Historically, Pidgin has been the choice of IMs provided with Gnome or Linux. Pidgin has been the choice of multi-protocol clients for a huge crowd including windows enthusiants too. It enjoys a loyal following of developers and supporters from across the globe, who have volunteered a lot of plug-ins to Pidgin. This has made Pidgin quite a heavy app. I have been waiting to test Empathy from the time i heard it was in the works by the Gnome Development team.
A little bit about Empathy. Empathy is a messaging client that supports text messaging, Voice and most importantly Video calls. It also supports File transfer over XMPP or local networks, which I am not too keen on, but the support for Video chat in a multi-protocol IM is awesome. It supports Voice and Video using the open protocols, SIP and XMPP (think jabber and jingle). Empathy also supports location information.
Installing Empathy could be as easy as running
# yum install empathy
Loaded plugins: refresh-packagekit
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package empathy.x86_64 0:2.26.2-1.fc11 set to be updated
–> Processing Dependency: telepathy-salut for package: empathy-2.26.2-1.fc11.x86_64
–> Processing Dependency: telepathy-haze for package: empathy-2.26.2-1.fc11.x86_64
–> Processing Dependency: telepathy-gabble for package: empathy-2.26.2-1.fc11.x86_64
–> Processing Dependency: telepathy-filesystem for package: empathy-2.26.2-1.fc11.x86_64
–> Running transaction check
—> Package telepathy-filesystem.noarch 0:0.0.1-3.fc11 set to be updated
—> Package telepathy-gabble.x86_64 0:0.7.26-2.fc11 set to be updated
–> Processing Dependency: libloudmouth-1.so.0()(64bit) for package: telepathy-gabble-0.7.26-2.fc11.x86_64
—> Package telepathy-haze.x86_64 0:0.3.1-1.fc11 set to be updated
—> Package telepathy-salut.x86_64 0:0.3.9-1.fc11 set to be updated
–> Processing Dependency: libavahi-gobject.so.0()(64bit) for package: telepathy-salut-0.3.9-1.fc11.x86_64
–> Running transaction check
—> Package avahi-gobject.x86_64 0:0.6.25-3.fc11 set to be updated
—> Package loudmouth.x86_64 0:1.4.3-5.fc11 set to be updated
–> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
empathy x86_64 2.26.2-1.fc11 updates 1.4 M
Installing for dependencies:
avahi-gobject x86_64 0.6.25-3.fc11 updates 30 k
loudmouth x86_64 1.4.3-5.fc11 updates 79 k
telepathy-filesystem noarch 0.0.1-3.fc11 fedora 3.5 k
telepathy-gabble x86_64 0.7.26-2.fc11 updates 330 k
telepathy-haze x86_64 0.3.1-1.fc11 updates 57 k
telepathy-salut x86_64 0.3.9-1.fc11 fedora 248 k
Transaction Summary
================================================================================
Install 7 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 2.1 M
Is this ok [y/N]: y
Downloading Packages:
(1/7): avahi-gobject-0.6.25-3.fc11.x86_64.rpm | 30 kB 00:01
(2/7): empathy-2.26.2-1.fc11.x86_64.rpm | 1.4 MB 00:20
(3/7): loudmouth-1.4.3-5.fc11.x86_64.rpm | 79 kB 00:02
(4/7): telepathy-filesystem-0.0.1-3.fc11.noarch.rpm | 3.5 kB 00:00
(5/7): telepathy-gabble-0.7.26-2.fc11.x86_64.rpm | 330 kB 00:07
(6/7): telepathy-haze-0.3.1-1.fc11.x86_64.rpm | 57 kB 00:03
(7/7): telepathy-salut-0.3.9-1.fc11.x86_64.rpm | 248 kB 00:01
——————————————————————————–
Total 53 kB/s | 2.1 MB 00:40
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : telepathy-filesystem-0.0.1-3.fc11.noarch 1/7
Installing : telepathy-haze-0.3.1-1.fc11.x86_64 2/7
Installing : avahi-gobject-0.6.25-3.fc11.x86_64 3/7
Installing : telepathy-salut-0.3.9-1.fc11.x86_64 4/7
Installing : loudmouth-1.4.3-5.fc11.x86_64 5/7
Installing : telepathy-gabble-0.7.26-2.fc11.x86_64 6/7
Installing : empathy-2.26.2-1.fc11.x86_64 7/7
Installed:
empathy.x86_64 0:2.26.2-1.fc11
Dependency Installed:
avahi-gobject.x86_64 0:0.6.25-3.fc11
loudmouth.x86_64 0:1.4.3-5.fc11
telepathy-filesystem.noarch 0:0.0.1-3.fc11
telepathy-gabble.x86_64 0:0.7.26-2.fc11
telepathy-haze.x86_64 0:0.3.1-1.fc11
telepathy-salut.x86_64 0:0.3.9-1.fc11
Complete!
or
# apt-get install empathy
based on your distribution. you can also build it from the sources. I use Fedora 11 and i had to have farsight2 and gstramer-plugins installed to get video and voice calls working. Once empathy starts you can add your yahoo and gtalk accounts…even MSN accounts without any problems. Just remember to change the default ports to 80 instead.
Video and Voice using gtalk work flawlessly.
I like the smoother interface of Empathy and the clean look. Thanks to the team, they did a wonderful job.
Getting help
Powershell is an excellent tool in that, all the required documentation is built into the shell itself. You do not have reference and developer documentation etc., as you do a lot with vbscript.
help <cmdlet or alias>
will give you the needed help required with the syntax. If you need a more detailed help explaining all the options or examples, then just use the switch –detailed or –full
help <cmdlet or alias> –full
help <cmdlet or alias> –detailed
eg: help <Get-ChildItem> –full
Help feature also supports wildcards. ie., if you are looking for a cmdlet to stop a process, then you could simply “help *process* ” as shown below:
from the above, it is relatively easy to figure out that, “Stop-Process” is the cmdlet, you can use to stop a process. Quite powerful isn’t it.
Working with Aliases
Using Aliases instead of cmdlets is convenient. ‘causing typing long cmdlet names is not only cumbersome, its also prone to mistakes, and you easily get frustrated if you use them regularly. So, to keep your sanity, PowerShell provides the alias feature. If you are from the *nix world, then you already know what alias is. Aliases can be used to call the cmdlets with shorter names for convenience instead of using their full cmdlet names.
dir, ls, copy, cd are system assigned aliases for Get-ChildItem, Copy-Item, and Set-Location. PS has many more aliases and to list them, you can use the command…..wait, how can we find out what command do we use…let’s try using help here.
Looking at the output, I am tempted to try “Get-Alias”
That’s it. That how we explore the power of PS.
If I want to know the available aliases for Get-ChildItem, then I have to look at help to see all the option and switches provided by the cmdlet.
PS> help Get-Alias –full
shows this interesting example
Exactly what we need. Now let’s try that.
Understanding the above command in its simplest form(don’t get hung up on the functions, neither will I), its piping the output of the get-alias command and filtering out only the data where “Get-ChildItem” exists in Column “Definition”. Awesome…. Now this means, that PS also supports piping.
You can create your own aliases using the “New-Alias” command option. We have seen this in the second screenshot (help *alias*). The command syntax can be obtained by looking up help on New-Alias.
In its simplest form, you can use the command as below:
PS> New-Alias –name d –value GetChildItem
or
You could also specify it as below:
PS> New-Alias d GetChildItem
‘cause PS does not require you to specify the positional parameter name, if its specified in the right order. ie., in this case the first parameter that New-Alias takes is “-name” and the second parameter that it takes is “-value”. As long as we have the right values in the right order, PS will interpret them properly.
To check if the command worked, lets retry the get-alias command using where_object filtering:
Yes, “d” does show up as an alias. Lets run the command:
Delete an Alias
I’m not sure if you remember the screenshot from Day One, which reveals that Alias is also loaded as a PSDrive. which means I can also get a list of aliases by issuing a “Get-ChildItem” or “dir” against it as shown below:
which also will probably allow me to use “Remove-Item” to remove any alias that I do not need. Let’s try it.
Yup. That worked.
Finding the required cmdlet
In the beginning of this post, we used “help” command to search for required cmdlets. This is only looking at the documented help topics to get you the required information. If there are cmdlets that are not documented, then you would not find them. To find any cmdlet, you should ideally use the “Get-Command”.
Just issuing “Get-Command” by itself will list all the available cmdlets in the shell.
To understand the syntax of Get-Command let’s run “help Get-Command”
Notice the “-verb” and “-noun” parameters. This is what makes Get-Command powerful and useful in searching cmdlets. Remember on Day One we talked about how PS uses verb-singularnoun convention to name all its cmdlets. The power of doing so is revealed now.
eg: you want to look for a process on your machine and kill it, and we obviously do not know the cmdlet to do that. So lets use Get-Command to achieve this. Since we want to look at process let’s ask for all command lets that match the noun process.
So, we have two choices with processes. “Get-Process” and “Stop-Process”. See how powerful and easy it makes finding cmdlets. In addition to this the parameters support wildcards too as shown below
PS Snap-ins
Cmdlets themselves are packaged in snap-ins. Each snap-in adds additional functionality and cmdlets to the shell. Very much like mmc snap-ins. The cmdlets used to manage snap-ins can be found by using the Get-Command described above.
We can make an educated guess, that Add-PSSnapin is to add new Snap-ins and Remove-PSSnapin is to remove Snap-ins from the shell. Get-PSSnapin is probably used to get details about a Snap-in. Let’s check.
As evident, running Get-PSSnapin, when run by itself, lists all the available snap-ins on this computer. We also notice that it can used to search for a particular snap-in using the –name parameter, which also accepts wildcards. In this case, we tried to look for any snap-in that has the word “Utility” in it.
To see available cmdlets in a snap-in, we may have to look at Get-Command cmdlet’s syntax more closely.
oh, wait, yes, Get-Command takes –pSSnapIn as an argument. Wonderful. Let’s try that:
This is nice if you want to find the cmdlets in a particular Snap-in.
PipeLine
When a cmdlet runs, its actually working with the actual objects and outputs the actual objects. These objects by default are piped to a default cmdlet Out-Default. Out-Default command is the cmdlet which actually converts the output a cmdlet, to text and displays it on the console. To prove this, try the below:
The output of both the commands is same. This shows you that all cmdlets run in a pipeline as shown below
Sometimes, there are cmdlets that only process the input, but produce no output. Like Stop-Process. Stop-Process can take its input, and stop the process as shown below, but will not produce any output.
These kind of cmdlets often have a “-passThru” parameter which passes the input back to the output for further processing, as shown in the example below:
Notice how the –PassThru parameter actually passed the object after its done processing, back into the pipe, in this case to the default Out-Default, resulting in displaying the process that’s being stopped. This is awesome.
You could also create HTML files with ConvertTo-HTML parameter eg: If you wanted to look at the 10 newest application log events into an HTML file, you would do that as below:
In this case the pipe would look like below:
This pipelining feature puts awesome power in the admin’s hands.
Getting help
Powershell is an excellent tool in that, all the required documentation is built into the shell itself. You do not have reference and developer documentation etc., as you do a lot with vbscript.
help <cmdlet or alias>
will give you the needed help required with the syntax. If you need a more detailed help explaining all the options or examples, then just use the switch –detailed or –full
help <cmdlet or alias> –full
help <cmdlet or alias> –detailed
eg: help <Get-ChildItem> –full
Help feature also supports wildcards. ie., if you are looking for a cmdlet to stop a process, then you could simply “help *process* ” as shown below:
from the above, it is relatively easy to figure out that, “Stop-Process” is the cmdlet, you can use to stop a process. Quite powerful isn’t it.
Working with Aliases
Using Aliases instead of cmdlets is convenient. ‘causing typing long cmdlet names is not only cumbersome, its also prone to mistakes, and you easily get frustrated if you use them regularly. So, to keep your sanity, PowerShell provides the alias feature. If you are from the *nix world, then you already know what alias is. Aliases can be used to call the cmdlets with shorter names for convenience instead of using their full cmdlet names.
dir, ls, copy, cd are system assigned aliases for Get-ChildItem, Copy-Item, and Set-Location. PS has many more aliases and to list them, you can use the command…..wait, how can we find out what command do we use…let’s try using help here.
Looking at the output, I am tempted to try “Get-Alias”
That’s it. That how we explore the power of PS.
If I want to know the available aliases for Get-ChildItem, then I have to look at help to see all the option and switches provided by the cmdlet.
PS> help Get-Alias –full
shows this interesting example
Exactly what we need. Now let’s try that.
Understanding the above command in its simplest form(don’t get hung up on the functions, neither will I), its piping the output of the get-alias command and filtering out only the data where “Get-ChildItem” exists in Column “Definition”. Awesome…. Now this means, that PS also supports piping.
You can create your own aliases using the “New-Alias” command option. We have seen this in the second screenshot (help *alias*). The command syntax can be obtained by looking up help on New-Alias.
In its simplest form, you can use the command as below:
PS> New-Alias –name d –value GetChildItem
or
You could also specify it as below:
PS> New-Alias d GetChildItem
‘cause PS does not require you to specify the positional parameter name, if its specified in the right order. ie., in this case the first parameter that New-Alias takes is “-name” and the second parameter that it takes is “-value”. As long as we have the right values in the right order, PS will interpret them properly.
To check if the command worked, lets retry the get-alias command using where_object filtering:
Yes, “d” does show up as an alias. Lets run the command:
Delete an Alias
I’m not sure if you remember the screenshot from Day One, which reveals that Alias is also loaded as a PSDrive. which means I can also get a list of aliases by issuing a “Get-ChildItem” or “dir” against it as shown below:
which also will probably allow me to use “Remove-Item” to remove any alias that I do not need. Let’s try it.
Yup. That worked.
Finding the required cmdlet
In the beginning of this post, we used “help” command to search for required cmdlets. This is only looking at the documented help topics to get you the required information. If there are cmdlets that are not documented, then you would not find them. To find any cmdlet, you should ideally use the “Get-Command”.
Just issuing “Get-Command” by itself will list all the available cmdlets in the shell.
To understand the syntax of Get-Command let’s run “help Get-Command”
Notice the “-verb” and “-noun” parameters. This is what makes Get-Command powerful and useful in searching cmdlets. Remember on Day One we talked about how PS uses verb-singularnoun convention to name all its cmdlets. The power of doing so is revealed now.
eg: you want to look for a process on your machine and kill it, and we obviously do not know the cmdlet to do that. So lets use Get-Command to achieve this. Since we want to look at process let’s ask for all command lets that match the noun process.
So, we have two choices with processes. “Get-Process” and “Stop-Process”. See how powerful and easy it makes finding cmdlets. In addition to this the parameters support wildcards too as shown below
PS Snap-ins
Cmdlets themselves are packaged in snap-ins. Each snap-in adds additional functionality and cmdlets to the shell. Very much like mmc snap-ins. The cmdlets used to manage snap-ins can be found by using the Get-Command described above.
We can make an educated guess, that Add-PSSnapin is to add new Snap-ins and Remove-PSSnapin is to remove Snap-ins from the shell. Get-PSSnapin is probably used to get details about a Snap-in. Let’s check.
As evident, running Get-PSSnapin, when run by itself, lists all the available snap-ins on this computer. We also notice that it can used to search for a particular snap-in using the –name parameter, which also accepts wildcards. In this case, we tried to look for any snap-in that has the word “Utility” in it.
To see available cmdlets in a snap-in, we may have to look at Get-Command cmdlet’s syntax more closely.
oh, wait, yes, Get-Command takes –pSSnapIn as an argument. Wonderful. Let’s try that:
Day one
What is Powershell ?
Install Powershell
You have to download and install Powershell for windows XP and Vista, but its included in Windows 2008 and windows 7 by default. You just have to enable the feature in Windows 2008.
Lets Begin
start the powershell prompt.
A powershell prompt looks very much like a windows command prompt and almost all of the windows commands work well in the powershell command window with a few exceptions. For all of you unix lovers and that includes me, most of the unix commands work well inside powershell too.
Lets start with Dir
Dir command without any switches works exactly the same way it would in a command prompt.
Dir c:
but wait Dir c:\program files will not work without the quotes surrounding it, ’cause powershell treats “space” as the delimiter between command and its parameters. So, you should surrounding your path with quotes, to enable powershell to see the whole path properly
dir “c:\program files”
Powershell comes with a ton of help, that is readily accessible by using help <commandname>. The help context also supports wildcards.
Help <commandname> -full
will give you a very detailed explanation of the command with examples too.
Type in help dir
did you notice that the actual command is called Get-ChildItem. And it provides a bunch of parameter options like -recurse etc., This leads me to believe that “dir” or “ls” are probably aliases for the command Get-ChildItem. I’ll probably find out as i go. Personally, i would think its better to stick with the actual cmdlets (yes, these commands are implemented as scripts called cmdlets), than with the aliases, ’cause it will help you get acquainted with the cmdlets and understand the code better as we move on, atleast for the duration of learning powershell. Once you get into actual implementation in real life, its up to. As for me, I’m going to stick with the cmdlets.
So to list a directory:
Get-ChildItem c:\perflogs
or
Get-ChildItem “c:\program files”
to recursively display a folder content
Get-ChildItem -recurse “c:\program files”
gives a long listing, use Ctrl +C, looks like that works in powershell as “Break” too.
PowerShell has the unique ability to navigate an hierarchical structure just like a file system viz., registry or active directory or storage systems. This is awesome, so you could navigate registry like below:
Get-ChildItem HKCU:
will list out the contents of HKEY_CURRENT_USER
Guess what the below command does:
Get-ChildItem HKCU: -recurse
you could also change your current location into the registry viz., below:
cd HKLM:\Software
or Set-Location HKLM:\Software
(yes, “cd” is the alias for cmdlet “Set-Location”, as i said, I’m going to stick with cmdlet names instead of aliases)
Same thing can be applied to Environment Variables also. Eg:
Set-Location ENV:
Get-ChildItem ENV:
Get-ChildItem ENV:\systemroot
Copy Items
“Copy” is another most used dos command. And the it works the same in powershell too. “Copy” is an alias for cmdlet “Copy-Item”.
Help Copy
or
Help Copy-Item
will reveal all the switches available for the cmdlet. Most commonly use switch would probably be “-recurse”
Delete Items
RD, Del or rm will work exactly as expected, but the underlying cmdlet for all this is “Remove-Item”
you could use rd or del or rm to achieve the same result eg:
rd c:\temp\test.txt
or
del c:\temp\test.txt
or
Remove-Item c:\temp\test.txt
you could also use the same “-recurse” switch to recursively delete folders.
Read contents of a file
Most of us are used to “TYPE” or “CAT” commands to achieve this. The same works in PowerShell too. Eg:
type c:\temp\test.txt
cat c:\temp\test.txt
or use the cmdlet directly
Get-Content c:\temp\test.txt
PowerShell Drives (PSDrives)
As we have seen, powershell lets you navigate registry, storage systems, environment variables etc., using simple navigation commands that we are used to. It can do that, ’cause it loads them as Psdrives or PowerShell Drives.
To see a list of all these PowerShell drives, which you can navigate, type in the below:
Get-PSdrive
This will show you all the drives that PowerShell has loaded. The power of navigating through certificate stores, Environment Variables and functions is amazing.
Did you notice that PS (PowerShell) has loaded “alias” as a drive. So lets see all the aliases that PS has built-in by listing the contents of the drive.
Get-ChildItem alias:
WOW!, that’s a nice list of aliases that can be used. It would be handy to have a printed list (cheatsheet)
of these aliases that you can pinup at your desk. I’ll make one up.
Cmdlet Naming syntax
The beauty of the long names is that, they have a consistent naming syntax. Each command has a verb-Singularnoun, syntax. ie., the cmdlet starts with a verb viz., get, remove etc., and ends with the singularnoun, ie., ChildItem, content, Psdrive etc., Stress on the word Singular, ’cause none of the commands actually end in plural, there is no Get-ChildItems or Get-Contents. Cmdlets nouns always are Singular.
Eg: issue the command below to see a list of all cmdlets available to powershell
Get-Command
Notice how all the cmdlets start with a verb, and end with a singular noun. None of them have a plural form.
The reason, this is done, is that, it is easier to search of a particular cmdlet, when needed.
Hope you have already started to ride with me and will continue …….
Running Windows XP as the non-admin is one of the primary safeguards you can take to protect yourself. Remove your active user account from administrator group and the Power User group, or create a normal user account and start using that account instead. Always make the regular user account member of Network Operators group. This will enable them to change their network setting like IP address and gateway etc.,
It is relatively easy to upgrade your privileges to an admin account in order to install software or run any other administrative tasks if required. The simplest form of this is to run a command prompt as administrator and run all your administrative tasks from that command window.
c:\> runas /user:administrator cmd.exe
This will open up a command prompt and ask you for the password of the local user account “administrator”. Provide that and if successful, it will launch a plain old command prompt console. From here you can launch or perform most of the administrative tasks including install new softwares, IE plugin’s etc., The command to launch most common applications are listed below:
Task
TASK
Command
Add/Remove programs appwiz.cpl Administrative Tools control admintools Computer Management compmtmt.msc Date & Time timedate.cpl Device Manager devmgmt.msc Display properties desk.cpl Event Viewer eventvwr.msc Internet Properties inetcpl.cpl Local Users and Groups lusrmgr.msc Mouse properties main.cpl Network Connections ncpa.cpl Power configuration powercfg.cpl Printers And Faxes control printers Registry editor regedit Scheduled Tasks control schedtasks Services services.msc Sound and Audio settings mmsys.cpl System Properties sysdm.cpl Windows Task Manager taskmgr Windows Firewall Settings firewall.cpl
Some commands useful in XP professional or windows domain env. are as below
|
TASK |
Command |
| Group Policy Editor | gpedit.msc |
| Computer Managment | compmgmt.msc |
| Security Center | wscui.cpl |
| Group policy update | gpupdate |
| Disk Management | diskmgmt.msc |
But before you launch any applications, you should make a registry edit, to change the value of HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Separate Process value to “1”. To do so, launch the command prompt as the administrator using the command below:
Now in the command prompt, type in regedit. This will openup registry editor for you. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, and change the registry key “SeparateProcess” value to “1” as shown below":
Without the registry entry, more than half the commands listed will fail, or will produce no output.
You can right-click on any executable and select “Run as” option as shown below, to launch an installation or any executable:
You will not be able to do the same with MSI install packages. You will have to launch a command prompt as administrator, navigate to the location of the MSI installer package and execute it from there.
And, yes your observation is correct. I customized my administrator command window to look different. It is fairly easy to do so with cmd.exe extensions. I have a shortcut made on my desktop to launch the command prompt as administrator. The shortcut is as below:
%windir%\system32\runas.exe /user:administrator "cmd.exe /k cd c:\ && color f5 && title *****Local Admin console *****"
I also have a shortcut key assigned, enabling me to launch the administrator command window, from my keyboard. In my case, I have it as Ctrl + Alt + L.
There are couple of limitations as to what you can and what you cannot do with this administrator command prompt window. One major drawback is that you cannot launch Windows Update from this window. But this draw back is easily overcome by adjusting your windows update parameters in control panel to update automatically.
You can Launch Windows Explorer as administrator by typing in “Explorer” in the command window
You can launch IE as an administrator (useful, when you have to update adobe flash plugin etc.,) by typing the complete path to IE as shown below:
There are a lot of tasks you can perform using the windows command prompt launched as the administrator. Running as a limited user will help you stay safe, and the “Run as” options listed above will ensure that you do not miss the functionality either.
Keeping Windows Safe and Protect against Spyware and Malware
How can I stay virus-free or malware/spyware free, without disconnecting myself from the world. This is a question I get a lot from friends and family a lot. Windows XP puts a lot of power in the hands of the user and we quite often forget the capabilities and the powerful credentials which we use, until we get infected by a spyware or virus. My personal experience has been that, most of the anti-viruses or anti-spyware tools fall short to some extent, some greater than the other. The most commerical anti-virus programs are the ones that are the worst protectors in most of the cases. Also, as users we often find that we do not update the signatures as often as required, and we do not even update the operating system and the tens and hundreds of softwares and drivers we use on our systems.
An average computer uses atleast 30-40 different drivers on his machine. Almost all of these drivers run as the system user, the highest possible privilege that an any process can run as. The system account has unchallenged power/privilege on the system. An unpatched machine may have known vulnerabilities viz., buffer overflows, which can be targeted for an attack, and exploited. A process that has been compromised using these exploits can alter user experience dramatically, without the active user’s knowledge. In most cases, a spyware process running as the system user account can spawn new threads, or even new processes, can attach itself to any other process it needs to and can most definitely hide itself from the process list thereby totally evading detection from the trained eye. Most importantly it can disable any anti-virus or anti-spyware programs from either starting or alter their behavior such that they do not update themselves or report any problems ever.
There are umpteen number of attack vectors that an average computer user or a casual Internet user may not know of or even understand or comprehend. Technology has advanced so much and it has made computing and computer interaction totally seamless for the end-user, be it for business applications, social networking or casual browsing. The complexity of the software architecture and networking technologies behind keeping everything running has to be seamless for the advent and adoption of computers, Internet and its related technologies.
But luckily, its relatively easy to stay safe in this big bad world of Internet. And best of all, it doesn’t have to cost you anything.
I’ll list down the safe measures that I recommend and follow. Based, on my experience, this has helped a lot of computers stay safe and relatively unaffected by most epidemics.
a) Never use your computer/system as an administrator or any user with administrative privileges. This includes Power User privileges. The default account most people use on their windows XP home computers is an administrator. This leaves the user open to spyware/malware and virus attacks. I have a whole blog about running as a non-admin user here.
b) Inspite of the weaknesses I mentioned above, you should always use an anti-virus and anti-malware. For Anti virus, I recommend Avira. Its not memory intensive or processor intensive, and has one of the best protections around for the price (free). I recommend it over anti-virus programs such as symantec, mcafee or AVG. Spyware Doctor, which also comes as part of Google Pack, offers the best free protection from spyware available in the market today. The basic version/free version does not protect you in real-time, but if you follow all the steps in this blog, then you can still be safe without real-time protection.
c) Ditch IE as your browser. I agree that IE is one of the most easiest, and most user-friendly browser to use. But its also one of the most targeted browser for attacks. Try firefox. Firefox has some nifty add-ons that make it one of the best versatile browser in the market today. Using firefox with Adblock, and NoScript addons protects you from dangerous popups and scripts that can get you infected. NoScript publishers update thier software very often to protect against new spyware and malware infection techniques. A how to on adding these addons and using them in real world is detailed here.
d) Update Often. Configure your windows to update as soon as possible. Windows Update system is one of the best update tools available out there. Configure it to automatically download updates in the background and install security updates immediately. Since this will run as a service and do all the work for you in the background, you don’t have to login as an admin to update your system.
e) Check for latest updates on any 3rd party softwares and update them too.
f) Due diligence is also one of the most important factor in keeping your system safe. The weakest link in system security is the end-user.
1. Always use a complex, non-dictionary based password to protect your computer.
2. Don’t create or use any user account without a password assigned to it.
3. Keep changing your passwords often, atleast once every 90 days.
4. Don’t visit sites you have no business going to, and these include clicking on funny video links in your emails, or any celebrity naked pictures links sent by unknown people or even friends and family. Internet Porn and online videos are the leading sources of spreading spyware/malware or viruses.
5. Don’t fall for fraudulent emails a.k.a phishing attacks. Never click on any link received in an email. There is hardly any easy way for the end user to know that he is being directed to the correct website. If you need to go to Paypal or bank sites or any other site, type in the website URL in the browser yourself. Your financial or social institutions will never email you asking you to check back into the site using a link, to verify your username or anything.
6. Be vigilant. I has known one too many users who just clicked on some pop-up windows or message popups, thereby allowing themselves to be willing infected. Its one of the easiest mistakes to do, and the most fatal too. So be vigilant and careful about what you are clicking on. A moment of patience, will save you hours of frustration and couple of hundred dollars in trying to get your computer fixed.
There are one too many options when it comes to using a Unix Email Gateway. Some complicated to install and manage, and some do not provide all the needed features. Hands-down MailScanner is one of the best Anti-SPAM engines out there. But it does not have a built-in web GUI. There is one web GUI available for people who want to check out MailScanner in its true form, MailWatch. But even Mailwatch leaves a lot to be desired out of a SPAM interface and end-user interface. Before you Mailwatch fans flame me out, I will admit that Mailwatch has been the leading UI to work MailScanner, and I personally used it for a long time, i.e., before I laid my hands on MAILCLEANER.
MAILCLEANER is simply one of the best open-source SPAM gateways available out there. It is offered as a complete solution. Its an out-of-the-box solution, that can be used as a virtual image or installed on to a server. The author of MailCleaner does a good job of answering questions on the forums, though the updates are not as often as you would like them to be.
You can download the install set from the product’s main open-source site MailCleaner. If you can afford it, the author also has a commercial offering here.
As known universally, its never a good idea to expose your organization’s primary email server to the Internet directly. Yes, even if its just port 25. ‘cause if you ever become the victim of a comprise which results in a Denial-Of-Service of the server or the server crashes, then:
a) incoming email capability is lost (no incoming emails/communication, from clients, vendors, customers and prospects)
b) outgoing email capability is lost (no outgoing emails/communication to clients, vendors, customers and prospects)
c) all internal email communication is also lost.
A typical deployment scenario for this would be like below:
OR
Yes, MailCleaner can only be used as an incoming email/SPAM gateway, which is adequate and suffices most of the small/medium size business requirements.
Installation is pretty straight forward, pop the CD in and boot.
Selecting the highlighted option will erase all disks on your system and install Mailcleaner. The installation itself is completely automated, and requires no user interaction. Once the distribution is installed, you can login using the default credentials below:
user: root
passwd: def
As always it is highly advisable to change the default password immediately on login. You can change that using the command below:
# passwd
After you change the password, the first thing you want to do is change the keymap, ‘cause the default keymap for MailCleaner is French. This could get tricky ‘cause the “/” key is located above “7”. So if you wanted to type in a forward slash “/”, then you would type in “Shift +7”. Also the keys for “y” and “z” are interchanged, in the french layout.
To change the keymap you have to issue the command below (for US keymap):
# loadkeys /usr/share/keymaps/i386/qwerty/us.kmap.gz
remember to use “Shift+7” for “/” and “z” for “y” and “y” for “z”
To make this change permanent, you have to copy the file /etc/console/boottime.kmap.gz as below:
# cp /usr/shar/keymaps/i386/qwerty/us.kmap.gz /etc/console/boottime.kmap.gz
The default IP address of MailCleaner is as below:
to change the default IP and assign your own static IP (Yes, you should assign it a static address, assigning a DHCP is a bad bad idea), you have two options
i) run the ip_configurator script in the system as below:
# /root/bin/ip_configurator
ii)you have to edit /etc/network/interfaces file and change the entries. To do that type in the below command:
# nano /etc/network/interfaces
Now you are ready to run the MailCleaner install set. To start the installation type in the below command, and follow through the various prompts. Defaults will suffice for the most part. You may customize it if you choose:
# /root/mailcleaner_install.sh
Host ID has to be “1” if this is the first mailcleaner server in the network. And the final option
“process with an interactive installation (y/N): N
The answer should be “N” for first time installers, otherwise you will get errors and the installation will fail. After answering “N”, mailcleaner install script will go ahead and build a bunch of modules and dependencies. This will take a while depending on your system. One done. go ahead and visit the webpage of mailcleaner
/admin">/admin">/admin">/admin">http://<hostname>/admin
or
/admin">/admin">/admin">/admin">http://<IPaddressOfYourMailcleanerServer>/admin and login using the admin account and the password you configured in the previous install step
Configuration aspects of MailCleaner coming up soon…….
I have a lot of friends and colleagues who ask me about searching files in unix. Most of them are web-developers and graphic designers, who are typically not from the Unix world and are intimidated by the console world. This blog is mainly for them.
find is a very powerful command, the only problem is figuring out how to use it to get the result you want. In its simplest form, the syntax of find command looks like this:
$ find path parameters/operators
path is the path where you want to search for the files, and parameters/operators are usually the criteria on which you want to find the files eg: name, date etc.,
most common form of find command would be as below:
# find / –name Downloads
The above command will search the complete filesystem for a file/folder named “Downloads”
The other options that are available are
find –name filename find the file filename find –perm mode finds the files based on the permission/access mode. Access mode here has to be specified in octal viz., 640 etc., find –type c finds files based on the filetype, viz.,
b for block special files
c for character special files
d for folders or directories
f for plain files
l for symbolic links
p for Named pipe files
s for socket filesfind –name username find files owned by the user <username>. username can be specified as UID find –group groupname find files owned by the group <groupname>. groupname can be specified as GID find –size n find files by their size. n denotes blocks. each block is 512 bytes. +n can be used to look for files larger than n blocks. find –atime n -
mtime n -ctime nfind files last accessed n days ago. to make this command even more powerful, you could use –n to say files accessed less than n days ago. same as –atime, except that it looks for content modified time
same as –atime except that it looks for access mode changed time
find –newer file finds files that have a modified time stamp that is more recent than the file specified find operator1 –a operator2 find files that match operator1 and operator2. this is the default behaviour when two operators are specified, so –a is optional find operator1 –o operator2 find files that match operator1 or operator2 find !operator find files that do not match operator find \{expression \} find using regular expressions…very complex and powerful prints the output to standard output ie., console -exec command executes the command. command must end with \; as shown in the example below:
# find –name “*.mp3” –exec rm –rf {} \;
the above command will search for files with extension “.mp3” in the current folder and delete them.
{} in the above command will ensure that the complete path of the file is passed onto the command.-ok command works exactly like –exec command, except that in this case, it prompts the user before executing the command
Some examples:
$ ls –l `find . –type l -print`
find . –type l –print in the above command will print all the symbolic links in the current directory. –print will print it to standard output, in this case, it is being redirected to ls –ld, which in turn will print them in a long listing format.
$ find . –atime 4 –print
will find files that were last accessed 4 days ago
$ find . –mtime 7 –print
will find files that were modified 7 days ago. You also specify a range of time.
$ find . –mtime 7 –mtime –9 –print
will find files that were modified between 7 to 9 days ago.
If you wanted to delete all the files in the current directory and sub-directory that have not been accessed in 90 days, then you would use the command below:
$ find . –atime +90 –exec rm –rf {} \;
pretty powerful isn’t it. you could also tweak this command to delete only the log files like *.log or *.tmp easily.
$ find . –atime +90 \(–name “*.log” –o –name “*.tmp”\) –exec rm –rf {} \;
Combining GREP and FIND
If you wanted to search for a particular word in all the files of a particular directory, then you could do a command substitution with grep as below:
$ egrep ‘findme’ `find . –type f -print`
There is a lot more we could do by combining the power of find with other commands. We barely scratched the surface here.
I have come across couple of admins who have fought with this problem often. They want to delegate the unlock account function to more accessible, help desk team and are unable to do so. Funny way, Microsoft team thinks, this facility though readily available in Windows, is hidden from view. There is a dat file called dssec.dat in c:\windows\system32 folder. You will also see it in your workstation if you have administrative tools installed.
Just open this file with a text editor viz., notepad or Notepad++ (even better), and search for a string called “lockoutTime”. Its located under the “[user]” section.
Change the value from “7” to “0”, save the file and exit.
Now Right-Click on the OU that you want to delegate permissions on, and select properties.
Click on the security tab (if you don’t see one, then you have to click select View –> Advanced Features on the menu bar)
Click on Advanced. click on Add user, enter the username and click on “ok”. In the Permissions Entry window select the “Properties” tab. Drop down the Apply onto list box and select “User Objects”
ReadLockoutTime
You will see two new persmissions as seen in the figure above. “Read lockoutTime” and “writelockoutTime”. Any user with these two permissions will be able to lock and unlock user accounts, in that OU.
Cheers
Everyone has a right to their opinion, a fundamental right bestowed upon us by free democratic constitution. Being in the IT field for over 14 years, i have used a variety of Operating systems ranging from the very Basic DOS to the most current version of Windows 2007 beta.
I have been an avid fan of open-source and have always been a fundamental catalyst of change towards adoption of open-source technologies to my peers, friends and family. I have used a lot of Fedora and Ubuntu. I have implemented a lot of open-source technologies both for work and personal use. I like Ubuntu for its small distribution size both for desktop and server use.
For someone who has not tried it yet, Ubuntu is as close to user-friendly as it can get, to match Windows OS. But the scary fact that I have run into is that, it is becoming one of the unstable distributions that one can find for a Desktop OS, closely following Windows. Stability is the key reason I prefer to host my apps on Linux rather than on Windows (other than cost 
). All my network tools run on Linux Platform. All key network services in my network, are hosted on Linux.
Fedora on the other hand, has always been consistent with providing a reasonably stable desktop OS. Its Server version, called CENTOS (though both projects do not seem to be related at all) built to be as close as possible to the commercial REDHAT Linux versions is the most stable, free OS that I have come across. Fedora’s install set is huge compared to Ubuntu, largely due to the multitude of installation options that come with it. The basic install of Fedora can still run into couple of gigabytes. But the stability of the systems installed with Fedora is unparalled compared to Ubuntu.
Another issue for users like me is the removal of ubuntu packages from the repositories, thereby leaving me high and dry, if I wanted to add new packages. Yes, yes, before all of you ubuntu geeks lambast me, informing me to keep up and upgrade, I have to tell you that ideally, i don’t have to upgrade a linux distro, until and unless, i see a security problem in the kernel or unless i need support for some newer devices. On Fedora on the other hand, you can keep an old version and upgrade or re-install only the packages you need. This feature alone is a very important to maintain a usable server.
Ubuntu has now stepped into the mainstream with being the only alternative choice of Operating System that comes pre-installed from desktop/laptop vendor Dell. Rumors are that, soon others will follow. Fedora is yet to see anything close to that. Ubuntu, being a Debain distribution enjoys the user-friendly nature of apt, that actually revolutionized nature of application installations on Linux as a whole. Dependency resolution has long been an issue that was not addressed effectively in REDHAT or SUSE world until APT showed up in Debian. DEBIAN by the way, was a distribution built by Ian Murdock and his wife Deb, and hence the name Debian.
Yum an equivalent of APT for REDHAT or RPM based distributions was plauged with problems in its early development stages. But now with FC9 and FC10, the number of packages available via YUM is no less than APT. Yum like wine has gotten better with age, a boon that FC users like me were waiting for. Fedora has long enjoyed faithful users, while Ubuntu on the other hand is more like the new fad, that everyone is jumping into. Don’t get me wrong, I do agree that Ubuntu is the reason, common man knows about Open-Source technologies and how useful they can be. Ubuntu has brought Linux into the mainstream. Ubuntu has been the push that Linux has been dreaming about.
I now moved all my Ubuntu boxes back to Fedora, and love being an FC geek now. I realized that I missed the geek factor in Ubuntu.
