Make SEP Manager Console Suck a Little Less

27. June 2011 · Write a comment · Categories: Hack, Software · Tags: , , ,

My biggest complaint about Symantec End Point is that the manager console is slow. On a dual quad-core server with 16GB of RAM, it simply crawls. Sometimes, even when the system load is basically zero, the console is almost unusable. I did a little digging and found that the manager console is, in fact, written in Java –  that explains a lot.

Fortunately, because it’s written in Java there’s a little trick you can you to speed things up a little, assuming you have a decent amount of free RAM. The manager console is typically launched through sesm.bat, which is located (in a default install on an x64 server) in “C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin\”. Open that .bat file in notepad, and you’ll see this:

@start “SESM” “C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jdk\bin\javaw.exe” -Xms128m -Xmx1024m -XX:MinHeapFreeRatio=30 -XX:MaxHeapFreeRatio=40 -Dscm.console.conf=”C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties” -jar “C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps\scm\clientpkg\scm-ui.jar”

Note the bit that I’ve highlighted above in red. Boost that up a little (I set it to 512m), save, and then re-open the management console. You should notice a significant difference in how fast the console operates now.

HDD Replacement: Acer Aspire One and ZIF Drives

27. May 2011 · 9 comments · Categories: Hack, Hardware · Tags: , , , ,

I ordered a 30GB 1.8″ ZIF drive to replace the crappy 8GB SSD drive in my old Acer Aspire One netbook. When I got the drive (a Samsung HS030GB) I very quickly discovered that the ZIF ribbon cable that came stock with the netbook didn’t work with it. The problem, it seems, is that Samsung uses a non-standard ZIF connector that is incompatible with 0.35mm ZIF cables (which are the standard). So, I shaved down one end of the ribbon and promptly broke it. Then, being an idiot, ordered a replacement set of cables on eBay without checking the thickness first (the listing stated they were for Samsung drives, although I should have known better than take that at face value).

I got the new set of cables today and, of course, they were all 0.35mm thick as well. I tried a few techniques to try to make the ends thinner but eventually just ended up with a bunch of butchered ribbons.

ZIF Drive and Cable

Remember kids, always review the specs of the drive and cable *before* ordering!

So I’ve ordered another batch of cables, this time making sure that one end has the correct thickness. Hopefully I’ll have a working netbook in a few weeks.

Update: The new ZIF cable came in (ProTip: when ordering ZIF ribon cables, if you need a smaller-than-0.35mm end, look for one where one end is blue (as pictured above), and the other end is white. The white end will be the smaller size)! Surprisingly, it fit, and after making a few modifications to the case (mainly removing the screw mounts for the old SSD) the new drive just dropped right in to place. Xubuntu is now installing, so I finally have a functional netbook again!

A PHP-Based Server Monitor

22. October 2010 · Write a comment · Categories: Hack, howto, Servers · Tags: , ,

The other day I decided that the little ‘Network Monitor’ desktop gadget I was using to monitor my few servers just wasn’t cutting it. Instead, I wanted to make use of a spare iMac and have something a little flashier. A Google search for Server Monitors brought up a plethora of options that were either horribly ugly, platform specific, or just didn’t work the way I needed (most required that the target server be running some form of web server, such as IIS or Apache to retrieve headers to see if the server was up – most of my servers don’t run those). As such, I decided to write a small script from scratch.

I figured the easiest way to accomplish my goal of a platform-independent monitoring script was to use PHP. After enabling Apache2/PHP5 on my Snow Leopard-running iMac (a topic for another blog post later), I searched through the PHP.net function list until I found fsockopen(). This function is quite ideal, as it will work with any open port. The first step was to make a quick function to utilize fsockopen and return some testable results:

function checkServer($ip,$port)
{
$fp = fsockopen($ip,$port,$errno,$errstr,1);
if (!$fp)
{
return ‘Down’;
} else {
return ‘Up’;
}
}

I added this to a <?php ?> block in the <head></head> of the document – to call the function and perform the test, I used the following line below:

$servername = checkServer(’192.168.1.100′,’53′);

In this example I’m checking the availability of a DNS server, so I use port 53. When this runs, the $servername is set to either ‘Up’ or ‘Down’ depending on whether or not a connection can be opened on that port.

The only thing left now was to display this output. I made a fancy table-based page with graphics where each server is a cell and the background changes between green and red depending on the $servername value. However, all you really need is the code below in a <?php ?> block in the body of the page:

echo(‘Server Example Status: ‘.$servername);

Changing Example to the name of your server. If you have more than one server to check, just make another variable, use the checkServer function to give it a value (make sure to change the IP address and use an open port!), and then add another echo line.

That’s it! To be fancy, you can add a javascript automagic page refresh to – just change the <body> tag to:

<body onLoad=”Javascript:timedRefresh(30000); display();”>

And put the following in the <head></head> section:

<script type=”text/Javascript”>

<!–

function timedRefresh(timeoutPeriod) {

setTimeout(“location.reload(true);”,timeoutPeriod);

}

//  –>

</script>

And you’re done! If the server is up, every 30 seconds your page will refresh and show:

Server Example Status: Up

Rogers Wireless Hijacks Wildcard DNS Records

07. June 2010 · 2 comments · Categories: "It's a Feature", Android, Apple, Hack, howto, iPhone, Linux, Rants · Tags: , , , , , ,

Rogers LogoAlthough I can’t confirm when this happened (it may have happened a while ago and I just never noticed), I was browsing the internet last night on my Google Nexus One and noticed that, when I mistyped http://imdb.com, I was redirected to http://www20.search.rogers.com (which doesn’t work outside of Rogers’ network) instead of receiving a normal Not Found error. This all smacks of the infamous VeriSign Site Finder fiasco.

I’m no fan of browser redirects in any form, and I’m even less of a fan of Yahoo which Rogers partners with to, among other things, provide results on their hijacked landing page. But what can you do? It’s their service, and there’s no opt-out link on the page.

Well, the answer is to manually opt-out. Unfortunately, you need to have a rooted/jail-broken phone to do this. As stated above, I have a Google Nexus One which runs CyanogenMod, but this should work with any other rooted Android phone and even jail-broken iPhones (although the paths are different — you’ll need to alter them as applicable).

To manually opt-out, do the following (assumes Android phone):

  1. Open a shell on your phone. You can use ConnectBot, Terminal Emulator, or adb shell.
  2. Assume root (su command).
  3. Remount the system partition in to read/write mode —  mount -o rw,remount /system
  4. Browse to /system/etc.
  5. Use your favourite text editor to open hosts.
  6. Add the following to the bottom of the hosts file — 127.0.0.1 www20.search.rogers.com
  7. Save and quit!

You’re done! You’ve just manually opt’ed-out of Rogers Wildcard DNS hijack. Now you’ll just get the normal ‘Not Found’ errors, as when Rogers see that the domain you’ve entered doesn’t exist and tried to redirect you to their search page, your phone will point that domain to itself and fail as it isn’t running a webserver.

TL;DR Version: To prevent getting directed to Rogers’ Search Page when you mistype an address, edit your hosts file to point www20.search.rogers.com to the 127.0.0.1 loopback address.

Update (05/01/2011): You can now officially opt-out using this link: http://searchassist.teoma.com/templates/rogers/optout

Short: Kensington 0, Me 1

22. March 2010 · Write a comment · Categories: Hack, Hardware, Short · Tags: , ,

A Kingston Desktop Lock

Kensington makes a decent desktop lock. However, they’re nothing that ten minutes and a pair of wire snips can’t take care of – it’s a very effective way of unlocking a case when the key has been lost for years….

As a side note, the magnets in old hard drives make for a perfect method of removing small metal shards from ones flesh. Just sayin’.

Howto: Five Keystrokes to a Command Prompt from Anywhere

15. April 2009 · 1 comment · Categories: "It's a Feature", Beta Testing, Hack, howto, Troubleshooting, Windows 7 Beta · Tags: , , , , ,

There are already a number of articles out there about this hack, but what the hell.

<Shift key><Shift key><Shift key><Shift key><Shift key>. What does this bring up on your computer? Chances are, a StickyKeys window. However, if you’re running Windows XP/Vista/7 (and possibly 2000, although I’ve never tested it), you can quickly turn this quick series of keystrokes in to a shortcut to a Command Prompt. Note that in Vista/Win7, it’s possible to get an Elevated Command Prompt (one with full Administrative privileges) from the Welcome (login) screen, or from the Secure Desktop (the faded screen you see when a User Account Control prompt appears) even if UAC is turned on.

Why?

Sure, you can get a Command Prompt in most places with a quick <Windows Key> + <R>, then cmd and <Enter>, but this doesn’t work if Explorer isn’t running, or if you’re at, say, the Welcome Screen. It’s also very handy if you’ve forgotten the password to the Administrator account on your system and need to reset it, but don’t have a copy of the NT Offline Password Editor kicking around.

How?

The process for setting this up is very simple.

From Windows:

  • Open the system32 folder
  • Take ownership of sethc.exe, and then grant yourself Full Control permissions (note: if you don’t understand this step, or don’t know how to do it, you probably shouldn’t be doing this!)
  • Rename sethc.exe to anything else (I usually choose sethc.exe.bak)
  • Copy cmd.exe, and name the copy sethc.exe.

This can also be done from the Windows Recovery Console (boot from a Windows XP install CD) or WinRE (Windows Recovery Environment – boot from either a Vista or Windows 7 DVD). From the Command Prompt in either of these, run the following commands:

  • c:
  • cd windows\system32
  • ren sethc.exe sethc.exe.bak
  • copy cmd.exe sethc.exe

Then reboot in to Windows.

Uses Explained

I typically use this for resetting passwords. When I used to work in a local computer shop, if someone forgot to tell me their Windows user password, and I couldn’t reach them by phone, I’d use this trick. Then, at the Welcome (login) screen, I could simply pull open a Command Prompt by hitting <Shift> five times, type control userpasswords2 which brings up the old-style User Accounts control panel, and then reset the users password to blank without needing the old one.

This is also handy for troubleshooting if Explorer continously crashes, or if the UserInit registry value is shot and you can’t login anymore. Just fire up a Command Prompt and open regedit from there.