Blog Navigation
Partners
Debbie's Photo Site
FamousPhil.com on FaceBook
Matthouse Hosting
Wearing Social
Partner with Us!
Latest Activity
Phil explains how to use the old telephone tones to wane off telemarketers!
Posted on: August 20th, 2010 by Famous Phil
This is an annoyance that I constantly have to look at 2 sources to remember so I’ve decided to consolidate my 2 sources into a single blog that I can refer to in the future. Basically, every time I set up a new Server 2008 R2 box to act as an Active Directory domain controller, I always run into passwords having to be complex and changed every 42 days by default. This is an annoyance because users don’t like having to do that so frequently. The location to change this isn’t in a common sense location either.
To change the policy, goto your start menu and in the search area (provided it will run commands), type in “gpmc.msc” and hit enter. This will bring up the Group Policy Management Console. Expand the local forest that you want to modify the password policy for. Expand Domains, and the domain that you wish to modify. Right click on Default Domain Policy and click edit. This will bring up a new screen. You want to navigate to Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy. From this screen, you will be able to modify the password policy. You can either reboot or type in a new command “gpupdate /force” and the new settings will take over.
I don’t recommend disabling features such as complexity because your users will then be able to use passwords such as “letmein, password, changeme”, etc. These are insecure passwords and those who use them are simply asking to get their accounts compromised.
Also, the solution above will not work if you have a password window open that is forcing you to use a complex window, you will have to go through that wizard again. This also won’t reverse the force password changes on next login if a user needs to change their password due to the old policies.
Tags: active directory, domain controller, password complexity, password policy, server 2008 r2
Posted in Hosting / Server Administration
|| 2 Comments »
Posted on: August 18th, 2010 by Famous Phil
Reminders: As with anything I post, I ask that you provide a backlink to my code if you use it (if you don’t, its considered plagiarism). Also, the code below is the outcome of 2 days in ASP.net as an excursion, I’m sure that my code could be improved vastly. I’m also not going to baby step through this, so you’re going to have to be a somewhat experienced programmer to follow along with the rest of my blog. One last thing: If you feel the urge to donate to me for my time (provided this solution helped you), please use the NEW donate button in the footer, I appreciate it. Read the rest of this entry »
Tags: ASP.net, c#, convert, exchange 2010, extract, ical, icalendar, ics, VCAL, vcalendar, visual studio
Posted in My Site, Programming
|| 29 Comments »
Posted on: August 17th, 2010 by Famous Phil
For a long time now (2 years and counting), I’ve been wanting to dabble with ASP and Microsoft web technologies. It seems that for every project that I want to dabble with, I have to gather a lot of ambition and have an end goal in mind well before I begin. I guess that being a seasoned programmer; I have gotten very lazy at what projects I feel like attacking (this is partially why this blog doesn’t get a post every day).
Tags: ASP.net, exchange 2010, ical, ics, owa, VCAL
Posted in Programming
|| 9 Comments »
Posted on: August 14th, 2010 by Famous Phil
Today’s topic was sparked by a recent influx of worms attempting to take over one of the public servers that I manage. Basically, I constantly get log notifications for the firewall (yes, I actually read logs!) saying that all these attack signatures are being detected against programs running on one of my servers.
These programs are IIS 7 (web server, Internet Information Services) and MSSQL Server 2008 R2 (Microsoft Standard Query Language Server). In the past when I ran my own computers on an un-firewalled internet connection (public wi-fi, home DSL), with home security software installed (like Norton 360), I have also noticed these types of log messages and popup warnings.
Most people (I’d estimate at least 50%) probably have some sort of broadband, un-firewalled, connection setup in their home that is directly connected to their computer. Most people probably subscribe to some security solution like Norton 360, and they probably run some sort of firewall. Normally, these firewalls catch all the bad stuff that can harm your computer, but stuff still could potentially come through.
Although there will always be loop holes for these security vulnerabilities, there is another means of protection that most people would NEVER think of! If you’re thinking Wireless router from the local Wally World (Wal-Mart), you read my thoughts. Yes, Wireless routers don’t just share an internet connection wirelessly like most people think.
So what else does a wireless router do? A wireless router is simply a ROUTER with a wireless ability built into it. Routers are complex pieces of engineering that connect many computers together. Without getting into too much detail, routers connect two separate networks together to bring multiple endpoints together. The internet has many subnets that are connected to each other through routers. Think of the telephone system when I mention this, more specifically area codes and dialing prefixes. The area code for Matthouse is 716, the prefix is 584. So 1-716-584-xxxx gets routed to a particular telephone. In my example, when you dial the full number, 1 means connect to the main US router which knows all the US phone area codes. Next, 716 means connect to the router which handles the Western New York area prefixes, then finally that router sends the call to the router than handles the 584 prefix. That router then is practically directly connected to the xxxx number which will ring a phone and help establish your connection. The internet is connected in a similar fashion.
Traffic is sent in internet packets that run on a certain port number. For simplicity, a port is required to connect to a computer. Computers listen on ports for connections and there are 65535 possible ports. You might think of a port like a way to get to your house from the road at your address. Each drive way is a unique path in and it accepts only a certain type of car. Hackers tend to send a car into that drive way that acts and looks like the car it accepts, but once it’s in, it can cause havoc in your home (computer).
So what am I getting to? Routers connect different networks, so they inherently have to forward all the traffic from one network to another, including all the ports. Since ports are easy ways to get into your computer (provided your computer is actively listening / accepting on that port), hackers tend to go for these ports. Some ports on web servers (like port 80) are absolutely necessary to leave open, but other ports like 5109 (which happens to be the AOL Instant Messenger port) probably isn’t needed on that web server. For a home computer, blocking all the ports inbound to the computer is probably smart, while allowing all the outgoing ports from the computer to the internet.
NOTE: I probably should add that with outbound connections through firewalls, if you request something from an external source (say a webserver) while having all incoming connections blocked, you will still get the response from that external source. Firewalls are smart about allowing replies back through while blocking all new connections that are probably hacker initiated.
BOTTOM LINE: All computers have different needs. A wireless router when added to your network will block all incoming ports by default and allow all outgoing connections on all ports. Therefore, by adding one of these cheap boxes, you’re not only gaining a wireless network access point, but you’re also protecting yourself from the nasty dangers of hackers that probe computers for open listening ports. Since many ISPs provide un-firewalled public IP addresses to residential customers, those customers would be wise to install one of these routers. Who knows, it might save their computer from a severe attack from a hacker some day! I’ve also found that when I run a firewall in terms of a router, I don’t need as much protection from Norton 360 on my computer, so I basically have a faster computer (it isn’t working on blocking bad stuff anymore).
Hopefully this helps you!
Tags: Firewall, wireless router
Posted in Technology
|| 12 Comments »
Posted on: August 7th, 2010 by Famous Phil
This is more an update than anything else. I have finally taken the time to prune some of the comments in the past year on FamousPhil. In the future, I will be only approving links that either are track backs or contain non SEO titles. I have never minded allowing comments, but the spam volume that I’ve begun seeing is just too unreasonable to continue handling without changing my policies. In the past, I’ve approved comments that contain text that pertains to the post, but I just can’t continue on that course 
In the next week or so, I will also be disabling user registrations, along with pruning the user database (except to the guest posters who were asked to make an account). That too has gotten out of hand!
As always, if you want to make a guest post and get a real link back with seo key words, feel free to contact me I generally don’t mind the content as long as it has something useful in it that won’t harm my readers.
Tags: policy update, spam
Posted in My Site
|| No Comments »
Posted on: August 6th, 2010 by Famous Phil
Often times, I’m asked the question: Should I get Windows hosting or Linux hosting for my new website. This is a topic that comes up time and time again in my field of expertise and sadly, newbies often choose based on perception, not based on fact. This blog will cover some of the facts about both hosting platforms and hopefully help you make an informed decision about how you want your website hosted.
Read the rest of this entry »
Tags: choice, hosting, Linux, windows
Posted in Hosting / Server Administration, Programming, Technology
|| 19 Comments »
Posted on: August 2nd, 2010 by Famous Phil
Introduction:
This topic plagues me to death every time I need to do some administrative function MySQL simply because I don’t do it every day. I have 3 servers that I manage entirely via the command line now and all 3 require me to know at least some MySQL. Unfortunately, I always end up going to several sources to get all the information I need. So instead of doing that in the future, I’m writing this blog as a centralized reference for everything I need. Hopefully you can use this blog as much as I will!
Note: You will need to click the “show code” icon in the top right corner to view the code entirely for some of the blocks that are longer than the code box.
POST UPDATED 6/5/2011 (deleting a user / listing users)
Tags: administration, cheat, command line, interpreter, mysql
Posted in Hosting / Server Administration, Programming
|| 4 Comments »