OpenDNS

I’ve used EveryDNS (free service) for years to host my DNS services.    Recently I found that they now offer public DNS service for lookups as OpenDNS.   While I still run my own private DNS server for caching and various private addresses.  I now do a simple forward lookup to their servers to gain the extra services they provide… notably Phishing  and typo protection.

Setup is very simple for most users, and even a non-technical person should have no problems following their installation instructions for a single computer/device or an entire network.
Happy networking!!!

Mozilla cache folder

Due to my UNIX background,  I’ve found it helpful, for both security and performance reasons to relocate your ‘cache’ or temporary files to a new location (Unix/Linux gurus may prefer /tmp/) here’s the simple process for doing this on a Windows machine using Firefox.

This is useful for several reasons:

* Moving many of your ‘tmp’ files/folders to a single location makes it easier to “clean house”.
* If you move ‘tmp’ to a separate drive or partition (like in UNIX), your primary drive will be less fragmented and may even show increased performance.

Firefox didn’t make this as easy to change as MSIE, but it’s a trivial matter. Find and edit the prefs.js file in your Profile directory and add the following…

user_pref(“browser.cache.disk.parent_directory”, “C:\\temp\\Mozilla”);

Alternately, you can type “about:config” in the URL/address line of the browser and add the String…

browser.cache.disk.parent_directory with a value of “C:\\temp\\Mozilla”

If you want to keep your existing cached files, you can always copy them over from the old location.

For Windows XP with MSIE6/7, the disk cache location is easily changed in the Internet Control Panel, on the General tab, Settings button. Microsoft seems to change that control panel with every new OS/browser version, but it’s generally named similarly on different configurations.

Good luck !

Windows Remote Desktop (aka Terminal Services) Port Change

There often becomes a need to remotely access/administer a Windows machine.   While I’d normally recommend using a different method such as an VNC connection over a VPN or a SSH Tunnel, you MAY get away with using the built in services.   Even so, using the default port 3389 may prove troublesome with some security mechanisms such as firewalls and proxy servers.   Here’s a simple way around it all…To change the default port for all new connections created on the Terminal Server:

  1. Run Regedt32 and go to this key:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  2. Find the “PortNumber” subkey and notice the value of 00000D3D, hex for (3389). Modify the port number in Hex and save the new value.
    • NOTE: Ports 80 and 443 are recommended because they route well across various networks.

Good luck… now go out and find a “safer” method!

Windows file cleanup/housekeeping

Since I routinely run WAMP servers (see previous article) and develop primarily on Windows machines, I find that a lot of garbage remains on these machines. Often these files are created temporarily and not deleted and/or are created for some perceiver performance gains. Additionally, its often nice to schedule cleanup operations for times when you are not using the machine…. here’s a few common items to consider.

@echo off echo ======= DELETES =========
del /q %windir%*.log
del /q %windir%*.tmp
del /q %windir%securitylogs*.*
del /q %windir%SoftwareDistributionDataStoreLogs*.*
del /q %windir%msdownld.tmp*.*
del /q %windir%$hf_mig$*.*
del /q %TEMP%msdownld.tmp*.*
del /q %TEMP%*.dat
del /q %TEMP%*.log
del /q %TEMP%*.tmp
del /q %TEMP%*.xpi
del /q %TEMP%sess_*.*
del /q %TEMP%logs*.*
del /q c:*.log
del /q c:logs*.*
del /q /s %USERPROFILE%*.dmp
del /q /s %USERPROFILE%SIDisttemp*.*"
echo ======= Prefetch ==========
del /q %windir%Prefetch*.*
echo ======== DEFRAG ===========
%windir%system32defrag.exe c: -f -v >%TEMP%batch_defrag.txt
echo ========= done ============

Options….

echo ======== ANALOG ===========
cd c:analog6.0 analog +glocalhost.cfg
echo ========== IP =============
%windir%system32ipconfig.exe /all > %TEMP%batch_ip.txt
echo ======== NETSTAT ==========
%windir%system32netstat.exe -a > %TEMP%batch_netstat.txt

NOTE: this entry will be updated occasionally!

WAMP Servers

I often find myself administering WAMP (Windows, Apache, PHP/Perl/Python, mySQL) servers…. usually this occurs because it is better ‘supported’ (or perhaps ‘tolerated’) configuration in a corporate alternative to the more common LAMP (Linux… etc.) variety. This gives you the benefit of a centrally controlled operating system while maintaining a mostly open source server environment. Albeit with Microsoft’s poor security record, you’ll be patching it a LOT!

Many common distributions exist… here’s some helpful resources with downloads:

If you are a Java shop, you might also consider the following…

Configuration of each of these is a topic in it’s own right. If you need a shortcut to development, you may want to check out this!

Good luck!!!

Proxy Auto-config

There comes a need for many organizations (or individuals) to establish proxy servers on their network. This is usually done for reasons of security or network topology. While the use of proxy servers simpifies some aspects of networking, it comes at the cost of maintaining the browser configuration of every network device (usually browsers). Netscape provided a mechanism to automate much of this problem by allowing the browser to retrieve the proxy configuration from a centrally managed server.

The proxy autoconfig file is written in JavaScript, it should be a separate file that has the proper filename extension and MIME type when provided from a webserver.

The file must define the function:

function FindProxyForURL(url, host)
{
...
}

1. FILENAME EXTENSION:
.pac

2. MIME TYPE:
application/x-ns-proxy-autoconfig

3. REFERENCES:

4. ApacheHTTP config.

Add the following to the httpd.conf file:

Redirect permanent /wpad.dat {yourdomain}/proxy.pac
AddType application/x-ns-proxy-autoconfig .pac

5. EXAMPLE:

/* 'proxy.pac' - This is the main function called by any browser */
function FindProxyForURL(url, host)
{

if (isPlainHostName(host) || // No Proxy for Non FQDN names
shExpMatch(host, “*.localnet”) || // No Proxy for internal network
shExpMatch(host, “127.0.0.1”) || // No Proxy for LocalHost
shExpMatch(host, “localhost”) || // No Proxy for LocalHost
shExpMatch(host, “mailhost”) || // No Proxy for MailHost
dnsDomainIs(host, “giantgeek.com”) || // No Proxy
return “DIRECT”;

else {
return “PROXY proxy.giantgeek.com:8080; PROXY proxy.giantgeek.com:8090; PROXY proxy2.giantgeek.com:8080”;

} //End else

} // End function FindProxyForUrl

NOTE: Also see my ‘WPAD’ blog entry.

PHP on Apache 2.2 (Win32)

This came as a shock to me a while back, when i started evaluating an upgrade to Apache 2.2 from Apache 2.0.58. It seems that PHP doesn’t ship with a handler for Apache 2.2, as such after a huge headache and little bit of searching I found this article and downloads available at http://www.apachelounge.com/

It should also be added that other great binary assets are available at these sites/

Prior works…

I started my Internet career while still in college and working at a small (<10 employees) marketing company (NEWMAX, which after I left became Explicit Marketing). Several of my early works are still available online, via their portfolio and/or via web archives such as The Internet Archive (aka Way Back Machine).

Here’s a sampling of some of the one’s I can remember.

http://www.newmax.com/
http://www.newmax.net/
http://www.thedigitaldoor.com/
http://www.fdccorp.com/
http://www.olssonroofing.com/
http://www.phoenixbuilders.com/
http://www.teschnerpainting.com/
http://www.plannedparenthood.org/
http://www.ahlithoprint.com/
http://www.bley.com/
http://www.bleymetrology.com/
http://www.bleyproducts.com/
http://www.scottlift.com/
http://www.daviesturner.com/
http://www.deforestgroup.com/
http://www.elkgrovechamber.org/
http://www.synergypeo.com/ (the-synergy-plan.com)
http://www.amer-comfort.com/
http://www.stoutequipment.com/
http://www.irvingpress.com/
http://www.dspins.com/
http://yourpad.com/
http://www.nuveaudesigns.com/
http://www.waucondaorchards.com/
http://www.hollistergrove.com/
http://www.rocketusa.com/
http://www.healthpromo.com/

Adding ‘drop shadows’ to your HTML INPUT fields with CSS

Eventually there comes a time when either you, or your client(s) want you to make your HTML <form>’s sexier… one of the simplest approaches you can take is the addition of a ‘drop-shadow’ to the ‘text’ entry box. One new image and some simple CSS and you’re done!

For the purposes of this article, lets use the image i have here (INPUT white background).

Now for the CSS….
If you’re doing this inline it’ll cause you less trouble if you have a large site and only want this in a few locations.
<input type="text" style="background:#fff url(/images/input_white.png);" value="" />

Now… if you want to put this in an external CSS file you could add a ‘class’ or ‘id’ to this &input> tag, as follows…
<style type="text/css">
input#shadowclass { background:#fff url(/images/input_white.png); }
input.shadowid { background:#fff url(/images/input_white.png); }
</style>
<input type="text" class="shadowclass" name="x1" value="" />
<input type="text" id="shadowid" name="x2" value="" />

NOTE: There are better ways to do the above, but i showed the above to make the implementation obvious.

Now, we can stick the above in an external CSS and use some more specificity to prevent other problems that we’ll elaborate on…

PROBLEM…
If you assign the CSS to the <input> tag itself, you’ll get the undesired background on your CHECKBOX, RADIO, and SUBMIT input types.
The fix… either use a ‘class’ for the cases where you want to apply this style… alternately, apply a ‘class’ for the cases that you don’t want this style.
Future (not well supported currently)… use the ‘type’ in you CSS definition, like so..
input[type='text'] { background:#fff url(/images/input_white.png); }
NOTE: there’s a method in MSIE to use the ‘expression’ concept in your CSS, but i advocate ‘standards’ here, so we won’t delve any further into that topic other than to say it ‘exists’!

So here’s our final approach/recommendation for ‘current’ browsers (in our designs)… you’ll get the shadow ONLY on ‘text’ and ‘password’ input fields and not on the others…

<style type="text/css">
input { background:#fff url(/images/input_white.png); }
input#noshadow { background:transparent; }
</style>
<input type="text" name="x" value="" />
<input type="password" name="p" value="" />
<input type="radio" class="noshadow" name="r" value="" />
<input type="checkbox" class="noshadow" name="c" value="" />
<input type="submit" class="noshadow" name="s" value="" />

WARNING: the background image we use in the example above is only 200px wide, if your text field is larger than that you’ll need to account for it in some way! (otherwise you’ll get a tiled background or run out of ‘shadow’)

More advice…

  1. You can also apply this technique to <textarea> using a similar approach!
  2. This may also be a useful way to indicate ‘errors’, ‘required fields’ or ‘passwords’ in a Rich UI.

P3P 1.0 Implementation guide

Standards documentation is available from W3C at:

NOTES:

  1. Version P3P 1.1 is currently in the works.
  2. Throughout the specifications you’ll see references to “Well-Known Location”, this refers to the default path and naming of these files in the /w3c/ folder.
  3. In my examples below, I have left MOST data empty, the “

xxx” indicates a field that must match between these files.
HTML:


<html>
<head>
<link type="text/xml" rel="P3Pv1" href="/w3c/p3p.xml" />
</head>
<body>
...
</body>
</html>

HTTP Header:

p3p: policyref="/w3c/p3p.xml", CP="TST"

/w3c/p3p.xml:


<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<META xmlns="http://www.w3.org/2002/01/P3Pv1">
<POLICY-REFERENCES>
<POLICY-REF about="/w3c/privacy.xml#xxx">
<INCLUDE>/*</INCLUDE>
<COOKIE-INCLUDE name="*" value="*" domain="*" path="*" />
</POLICY-REF>
</POLICY-REFERENCES>
</META>

/w3c/prixacy.xml


<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1">
<POLICY name="xxx" discuri="/index.html" xml:lang="en">
<ENTITY>
<DATA-GROUP>
<DATA ref="#business.name"></DATA>
<DATA ref="#business.department"></DATA>
<DATA ref="#business.contact-info.postal.name.given"></DATA>
<DATA ref="#business.contact-info.postal.street"></DATA>
<DATA ref="#business.contact-info.postal.city"></DATA>
<DATA ref="#business.contact-info.postal.stateprov"></DATA>
<DATA ref="#business.contact-info.postal.postalcode"></DATA>
<DATA ref="#business.contact-info.postal.country"></DATA>
<DATA ref="#business.contact-info.online.email"></DATA>
<DATA ref="#business.contact-info.telecom.telephone.intcode"></DATA>
<DATA ref="#business.contact-info.telecom.telephone.loccode"></DATA>
<DATA ref="#business.contact-info.telecom.telephone.number"></DATA>
<DATA ref="#business.contact-info.online.uri"></DATA>
</DATA-GROUP>
</ENTITY>
<ACCESS><nonident/></ACCESS>
<DISPUTES-GROUP>
<DISPUTES resolution-type="service" service="/index.html" short-description="Customer Service">
<LONG-DESCRIPTION></LONG-DESCRIPTION>
<REMEDIES><correct/></REMEDIES>
</DISPUTES>
</DISPUTES-GROUP>
<STATEMENT>
<CONSEQUENCE>We record some information in order to serve your request and to secure and improve our Web site.</CONSEQUENCE>
<PURPOSE><current/><develop/><admin/></PURPOSE>
<RECIPIENT><ours/></RECIPIENT>
<RETENTION><stated-purpose/></RETENTION>
<DATA-GROUP>
<DATA ref="#dynamic.clickstream"/>
<DATA ref="#dynamic.http"/>
</DATA-GROUP>
</STATEMENT>
</POLICY>
</POLICIES>

REFERENCES:

  • http://www.w3.org/TR/2000/CR-P3P-20001215/
  • http://msdn.microsoft.com/en-us/library/ie/ms537343%28v=vs.85%29.aspx#unsatisfactory_cookies