October 1, 2007 -
Finally, I have decided to take 5 minutes and focus on the gratuitous ARP broadcast issue I have with our Windows 2000 server (Fujitsu Siemens server).
The problem is described here :
http://www.wains.be/index.php/2007/03/24/unsolvable-gratuitous-arp-from-our-windows-2000-server-with-intel-pro-1000/
I have installed Wireshark on the Windows box, had to reboot (oh !) to get it working.
Thanks to Wireshark, I figured out the gratuitous ARP traffic was generated as some lower level than Windows.
Indeed, the whole network is seeing the gratuitous ARP broadcast except the Windows box. Conclusion : the broadcast is not generated by the OS but probably by the hardware itself.
I have checked the BIOS for any interesting setting but I don’t find anything relevant. The BIOS is really minimal actually.
I found another person having the same issue with the same network interface :
http://techrepublic.com.com/5208-6230-0.html?forumID=101&threadID=224471&messageID=2245929
I will avoid Fujitsu Siemens for servers in the future : cheap RAID controller (Promise), Maxtor drives, minimal BIOS, etc.
Next : figuring out why the Windows printer spooler randomly stops working (printing blank pages actually), restarting the service fixes the issue….. (edit : seems fixed by updating the drivers while the changelog didn’t mention the issue, damn HP)
March 24, 2007 -
With the accuracy of a swiss clock, our windows 2000 server at work sends gratuitous ARP requests every 30 seconds for some unknown reason.
It has always been doing that. I’ve tried to figure out the issue every now and then, when I had some time to kill.
The question is.. is it software or hardware related ?
The strange thing is the gratuitous arp requests are supposedly from an IP totally unknown in the network.
The NIC is an Intel Pro/1000 CT.
Here’s the result of a sniffing session :
November 17, 2006 -
I guess when you pick up an administrator password on a windows server machine, you’ve got to stick with it until the end of the world.
For security reasons, I changed the administrator password.
It is like 16 character long now.
After rebooting the machine :
- MS SQL was not starting
It had been set up in NT services to start from the administrator account (don’t ask, I didn’t set it up that way, a company did).
It didn’t notice the password change and could not start
- As a result, services relying on MS SQL could not start either : antivirus, time allowance system, WSUS ?
Ain’t that great ?
- Veritas Backup can’t connect to its own localhost server
It asks for the credentials but won’t let me input more than 12 characters in the password box !
More to come ?
I wish I could dump that Windows machine off the network !
September 23, 2006 -
Use the registry files below to disable or enable USB under Windows :
Disable USB : http://www.wains.be/pub/disable_USB.reg
Enable USB : http://www.wains.be/pub/enable_USB.reg
August 11, 2006 -
I had a computer for repair lately.
After several attempt to install Windows XP, it was always randomly hanging (1 out of 5 times, it would boot) while booting the system.
I had to disable Native Command Queuing (NCQ) to avoid the problem, the maxtor hard drive or the mainboard chipset wasn’t fully compatible with NCQ.
http://en.wikipedia.org/wiki/Native_command_queueing
Where to disable NCQ under Windows XP (under an admin account) :
-
http://www.truecrypt.org/
Free open-source disk encryption software for Windows XP/2000/2003 and Linux
Main Features:
* Creates a virtual encrypted disk within a file and mounts it as a real disk.
* Encrypts an entire hard disk partition or a device.
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
1) Hidden volume (steganography – more information may be found here).
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
* Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish.
Mode of operation: LRW (CBC supported as legacy).
June 24, 2006 -
For security reasons, I run my session as a limited user (Group “Users” under security settings).
What if I want to check today’s date ?
Double-click over the time in the lower right corner of the screen ? A window pops up saying I don’t have the rights needed to EDIT the system hour.. Hell, I just want to check today’s date buddy, not modify it !
If you are fortunate enough and leave your pointer over the hour for a few seconds, a tooltip window will appear (occurs about 1 out of 20 times for me)… and if your are really fortunate, this tooltip would appear above the traybar, not under (never happened for me) !
Check this out :
Gosh I love Windows XP… you need administrative privileges to check the date out.
June 23, 2006 -
We suppose you already have a properly configured and running CUPS system.
Grab the RPM or SRPM from http://www.physik.uni-wuerzburg.de/~vrbehr/cups-pdf/
rpm -ihv cups-pdf-something.rpm (unless you want to go through the whole rebuild process which I won’t describe here)
service cups restart
You should see the new PDF printer under http://yourserver:631
Now let’s share the PDF printer for your Windows clients :
Edit /etc/samba/smb.conf and add this section
[printers]
path = /some/path/to/spool
browsable = yes
guest ok = no
writable = no
valid users = +print_users
printable = yes
create mask = 0770
Path to the spool should be at least :
drwxrwxr-x 2 root print_users 4096 Jun 23 01:27 spool
Add the group and users allowed to print in this group :
- groupadd print_users
- gpasswd -a user print_users
Restart samba :
service smb restart
Windows clients should now see the new PDF printer when browsing the server in the network neighborhood.
Right click the PDF printer and select “Connect…”. The system may warn you of potential viruses (if XP), then tell you no drivers have been installed for that printers. Click yes to install the drivers.
To get a color-able PDF printer, pick up “HP DeskJet 1200/C PS” which is quite mainstream (drivers included in Windows 2000/XP by default). You won’t need to share the drivers on the samba server if you go with this one.
Edit /etc/cups/cups-pdf.conf to your needs. I’ve personally set the printer to put the PDF’s under my home directory, into a “PDF” directory.
June 16, 2006 -
- Run your session as a “user”, don’t ever run your session as “administrator” if you don’t need it
- Read your emails as plain text, HTML emails could contain bad code (and write as plain text as well, I cannot stress this more : emails were not designed for HTML !! Screw you with your incredimail and the like !!)
- Run a firewall and antivirus on your workstation
- Regularly try to download the test virus from eicar.org to see if your antivirus software is still running (viruses usually take over protections on your computer)
- Use Mozilla Firefox and Mozilla Thunderbird instead of Internet Explorer and Outlook Express
- Don’t forward emails with your 50+ recipients disclosed… dang, please use BCC (this rule also applies to a 10 recipient forward eh)
By just running your session as a user, you’ll stop 99 % of the viruses of spreading across your machine.
Working as power user doesn’t help, 90 % of viruses will still get through.
Playing games as well as some programs may require administrator privileges to run properly.
Who is to blame ?
- Microsoft for not stressing the principles of administrator vs user privileges for the sake of ease of use
- Poorly designed software requiring administrative privileges while it could run without
- Script kiddies (e.g. : boyfriend spying on her girlfriend with a keylogger, this is so lame)
February 28, 2006 -
My sound card stopped working for some unknown reason just in the middle of a session…
I tried repairing the drivers, then took the card out of the case and plugged it back in…
Windows XP found out a new device.. a network card…..
Then I came across this wizard…
Pressed ESC, it prompted me for a reboot…
Finally, the sound card is working again.. don’t ask me about that new NIC, I have no idea what it was…
Gotta love Windows XP
Next Page »
