Saturday, July 14, 2012

Use VNC Instead Of A Monitor

Have an extra PC but no monitor? Use VNC to control it. It's less expensive than a monitor, easy to use, and saves space. (A great way of checking in on the kiddos as well. ;)). VNC can also be used to control your PC from your cellphone, and vice versa on a rooted phone. RealVNC offers this service with good performance and low memory usage on a LAN. There are plenty of third-party client/server programs freely available for Windows, Mac, and Linux, and newer Windows versions have a built-in RPC utility that can be controlled from other programs as well. I have used M$'s RPC version on a few occasions, but I still prefer third-party VNC applications. It's is easy to setup on a LAN, a bit more trouble if you intend to use it over the internet. Everyone with a network should have VNC installed on their machines and accessible from their computer. It's so much easier when the kids yell "Mom!" or "Dad! My computer is messing up again!". You will be glad you did.

I found a few Youtube videos that show how to configure and setup my Windows favs, RealVNC and TightVNC, and a demo of VNC on a smartphone. Setting this up is a breeze and well worth it.

For Linux, I recommend the Remmina client coupled with "Remote Desktop" server for Linux distros. These are installed from the package manager and configured in much the same way. Remmina has the ability to handle both VNC and RPC servers. I love it.

Here are the videos:

A Viable Alternative To Dreamweaver

I used Dreamweaver for years to develop websites. I like the clean layout and abundance of features (like FTP, server side editing, and preview), it seemed like the only alternative for my web designing needs. I couldn't imagine designing without it. Then something happened. Windows 7. I disliked the OS. A lot. Not because it was a POS like Vista, but because it reminded me of the best features found in other operating systems. Gone were the little quirks brought on by "Microsoft's way", but the OS just too darn slick and quite a departure from previous versions. But I digress. The point I'm not making very well is this: my computing needs and wants changed. I went with Linux and never looked back. I tried running Dreamweaver in Wine, but that was not an alternative. The search was on for a new development tool that was more than just an editor and a list of files.

I tried Seamonkey. No joy there. The lack of features turned me off the minute I tried it. Next, I performed a web search and found Aptana Studio (there is a version for Windows as well as Linux). I had nothing to lose and everything to gain, so I installed it. I fell in love immediately. The interface is intuitive, there are plenty of features for shell scripts, XML, CoffeeScript, Capistrano, etc. It natively supports HTML (including HTML 5), CSS, Javascript, and Ruby. It's interface sports the ability to adapt to multiple platforms through the use of bundles. Bundles contain hundreds of commands for platforms such as Drupal, Boxee, Titanium Desktop, Titanium Mobile, JQuery, and Wordpress. It also sports a built-in terminal. Like Dreamweaver, all of my website files are accessible through a left panel, has line numbers, and even a preview function for my html! Other features include debugging, skinnable interface, the ability to open URLs, code completion, code highlighting, among many more. This is the alternative I was seeking.

There are some differences and lack of features I am happy to live with, especially for the price (free). Lack of FTP is really no big deal. I found I prefer a good full featured FTP program to deal with permissions, local directories, and connectivity in general. Lack of automatic table insertion is a pain. I don't use tables often, but when I do typing all of those trs and tds really annoy me.

This IDE is based on Eclipse and is offered as an Eclipse add-on or a stand alone version. I found the Eclipse add-on version to be buggy and not function quite as well as the stand alone version. This IDE has been the perfect alternative to Dreamweaver. I would recommend this application to any web developer looking for an alternative to Dreamweaver, no matter what OS you are using.

Friday, July 13, 2012

Encrypt Your Information With TrueCrypt

TrueCrypt is an encryption program capable of creating encrypted partitions and file containers on your hard drive or USB stick. It also gives you the flexibility to hide the encrypted patitions from prying eyes. There are several algorithms to choose from, all use a 256 bit key, and all of them will encrypt your files nicely. TrueCrypt has the ability to remove/unencrypt partitions as well. Drives encrypted with this program can not be accessed on other systems that do not have TrueCrypt installed. If you forget your password, you lose your data.

The TrueCrypt homepage is located at http://truecrypt.org and the installer files can be found under "Downloads". After picking your "poison" so to speak, install TrueCrypt, insert external drives if needed, and run the program to setup your encrypted partitions or file containers.

Click "Create Volume" to get the process started. The program then prompts you to create an encrypted file container or volume on a partiton, volume type, volume location, encryption options, volume password (write this down), and format options (FAT for USB). You will be asked to wiggle your mouse within a window to increase cryptographic strength, and the process is completed.

TrueCrypt is a "true" security tool. It does not provide any way of recovering your password (what would be the point?), has the ability to hide protected partions, and it provides strong encryption. IMHO this is the best encryption program I have used, hands down. Builds are available for Linux, Windows, and Mac which makes it a good choice for all users.

Thursday, July 12, 2012

Sending Text Messages Via Computer

There are a plethora of messaging clients for Windows that will handle SMS messaging. There aren't that many options for Linux, and the ones that are available rely on AT commands to a tethered device or access to a SMS gateway. Linux chat clients are great for chat networks, but lack any type of SMS feature. After engaging in an extended text conversation with my wife (on a phone with a hideous onscreen keyboard), I knew there had to be a better way. I found two ways that will work on any platform, and here they are:

Yahoo! Messaging

Since Yahoo integrated their Messenger app into Yahoo Mail, there is no more need for a chat client to accomplish SMS through their chat network. Log onto Yahoo Mail, sign into the Messenger service, select a contact with a cell number, and chat. This is by far the easiest solution I have found.

Other Online Mail Services

This method can be accomplished with email clients as well, but online services allow real "text" time responses without clicking "Receive Mail". Save your contact's cell messaging address as a secondary email, and chat through email. For example: 1234567890@messaging.sprintpcs.com will send a message to phone number 1234567890 on the Sprint network.

Here is a short list of messaging server addresses that can be used with any email client:

  • AT&T/Cingular - Cell # @txt.att.net or Cell # @cingularme.com
  • Sprint PCS - Cell # @messaging.sprintpcs.com
  • T-Mobile - Cell # @tmomail.net
  • US Cellular - Cell # @email.uscc.net (SMS)
  • Verizon - Cell # @vtext.com
  • Virgin Mobile USA - Cell # @vmobl.com

Some Things Are Just Kewl: Steganography

Steganography is hiding information inside of another file, usually an image, but could be anything from mp3s to pdfs. There are many tools freely available for this purpose. There are many purposes for using stego, legitimate or not. While this is something really kewl, it can be dangerous as well. All kinds of things can be hidden in an image. Text, other files, scripts, etc. The secret behind most forms of stego is file headers. Beyond that stego can be encrypted and password protected to keep prying eyes at bay. I'm going to show you a really simple (and unencrypted for legal reasons) way of hiding an executable jar file in an image. The kewl thing is that it can run by any JRE, and opened in WinRAR.

Simple Windows Stego Example

Stego can be performed stright from the command line in Windows. It's kind of like using data streams to hide data, but that's another topic. To hide an executable jar file (or other compressed file) in a gif, open a dos box in a directory where both files are present, and use the command "copy /B my_gif+stuff.jar combined_file.gif". Make sure your gif is large enough to mask the added data. The file can be viewed in an image viewer like any other image file. Set execute permissions and open it with any Java JRE, and the executable jar will run. You can also use WinRAR to open the compressed file and view it's contents.

a Working Example

Download the file below and open it in an image viewer. You can go into file properties and make it executable, and run it from a Java JRE (or java -jar gnome.gif from the same directory).This file can be extracted with the unzip utility (unzip gnome.gif)

Linux Example

You can do this in Linux as well. Open a terminal in a directory containing a jar and gif file, and issue the command "cat my_jar >> my_gif.gif" and the newly created gif will contain the information. Here is a youtube video I put together: http://youtu.be/c4twCZyyRyw

A Warning About Downloading Stego Software

Stego software with encryption ability is illegal to download from some countries. Their laws do not permit the exportation of software containing strong encryption. You have been warned.

Stego has many uses including copyright protection, storage of sensitive information, transmission of sensitive data over public networks, and even executing programs. Many people either don't know about, or underestimate the power of hidden data. Sometimes things aren't always as they appear.

Wednesday, July 11, 2012

Repair Windows 7 Hosts File

Windows 7 comes with an odd quirk: the hosts file is ignored. For those of you who may not know what the hosts file does, it contains a list of network addresses and allows you the flexibility to block them or change them. Malware can invade this file and wreak havoc on your internet connection. There are websites that contain custom hosts files that allow you to block internet advertising (like SomeoneWhoCares.org). It's a useful tool for network administrators. It befuddles me why Win 7 has this problem, though I can speculate. Perhaps it's a part of Windows security. Maybe the original hosts file is corrupt. Whatever the reason may be, Windows 7 is ignoring it.

The fix is so easy, it's almost laughable. Simply delete the old one and replace it with a new one. That's all there is to it. To do it, you will need administrative privileges. Log in as administrator. Open the directory C:\Windows\System32\drivers\etc\ in Windows Explorer. Right-click the "hosts" file and select "Open file". If prompted, select "Notepad" as the program to open it. Select all and copy. Minimize the window. Now open up Notepad as administrator (right-click >> Run as administrator) and copy the contents into a new file. Close the minimized copy. Go to Windows Explorer and delete the "hosts" file. Go back to Notepad, click "File >> Save As", navigate to C:\Windows\System32\drivers\etc\, and save the file as "hosts" without any extension (not "hosts.txt", just "hosts"). That's it. Problem solved.

Tuesday, July 10, 2012

Tracking Down Windows Malware

I know from experience how difficult tracking down unwelcome system guests can be. Once an infection takes root, it invites other "guests" and before you know it there are several of them residing on your hard drive. They are becoming more difficult to remove due to the increasing prowess of malware programmers. In fact, I have experienced many infections that could not be resolved due to the number of malicious files or a single program continually reinstalling itself. One can speculate as to how these programs may operate, but the only sure way of cleaning your system is a wipe down and reinstallation of the operating system. There are cases where infection hasn't reached critical mass and the critters can be removed with reasonable certainty. I'm going to give you some pointers on where to look, and what tools to use.

If you suspect infection, turn off system restore. It's located in the Start >> All Programs >> System Tools menu. Chances are the malware has already been saved and any attempts to use the restore function will only reinstall the software on your PC. This is one "feature" of Windows that is both very good, and very bad. For obvious reasons. Backup your bookmarks, passwords, user directory, or any other files you wish to keep. Crank up the browser and delete all temporary files and cookies. Turn off all plugins and helper applications. If any helper objects were recently installed, uninstall them.

If you have access to the internet, visit Trend Micro's Housecall and do a scan. Any existing antivirus program may have been disabled or compromised. A scan from a clean machine needs to be performed. Most malware resides in either the User directories or the Windows directory, unless a malicious program has been installed. If an entire program has been installed, try uninstalling it. if it will not uninstall, remove the program's files from the Programs directory and remove it from the menu. After the scan is finished, and the changes have been accepted, don't restart your computer right away.

If you don't have internet access, or your machine becomes unresponsive in normal mode, reboot into safe mode (F8 >> Choose safe mode). Make sure you are logged in as Administrator. Uninstall any recently installed software, including browser plugins and helpers. Check the hosts file located in the C:\Windows\System32\Drivers\etc folder. Open the file in notepad and examine. If it doesn't look like the one pictured below, and there are a lot of entries, remove them until the file looks exactly like the picture below. BTW, those are tab spaces between the IP and domain addresses. Save and close. Open a command prompt (Start >> All Programs >> Accessories >> Command Prompt, or Start >> Run enter cmd) and type in netsh int ip reset c:\resetlog.txt, and hit enter. This resets the TCP/IP stack and places the log in the root directory. Check connection. If you still don't have internet, you need a professional, sorry.

Click Start >> All Programs >> Accessories >> Run (or Start >> Run for older Windows versions), type in msconfig, and hit enter. A window will pop up resembling the one below. Click the Startup tab. This is where startup can be customized. Exercise caution and DO NOT uncheck anything that your computer manufacturer has loaded, ESPECIALLY on a laptop. You should have a pretty good idea of what programs are running on your system, like AV, Roxio, Nero, Java, etc. A tell is an entry with no manufacturer name, but legit files don't always show a manufacturer. It's always a good idea to research something before removing it from the start routine. Stay away from entries with "key", "touchpad", "smartpad", "mouse", or any variation thereof especially if the computer manufacturer loaded it onto the system or else when the system reboots, there may no way of controlling it.

Go back to the Run dialog, type in prefetch, hit enter. Select every file in this directory and delete it. Check the hosts file as outlined above. Check your firewall for any unauthorized open ports. Now reboot and rescan. If all is clear, double check msconfig, turn Windows Restore back on. If not, repeat until everything is gone or you get ready for other measures.

Additional Steps:

If you are comfortable editing the Windows registry, Autoruns is an excellent tool for checking and editing registry entries. Entries ending in \Run or \Startup need to be checked as well as Browser Helper Objects and Task Scheduler. File creation times and knowing the location of legitimate files is extremely helpful. Backup your registry (and save it to the root drive) before editing or you may toast your entire Windows installation. Autoruns also displays the path to the file for easy removal. You may have to remove files from safe mode.

If a reinstallation of the OS is necessary, don't do an "over the top" install. Format your disk (better yet, wipe it with DBAN) beforehand.

If there is access to another PC with AV on it, remove the drive from the infected machine and slave it to the other PC in lieu of an online scan. Many Linux live CD's have clam AV installed. That could be used to scan the infected drive from the Optical drive without having to remove anything. Check it out here.

Try getting some help at PC Mech Forums. They have friendly and knowledgeable admins (and users) that may be able to help.

Getting rid of these critters is not fast or easy. Sometimes it takes a professional to track it down on the fly. Malware can hide anywhere on your system, and has the ability to masquerade as legitimate processes. The easiest option is always a format and install after a thorough backup. it could take even the most seasoned tech hours to remove, or to reach the realization that a format and install is the only way to go. These steps are a good starting point for removal, but far from a comprehensive guide. As you can see it is a time consuming and involved process.