Windows XP Roaming Profile Synchronization Issues
Roaming profiles allow us to access files that we often use on any computer joined to the network, easily replace old computers, and provide greater network security. There are on occasion, special circumstances that cause the log-on/log-off synchronization process of these profiles to fail. Generally when this happens the icon pictured fourth from the left below will appear in the task bar.
This causes your roaming profile to refuse to load or breaks NetBIOS connections even after a reboot of the system. You are still able to connect to network shares if you use the ip address of the network computer(s). To correct this problem, go to My Computer=>Tools=>Folder Options=>Offline Files. This will open the screen pictured below.
Now what you need to do is hold down Ctrl+Shift and click on Delete Files. Answer yes to the confirmation prompt, click ok and then restart your computer. After the restart, you will find that your profile loads normally and there are no more connection issues involving NetBIOS names.
GHTime Code(s): a6f56 c3749 ab27a
Windows XP – Reclaim Lost Hard Drive Space
The network I administer at work has an even mix of new and old computers. The problem with the older computers are the small hard drives and low amount of memory. I constantly have employees telling me that their computers are running slower than normal and that they are getting low resources error messages.
Below are the steps I use to free up space on these machines:
- Click Start => My Computer
- Now we want to right click on the drive that Windows is installed on and click on Properties.
- Once the properties dialog opens, click on Disk Cleanup. (This will take a few seconds to minutes to load)
The next steps require a little more explanation.
Before we use Disk Cleanup to get rid of any files, let’s click on the more options tab. This tab allows us to remove components, installed programs that we don’t use and old system restore points. Assuming you have system restore enabled, which by default it is, you will be able to regain a considerable amount of space by selecting this option.
Look at the amount of free space you have and remember the number. Now click on the Clean Up button for System Restore and answer yes to the prompt. You will not see any progress bar or get confirmation that this operation has completed. Wait about 10 seconds and view your free space again. Did the number change? When I did this on my computer I regained a little over 3 gigs!
Now click back on the Disk Cleanup tab. This tab gives us a list of file types with the amount of space they take up plus their descriptions down below. Click on each one to find out what they do to help you decide if you should delete them or not. I typically delete everything except for Office setup files and I don’t compress old files. Once you have the files you want to remove selected click on ok and answer yes to the prompt.
That’s pretty much sums up the process I use to reclaim drive space on Windows XP machines.
GHTime Code(s): 25e9a 52ce5Linux System Update Script
In my experience with Linux distributions, Slackware and Ubuntu/Kubuntu, there are a couple of different methods used to update the system. Of course we can always use a gui to do the updates but what fun is that?
The two commands used to update a Debian based system are:
safety@nDarkness:~/bin$ sudo apt-get update; sudo apt-get upgrade
Now while this doesn’t require a great deal of typing, let’s see if we can shorten it to suit our needs.
If you do not already have somewhere to store your personal scripts, the following command will do this for you and allow you to enter the code we will use:
safety@nDarkness:~$ mkdir bin; cd bin; vi apt-auto
Press i for insert and create the following script:
#!/bin/bash sudo apt-get update; sudo apt-get upgrade
This is all we need to type for our script to produce the results we are looking for. Now let’s save our script by pressing Esc => :wq => .
To run our script we can type:
safety@nDarkness:~/bin$ bash ./apt-auto
You should see the output from the two commands used in the script printed to the screen. Now let’s make our script executable so we don’t have to type bash to make it run.
The following command will accomplish what we are looking for:
safety@nDarkness:~/bin$ chmod +x apt-auto
Now to run our command we simply need to type:
safety@nDarkness:~/bin$ ./apt-auto
We now have a working script to do our update process and it is significantly shorter than the first option we used. As always all comments are welcomed.
GHTime Code(s): 47bd7 ncMicrosoft Exchange Recovery Mode and How to Fix it
I had a user this week that was experiencing trouble with Outlook. Every time they opened the program they received a prompt similar to the one below.
-
Exchange is currently in recovery mode. You can either connect to your Exchange server using the network, work offline, or cancel this logon.
Not only was the prompt annoying, the shared calendar and contacts crashed the program whenever you tried to access them.
After doing some digging I found a solution that fixed the problem.
- Start Outlook and select Connect.
- On the Tools menu, click E-mail Accounts.
- Click View or change existing e-mail accounts, and then click Next.
- Click the Microsoft Exchange Server account, and then click Change.
- Click More Settings, and then click Advanced.
- Clear the Use Cached Exchange Mode check box, and then click Apply.
- Instead of exiting Outlook at this point click Offline Folder File Settings, and then click Disable Offline Use.
- Click Yes to the prompt, OK, Next, and Finish
- Close Outlook and start it again.
- Repeat steps 1-5
- Now reselect the Use Cached Exchange Mode check box, exit, and then restart Outlook.
That’s it now Outlook will no longer give the prompt and everything will be back to normal.
GHTime Code(s): 8a2b1 09c54 ncWordPress – DM Albums Version 2.0 Critical Vulnerability
The latest version of DM Albums was released on 10/21/2009 to all WordPress users and it contains a serious flaw that can allow an attacker to remotely delete any file or folder they wish. The author has been notified of the problem and I have listed a work around below to prevent directory traversal.
After upgrading to the latest version of DM Albums I was playing with the new features and noticed the function to delete albums. I dug into the code located at wp-content/plugins/dm-albums/wp-dm-albums-ajax.php and found that there is no check to see if someone has used directory traversal. This means that anyone can delete files or directories outside of the upload directory.
Example:
http://someblogsite/wp-content/plugins/dm-albums/wp-dm-albums-ajax.php?delete_album=../../../public_html
The vulnerable section that allows this to take place is:
-
if(isset($_GET["delete_album"]) && !empty($_GET["delete_album"]) && strlen($_GET["delete_album"]) > 0)
{
//delete the album directory
dm_get_album_delete($DM_UPLOAD_DIRECTORY . $_GET["delete_album"]);
}
In this code there is no check to see what is contained in the GET variable and you don’t even need to be logged in to delete files.
Below is a quick and dirty work around to prevent the problem and I would suspect there will be more checks to ensure that user input is sanitized in the near future. This work around will not prevent malicious users from deleting your albums but it will keep folders outside of the upload directory safe.
-
if(isset($_GET["delete_album"]) && !empty($_GET["delete_album"]) && strlen($_GET["delete_album"]) > 0)
{
//remove the / character from user input
$_GET["delete_album"] = str_replace(“/”, “”, $_GET["delete_album"]);
//delete the album directory
dm_get_album_delete($DM_UPLOAD_DIRECTORY . $_GET["delete_album"]);
}
Once I hear back from the author I will update this post to let everyone know the outcome.
Update: A new release, v2.0.1, with the above mentioned work around has been released. We should also expect to see another update in the next few days that will employ more security checks and some upgrades for WordPress multi user environments as well.
GHTime Code(s): dc678 16e08 522fd 08095 nc 68ef8