the guy behind him (This is the MAC filtering). Once you get past Bruno, the bouncer you have to talk to the guy behind him to ask for anything from the club, but he doesn’t speak any language you know. You have to use your special translator device to translate anything you say into something he can understand. If you dont have the right translator, you wont be able to talk to him, also, anybody overhearing your conversation wont be able to understand it either unless they have the same translator (this is WEP encription).

The security of your network will be based on Something you Know (the SSID), Being Known (MAC filter), and Something you have (WEP Key)

So lets start with the easiest, and usually most overlooked security measure of all. Change the locks. When I see a wireless network named Linksys, Netgear, D-Link or some other brand name it usually means that the person who setup the network didn’t do anything except plug in the box. So the very first thing you should do is log into your device, change the username (if you can), password, and network name. Specifically on the WCG200:

NOTE: I recommend you grab a network wire, and actually plug your laptop/computer into the router, otherwise when we get to the steps that involve configuring the wireless stuff, you wont be constantly having to change your wireless settings on your laptop.

1. So first, get an Ethernet wire and plug in your laptop/computer directly to one of the lan ports on the device. Which one in particular you use doesn’t matter. You should have been provided in the box with the gateway, an Ethernet wire that you can use for this.
2. Now, we need to get logged into the device. So open up your favorite web browser (Internet Explorer, Firefox etc). And assuming you haven’t already changed any of the settings enter the Gateway’s default IP address of 192.168.0.1 in the address bar and press enter.
3. A password request page will appear. Leave the User Name blank, and enter admin (the default password) in the Password field and click the OK button.
4. There should be 7 main tabs across the top of the page once you get logged in. First things first, lets change that password.
5. Click on the Administration tab, and you’ll see another list of sub-tabs appear under the main tabs once the page loads. We want to be on the Security tab (which should be what you go to by default).
6. Find the Gateway Password box, and change the password to something besides admin. This password is your last line of defense against a hacker, so make it good but don’t forget it.
   • While its generally not recommended to write passwords down, this one may not get used often, and you will probably forget it. So choose a good strong password that is unique for just this device (read this guide here for help in creating strong passwords). And write it down either in the manual for the device, or actually write it on a sticker and place it on the under side of your device. If somebody has physical access to your router, its not really going to matter how strong your password is anyway.
   • Enter the password in both the Gateway Password box, and the Re-enter to confirm box and click save. You will be logged out of the device when it does a soft restart. It should ask you to log in again, this time enter the new password you created (still leaving the username blank).

Next, we are going to effectively hide the wireless network from prying eyes. This is your first line of defense, and admittedly a fairly week one. It does more to keep the honest people honest than anything else so I’m going to say that the actual hiding part is optional, but changing the name of the network is not.

1. Once you’re logged back into the device. Click on the Wireless Tab. You should be taken to the Basic Wireless Settings sub-tab by default.
2. Now is the somewhat fun part. You get to name your network. The particular name you choose doesn’t really matter as long as its easy to remember as being yours, and isn’t the name brand of the device. Pick something fun, but keep it to one word. Even your own name works. Put the name you chose in the Wireless Network Name (SSID) box and click Save Settings. The device will do that whole restart thing again, and you may be asked to log in again.
3. Now, the optional part. Actually hiding the network from the world. Head over to the wireless tab again, and go to the Wireless Security sub-tab, and click the disable radio button (Don’t save just yet, we aren’t done here).

The reason I say this step is optional is because it provides almost no security. What it does is hide the network, so when the guy in the apartment next to yours searches for wireless networks to hack into on Friday night when he is bored, yours doesn’t show up in his list of networks. Which is nice, but it also means the network doesn’t show up when YOU do a search, which can be a little cumbersome sometimes. If you have only one computer to setup it may not be a big deal though, as long as you know the name of the network you can connect to it.

Continuing on though, our next step is to setup WEP encryption on the device. WEP (wired equivalent privacy) is not as secure as WPA (wireless protected access), but its easier to manage and should be sufficient for home users.
What WEP does is creates a secured link between your computer and the wireless device. Similar to the kind of encryption you have when you log into your bank’s web site. It makes it so that people watching the data you send back and fourth between you and the wireless device get nothing useful out of it.

1. We should still be on the Wireless Security sub-tab, if not head back that way and select “WEP” from the pull down box, and you’ll suddenly get a bunch more option boxes to fill out.
2. Starting from the top: Set the Wireless Encryption Level to 128-bit Encryption.
3. YOu can leave the “Default Key” at 1.
4. The next box (Passphrase for Keys) is part of a tool to help you generate the WEP keys. Type some gibberish into this box (no more then 32 chars though), you can type something meaningful and it will help you later in connecting to the device, but it only works if everything you have is a Linksys device, so I don’t recommend using it in this way.
5. What you’ll have in the next 4 boxes are 128-bit, hexadecimal numbers. Since we said the Default Key would be #1 in the above box, that’s really the only one we care about. Get out a piece of paper and a pencil… and write down the number in your manual.
6. Click “Save Settings”, the device will restart and you may have to log in again.

So at this point your access point is fairly secure, starting with your first line of defense, its hidden from would-be hackers, the name of the network isn’t something that somebody could quickly guess, and the connection between your computer and the access point requires an encryption key. But we are going to take it one step further, and specifically tell the router who is allowed to connect to it. Think of it like a VIP list at a club. If your name isn’t on the list, you aren’t getting past the security guard. To do this we are going to do what’s called MAC filtering. And as funny as it sounds, it has nothing to do with keeping Macintosh/Apple computers off your network. MAC stands for Machine Address Code and EVERY network device has a unique one. Its like a Social Security, or VIN number for network devices. There are no two with the same one.

1. The first thing you need to do is figure out what your computers MAC address is, and I’m going to assume you are using Windows XP for these steps, which may differ slightly on 2000, and probably wont help at all for Windows 98 or older (do all this from the computer with the wireless radio enabled and on, you don’t have to connect to any network yet, it just has to be on).
   • Click on the Start menu, towards the bottom will be “Run”. When you click on that, it will pop up a little box in the bottom left of your screen. Type “cmd” in the box (without the quotes) and click the OK button. This will pop up a Command Prompt (black screen, looks like DOS)
   • At the command prompt, type the following command and hit enter.
     • ipconfig /all
   • What you should see is a whole bunch of stuff that probably doesn’t make sense to you. But that’s ok, because we are only looking fro one thing, and its fairly clearly labeled.
   • If your doing this on a laptop, chances are there are two network devices in the laptop. A wireless radio, and a wired ethernet adapter. And you’ll get information for both these devices after you enter this command.
   • Its hard for me to say exactly what to look for, because it could be different for you, but here is an example of what you might see:
   • I’ve highlighted in RED the things to look for, you are looking for the properties under the Wireless Connection, and specifically for the Physical Address. Write down this Physical Address (the number, in my case I would write down “00-13-78-B5-20″.

Windows IP Configuration

        Host Name . . . . . . . . . . . . : ws109
        Primary Dns Suffix  . . . . . . . : electdesign.net
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : electdesign.net

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : electdesign.net
        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
        Physical Address. . . . . . . . . : 00-13-72-B5-A2-20
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.3.43
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.3.1
        DHCP Server . . . . . . . . . . . : 192.168.3.5
        DNS Servers . . . . . . . . . . . : 192.168.3.5
        Primary WINS Server . . . . . . . : 192.168.3.5
        Lease Obtained. . . . . . . . . . : Tuesday, September 19, 2006 7:52:30 AM
        Lease Expires . . . . . . . . . . : Wednesday, September 27, 2006 7:52:30 AM

Ethernet adapter Wireless Connection:
        Connection-specific DNS Suffix  . : electdesign.net
        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
        Physical Address. . . . . . . . . : 00-13-78-B5-B2-20
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.3.43
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.3.1
        DHCP Server . . . . . . . . . . . : 192.168.3.5
        DNS Servers . . . . . . . . . . . : 192.168.3.5
        Primary WINS Server . . . . . . . : 192.168.3.5
        Lease Obtained. . . . . . . . . . : Tuesday, September 19, 2006 7:52:30 AM
        Lease Expires . . . . . . . . . . : Wednesday, September 27, 2006 7:52:30 AM

2. Now, you can close the command prompt and head back over to your browser with the web page for the wireless device and go to the Wireless Main tab, and the Wireless Network Access sub-tab.
3. Click the Enable radio button to enable the MAC filtering.
4. Type the MAC address you wrote down into the first available spot (all zeros means its available, MAC1 should probably be the first available).
5. Save your settings and the device will restart and may ask you to log in again.

We are now done setting up the wireless access point. Now, we just need to get your laptop or computer connected to the wireless network. I’m going to assume you are using the Windows Zero Point Configuration tool for your wireless network card, because everybody should have that (This is ONLY available for Windows XP with Service Pack 2). But this usually isn’t the default. If your wireless card is trying to use its own software to configure your wireless access you are going to have to find the check box or button that will transfer control to the Windows Zero Point Configuration tool instead. Post a comment if you need help doing this and I’ll do my best to help you out.

1. So, with the wireless radio turned on, you should have a little icon in the bottom right of your computer (near the clock) that looks like this: . It may have a red X in it, that’s ok. Double click on it to open the Windows Configure tool.
2. If you didn’t hide your network, you should be able to just click on the “Refresh Network list” link in the left toolbar, and you’ll see your network (and probably others if you live near people) show up in the list of wireless networks.
   • If this is the case, all you have to do is double click on your network to connect to it.
   • You’ll be asked to type in the WEP key, and then again to confirm it. Its really annoying because you can’t see what your typing, so just have some patience with it. You only have to do this once. Your computer will remember the key in the future.
   • At this point, you should be done setting up your wireless security, so skip down past the rest of these numbered steps.
3. If you did hide your network, you will need to use the wizard to connect to it, so click on the link labeled “Set up a wireless network for a home or small office” on the left toolbar and it will bring up the wizard.
4. Skip past the first page that just tells you about the wizard, on the second page type in the name of the network that you setup earlier. And select the radio for “Manually assign a network key”. Leave the check box at the bottom of the page blank un-checked.
5. On the next page, you’ll have to type in the WEP key we created twice, I would recommend un-checking the box to hide the characters as you type, as it will make it easier to find any mistakes you make when typing in the number. Once you have that key typed in, click Next.
6. For the purposes of this guide, select the “Set up a network manually” on the next page of the wizard, but if you have more than one computer to do you may want to follow the wizard through the “Usa a USB flash drive” portion to quickly setup the other computer, but that’s beyond the scope of this guide. I may add it later once I test it out for myself. Click Next
7. Your all done, the last page gives you the option of printing out all the info about your connection settings. It should be the same info you wrote down throughout this guide, but if you want it in a nice format, go ahead and print it. Just don’t loose this paper. It is the key to 3 of the 4 levels of your security (everything except the MAC filtering).

So that’s it. You now have a secured wireless network setup. I really hope that this guide has been helpful to you, if you find any mistakes or have any questions I would ask that you please leave comments below. I do read them, and I will make updates as necessary.