Patrick's Rants



7/15/2017

Dammit Microsoft!

Filed under: Geek News and Stuff — site admin @ 10:38 am

I was going through some logs seeing where fail2ban was blocking hosts as recidivist when I stumbled upon an error that didn’t make sense. A host that I more or less expect to receive email from was failing and being blocked when they relayed through Mail gun. Some minor digging found that the errors I was seeing in the logs resulting in a fail2ban rule had to do with the STARTTLS feature. This was written about seven years ago over on warthog9 He links to help pages on Microsoft’s web site about fixing IE, or at least references a broken TLS handshake titled An update that enables Internet Explorer in Windows XP, in Windows Vista, or in Windows Server 2008 to parse fragmented TLS/SSL handshake messages is available

I’m not going to be able to fix Mail gun. I’m not even going to try. The mail eventually gets to us… just slow. But the fix listed does give me insight into something else I ran into this week: broken IE… I’ll try to fix that problem next week.

3/30/2017

Yahoo Messenger, You Will Be Missed. Not!

Filed under: Geek News and Stuff — site admin @ 7:17 am

I use Pidgin on my computers. It’s cross platform, multi-protocol and supports encrypted messaging via plugins. I use it along with the Openfire XMPP collaboration server to communicate intraoffice and more recently interoffice for collaboration with our tax office associates and our outside tax partners. I insist on encrypted communications to protect client information even though specific information such as social security numbers, etc is never transmitted across the internet. I do this because I’m paranoid about information leaking, I insist that we jealously guard our client information even more than if were our own, and lastly, because the FTC and IRS insist we do so. More on encryption, perhaps, at a future time.
The last few times I’ve fired up Pidgin on my Linux machine, I’ve received the following notice:

yahoomessenger: Yahoo Messenger has been upgraded and no longer works with older versions or third party applications. To continue using Yahoo Messenger, please download the newest version at https://messenger.yahoo.com/download

Click the link and I find:

YAHOO MESSENGER.
YOUR NEW BEST FRIEND.

Get the brand new Yahoo Messenger, now available as a desktop app.

Yahoo Messenger requires Mac OS X 10.9 / Windows 7 or later

Now available as a desktop app? This whole let’s call a program an app now crap really annoys me. But I think I remember that Yahoo tried to move everyone to a web based client by discontinuing their standalone application/program. Well, I only have one remaining contact who uses/used to use Yahoo Messenger. And he’s on LinkedIn and Facebook and I have his cell number. What do I need an aging protocol backed by a company that’s selling out to Verizon for? And 500 million Russian compromised accounts. The latest version of Pidgin also removed the protocol:

Pidgin 2.12.0 removed protocols that were not being maintained: MSN, MySpace, Mxit, and Yahoo!. These will show up as unknown in your account lists until you delete them.

AIM is not breaking, update to this version to keep it working!

(and did I mention I use Linux?)
Oh well, no big loss. If we used to communicate via Yahoo Messenger you should have another way to get in touch. If not, I guess we were never that close.
Click on delete account in Pidgin

3/17/2017

Log Folder Permissions Breaks Task Scheduler and Windows Event Viewer

Filed under: Geek News and Stuff — site admin @ 7:47 am

I have recently been plagued with some Windows Server 20081 lockups. I decided to look at the Windows Event Viewer logs and ran into some puzzling, to me, error messages like Task Scheduler service is not available. Task Scheduler will attempt to reconnect to it. I know that Task Scheduler isn’t working. I installed Cygwin and Cron to work around the broken Task Scheduler that I could never get to start. Now the fact that Task Scheduler isn’t running seems to be causing Event Viewer to not run. Way to tangle shit together Microsoft. Fortunately, this meant that I was finally able to find the problem. The Task Scheduler issue by itself either didn’t motivate me enough to find a solution or one wasn’t available. I’m not sure which is true, but I must not have looked too hard since I was running Cron. I found that basically it was a permission issue on one folder that cause both of these services to fail. A log folder at that. And the error message is the usual cryptic crap that I expect out of Redmond. The folder is “C:\Windows\System32\LogFiles\WMI\RtBackup”. The fix is to add the user SYSTEM as a full user. The short fix is right click on the RtBackup folder go to Properties ->Security ->Add->SYSTEM-> Full Control. Click all the yes boxes. And the final piece is you have to reboot the Windows box. After changing permissions on a folder. Just permissions. Reboot. Neither Task Manager nor Windows Event Viewer will start until you restart. I tried, you can try too. Just know that reboot is the simplest method – there could be another, but this is Windows after all.

  1. and WHY didn’t Microsoft allow a “free” upgrade from Server 2008 to Server 2008 R2? Money?

7/31/2016

One Drive

Filed under: Geek News and Stuff — site admin @ 11:37 am

I was going to include this write up in my previous post, How Many Hours Wasted This Week? Well, the thing is, I re-read that post and realized I didn’t include the wasted time I really wanted to write about. I only got to the point of figuring out the setup was gonna start heading towards $50,000 or so just to set up. I changed the post to “Microsoft’s High Cost of Free.

I had a couple of different times where I needed immediate access to information that was only on my work station. In my office. Across town. So I decided to look at One Drive. I didn’t want to use Google Drive – I don’t like mixing personal and business uses on the same service or the same account. I know, people browse Ebay, Facebook and Craigslist from work all the time. While I may not be perfect about my internet use while on the clock, I prefer at least some separation. Yes, I check work email on my phone outside work hours. I rarely respond unless the email seems to need an immediate response. Plus, typing email on a phone…

So I clicked on the One Drive icon already on my computer. It would not recognize my account and/or password. I fought with the damned thing for at least an hour. Since we use the 365 service I tried to download it from the 365 Dashboard (who the hell came up with the name Dashboard? It’s used everywhere and I hate it. Everywhere.) The result of that attempt (failed, by the way) is that I get a message telling me that it’s incompatible with Office when loaded to my computer from disk. Are you kidding me? Because I bought a disk – well the district has the disk image for our use – I can’t use the version that downloads and installs on my local computer?

After fighting this for at least an hour, I called our tech people. Apparently, the version we used was not the personal version of One Drive but the business version. OK, we’re “paying” for it so that’s appropriate. And I broke it because I’m supposed to just know how it installs and runs and that there are at least three different, yet completely incompatible versions. And the error is something along the lines of: The server has an incompatible login protocol and just doesn’t work with your client. I paraphrased of course. Another hour goes by on the phone with tech support – has anyone noticed that I’m not a plebe? I had to remove One Drive from my Office install, reboot, add One Drive back to my office install via the control panel and the Office modify installation settings. Oh, reboot again. Now, go back to Office 365 online, go to One Drive and click on sync files. This will restart the process of downloading files you have previously uploaded. Otherwise you end up with an empty folder where you put files to share/sync.

The files I wanted to share have to do with tracking outside charters when I have to book buses with charter companies instead of ourselves. I was tracking it via spreadsheets (poor man’s database) with links in the cells to the charter agreement. You know, click the link with the charter or invoice number and the underlying document opens. It worked pretty well unless I was not at my desk. I needed a way to access the same, synced files from my work laptop as well. This is what all the online “drives” claim to do. So I moved my spreadsheet and the folders with all the charter orders and invoices. I created some symbolic links from where I used to keep them to where they now reside. One annoying thing I discovered is that Microsoft messes up my links. If I create a link to, say, invoice 1 that resides in a folder called invoices with a path like invoices/1.pdf Excel changes it to point to the One Drive folder and now the link is <sharepoint/username/invoices/1.pdf> and it doesn’t work until the sync occurs. (Thanks Microsoft! That’s so stupid. If I wanted an absolute link I would have used one. Relative links work everywhere else, but you know better than I do how I want to do things.) Well, it’s also kind of creepy that I don’t have control over this admittedly little thing – what else did they remove from my control?

So I’m happily – defined by the restrictions and forced changes by MS -sharing these files and folders between my desktop, laptop and accessing them online as needed (not that I really like O365, but it’s there) And then, O365 required an password update when I logged in for email. I dutifully updated my email password, the same password for everything in the O365 environment. This broke One Drive on my desktop. I had to go through Windows Credential manager (or whatever it’s called) and remove the saved password credential for One Drive. This takes a half hour or more to finally resync passwords and allow me back in. Then the laptop requires the same thing. Jump forward to last week. I noticed there were files showing they were pending being synced on the laptop. I could not get them to sync. An hour worth of work – I eventually deleted the folders from the laptop, uninstalled One Drive, rebooted, installed One Drive, rebooted and then did that again. I had to log into O365 from the laptop and do the whole damn process over again to sync all those files back to my laptop. It makes one wonder what Microsoft’s goal is by making this a total cluster bomb. Are they trying to get people to stop using desktop clients? That’s not the business world – the cloud is not everything, OK? I mean what happens in the cloud when it rains? I still use a desktop client for Outlook/Exchange because it works. I don’t have to upload a spreadsheet or csv file that I use for email merge to O365, in fact I don’t wanna.

One Drive – so far it hasn’t actually saved me any time. I think it can, but it’s cost me well over a day futzing around with settings and passwords and whatever the hell else so that someday I may be able to save some time and answer a question quickly.

How much of your life has Microsoft cost you?

Microsoft’s High Cost of Free

Filed under: Geek News and Stuff — site admin @ 9:35 am

I’m gonna cheat and add the time wasted on a couple of different computers, and not just to browse geek sites or catch up on the hot sales at Craigslist. I’m talking about the infuriating software pushed by Microsoft. Sometime last year the school district moved from Exchange to the (can you hear the harps?) cloud based Office 365 that is given to education entities for free – or so they told us. And by they, I mean the people who had to review the proposal. How can you argue against free? Let’s see, what does Microsoft say about pricing for Exchange? They have a web page so you can calculate it.. let me just check that out for you. Ok. Well, I got a pop up saying that it only works with Explorer… click allow using Chrome add-on ScriptSafe, and then allow again for the next script that gets sucked in and.. dammit! It truly does not work with Chrome. Even the basic drop down menus just sit there, mocking me. So Microsoft is not going to help to me in this story about how expensive they are. Over at TechSoup, the Guide to Exchange Server Editions and Licensing tries to describe the differences. Not very well here though. What is a mailbox database? I guess if I were to really want Exchange I would find out.

So TechSoup says if you are a big organization like, say a school district, get the Enterprise version. Retail (not the educational pricing) for Enterprise Exchange 2016 is $3,940 over at Buycheapsoftware.com and that allows you to buy licenses for people to actually connect at another $50 or so each. Forget about whatever other licensing you already need to get to the point where you can actually check your email. Windows 10 Pro (we are talking about a business here, ignoring Active Directory and associated pricing) is $127. I’m shooting for the moon with the Office package… includes the install media, Outlook, Access, Excel, Word, etc. at $295.

Next, we use Skype for Business. It used to be called Lync and we also used to use Office Communicator. According to Lync Insider, the enterprise retail price is probably north of $10k if we did it in-house. I can’t tell from the Office suite description if Skype is included or not. Let’s be generous and say that it is. No extra desktop cost. I mean if we have paid $10k for the server (with CALs included, of course) then we can overlook any extra cost there might be for the Skype client.

(Real) Free is starting to look a lot better.

7/28/2016

Dear Realtor.com

Filed under: Geek News and Stuff,General — site admin @ 11:55 am

I love your commercials. Your web site sucks. You should not need to call scripts from 27 sources just to show the main screen. I have an account and could never get logged in using Chrome (on Linux, but come on, it’s Chrome)
Even disabling NoScripts and AdBlock it didn’t work. Get with HTML5 and get the hell away from Javascript hell. I mean it. Visit you later – if I can ever get logged in.

4/27/2016

Greatest Spreadsheet Feature Ever

Filed under: Geek News and Stuff — site admin @ 4:46 pm

And it’s in Excel!
Well, it may not be the best spreadsheet feature ever, but the sort/filter function in Excel is very nice when sorting a date column. Right click on the filter on a date column and under date filter are about 20 builtin pre-configured filters, today, tomorrow, yesterday, last week, this week. I know, I know. Spreadsheets are not data bases. I hate VBA and mildly dislike macros. But this is a very nice feature – that’s missing from LibreOffice.

4/20/2016

Damn Javascript

Filed under: Geek News and Stuff — site admin @ 8:21 pm

I use browser addons to cut down the attack vector on my personal machine. Web sites add more Javascript requirements.
As soon as I click on accept for one script, there are three scripts now needing permission. Click on allow for those three and there are 27. What the hell! Just because you can do a thing, doesn’t mean you must do at thing. Am I the only one who still tries to limit web sites reaching into my computer?

4/6/2016

Hello Roadrunner, goodbye

Filed under: Geek News and Stuff — site admin @ 7:36 am

On my server I run Fail2ban to try to catch spammers, bots and other types of annoyances that those who run servers see every day. Recently I sent a couple of emails showing banned hosts from my server. These are typical reports from fail2ban showing how and from where a particular attempt (usually log in) has failed. It was – and always is – my intent to get the ISP to check into the address of the user to figure out what is happening on their network.

And so:

The IP 24.97.75.66 has made multiple attempts to authorize against my
mail server. It is in danger of being permanently blocked.

From: Fail2Ban [redacted]
To: [redacted]
Subject: [Fail2Ban] Dovecot-Auth: banned 24.97.75.66 from rwcinc.net
Date: Wed, 23 Mar 2016 13:21:42 -0700

Hi,

The IP 24.97.75.66 has just been banned by Fail2Ban after
3 attempts against Dovecot-Auth.

I attached around 5 emails that showed the same IP being blocked after 5 attempts each so there is something happening at that address.

I got a response a few days later. I can’t tell if they did anything about it or are just telling me that they don’t bother to read attached, forwarded emails.

Hello,

If you are reporting an e-mail related incident, and you check your email via our webmail service,
you can select all of the spam in your inbox and click on the “Report spam” button, this will send
your spam with all needed information to spamblock@postmaster.rr.com so they can improve our spam
filters.

Bla bla bla….

Road Runner will not accept logs that are not in plain text (ascii) format. Do not attach files to
your e-mail. All logs must be included in the body of the message.

So this is the part I’m not sure about. I guess I can check to see if I continue to get Fail2ban reports on the offensive IP and proceed to block the entire netblock because some admin doesn’t want to read an attachment…

[update 4/6/16]
Yes, there is another set of login attempts requiring the following email:

This is my second report to you. My first included copies of six such
automated and temporary bans. I am unsure if any action was taken by
RR/Time Warner as there was no clear indication that you did actually
review and take action to prevent this connection’s unauthorized access
attempt.

Please let me know that you have taken steps to correct the
unauthorized access attempts from your network.

We’ll see if there is any more satisfactory response.

12/19/2015

Hey Mozilla! PS

Filed under: General — site admin @ 9:27 pm

AND you disabled AdBlock plus? Yeah. Tell me how that makes me MORE secure.

Keep it up. Chrome will become my default browser on ALL my devices. Not that you care.

Next Page »

Powered by WordPress
Comments, opinions and drivel © the poster. Satire protected under Fair Use. Opinion protected under First Amendment (see: Constitution of the United States)
Nothing on this site should be construed as tax, legal, or investment advice. If you need any of those things, seek out a professional whom you can pay for such advice. Posters cannot be held liable for your failure to perform your own due diligence.