#WannaCry for Dummies: What Every Computer User Needs to Do

After hearing the news about #WannaCry worm with ransomware functionality, I was surprised how many friends of mine who use Windows needed help to make sure their home systems are healthy and protected. So this article is an attempt to explain in plain English what needs to be done to avoid, perhaps, 99% of all malware that normal computer users may come across. The advice would be quite different to companies, and if there is demand, I’ll write that as well. So here we go.

You would not #WannaCry because of this and 99% of other attacks if: Continue reading

PuTTY for Windows and ssh:// handler: Part Two

One of the most popular posts on my website is about adding the capability to handle ssh:// protocol to PuTTY. 8 years passed since then, PuTTY has progressed. It was time to update the newest PuTTY with my changes from 8 years ago. Imagine my surprise though when I found an excellent mod for PuTTY called PuTTYTray, which already incorporated my changes in September, 2015, amongst many other fantastic features!

One thing PuTTYTray doesn’t do is register it for various protocols like “ssh://” and “putty://.” I assume the method provided in my original post still works, but I haven’t checked it yet. Anyway, it would be so much nicer if PuTTYTray did all the necessary registry manipulations automatically as configured. Watch this space.

Fixing OpenDMARC deployment on Ubuntu 16.04.1 LTS

Recently I followed a fantastic article from Skeleton on how to set up DMARC. It all works mostly, and I’m grateful to OpenDMARC developers for taking the time to create this implementation. At the same time, my reporting part of DMARC kept throwing errors. When I started looking closer at it, I realised there’s no way OpenDMARC reporting functionality would ever work with the supplied database schema. I’m going to document changes to OpenDMARC 1.3.1 that fixed the issues on my server.

Continue reading

LetsEncrypt, Ubuntu 16.04, Apache, Postfix and Dovecot SSL

This post describes my journey to have a fully working Let’s Encrypt set of automatically renewed certificates for my Apache-hosted websites, Postfix email server, and Dovecot IMAP server running on Ubuntu 16.04.1 LTS. Strangely, all descriptions I found online so far either talked about setting Let’s Encrypt client from git repositories or didn’t provide any clarity on how to deploy multiple certificates for multiple virtual sites or didn’t have any details on how to generate and renew certificates for Postfix and Dovecot or how to do so in a way that is compatible with DANE.

Continue reading

VMWare ESXi 4.1 and HighPoint RocketRAID 3510

One of the computers I have at home is a nice Intel Core i7 12Gb RAM 2Tb RAID10 VMWare ESXi server. As I hate reinstalling my main personal and work computers, I use ESXi for all kinds of experiments, development, debugging, etc. RAID10 there is provided by a decent hardware HighPoint RocketRAID 3510 controller. The main reason I chose it was its announced support for VMWare ESXi. The system is set up in such a way that the 2Tb SATA II disk is provided by RocketRAID 3510 controller. There are no other disks in that system – no CD/DVD drives, nothing at all.

Back in the days when I was setting it up, the latest version of ESXi available was 3.5. I had a fair bit of a headache to get the system set up and boot from RAID10 array. It involved:

  • creating custom oem.tgz (edit pci.ids, etc, etc…)
  • integrating it into install image
  • after install, connecting external DVD drive to the server
  • boot into Knoppix LiveCD
  • set up RAID10 support in Knoppix (it didn’t work out of the box)
  • finally, copy my custom oem.tgz to the relevant partition on RAID10 device
  • pray that it works (which it did)

This is a fair bit of hassle, which I didn’t document at all.

Now imagine my disappointment when I figured out that neither patching nor “normal” upgrades from ESXi 3.5 to ESXi 4/4.1 work for my setup – something to do with custom oem.tgz. Trust me, I tried everything, all possible combinations of upgrades, upgrade tools, network setups, etc. It just doesn’t work, so don’t waste your time on that. At the same time, I needed a solution, as I had to run 64-bit OSes.

Continue reading

PuTTY for Windows and ssh:// handler

I use PuTTY for Windows a lot. It is an excellent SSH, Telnet, etc, etc, terminal program.

On the other hand, I am very impatient user. I honestly believe that the users should never wait for computers, and that the letters should appear on the screen a microsecond before the user types them. This means that I hate moving my hands away from the keyboard to mouse to use a GUI interface, when the majority of work is actually typing text or code on the keyboard. This defines a lot of choices I make when selecting software on my computer.

Bundled together, I really do not appreciate opening PuTTY GUI interface just to double-click on some PuTTY profile and then move the hand back on the keyboard. A much faster way of doing this for me is to press “Win-R”, type in something along the lines of “ssh://” and never move away from the keyboard. After a couple of Google searches, I know I am not alone in that. At least one of my colleagues prefers to do it this way as well. Speeds things up a lot, believe me.

Continue reading

Thank you, Backups!

I am sometimes too attentive to details. Although I am very aware of it (unlike Monica from Friends), I can sometimes be caught up in an act of cleaning and making things generally tidier/better/more organized.

Like today. I decided that my digital photos were not organized properly. So I just had to move them from drive X: (which is my large, slow, reliable backup and junk drive), to drive D: (which is my super-fast, RAID0 300Gb total WD Raptors 10k). At the same time, I use Adobe Photoshop Elements 6 to manage my photo collection (btw, definitely recommended – provided that you know its character). This means that in addition to just moving the files, one needs to make sure that the Photoshop Elements catalog is up-to-date.

Continue reading

Sharing printers on Vista 64-bit

Recently I purchased a new computer to replace my main Windows box at home. It is brilliant – Quad Core, 4Gb of memory, 300 Gb of RAID0 on 10k Raptors, NVIDIA SLI. Naturally, this hardware required Windows Vista 64-bit – if for nothing else, then to use the full 4Gb of memory. There were loads of issues I discovered when trying to set it up. Here is one of them.

I have a number of other computers. My main Windows desktop serves as a “print server” – i.e., it shares a printer to the rest of the network. It is HP LaserJet 1020. And that’s where the problem comes from. You see, it prints fine from the computer which it is connected to. But remote jobs do not print unless you stop and start the Print Spooler service again. After a fair bit of research, I found out that essentially, doing these three things solves the problem:

Continue reading