Bypass web filter with SSH

I’m waiting at the VW dealer for my car to get its 60K mile service. They provide wireless (thank you), but they use websense to prevent me from visiting such benign sites as Twitter and Craigslist. No, they’re not run by Ahmadinejad.

They do allow me to open an SSH connection to my Linux server, so I now have everything I need to use their wireless and bypass their filter. Any *nix server you have SSH access to will do.

I was about to write up the step-by-step, but I see that Chad Perrin did a fine job of doing exactly that. Thanks Chad!

http://blogs.techrepublic.com.com/security/?p=421

Free Poker Software (Texas Hold 'Em)

http://pokerth.net

This is a peer-to-peer or client-server model Poker game which requires NO registration, NO fees, and has NO pop-ups, ads or other bs. In the client-server model (“internet game”), you can use their server to host or simply join someone else’s game. You can assign a password to your table so that only your friends can join.

In peer-to-peer mode, you can effectively use your client AS the server and let your friends connect directly to you.

In both capacities, you can have computer players fill as many seats as you  like (either exclusively robot or just to complement humans), you can set blinds both in terms of amount and timing, you can force a timeout period for people to decide what to do (automatically folds or checks if they run out of time), you can use your own custom avatar, and hey there are even skins available.

As a software guy, I’m particularly impressed that it’s available for 3 platforms (for free), and if you don’t want to run an installer (or a pkg/rpm), then you can just download the zip file and run the executable directly from there–nice!

The software is simple, intuitive, and very user-friendly.

Only downside is that you can’t buy-in again, as you might do at friendly poker games.

lsass.exe eating CPU at startup

Win XP Pro, all patched, no viruses, no spyware.

Upon startup/login, lsass.exe would eat up about 70% of the CPU for about 10 minutes. I tried using Process Explorer to see what was going on, I tried scouring Google for answers, all to no avail.

The trick (at your own risk): go to c:\documents and settings\[you]\application data\microsoft\protect, and delete all the folders in there. One of them had 16,000 files which apparently caused lsass.exe to spin forever doing god knows what/why.

This fixed my problem, and it hasn’t used more than 1% CPU since.

Edit: On another machine, this directory had over 900,000 files in it. That took a LONG time to identify, much less delete. I did some research and found that it’s related to SQL Server.

OpenOffice vs. MS Office

As a “Power User” of Excel, Powerpoint and Word, I’m always interested to see how competing office products function relative to MS. Although I’m adept with MS Office, I have no allegiance to MS, and I’d be happy to switch to a superior product should one present itself.

Hearing so much about OpenOffice, I decided to give it a shot. For what it’s worth, I was running it on Ubuntu 8.04.

Particularly the Spreadsheet program. Right away, I was impressed by how fast it loaded and rendered data. Definitely less bloated than Excel. On the other hand, it has far fewer features.

I was particularly interested in the following features which I feel are critical for competing with Excel:

• Compatibility (interoperability) with Excel documents
• Built-in function library
• Object support such as text boxes, images, shapes, etc.
• Form controls and Macro support
• Keyboard shortcuts

My conclusion (I won’t bore you with the details) is that as of the time of this writing, OpenOffice Spreadsheet is not a viable replacement for Excel in a _professional_ environment.

The biggest problem is interoperability. I opened a spreadsheet created by Excel, but none of the charts/graphs would render. Although there is absolutely no Macro compatibility (interoperability) between the two platforms, I was really impressed with the richness of the API available for OpenOffice (no surprise there–it’s open source).

However, these are pretty significant show-stoppers. Professional Excel users (“Power Users”) frequently write user-defined functions (UDFs), and charts. If OpenOffice users can’t read these documents properly, then we’re back to square one.

From a theoretical perspective, OpenOffice could be used were it not for switching costs. A brand new business that has no need to share files with the “rest of the world,” can easily do all their spreadsheet work in OpenOffice. It’s the switch from Excel to OpenOffice that is impractical right now.

Oh, and as a VBA developer, I’m not sure I’m on board with the OpenOffice implementation of Basic. I like that you can write in Java (huge Java fan here), but the API documentation isn’t super user friendly yet.

One last point is the interface and overall user experience. Clunky and buggy. Almost none of my “traditional” keyboard shortcuts worked (fill right, fill down, etc.), the function dialogue doesn’t give you arguments in a pop-up menu, you separate arguments with semi-colons rather than commas, and if you enter something wrong, you may get repeat error alerts (at least I did until I had to force quit the app).

It’s not at all intuitive how to assign a Macro to something as simple as a button. I appreciate that they’re giving users the granularity of control with the event model, but for most Excel users, that’s far too complicated.

It’s my hope that IBM (or someone) will buy Sun and improve OpenOffice to the point that it forces MS to improve the featureset and overall quality of Excel, but that will take time.

How to get a Google Contact to appear in the quick menu of Google Calendar invitees

When you create a meeting in Google calendar, and you want to select people to invite, there are some contacts who don’t appear in the quick menu (IE, the menu that appears when you start typing “John Smith,” which auto-fills John Smith’s email address).

This is apparently because John Smith is not in the group “My Contacts.” Go to your Contacts, select the people you want to appear in the drop down (could be all contacts?), and move them to “My Contacts.”

Clear your cache, refresh, and it should work.

Ubuntu + VMWare

I’ve been running VMware on an Ubuntu host for several years now. VMWare’s free server product used to be spectacular. It even shipped with an SDK so that you can write your own scripts for controlling the VM’s. So, let’s be clear about this: I’m a fan of VMWare (or used to be anyway).

Recently, I upgraded from Ubuntu 8.04 (the host machine) to 8.10. Suddenly, the VMWare binaries wouldn’t run. I won’t bore you with details, but if you see the error that asm/semaphore.h couldn’t be found or simply that it couldn’t build vmnet.o, then join the club. If you’re seeing these errors, then you should refer to this site before you do anything else: http://www.insecure.ws/2008/10/20/vmware-specific-specific-55x-and-kernel-2627.

That fix didn’t work for me, so I tried different versions of VMware (1.x, 2.x), as well as the Ubuntu vmware system library. Nothing worked, so I reinstalled Ubuntu (8.04) and VMware 2.0. There’s a pretty thorough walk-through here in case you’re not sure about anything: http://www.howtoforge.com/how-to-install-vmware-server-2-on-an-ubuntu-8.04-desktop.

The new VMware version 2.0, although free, has some significant changes which you should know about:

• No more GUI vmclient. Now, you administrate the VMs through a web interface. This means that the new VMware installs a servlet container, web server and a few more supporting server utilities. It’s a little bloated.
• New API. Rather than the old C and Perl APIs, you now have the VIX API. I couldn’t find any support for Perl, but there is support for C. One nice improvement is the vmrun command-line utility to control VMs.

Related, VMware started giving away its ESX server for free. The key difference with ESX is that it -IS- an operating system host. You don’t install ESX on a host–it literally is the new host. That means that performance is awesome. However, after playing with it, I quickly learned why they’re giving it away for free–it’s featureless. Without their Infrastructure product (which is expen$ive), you can’t control much. For me, I need my host to be able to backup VMs over the network, store VMs on local disks (and sometimes network mounts), as well as some administrative stuff such as cron jobs, email notifications, etc.. ESX has none of this.

For what it’s worth, you can hack into ESX to enable things like SSH and what not, but from what I can tell this is a hole and probably not something that will be possible in future versions. More info about this here: http://itknowledgeexchange.techtarget.com/it-consultant/enabling-ssh-on-a-vmware-esxi-server.

Annoyance Solved: Ubuntu 8.04 + Postfix Error with aliases

I recently upgraded from Ubuntu 7.04 to 8.04. There were a few minor annoyances, but the most aggravating was this problem with Postfix:

fatal: open database /etc/postfix/aliases.db: Invalid argument
which was followed by
warning: /usr/libexec/postfix/smtpd: bad command startup — throttling

The short answer: install the latest Postfix from the source, (from Postfix.org)–don’t use the version that Ubuntu apt-get wants you to use.

I googled around and tried a few things that made absolutely no difference whatsoever:

1. Use postalias instead of newaliases to build the hash file
2. Ensured I had the latest BDB libs
3. Ensured perms were set properly for the file
4. Ensured that postconf was configured properly
5. Ensured the file format was valid as a hash (name: value, value)

I definitely had the latest version of Postfix supported by Ubuntu 8.04 as of today (2.4.3); however, I noticed that the latest version of Postfix available was 2.5.6. Just for fun, I downloaded the latest version of Postfix from the site, and built it with support for Cyrus-SASL and TLS (see below for example).

Ran postalias one more time, started Postfix up, and voila–everything 100% fixed.

Installing Postfix on Ubuntu 8.04 with Cyrus-SASL and TLS support:

% make tidy
% make makefiles CCARGS=”-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \
-DUSE_TLS -I/usr/local/include/sasl” \
AUXLIBS=”-L/usr/local/lib -lssl -lcrypto \
-lsasl2″
% make install

Make sure you have libssl, openssl and (of course) sasl2 installed.

I hope this saves someone the 4+ hours it cost me…