Author Archives: admin

Oni-Con Coming!

Oni-Con is coming soon! October 21-23, to be exact. Oni-Con is “Houston’s Original Anime Convention” and will be held at the Park Plaza Hotel (Now the Grand Plaza Hotel) next to the Astrodome and Reliant Stadium.

I’ll be working several days of the Con (except for a prior commitment on Saturday evening…but I should be back after that!)

See you there!

]]>

Back from the Storm

For those interested in the details, it’s a Biostar IDEQ 210V, an AMD Sempron 2400+ with 512MB of PC3200 DDR RAM. I recycled the CD and FD and second NIC from the old system, and using the same hard drive recovery took only minutes with the kudzu utility working quite well to reconfigure the hardware. The biggest problem was getting the net cables plugged into the right NICs (I had them backwards at first).

The old system was a Shuttle SV25, with an FV25 motherboard (the one with the bad caps). This is a known and notorious problem…as a friend of mine once said, he hopes that someone has paid dearly for the capacitor problems in the last few years…..]]>

Spyware, Keyloggers and SERIOUS problems

Story on Keyloggers at SpywareInfo.Com! link is now gone — but it was a good article!

There are some serious concerns here. If you even THINK you’ve been jacked by a keylogger, Install a SOFTWARE FIREWALL IMMEDIATELY. Change the passwords on ALL your bank, email and other accounts from a DIFFERENT, KNOWN-CLEAN computer. Oh, and DON’T USE INTERNET EXPLORER.
]]>

Almost back up….

]]>

More downtime

I have re-uploaded the nailfix.zip and nailfix.exe files from my original sources in the event that the downloads were compromised, and have temporarily disabled the rest of the downloads on this site until I can replace them with known good copies. *grrr* why can’t people find better, more constructive things to do with their time instead of attacking people? (or their servers?)]]>

Service Down – finally back up

Nail/Aurora Fix

NOTE: These instructions have been superseded with updated procedures for the nailfix installer and a new version of Ewido. Please post a HijackThis Log in the Malware Removal Assistance forum here or at any of the ASAP Member Sites.

The following are instructions to run the Nail/Aurora popups fix. This can be recognized by the following lines in HijackThis:

F2 – REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O23 – Service: System Startup Service (SvcProc) – Unknown owner – C:\WINDOWS\svcproc.exe

I ALWAYS recommend starting this fix by posting a HijackThis log at one of the forums listed in the Spyware Help Forums FIX LINK! section.

Please download, install, and update the free version of Ewido trojan scanner:

  1. When installing, under “Additional Options” uncheck “Install background guard” and “Install scan via context menu”.
  2. When you run ewido for the first time, you will get a warning “Database could not be found!”. Click OK. We will fix this in a moment.
  3. From the main ewido screen, click on update in the left menu, then click the Start update button.
  4. After the update finishes (the status bar at the bottom will display “Update successful”)
  5. Exit Ewido. DO NOT scan yet.

Download CCleaner and install, but do not run it yet.

Please download the Nail/Aurora Spyware Fix from NoIdea.US.

Unzip it to the desktop but do NOT run yet.

Reboot into Safe Mode. To do this with Windows XP, you can follow these steps from Microsoft:

  1. Restart your computer and start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when you the Boot Menu appears.
  2. Select an option when the Windows Advanced Options menu appears, and then press ENTER.
  3. When the Boot menu appears again, and the words “Safe Mode” appear in blue at the bottom, select the installation that you want to start, and then press ENTER.

Once in Safe Mode, please double-click on nailfix.cmd that you unzipped earlier. Your desktop and icons will disappear and reappear, and a window should open and close very quickly — this is normal.

Next, run Ewido again.

  1. Click on the Scanner button in the left menu, then click on the Start button. This scan can take quite a while to run, so time to go get a drink and a snack….
  2. If ewido finds anything, it will pop up a notification. You can select “clean” and check the boxes “Perform action with all infections” and “Create encrypted backup” before clicking on OK.
  3. When the scan finishes, click on “Save Report”. This will create a text file. Make sure you know where to find this file again.

Then run HijackThis, click Scan, and place a checkmark by the following item:

F2 – REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe

Close all open windows except for HijackThis and click Fix Checked.

Now, run CCleaner.

  1. Uncheck “Cookies” under “Internet Explorer”.
  2. if running Firefox: then click on the “Applications” tab and uncheck “Cookies” under “Firefox”.
  3. Click on Run Cleaner in the lower right-hand corner. This can take quite a while to run.

Finally, restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.]]>

Setting up Thunderbird



To configure Thunderbird for the domains hosted here:

Start Thunderbird. If you have never set up accounts in thew program before, you will start with the Account Wizard. If not, click on the Tools menu, then Account Settings.


Select Email account, then Next.


Enter your name and email address in the appropriate fields, then click Next.


Select IMAP, and type in the names of the incoming and outgoing mail servers. Click Next.


Enter your full email address as the Incoming User Name and click Next.


Enter a descriptive Account Name or take the default entry, and click Next.


Confirm that all the settings are correct, and click Finish.


Back at the Account Settings window, select Outgoing Server(SMTP) from the left menu, then check Use name and password and enter your full email address in the User Name field.


Select Server Settings (for the account you just created) from the left menu. Check Use secure connection (SSL) and set the Check for new messages settings to your preferences.


Finally, select Composition & Addressing from the left menu. Uncheck Compose message in HTML format, and set the quoting options to your perferences, then click OK to exit the Account Settings screen.


That’s it!
]]>

John Paul II dies — "Be Not Afraid"

The Vatican is official: John Paul II has gone home to God. This man, this Pope, who touched so many lives all over the world, has died at the age of 84. He was about a month from his 85 birthday and only 6 months shy of a 27 year reign as the Bishop of Rome. He was the third longest-reigning Pope, following Blessed Pius IX (31 years)and St. Peter (~35 years) himself.

Pope John Paul IIWe had the opportunity to see “Il Papa” about a year ago, when Terri and I visited Rome for a week. We had the fortune to get tickets to the Papal Audience, and were able to sit right on the aisle where the “Pope Jeep” (see the picture, left) passed, transporting the Holy Father to the steps of San Peitro. We also were able to attend the end of a Papal Beatification Mass where he spoke the weekly Sunday blessing.

St. Peter's Basilica at nightJohn Paul II contributed to the Catholic Church and the world in many ways. To me, personally, he demonstrated compassion and faith in ways that aren’t usually seen in everyday life. He was instrumental in the end of communism, and worked for reform within the Church as well; under his reign were the first revisions to the Codex Iuris Canonici (Code of Canon Law – the law of the Church) since 1917, the revision of the Catechism, and the current version of the General Instruction of the Roman Missal (the rites of the Catholic Mass). He wrote numerous letters and exhortations, from Mulieris Dignitatem (On the Dignity of Women) to Salvifici Doloris (On Human Suffering). But for all he did for the Church Universal and the world, one thing touched me in a very personal way. Standing in St. Peter’s Square, on a chilly Wednesday morning, I heard the Holy Father speak directly to my heart, in my own language, in his own words, and it was as if I was the only one he was addressing. I was one face in a crowd of hundreds–maybe thousands–and I know that he was really talking to everyone assembled, but to hear him speak my language, in person, was a very emotional moment in my life. I couldn’t tell you now what he said, but I know that just the act of him reaching out to the world community, in numerous languages, was measure enough of his love for all of humanity.

Edit: Actually, I do know what he said, thanks to Zenit News.

“I extend a special welcome to the English-speaking visitors and pilgrims here today, including groups from England, Sweden and the United States of America. May your visit to Rome be a time of spiritual enrichment. Entrusting you to the protection of Mary, I invoke upon you the grace and peace of her Son, our Lord, Jesus Christ.” –Ioannes Paulus PP.II, 24 Mar 2004 ]]>

Work in progress – UPDATED

Updated 27 Feb 2005: Grrr…I got the two Shuttle boxes (SV24 and SV25), only to discover that both have blown motherboards and power supplies. I’m working on the means to get them in usable order, but it’s going to take some fundage that I don’t currently have….can anyone help?


UPDATED 12 FEB 2005: I know people are waiting on this document! Gomennasai…but I will hopefully be much closer after this weekend. I should be picking up two shuttle systems this weekend, one of which will be my new mail server. I will be using this to finalize all the steps I will take to make this document finally useful.

I have Amavisd-new, SpamAssassin,ClamAV and Maia Mailguard all running now. I still need to get Mailman list manager tested and Squirrelmail running on https, but I promise! it’s getting closer!


UPDATED 13 OCT 2004: getting closer! See the bottom for the newest info…

Wednesday, September 29 2004 @ 12:02 AM CDT
Just a little heads-up…I’m currently working on a test mail server, incorporating Fedora Core 1, Postfix, Dovecot Imap, fetchmail, amavisd, and Maia Mailguard, with full SSL and virtual domain/user support tied into a MySQL database.


Like the title says, it’s a work in progress, so I don’t have a whole lot to give you yet, but I do have some success:
  1. Postfix is working to receive mail to users who only exist in the MySQL database.
  2. Dovecot will authenticate users via SSL, logging into the database.
  3. I can perform all IMAP functions with Dovecot and Mozilla Thunderbird as the client.
  4. I had to build custom RPMS for Postfix and Dovecot to incorporate the features I wanted (and remove Postgres support from Dovecot…grrrr)
Still to come:
  1. Installing and setting up Amavis, SpamAssassin, and ClamAV, and tying it into Maia Mailguard for per-user configuration.
  2. Setting up Fetchmail to POP several external accounts.
  3. Setting up name-based virtual hosting on Apache2.
  4. Probably other issues as they come up.
  5. Writing up coherent documentation on the process.

Doesn’t sound like much, really, but it’s been a big accomplishment for me so far, especially considering how badly certain applications (*cough*dovecot*cough*) are documented. To be fair, it is a fairly new app, and the userbase is not what it could be (many people sticking with Courier and Cyrus out of familiarity, I’m sure). I’m going to attempt to do my part by creating documentation on the process here, so others can benefit from my experimentation.

I’ll be writing up a static document for this site once everything is in place, so be watching for it!


UPDATE 13 OCT 2004: Process/Progress

Requirements:

  • SMTP-AUTH
  • IMAPS
  • all auth to sqldb
  • anti-spam
  • antivirus
  • web managable
  • virtual domain hosting
  • per-user config for antispam

Implementation:


  • Fedora Core 1
  • MySQL 3.23.58
  • Postfix 2.1.5 w/ pcre, MySQL, sasl2, tls, vda support
  • Dovecot 0.99.11 with MySQL support
  • Maildir-formatted mailboxes

Done and Notes:

  • OS – Fedora Core 1 and updates
  • MySQL
  • Postfix
    • set up SMTP via SASL/Pam for auth over TLS.
    • Requires Pam-mysql 0.5 module
    • User passwords in db must be in MySQL-Crypt format
    • Maildir mailbox format in /home/postbox/%domain/%name/

  • Dovecot
    • configured to only offer IMAPS for encrypted comms
    • User passwords in DB must be in PLAIN-MD5 format

  • PostfixAdmin
    • Web interface for virtual domains in Postfix
    • can set passwords in several formats. Set to md5crypt.
    • added new $CONF[‘postfix_smtp_pw’] set to mysql crypt for smtp-auth

  • PHPMyAdmin
    • MySQL administrator for the web.
    • simplified testing password crypt methods.


ToDo:

  • Amavis/SpamAssassin/ClamAV
  • Maia Mailguard
  • Fetchmail (for POPping external mailboxes)
  • Squirrelmail webmail client
]]>