Saiweb

For those not in the know Folding@Home is a piece of software that runs in the background of your desktop, server, heck even your PS3.

I originaly started out back in 99/2000 with the united devices cancer research client, their website of UD.com however seems to have long since slipped into web history, no doubt due to their nature of charging for CPU time on ‘thier’ grid, which was made of donor machines … Folding @ Home however is Open Source and not run by some shady business but by a variety of labs and Educational bodies (http://folding.stanford.edu/English/About).

Ok so what is this ‘folding’ all about?

When protein chains combine in your body to form more complex chains, and eventualy cells the process of combination is called folding, and problems during the ‘folding’ stage can lead to Cancer, Alzheimers, Parkinson’s disease etc …

The problem faced when looking at protein folding is the shear number of possible ‘folds’ for each different type of protein, of course this is where computer power comes in, but even that has it’s limits this is where distributed computing helps.

Rather than a large super computer which is limited in budget, size and power distributed computing takes place by assigning a small work load to a ‘volunteer machine’, what this has lead to is a virtual super computer larger than any other, driven by software, and at the time of writing claims some 260,000 Active CPU’s

So please install this small piece of software on your machine by visiting the downloads page here: http://folding.stanford.edu/English/Download

Once you have the client running please join the Saiweb team 156680

Cheers

Buzz

NOTE:

I will be dedicated several machines to this, they will appear in the team members list prefixed buzz_ , one core from our Dedi server has also been dedicated to running F@H.

This is something I find myself having to do, more and more lately due to this VoIP roll out.

From windows (xp)

Start > run > cmd

Once the command window is open ping the IP address of the device (this forces your system to do an ARP request and store the device information in the cache, don’t ask me why but microsoft decided it was a good idea not to lookup the information if it isn’t allready in the cache!)

NOTE: Even if the device blocks ICMP, this should still work, run ettercap on your windows network to see just how many times you will see an ARP request along the lines of “WHO HAS xxx.xxx.xxx.xxx”.

Now to get the MAC address type


arp -a xxx.xxx.xxx.xxx


Where xxx.xxx.xxx.xxx is the IP address of the device you just pinged.


C:\Documents and Settings\buzz>arp -a 10.99.1.10

Please note this only works for a device on the same IP range.

If you run two ranges, i.e.

192.168.1.XXX

and

192.168.2.XXX

You will need to make the ARP request from a device bound to that range (servers are especially usefull here).

So you have domain admin rights, but that server just wont play with remote desktop … you suspect a hung process what do you do?

Have someone log into the console (if they can) ?

Or surely there is another way …

Windows XP (Surprisingly) has a command line tool set for just such an event, in this case the two commands. (Via command line Start > Run CMD)

“TASKLIST”

and

“TASKKILL”

Just run off the list of processes using TASKLIST and kill the “offending” process with TASKKILL, if you can not figure out how to do that by reading the documentation via the links above, then I really do not recommend you use this method.

This one comes via Kerm.

We have an Exchange 2003 and Exchange 2007 server working side by side, with the 2003 server on the PDC (Primary Domain Controller).

Due to this when creating a new AD account from the PDC, even if you set the mailbox as being on the 2007 server, the mailbox will still show as “Legacy Mailbox”, to correct this you will need to launch the Exchange management shell and run the following command line:

set-mailbox -identity “mbox_alias” -ApplyMandatoryProperties

et voila job done.

Outlook is one of those programs we all love to hate at some point in time, particularly when it does something completely random like say _lose_ that selection of emails you were trying to move to another folder, if you can find these emails i.e. one was flagged and showing up under “flagged for follow up”, the in folder field displays IPM_SUBTREE.

Let’s start with some _conceptual_ background (In that this is how I logically see this working due to the errors that have occurred).

Your exchange mailbox is effectively a database, however in the more traditional sense of a “Containers” model.

i.e.

Grandparent > Parent > Child is a standard logical representation of programmatic relationships, in this case however it is more relevant to think of the structure as if it were a file system, with folders (containers).

i.e.

C:\Grand_Parent\Parent\Child

Ok so that’s the “container” concept out of the way, now for the moving procedure, from what I can tell all mail is stored within the IPM_SUBTREE, this essentially is the CHILD object which contains a subset of further folders, inbox etc … (Grandchildren)

When copying / moving email to a folder in outlook (Grandchild object), the email is first copied / moved to the IPM_SUBTREE (Child) folder, if an error occurs for any reason however that is where it stays!

The IPM_SUBTREE and higher up folders / containers are not visible in outlook, so to the end user these emails are lost.

To the sys admin however you now know they are simply “misplaced”, to recover these you need a program that can see the IPM_SUBTREE, this is available from http://support.microsoft.com/?kbid=887724 “MFCMAPI_BIN.exe”

You will need to run this from the computer that is having problems, the user will also most likely need local administrative rights on that machine, alternatively as a Domain Administrator, set yourself with full rights to the problem mail box, and create a new outlook profile.

After downloading the .exe you will be prompted to extract the program, i.e. to C:\MFCMAPI, now run it:

C:\MFCMAPI\MFCMapi.exe

Once started Click Session > “Logon and Display Store Tables”

You will them be prompted for a profile to use (Default: Outlook)

The top line in the Display Name field should read: “MailBox - Username”, click to select this line and right click to bring up the context menu, now click “Open Store”

You will be presented with a new window, on the left there will be a tree navigation displaying “Root - Mailbox”, expand this list and click on IPM_SUBTREE, right click and select “Open Contents Table”, again you will get a new window, ideally with nothing listed, if items are listed, select them and right click copy messages.

Now close the window, right click the destination folder i.e. inbox, and “Open Contents Table”, in the new window right click anywhere in the list and select “Paste Messages”, you may also be prompted to choose whether to move or copy the messages.

Follow the prompts and once complete the messages will be in the destination folder.

Any problems leave a comment.

The wirehub.net domain has not been renewed meaning the registra has taken over the DNS and it is now pointed at a “placeholder” page running adverts … meaning for anyone who was using the wirehub RBL, the lookups are now returning false positives and blocking everything. This is the 2nd open RBL to go down, with ORDB going offline previously

Follow the post I put here to get the Wirehub list removed on exchange 2003

Trend Micro Page

After all the problems I had with Cryp-TAP-2 (here) I’m going strait for the COMBOFIX option! I’ll update with how I get on.

UPDATE: Everything looks good so far, booted into safe mode, and ran combofix, the system is now rebooting normally, now waiting on the log report.

UPDATE2: Combofix did the job YET again! getting a popup or too still about the system restore volume, from the look of the report this little bugger hooks itself into system processes (explorer.exe svchost.exe)

Oh dear oh dear, MS at it again.

Accoding to this story: here

SP3 has caused a huge rollout headache including screwing MS’s Point Of Sale application …

See now this is what happens when you FORCE users to have to install SP3 before they can get any more updates ><

Admitedly the users experiancing the problems all using Automatic Update …

So my advise is to grab the complete Network distribution (about 319mb).

Update if you are having problems and are using an AMD machine read this: here

Just a quick blog about this …

Ever had the problem of having to assign a DHCP reservation with no mac address resolving software on your laptop? (NOOB! haha)

Well … you have software built in if you are using windows XP anyway …

Start > run > cmd

“arp -a” (without quotes)

this will list your current local interfaces and thier MAC addresses.

“arp -a xxx.xxx.xxx.xxx” (without quotes) Where xxx.xxx.xxx.xxx is the target IP address on your LAN, this will resolve the MAC address for that interface.

Nice quick and simple.

Enjoy!

UPDATE: If you get an error “NO Arp entries found” when doing this, just ping the IP address first, assuming you get a response you _should_ be able to use arp to lookup the mac address!

After much argument with the resident Microsoft Zealot over the exploitability of IIS, words of sarcastic wisdom came from a third party (Lee) and sufficently ended the argument.

“You know what IIS Stands for?”
“Internet Information Services…”
“No! Is Inherently Sh*t”

Discuss