Wednesday, April 29, 2009

DSL Router/Modem Comtrend (Web display: Broadcom)

Type: ...

Default web admin login:
username: root
password: 12345

To enable remote web access:
Management > Access Control > Services > HTTP > WAN=Enable

Tuesday, April 28, 2009

WORD: Type using extra-large font

Type the word (or letter)
Select it
Hold Ctrl button and press "]" repeatedly to enlarge and "[" to shrink

Monday, April 27, 2009

Logon Script vs Startup Script

http://skatterbrainz.blogspot.com/2009/04/login-scripts-vs-start-up-scripts.html

Sunday, April 26, 2009

Thursday, April 23, 2009

Working with Group Policy

View/add/remove computers to whom a Group Policy applied:
1. open Group Policy Management \ Forest ... \ Domains \ (your domain) \ Group Policy Objects
2. click GPO in question
3. On right pane, look at "Security Filtering" section and select a group
4. Click Properties \ Members

Allow standard (non-admin) user to run Resultant Set of Policy tool (rsop.msc)
Delegate control of RSoP
(related: Use Dsrevoke.exe to undo the changes made by the Delegation of Control Wizard)
or simply add the user to local administrators group (?)

Best Practices with Windows Server Update Services
Microsoft recommends that you create a NEW Group Policy object (GPO) that contains only WSUS settings.
Microsoft recommends that you do NOT edit the Default Domain or Default Domain Controller GPOs.

www.petri.co.il/working_with_group_policy.htm

Group Policy is processed in the following order:

Local Policy > Site GPO > Domain GPO > OU GPO > Child OU GPO

and so on.

GPOs inherited from the Active Directory are always stronger than local policy.

Self-note:
Let say you have configured AU settings using local gpedit.msc but your computer is member of domain which also has AU configuration for your computer, then AU settings from domain will override your local settings.
You can confirmed this by checking registry entries on HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU to see which settings are applied to registry (and are in effect)

Tuesday, April 21, 2009

WSUS server itself failed to get updates

Symptoms:
- System Event ID 16 with Source=Windows Update Agent and Category=Software Sync
- Error 'PT: Cannot recover from fault' on WindowsUpdate.log

Solution:
In Internet Options, add 'http://' to Trusted sites (or Local intranet?)
Remember to use server name in both Internet Options and Group Policy instead of 'http://127.0.01' or 'http://localhost'

Deny an account to log on interactively from ANY domain workstation

Open Group Policy Management Console (gpmc.msc)
Right-click on "Default Domain Policy" for the domain and click Edit
Open Computer Configuration > Windows Settings > Security Settings > Local Policies >
User Rights Assignment
Add the specified account to these policies:
- Deny log on locally
- Deny log on through Terminal Services

GPO: Exclude/deny certain machine

Open Group Policy Management Console (gpmc.msc)
In the Scope > Security Filtering section, add the computer
Switch to Delegation tab and select the computer name
Click Advanced
For the specified computer, click Deny [Read]

More on "Group Policy Security Filtering":
How to Implement Group Policy Security Filtering
www.windowsnetworking.com/articles_tutorials/
Group-Policy-Security-Filtering.html

GPO: WMI Filtering

Fun with WMI Filters in Group Policy
http://blogs.technet.com/askds/archive/2008/09/11/fun-with-wmi-filters-in-group-policy.aspx

Interesting comments:
..do they add more significant load on domain controllers..?
This should add no real load to the DC's, as the WMI processing happens client-side. Although it might make GP processing take just a bit longer on the client, and that would have the client talking to DC a bit longer, so I suppose in that sense there
might be some tangental load... probably not measurable. :)

..I need to filter out a Windows 2008 64 bit server, that is not a DC from everything else. I have this so far, but somehow my Vista clients still get it, which I really dont want to.
Just do Start, Run, WBEMTEST. Then click Connect, leave it as root\cimv2, then click Query, and paste in your query as-is, then click Apply. If you get 0 objects returned that is a False, 1 object returned is a True.

Monday, April 20, 2009

Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy

http://technet.microsoft.com/en-us/library/cc512630.aspx

A security update that requires the system to be rebooted is not installed ... until such time as the system is rebooted ... and a client can no longer detect the need for future updates until the reboot has occurred.

Exhale/inhale rule during weight training

In the most general terms, you must breathe out on the power stroke of the movement; i.e. the hardest part of the movement.
(www.freetrainers.com/FT/jsp/Tip6.jsp)

Google keyword: exhale inhale weight|load training

Wednesday, April 15, 2009

Free e-mail address

Google keyword: e-mail sementara|gratis
(Telusuri: laman dari Indonesia)

www.crypton97.us/emailgratis.html

Buat email Gratis dengan Domain anda sendiri
http://sanyasyari.com/2006/12/07/buat-email-gratis-dengan-domain-anda-sendiri/

http://darulilmi.com/daftar.html

Firewall software comparison/test

Firewall Challenge
www.matousec.com/projects/firewall-challenge/results.php

WSUS server connects to 'akamai' server?

To the best of my knowledge: Akamai provides download services to third parties,
including Microsoft. Both Windows Update and WSUS probably download content
from Akamai rather than directly from Microsoft. Akamai has servers in and/or
network links to many ISPs, and can figure out which ones are closest to you,
resulting in much higher download speeds.
(taken from http://forums.techarena.in/server-update-service/1125911.htm)

Akamai works by configuring DNS to resolve differently depending on geographic location (ping download.windowsupdate.com to see this in action).
(taken from www.netcrucible.com/blog/2003/09/29/akamai-or-backdoor/)

Tuesday, April 14, 2009

Determine what application is using svchost to connect to Internet

Google keyword (not too useful):
discover|determine|check program|application|software
using svchost connect|download internet

Own experience:
Run TCPView to discover PID of svchost instance connecting to Internet.
Use Process Explorer to see properties of svchost in question.
Check TCP/IP tab for established connection and the destination.
Check Services tab for service(s) with suspicious path.

Related
--------
10 Tools to Easily Determine If a Specific Process is Secretly Accessing the Internet

Client install takes a very long time

Try to install ONE update at a time.

Tuesday, April 7, 2009

Configure WSUS server to get updates from itself

Use gpedit.msc to configure the server to point to itself as update server (http://localhost)

Don't forget to check another settings (detection frequency, install time)

PC-PJ1-M3 BIOS update

Google keyword: PC-PJ1-M3 bios update

http://support.sharp.co.jp/mebius/lib/bin/pcpj1m3bios/
Open it using Google Translator

Free Online Web Translator / BabelFish Alternatives

Windows Live Translator
www.microsofttranslator.com/Default.aspx?br=ro

Google Translator
http://translate.google.com/translate_t?hl=en#
http://translate.google.com/toolkit/

Desktop Client or Browser Plugin that using Google Translator
-------------------------------------------------------------
imTranslator
http://freetranslation.paralink.com/

http://translateclient.com/

Update chronology (sample scenario)

WSUS Server:
Perform Synchronization to download metadata only
Setting: Options > Update Files and Languages > Update Files >
Download update..only when..

Certain updates are automatically approved
Setting: Options > Automatic Approvals > ensure that intended rule is checked

Approved updates will be downloaded at time specified in BITS policy
Setting: gpedit.msc > Computer Configuration > Administrative Templates > Network > BITS > Maximum network bandwidth...
Source: http://wss-id.org/forums/t/5803.aspx

Windows client:
Check for available update(s) <-- only updates already downloaded by server ?
Setting: AU Detection Frequency and Configure Automatic Updates

Download the updates
Setting: Configure Automatic Updates

Install the updates
Setting: Configure Automatic Updates
If setting no. 4 is used, installation will be executed at scheduled time no matter a user is logged on or not

Another sample scenario (found on the Internet)
www.igt.ethz.ch/www/Corporation/Internal/admin/Public/HowTo/WSUS.htm

Monday, April 6, 2009

Disassemble Sharp Mebius PC-PJ1-M3V

http://notepc.selfip.com/sharp/pcpj1m3v.html

Pass it to babelfish for translation

Saturday, April 4, 2009

3G Coverage Area by Provider at Surabaya

Indosat: http://www.indosatm2.com/maps/
Telkom Flash: http://www.telkomsel.com/web/tselflash/images/HSDPA_Surabaya.html
XL: http://www.nyambungterus.com/coverage-area/internet

All: opensignal.com

Lengthen Lithium battery life

Debunking Battery Life Myths for Mobile Phones, Tablets, and Laptops
If you were to discharge your battery to 50%, recharge it, and then discharge it to 50% again, that would count as a single “cycle” with modern Li-ion batteries. You don’t need to worry about performing shallow charges
...
one problem that shallow discharges can cause. Laptops can get a bit confused by shallow discharges and may show you wrong estimates for how long your device’s battery will last. Laptop manufacturers recommend you perform a full discharge about once per month to help calibrate the device’s battery time estimate.
...
Allow your laptop’s battery to occasionally discharge somewhat before charging it back up — that will keep the electrons flowing and keep the battery from losing capacity.

If I remove the battery & run from a power source will it lengthen battery life?
http://mobileoffice.about.com/od/usingyourlaptop/f/laptopbattery1.htm?rd=1

Most battery manufacturers store Li-ion batteries at 15°C (59°F) and at 40 percent charge.
Run the battery down and recharging it at least once every month.

How to prolong lithium-based batteries
http://batteryuniversity.com/parttwo-34.htm

Simple Guidelines

* Avoid frequent full discharges because this puts additional strain on the battery. Several partial discharges with frequent recharges are better for lithium-ion than one deep one. Recharging a partially charged lithium-ion does not cause harm because there is no memory. (In this respect, lithium-ion differs from nickel-based batteries.) Short battery life in a laptop is mainly cause by heat rather than charge / discharge patterns.

* Batteries with fuel gauge (laptops) should be calibrated by applying a deliberate full discharge once every 30 charges. Running the pack down in the equipment does this. If ignored, the fuel gauge will become increasingly less accurate and in some cases cut off the device prematurely.

* Keep the lithium-ion battery cool. Avoid a hot car. For prolonged storage, keep the battery at a 40% charge level.

* Consider removing the battery from a laptop when running on fixed power. (Some laptop manufacturers are concerned about dust and moisture accumulating inside the battery casing.)

* Avoid purchasing spare lithium-ion batteries for later use. Observe manufacturing dates. Do not buy old stock, even if sold at clearance prices.

* If you have a spare lithium-ion battery, use one to the fullest and keep the other cool by placing it in the refrigerator. Do not freeze the battery. For best results, store the battery at 40% state-of-charge.

How to properly treat NEW laptop battery
www.simonjstuart.com/2011/02/06/laptop-battery-calibration-dos-donts

Battery manufacturers or retailers usually tell you “make sure you plug it in and charge for 18 hours before first use”… this is entirely incorrect, and will in fact reduce your battery’s capacity by as much as 35% from day 1.
How to properly CALIBRATE a Lithium-Ion (Laptop) Battery

Here’s how you properly calibrate a new laptop battery to get the absolute longest runtime and life from it:

1. Disconnect your laptop from the mains (AC)
2. Insert your brand new battery into your laptop
3. Switch on your laptop but boot into the BIOS (this is usually done by repeating tapping DEL or F2 during the boot process)! DO NOT BOOT WINDOWS/LINUX/MAC as the ACPI Power Management software will incorrectly condition your battery! (It will detect the battery as being depleted long before it actually is.
4. CRITICAL: Set the BRIGHTNESS of your laptop’s screen to MINIMUM (virtually all laptops allow you to do this via the keyboard)… If you don’t do this, your battery will be calibrated incorrectly.
5. Allow the laptop to run (remaining in the BIOS and disconnected from the mains) until the battery dies. Don’t be alarmed when the laptop turns off suddenly and without warning, this is exactly what we want.
6. Now connect your laptop to the mains (AC) and leave it switched off. You should have an indicator light SOMEWHERE on your laptop to inform you that it is charging, and one would hope that light would change its state to indicate a full battery.

Repeat the above steps about 3 or 4 times

GSM 3G Card for laptop/notebook

GlobeTrotter FUSION QUAD
3G PCMCIA Card combo with Wireless LAN 802.11BG
http://indonetwork.or.id/optimatel/501941/
modem-gsm-3gglobetrotter-fusion3gumtsgprsgsmwlanpcmcia.htm

GlobeTrotter GT MAX, MODEM GSM 3G HSDPA SPEED UP TO 7, 2Mbps
http://indonetwork.or.id/optimatel/501934/globetrotter-gt-
max-modem-gsm-3g-hsdpa-speed-up-to-72mbps.htm

MODEM GSM 3G, Sierra Aircard 875 PC Card HSDPA 3.6Mbps
http://indonetwork.or.id/optimatel/502065/modem-gsm-
3gsierra-aircard-875-pc-card-hsdpa-3-6mbps.htm

BYON 3311 Broadcom wireless driver for XP

http://support.us.dell.com/support/downloads/
download.aspx?c=us&l=en&s=gen&releaseid=R174291&
formatcnt=1&libid=0&fileid=236819

UPDATE April 8, 2011:
above link no longer exists
better lookup the device & download driver from http://devid.info/

Port Mapping/Forwarding

Trivial Proxy is a small application that allow to see and log network activity of the any applications(browsers, email clients etc.).

So what does that mean in English? Simple, run TrivialProxy and configure it to redirect the local port to the specified host:port; configure the appication to use this port and localhost (it's very easy, there's), and voila! You're seeing and logging the network activity of this application! Supports HTTP (web), HTTPS (secure web), POP3 (recieve mail), SMTP (send mail), NNTP (newsgroups)! It works great with Internet Explorer, Firefox, Outlook, and many more!

Trivial Proxy is totally FREE for personal and non-commersial usage.
www.xrayapp.com/trivialproxy/
-------------------------------

Do you need to map a specific TCP or UDP port on your machine to another port on another machine? Do you want to limit access to a server on your machine based on the IP address of an incoming connection request? If these sound interesting to you, then AnalogX PortMapper is just what the doctor ordered (or programmer, in this case). AnalogX PortMapper allows you to map and port on your computer to any IP address and port on another machine; not only that, you can limit access based on the incoming IP address! So, say for instance that you are using a proxy, and would like to be able to telnet from other machines; simple, just run PortMapper, and tell it to forward any request to port 23 (telnet) to the machine you want to access. Now, any time you telnet to your proxy server machine, it automatically forwards the data to the other machine! Or, do you run a webserver, and only want people from IP address you specify to connect? No problem, PortMapper can do that as well! Overall, a great standalone program, or an excellent addition to a proxy or server!


PortMapper works on all versions of Windows, from Window 95 to Windows 7 and everything inbetween (including XP, Vista, Win2k, etc).
www.analogx.com/contents/download/network/pmapper/Download.htm

Friday, April 3, 2009

Basic troubleshooting

Log Files for Software Updates

What to do when your WSUSContent folder grows too large

Error when viewing list of updates (because too many of them?)
Create a custom view to list only updates matching cetain filters:
Right click on "Updates" node and select "New Update View..."

WSUS Automatic Approval Not Taking Effect
To retroactively apply a rule open the Update Services console and go to Options > Automatic Approvals > click ‘Run Rule’ on the new or modified rule.

Detect the Version of WSUS

(XP2) WU client failed Searching for update with error 0x80248008
Upgrade to SP3
source: New Windows XP SP2 Clients and WSUS KB2720211

WSUS Client FAQ
wsus.editme.com/WSUSClientFAQ

www.wsus.info/forums/lofiversion/index.php?t6131.html

Troubleshooting client self-update issues
www.windowsvistaplace.com/troubleshooting-client-self-update-issues/othersoftware

The following commands worked on "Windows 2000 Server won't perform self update"
issue:
net stop wuauserv
net start wuauserv

ZoneAlarm: doesn't remember zone setting

ZoneAlarm Pro lost all my Zone's information and
now will not retain the Zones that I setup
www.experts-exchange.com/Security/Software_Firewalls/
Q_21394002.html

In short, reinstall ZoneAlarm over existing installation.

Thursday, April 2, 2009

Complete uninstall of ZoneAlarm

http://zonealarm.donhoover.net/uninstall.html