Jimiz.net – Jim Becher on the web

I recently had the need to reload two machines and get them ready to re-use or resell. I have many copies of XP and started to look for the install CD. After not finding the CD, and being too lazy to burn one from an ISO file, I started thinking why did I need cds / DVDs for install. My linux LIVE disk and install are all on USB thumb drives. Why couldn’t I make USB drive that had my install media for XP, vista , and Windows.

After a little searching I found some methods that use “Bart PE” and some other slipstream ideas. It looked like I would be able to create a one use USB drive (XP or Vista) but not all versions.

I ended up using (WintoFlash) to create my bootable USB drive. I only tried this with XP but it mentioned that it works with other versions of windows.

I am now armed with a XP rescue USB that I can re-install an OS.

I use windows media center on my home theater / basement Projector. Thanks to the wonderful message I got from Comcast that my area is going all digital, I won’t be able to use my system much longer.

1st on my Media center / TiVo I lost the channel data (comcast no longer provides this to analog users) I have preferred basic
2nd – they are making me get a Digital cable box to use (has it’s own remote, and does the channel changing)
3rd – as far as I know there are not any options with a tuner card that will do or contain a cable card (since I have 2 tuners – I would need two of them)
- here is a quick post list of options with the DTA http://getsatisfaction.com/comcast/topics/using_pc_tv_card_and_windows_media_center_with_comcast_digital_tv_converter_box

I am a bit angry at comcast for this change. I get the new and improved service, but what about us techies and people using newer technology.

The primary laptop that I use (Thinkpad) just got re-installed tonight. I was using the Beta / RC of Windows 7 Since Nov of 2008. I just realized that it was due to expire in the next 2 weeks. Early last year I purchased 3 copies of windows 7 Premium for 50 dollars each on Amazon during a pre-order event. I just had never taken the time to re-image / install.

The wonderful thing about this install was that there was no upgrade. You just get the joy of a fresh install.

I did use my new favorite installer (http://www.allmyapps.com) to get all my easy applications back.

The site iisinformation.com has recently gone through a re-launch. Head on over to www.iisinformation.com to check it out.

The move from community server to wordpress was successful.

Currently I am working at NuSoftsolutions and we are now building out a new practice called Kinetic IG (site coming soon). This practice is going to be focused on web presence and interactive applications. The main components will be graphic design, software development, and marketing fundamentals around web applications.

I have been working with VS 2005 a bit. One of the things I keep hearing people talk about, mainly a friend of mine who is using VB.NET 2005, is the “MY.OBJECT“. He was telling me how easy it is to grab a file and to check if the application can touch the network. So I figured I would give this a try. With that said, I should mention that I started with the new version of VS.NET 2005 using C#. I was excited to use the My.computer.network.isavailable. After about 30 min of messing around with help and intellisense to find the MY objects, I gave up and did a quick search. It was then I only realized that the “my objects” are only for VB.net.

Discovering this I was very confused. Why would Microsoft create these simple objects to gather information and not include them in c#? Very dissapointing.

I did some googling and found a few references to a helper object that will bring “MY” features to C#, called “that“. (download that)

After reading some of the comments out there, I found it would be easy to just reference vb and grab the MY logic. To do this you simply have to reference VB in your application “using Microsoft.VisualBasic.MyServices;” You then would have access to the My namespace.

Armed with that information and the joy of turning IISREPORTER PRO into a 2.0 C# app, I have completed about 40% of the re-write.

I was reading the notes from the CES conference and saw the tag wireless usb. I did not think much about it. Because I thought they were talking about usb wireless cards (which have been around for a bit). I just saw this post (wireless usb) on digg.com and now realize what they were talking about. It is the ability to access your usb peripherals through a wireless connection. Now this is very cool. I have actually thought about this feature before. I typically have a few items attached to my computer through usb. It would be great to be able to access these items when using my laptop as well. For example, I take my portable usb drive everywhere; I use it for backup and music storage. With wireless usb I would be able to keep it connected to a central place when at home. You could also use this for printers, and things like the griffen Radio Shark (my favorite).

I will be purchasing this when it is available.

I have had a few people ask me questions on some open-source or alternative portal sites to sharepoint. I have seen a few linux based systems that perform similar tasks to sharepoint but nothing that was on the windows side. Until recently, I ran across (http://www.alfresco.org/)

Alfresco is a great project that allows for a good alternative. I was able to install in a few min (about 20) on windows. They also make a linux version. So go look at the site and view the flash demo.

I seem to be doing more lately with ISO files. These are disk image files (Definition). I have had 2 instances in the last two days that I have needed to either burn an ISO image (CD and DVD) and also extract files from an ISO image. In the past I have just relied on gold old Nero to handle this for me. But I realized that I do not have that on all my computers. So here is a quick list of tools that work well with ISO images.

1. CD ISO burning software

Free – ISO Burner Powertoy (ISO burner) – this little application allows you to just right click on an ISO and send to your CD-R burner. It could not be any easier to do.

2. DVD ISO burning software

I am sure there are lots of programs out there but I was able to use Nero without any issues to create a DVD from an image file. It is fast and reliable

3. Extract specific files from an ISO image

I had an issue were I needed some files (specifically the i386 directory from W2k3) from an ISO image. You can extract files from an ISO with Daemon tools
. This tool set allows you to create a virtual CDrom or DVD drive on your computer.

I have to thank the guys I work with for suggesting Daemon tools. With these handy applications you can do a lot with ISO files.

Network Intrusion / Invasion

I typically stop at a local coffee shop to get some caffeine and use their wi-fi network to check email and surf the web. I am gathering this is not unlike most people out there in the business world. I tend to visit places that offer wi-fi because of their ease of use. But the other day I saw some thing that upset me. The story I am about to tell is not anything new, but rather just an eye opener for me.

As I was standing in line for coffee I noticed a fellow wi-fi user in the corner and happened to glance at his laptop. Being a tech geek I noticed he was running linux (you may ask how?), well I noticed etherape running and ethereal. These are both tools I use often. Especially when trouble shooting applications or networks.

At first I did not think anything about it. Then as I was firing up my laptop, I started to think why someone would be using ethereal and etherape here? Then it hit me. This guy was grabbing network traffic on the wireless network and sniffing, probably for passwords and usernames. At this point I came up with a plan. I looked around at the other 10 or so people on their computers and realized that they were unknowingly giving their information away. Usernames and passwords were floating in plain text all over that coffee shop. The girl next to me was on yahoo mail, the guy on my right had outlook express open. I figured that the kid had at least 10 or so usernames and passwords by now, and I was angry.

To see if my mind was just crazy or corrupt I decided to test my theory that he was sniffing usernames and passwords. I first ssh’ed into my box and created a new email account. I created a username called jvandenbon. I figured since I am in a Dutch area that a dutch username made sense. I created a password of Alice6232001, hopefully a real enough password. Then I hoped into my inbox using mutt and forwarded some of my spam emails into the jvandenbon user account. So now I had a real account that had some mail in it.

I then fired up ethereal and then thunderbird. First I took a quick capture of what was on the network, and as I suspected there were lots of POP accounts being used which show Username and PASS in clear text. I opened Thunderbird and checked my mail, I use SSL / TLS when I connect to my mail server so I was not worried about this kid grabbing my info. But I had to make sure that I was safe so I watched my traffic and sure enough it was encrypted with TLS. I closed ethereal, and created a new account in thunderbird using the above jvanderbon account name and told it to use POP as the means of communication. Again, I opened ethereal and then did a send receive to watch my fake username and password be sent across the wire. I then wrote an email and deleted some others to create traffic. I closed Thunderbird and waited. I set a string filter for Alice623001 in ethereal and watched. Sure enough in a few min later(about 10) I saw my fake username and password being sent over the wireless lan. I captured the kids source address.

This kid was trying to access my fake account. By this point I was angry. I got to thinking about what kind of stuff I could do to him. I easily could have kicked his ass; however I am not sure that it would have helped. All these people had been cheated of their info and privacy. That is when I started to think about legal options. I don’t even know if it is illegal to sniff a public network. I have never even thought about it. I did a quick google search and did not find much. I guess you can kind of relate this to yelling across the room to a friend with your username and password. Whoever happens to be in the room has access to that information. The analogy does not sit well with me. I would like to think that people can be safe or feel safe even when their trusted programs (outlook, outlookexpress, thunderbird, and hotmail) send their information in plain text over the network.

Right now I am just angry. If I do see this kid again, I plan on approaching him and asking what he plans on doing with all the usernames and passwords he stole. I can only guess he is going to just mess around. But, what happens when he comes across a guy who happens to have admin rights on a system and sends his username and password over the line. I realize this is a gray area of the law, but what about people privacy. I am not a malicious person by any means. I have sniffed networks in the past to gather information to help me learn how to protect them. But when I watched this kid and the speed of which he attempted to open my POP account, I am a bit worried. He must have had a program that would just take a username, password, and mail server and check validation.

I guess I am now asking the community what they think of this event. Do you know if you are secure? Do you go to a coffee shop and check mail via POP and send your info? Do you use ftp at the coffee shop to update your web site or worse; your corporate web site? I would love some feed back on what people think. Just think, if someone got your email password? Does it match your bank account password or your paypal password? These are the questions on my mind. And how can I do something against this punk kid. Should I just walk over and kick his ass or should I call the police? And if I call the police, what do I say?

Ever wonder what google index’s or does on your site? Well, here is some instructions on how to use this information.

http://www.sitepoint.com/blogs/2005/11/16/google-sitemaps/

It is some very good info and interesting stats. Somewhat like google analytics.

There has been so much talk in the news about AJAX these days. It is strange, I have heard that AJAX is the Microsoft Killer, the new technology, or the wave of the future. I personally think that it is a great method of using technology to speed up a web application and also extend the usability.

It is hard for me to view AJAX as the next big thing. I think because the concept and idea has been around for a long time. Until someone coined AJAX, I don’t think people knew how to describe it or even where or why to use it.

Anyways, one of the guys I work with and NuSoft is writing a book on AJAX. You can read more about it here. (www.danwoolston.com)

I was reading my Information Week magazine and ran across an article regarding Large Databases “Big Honkin’ Databases” was in the Sept 19th magazine (article here). It is a quick glimpse into some of the largest databases. I have seen a 1.2 Terabyte database in action and seen the amount of work necessary to keep that database functioning. I cannot imagine the amount of work that would go into a 100.4 terabyte database like the one Yahoo uses. I thought it was interesting that they mention the platform the DB’s are on but not the actual DB Software. Of the ten in the list they show UNIX for 7, Linux for 2, and Windows for 1. I would have to guess that anything on the UNIX platform is really running DB2. However I could be wrong. I would love more stats on these huge databases. For example, they mention that the Yahoo DB gets 1 billion SQL statements per hour. I would even like to see the hardware and staff necessary to keep these things alive.
After looking at the article a bit more I found that more statistical data can be found by the company that did the survey (wintercorp). You can find the DB vendor and hardware vendor by reading the full survey (Full Survey). It also included if the db is federated or centeralized.

I have finally realized how much I use Instant Messaging. It is not a matter that I did not consider IM a viable means of communication, but rather the fact of how often I use it as a means of communication. Since switching jobs recently I have been able to consolidate my email, contact list, and useful files. The one thing that was left was IM. I use AIM, MSN, Yahoo, and Google Talk. It was when google talk was released that I realized how many programs I had to just do IM. I have all these IM accounts because of the diverse people I communicate with. Most of my friends are on MSN, and most a lot of business associates are on AIM and Yahoo.

To make all this easier for me and to consolidate and simplify (I seem to be doing this a lot lately) I moved to using Trillian Pro 3.1. I have used trillian before but that was the basic version. The pro version (cost me 25 bucks) and so far seems to be worth it. One of the major things I did not like about Trillian in the past was the interface. The pro version allows you to try different skins. I am using a minimal skin to let me get the most screen real estate. The reason I chose Trillian was that it was compatible with almost any IM protocol. One nice feature is the ability to use it as an RSS reader. I am still playing with all the settings but it is nice to get a full view of all IM people online and also a quick look at your Email for each IM account.

So in closing, I give it 4 our of 5 stars.

If you do a lot of file migration or exchange with Microsoft SQL server you have probably had to grab a file via ftp. In most cases if you have automated this task you may have done this by either a vbs file or a bat file, or a DTS package that calls an FTP client. Well, Dan Woolsoton (A new Co-worker) has found a great tool to replace the default DTS FTP calls. It is called SQLDTS, it has many features and settings you can dynamically replace. You can read Dans full article HERE