Category Archives: Software / Applications

cab_XXXX Files in your C:\Windows\Temp Folder

You may have noticed the Windows TEMP folder filling up with cab_XXX files on systems, probably more servers than anything. It appears that makecab.exe is trying to zip CBS log files in the C:\Windows\Logs\CBS folder, these files can be rather large and for some reason it’s unable successfully complete the operation, so it creates this cab file instead… every 30 minutes.

The only solution i’ve been able to find is to run the following two commands to clean up the files, the second line will remove the CbsPersist files that makecab.exe is trying to compress:

cmd.exe /c del C:\Windows\Temp\*cab* /Q
cmd.exe /c del C:\Windows\Logs\CBS\*CbsPersist* /Q

Run Python Script in Background at Startup

The easiest way to do this is to run the script using crontab, but I would advise testing you script well first as you could make a script that causes problems.

$ crontab -e

and add the line:

@reboot /home/vivek/bin/python_script.py

Save and close, and then run

# update-rc.d cron defaults

Once you reboot the script will start automatically.

A fatal error occurred while trying to sysprep the machine

This appears to be a problem with relation to the Windows 8.1 Metro Apps and I resolved by doing the following (NB. critical to observe the sysprep log file (setuperr.log);

  1. Take Snapshot
  2. Run Sysprep: sysprep /generalize /oobe /shutdown
  3. When the error occurs, check the error log and then query the problem package using PowerShell (insert name of package into the “”). Get-AppxPackage -AllUsers | Where Name -Like “”
  4. Once you have it run the following to remove the package; Get-AppxPackage -AllUsers | Where Name -Like “” | Remove-AppxPackage
  5. Repeat steps 3 and 4 until successful.

If you don’t care whatsoever for Metro Apps (which is the case in our environment) you could just run the following and remove all packages; Get-AppxPackage | Remove-AppxPackage

Windows 10 Update P2P Distribution

In Windows 10 there is a new feature added to Windows update, the P2P distribution of Windows updates. This is done to to reduce the load on Microsoft’s servers and that’s probably pretty heft given how many Windows computers are actually in the world, but maybe not so good for people with data caps or excess changes on there data usage.

Lots of people have panicked about this with some major sites saying you should turn this feature off completely, which is a stupid move on their part. This feature can be leveraged in your favour to save you some metered data.

My advice is to set this feature to On and set it to only use PCs on my Local Network.

Follow these steps:

  1. Search for “Check for updates” in the Start menu.
  2. Under “Windows Update” choose “Advanced options.”
  3. Under “Choose how updates are installed” click “Choose how updates are delivered.”
  4. Click on the option “PCs on my Local Network.”

Windows 10 Updates Advanced Settings

This will restrict the sharing of updates files to your local network meaning other Windows 10 computers in your network will be able to leverage updates that they all have saving you data by only needing to download the update files once.

Webserver on Raspberry Pi

As an experiment this site is now running on my Raspberry Pi.

Assumptions you have setup your Raspberry Pi with Raspbian with a static IP, and allowed port 80 through your firewall to that static IP address.

Please remember to make sure you OS is up to date:

sudo apt-get update; sudo apt-get upgrade

Installing Nginx

The first peace of software you will need to install is Nginx

sudo apt-get install nginx

Now we can start Nginx

sudo /etc/init.d/nginx start

You can now test if it’s working by putting in the IP address of your server in a browser to see if it works e.g. http://192.168.0.1

The browser will now display a Page saying “Welcome to nginx”

Install PHP

Use the next command to install PHP

sudo apt-get install php5-fpm

Now we need to make some configuration changes, now we need to make some configuration changes

sudo nano /etc/nginx/sites-available/default

Scroll down the configuration file and uncomment by removing the #

listen 80; ## listen for ipv4; this line is default and implied

Set the serve name to your server name

server_name www.webwhitenoise.com;

Change the index line to the following

index index.php index.html index.htm;

Uncomment the next section in the configuration file

location ~ \.php$ {
 fastcgi_split_path_info ^(.+\.php)(/.+)$;
 # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
 
 # # With php5-cgi alone:
 # fastcgi_pass 127.0.0.1:9000;
 
 # # With php5-fpm:
 fastcgi_pass unix:/var/run/php5-fpm.sock;
 fastcgi_index index.php;
 include fastcgi_params;
 }

Now exit from nano and remember to save the changes

Now we need to edit the php.ini configuration file

sudo nano /etc/php5/fpm/php.ini

Find cgi.fix_pathinfo in the file and change it as follows

cgi.fix_pathinfo=0

Now we need to reload PHP and Nginx

sudo /etc/init.d/php5-fpm reload && sudo /etc/init.d/nginx reload

You can now test if PHP is working on Nginx by adding a index.php file tot he root of the server

cd /usr/share/nginx/www
sudo nano index.php

Add the following line to the file

<?php phpinfo(); ?>

If you now refresh the webpage we opened earlier in the browser it shlould display the PHP info page.

Install MySQL server

Now we install MYSQL

sudo apt-get install mysql-server

As a part of this process you will be prompted to enter a password, this password will be the root password for MySQL.

Once this process completes install MySQL Client and MySQL PHP components

sudo apt-get install mysql-client php5-mysql

Now we need to setup a database and user in MySQL

Connect to the MySQL Server using the root user, you will be prompted for the password

mysql -uroot -hlocalhost -p

We now create a database, wordpressdb represents the name of the database

CREATE DATABASE wordpressdb;

Now we create a user for WordPress to use to access the database, wordpressuser represents the user id and password_here a password. Root should not be used

CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password_here';

Now we grant this user access tot he database

GRANT ALL PRIVILEGES ON wpdb.* TO 'wordpressuser'@'localhost';

Flush the privileges for the changes to take effect

FLUSH PRIVILEGES;

Now press CTRL + C to exit MySQL

Now test the username against the database

mysql -uwordpressuser -hlocalhost wordpressdb -p

Now press CTRL + C to exit MySQL

Finished

You now have a working server server with Nginx, PHP and MySQL ready to use.

SSLv3 POODLE Bug CVE-2014-3566

What is it:
POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack.

POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3 which was release in 1996. It does not affect the newer encryption mechanisms known as Transport Layer Security (TLS).

How Can I Fix my Browser?
Follow some recommended steps to disable SSLv3 support in your browser. Patches and software updates are mentioned latter in this article.

Chrome – Windows

Chrome had an update released in February that added a feature that in theory protects against this vulnerability, however someone people have claimed the adding –ssl-version-min=tls1 to the short cut will disable SSLv3 and earlier but I have not seen this work as in actually disabling SSLv3.

Chrome – Linux (Ubuntu) – gertvdijk on AskUbuntu

Open /usr/share/applications/google-chrome.desktop in a text editor
For any line that begins with “Exec”, add the argument–ssl-version-min=tls1
For instance the line Exec=/usr/bin/google-chrome-stable %U should become Exec=/usr/bin/google-chrome-stable –ssl-version-min=tls1
Reboot

Firefox

Put “about:config” in your address bar and press enter
Search throught he list of entries for “security.tls.version.min”
Double click on this item and enter the number 1, click ok

Internet Explorer

Launch “Internet Options” from the Start Menu
Click the “Advanced” tab
Uncheck “Use SSL 3.0”
Click “OK”

I’m a Server Admin What Can I Do to Protect My users:

Disable SSLv3 or lower on your servers, review your SSL Settings & make sure things are in the right order & following best practice which is pretty much to use TLS 1.0 or greater.

In large networks it may be necessary to deploy a group policy setting to disable SSLv3. Guide

How to I disable SSLv3 on X?:

I don’t feel that I’m experienced enough to give advice on Apache or any Linux HTTPS Deamons so I would advise that your check out the Linux community for your distro as they will most likely have information on securing your servers.

As I’m more familiar with IIS (Internet Information Server) I’m happy to  provide a link to Nartac Software Inc. GUI tool that allows you to set YOUR SSL settings, I recommend you set you server to the FIPS-140-2 standard using this software.

Changing the settings on windows will also effect other services on you system so make sure you test production environments after making these changes.

How do I know if a Site I’m Visiting is Vulnerable/How do I test My site?:

Qualys, Inc. provides a wonderful tool, SSL Server Test, it can tell you how well your server is doing when it comes to your SSL configuration in general. If you don’t have an A- A or A+ ratting you seriously need to look at your websites security then again maybe you don’t give a site about the people who visit your site. (Your pretty negligent aren’t you)

But remember even if you have an A ratting your site might still be poorly configured or have other issues. e.g. Some sites preference SSLv3 over TLS even though they have TLS enabled.

When are the software updates going toe be available?:

SSLv3 = Never, the Bug is a fundamental design flaw of the protocol.
Firefox = Mozilla has indicated that a patch will be available on the 24/25th November 2014, this update will remove SSLv3 from Firefox
Chrome = Google has not specified when or iff SSLv3 will be removed yet but claims that “Any version of Chrome since February 2014 (Chrome 33 onwards) is protected against this vulnerability.” They have also said “In the coming months, we hope to remove support for SSL 3.0 completely from our client products.”
Internet Explorer = “Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs” , Microsoft provides updates after or on the Second Tuesday of the month unless need arises that it be fixed sooner. (Should be on November 11 or the day after)

Windows XP – The End

As of today if your still running Windows XP then you have a big problem. There will be no more security updates for Windows XP.

You may have notice this message on your computer recently as well.

Windows XP End of Support NoticeYou pretty much have no choice now, disconnected Windows XP from the internet or upgrade because it will just be a matter of time before you pay the price with a security breach if you havn’t already been hit.

Windows 8.1 Update 1

Windows 8.1 Update 1 downloads, thats right you can download the updates now. Most of the changes in this update are designed to win back users who were unhappy with the interface changes mad in Windows 8 that are really designed for using a touch screen.

These updates must be applied in order:

  1. KB2919442
    x86: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2919442-x86_94ee3d715e732ed28c64b8096327375a35f5d211.msu
    x64: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2919442-x64_f97d8290d9d75d96f163095c4cb05e1b9f6986e0.msu
    ARM: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2919442-arm_506ed7113697c597c2859d295d562fa4311834ec.msu
  2. KB2919355
    x86: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2919355-x86_de9df31e42fe034c9a763328326e5852c2b4963d.msu
    x64: download.windowsupdate.com/d/msdownload/update/software/crup/2014/02/windows8.1-kb2919355-x64_e6f4da4d33564419065a7370865faacf9b40ff72.msu
    ARM: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2919355-arm_a6119d3e5ddd1a233a09dd79d91067de7b826f85.msu
  3. KB2932046
    x86: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2932046-x86_bfd8ca4c683ccec26355afc1f2e677f3809cb3d6.msu
    x64: download.windowsupdate.com/d/msdownload/update/software/crup/2014/02/windows8.1-kb2932046-x64_6aee5fda6e2a6729d1fbae6eac08693acd70d985.msu
    ARM: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2932046-arm_fe6acf558880d127aef1a759a8c2539afc67b5fb.msu
  4. KB2937592
    x86: download.windowsupdate.com/d/msdownload/update/software/crup/2014/02/windows8.1-kb2937592-x86_96a3416d480bd2b54803df26b8e76cd1d0008d43.msu
    x64: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2937592-x64_4abc0a39c9e500c0fbe9c41282169c92315cafc2.msu
    ARM: download.windowsupdate.com/c/msdownload/update/software/crup/2014/02/windows8.1-kb2937592-arm_860c83a0cccc0519111f57a679ae9f9d071315e5.msu
  5. KB2938439
    x86: download.windowsupdate.com/c/msdownload/update/software/crup/2014/03/windows8.1-kb2938439-x86_ac9aca7e41c8e818edbea0a8026189ee086f7aa2.msu
    x64: download.windowsupdate.com/c/msdownload/update/software/crup/2014/03/windows8.1-kb2938439-x64_3ed1574369e36b11f37af41aa3a875a115a3eac1.msu
    ARM: download.windowsupdate.com/d/msdownload/update/software/crup/2014/03/windows8.1-kb2938439-arm_4a536d9ddcd9993cbe4fbc309ebd50a18d65f954.msu
  6. KB2949621 – Sorry don’t have an address for this last one
    x86:
    x64:
    ARM:

Office 2013 KMS Client Product Keys

The following product keys can be entered into the product key field in your office application when your computer is joined to a Active Directory with a valid working KMS server. These keys are only for this scenario & are published publicly on the Microsoft Website.

Generic Volume License Keys for Office 2013

Product GVLK
Office 2013 Professional Plus YC7DK-G2NP3-2QQC3-J6H88-GVGXT
Office 2013 Standard KBKQT-2NMXY-JJWGP-M62JB-92CD4
Project 2013 Professional FN8TT-7WMH6-2D4X9-M337T-2342K
Project 2013 Standard 6NTH3-CW976-3G3Y2-JK3TX-8QHTT
Visio 2013 Professional C2FG9-N6J68-H8BTJ-BW3QX-RM3B3
Visio 2013 Standard J484Y-4NKBF-W2HMG-DBMJC-PGWR7
Access 2013 NG2JY-H4JBT-HQXYP-78QH9-4JM2D
Excel 2013 VGPNG-Y7HQW-9RHP7-TKPV3-BG7GB
InfoPath 2013 DKT8B-N7VXH-D963P-Q4PHY-F8894
Lync 2013 2MG3G-3BNTT-3MFW9-KDQW3-TCK7R
OneNote 2013 TGN6P-8MMBC-37P2F-XHXXK-P34VW
Outlook 2013 QPN8Q-BJBTJ-334K3-93TGY-2PMBT
PowerPoint 2013 4NT99-8RJFH-Q2VDH-KYG2C-4RD4F
Publisher 2013 PN2WF-29XG2-T9HJ7-JQPJR-FCXK4
Word 2013 6Q7VD-NX8JD-WJ2VH-88V73-4GBJ7

Generic Volume License Keys for KMS and Active Directory activation

It’s time to update Messenger to Skype!

When Microsoft purchased Skype it was pretty obvious that Messenger was probably going to either be merged, or disapear. This ancouncment from Microsoft spells then end of messenger.

Hello,

We are retiring the existing Messenger service globally (except for mainland China where Messenger will continue to be available) and bringing the great features of Messenger and Skype together. Update to Skype and sign in using a Microsoft Account (same as your Messenger ID) and all your Messenger contacts will be at your fingertips. You’ll be able to instant message and video chat with them just like before, and also discover new ways of staying in touch with Skype on your mobile and tablet.

Update Now
Yours sincerely,
The Messenger Team