Shellx.eskimo.com will now accept connections via VNC. Various resolutions and color depths are available:

• Port 5900 (display 0) 1024×768 Color Depth 16 bits
• Port 5901 (display 1) 800×600 Color Depth 16 bits
• Port 5902 (display 2) 640-480 Color Depth 16 bits
• Port 5903 (display 3) 1024×768 Color Depth 8 bits
• Port 5904 (display 4) 800×600 Color Depth 8 bits
• Port 5905 (display 5) 640×480 Color Depth 8 bits
• Port 5906 (display 6) 1680×1050 Color Depth 16 bits
• Port 5907 (display 7) 1280×800 Color Depth 16 bits

VNC is an older protocol for remote consoles.  NX is far superior in terms of performance and security, however, VNC is more widely available.  You can get VNC viewers for smart phones and tablets. NX is pretty much limited to Mac OS-X, Windows, and Linux.

On Apple, I recommend Chicken or Chicken-of-the-VNC, Chicken is an offshoot of Chicken of the VNC and works pretty much the same except that it has the ability to tunnel over ssh built-in.

If you are using “Chicken” or other VNC viewer that has built-in ssh tunneling, be aware that the login that ssh is going to try to use on the destination machine is the login you are using on the originating box.  If the VNC viewer gives you a place to add ssh options, you can add -l login (where login is your login here), otherwise, you will either need to change your login on your originating machine to match or setup an ssh tunnel manually.

On Linux, TigerVNC Viewer.

On Windows TightVNC Viewer.

Connecting to VNC directly is insecure because login, passwords, and any text typed goes over the connection unencrypted.  However, it is possible to forward over SSH and avoid these problems.  With Chicken or Chicken of the VNC, all you need do is check the box that says forward over ssh.  Your username on your machine must be the same as here for this to work because it doesn’t prompt for a login.  For other platforms you’ll need to setup forwarding manually.  I’ll write more about this after I figure it out myself.

This is an alternate way to get a full Gnome desktop from our server on your machine.  It is not as efficient as NX but less buggy.  You’ll get a better image and faster response with NX but NX sometimes takes multiple attempts to connect.  VNC is an older and very well established protocol and there are many VNC viewers available free.

ISOMEDIA will be performing maintenance on network core infrastructure Sunday, September 15th, between 1AM and 4AM Pacific Time. This work may cause two brief disruptions in connectivity lasting up to five minutes in duration while work is completed.

‘bip’ which is an IRC is now installed on shellx.  If you have been using it on shell, it is now available on shellx.

We will be taking various machines down for imaging and rebooting August 31st just after midnight, that is early Saturday morning.

This is necessary to create images for rapid restoration and to upgrade to a newer Linux kernel.

Downtime for any one machine should not exceed about fifteen minutes, but various servers will be affected when the main NFS server is rebooted, so there will be a time when other machines freeze in addition to their rebooting.

I expect maintenance activities will be concluded by approximately 1AM.

A while back someone complained of User DIrectories functioning in their virtual domains.  I recently changed configuration so that they would not function in virtual domains without thinking about the ramifications on CGI scripts which this change broke,

In order to restore functionality to CGI scripts, I backed out this configuration change.

I do not remember who it was that originally wanted them removed, I can remove them from specific domains but it will break the ability to use CGI scripts from that domain (PHP and SSI will still work).

If you want them removed from your domain, with the understanding that CGI scripts will not work, then please send e-mail to support@eskimo.com.

Yesterday, August 27th, normal spam filters were down.

I had compiled spam assassin’s system-wide rules to speed up processing.  Not all of the rules can be compiled.  An automatic sa-update that updates the rules created a situation where non-compiled rules conflicted with compiled and spamassassin aborted.

I changed the cron job that runs sa-update to re-run sa-compile afterwards if there are any rule changes.  Last night an automatic update changed rules and sa-compile ran automatically and everything worked as intended.

I’m looking for volunteers to moderate Eskimo’s Forum.  Actually most posts are unmoderated but there are times when spammers get through and post and I’d like t heir posts to remain for as short of a period as possible.

I’m also interested in any suggestions you may have with respect to how to make the forum more attractive to people so that it actually gets used.

I miss the early days where Eskimites were bouncing ideas off of each other, helping each other figure out how to do new things, etc.

If you are willing to volunteer as a moderator or have a suggestion, please e-mail support@eskimo.com.

One of our customers called today.  Their Windows machine had become infected with a keystroke logger that gave a hacker their bank account information.

We check for viruses in incoming mail, but please be aware that no virus scanner is going to catch everything.  Anytime a virus is released, there is a period of time that elapses before someone who gets infected provides the necessary information to a anti-virus company who then develops a signature that virus checkers use to check for it’s presence.

Also be aware that viruses and other malware, like this keystroke logger, frequently come across the web often bundled with legitimate and sometimes not so legitimate software.

I recently installed something called “Dexpro”, it was a virtual desktop program for Windows.  I have virtual desktops built into Linux and MacOS, and I find them very useful and wanted the same capability for Windows.

Dexpro got good reviews, but when I installed it, without my permission it also installed something called WhiteSmoke Toolbar.  Actually to be more precise, I’m not sure if the website I downloaded from did the installation or it’s installer.  In addition my searches and other things were redirected to the WhiteSmoke website.

I removed the toolbar from the browser and reset my search engine preferences back the way I thought I had them but when I attempted to use add/remove programs to get rid of it from my machine, it aborted the attempt.  I attempted to use several third party application removal programs, they all failed.  Finally, I deleted the files (that I knew about) manually and went in and deleted the registry keys.

I thought I had rid myself of this awful beast but when I attempted to fire up Flyff (a MMORPG video game), an anti-hacker program packaged with Flyff saw that some of the web queries were redirected to another website, so it wouldn’t fire up and I knew I hadn’t yet rid myself of this thing.

A scan with Microsoft Essentials revealed nothing.  A scan with SuperAntiSpyware found three trojans (and about 300 cookies) but Flyff still wouldn’t run complaining of redirects.

I then did a full scan with MalWareBytes, it found another 17 trojans after which everything seemed to be back to normal.  Still I wouldn’t trust this machine for anything sensitive.

For online banking or anything else security sensitive, consider buying a Mac or loading Linux on your PC.  If you have Windows, don’t depend upon Microsoft Essentials.  It is lightweight and good for gaming as it doesn’t interfere with game I/O much but it lets a lot slip through.  If you must use WIndows for sensitive work, I suggest a good virus scanner like Avast or AVG and in addition MalwareBytes and SuperAntiSpyware.

Windows has a lot of services enabled that the typical home user doesn’t need.  The more services running, the more targets malicious software has to abuse.  It is best to turn off everything you don’t need.  There are two places to turn stuff off that you don’t actually use.  In the start menu, bring up Run, and type in services.msc.

Unless you’re using your Windows machine as an Internet Gateway (I suggest you don’t do this, go buy a $50 router to perform this function more securely), you should disable Applications Layer Gateway.  Also turn off net.tcp port sharing, again, multiple computers, get a router.

If your machine is not part of a Windows network, Disable Server and Workstation. Also disable Computer Browser, if you’re not on a Windows network there are no other computers to browse.  Turn off distributed link tracking client.  No network, no NTFS files to transfer between computers.  Same for distributed transaction client, no network, no distributed transactions.

If you’re not hot swapping hard drives, turn off logical volume manager.  This service looks for volumes when you plug in a new device.  My advice is to shut it off unless you need it.  If you’ve got thumb drives that you’re swapping in, then you might need it.

If you’re not using volume shadow copy service for backups, disable it.

If you don’t need anything to run automatically at particular times, disable the task scheduler.  As I understand it, this service runs applications with administrative privileges but they can be scheduled without administrative privileges, so it is a potential avenue for privilege escalation.

Remote Access Connection Manager, Remote Helpdesk, these are things someone outside of your machine can use to get in, disable them unless you are actually using them.

The same can be said for the rest of the services.  It is a good idea to Google each one and decide what you need and what you don’t.  It’s also a good idea to create a system restore point before starting so if you mess things up too bad you can get your machine back to where it was.

Turning off unneeded services not only improves security of your Windows machine, it can also significantly improve performance.

I mentioned there were two places, the other is also launched from run, but instead of services.msc put in msconfig.exe.  The msconfig program can also change services but I don’t recommend it, use services.msc for that.  What I do recommend using the msconfig program for is to check the startup section and see if there aren’t unnecessary things being launched there.  For example, Google, Java, and Adobe all have update services, but I’d rather not have them continuously running in the background eating resources and potentially deciding an upgrade is necessary while I’m doing something else, so I disable them all.

Another example is Nero’s inCD which enables you to use a DVD-WR like a big floppy.  However, it interfers with other programs being able to mount CD’s and I rarely (read never) use my dvd-rw for this so I disable it and it’s helper application.

I have an Asus monitor program that reads temperature sensors and such but again I don’t want it running in the background 24×7 so I have it disabled unless I start it manually.

Many gamers play games that require steam, it sucks LOTS of resources just sitting there, so best to shut it off unless you actually want to play a game, then start it manually.  The same goes for Skype.

As with Windows services, turning off applications that aren’t being used saves resources and improves security.

Lastly, in the win.ini and system.ini tabs, if yo don’t have any 16 bit applications left over from the days of 286 processors and Windows 3.11, disable 16-bit support.  If you don’t use Outlook, disable mail support.

Once you do all these things your system will be more secure and faster.  Boot times in particular will be much faster.

 

The severe mail slowdown for those using pop/smtp today between 11:10-11:30 was caused by myself.  I posted to both eskimo-announce and outages-list simultaneously.  Both of those lists contain hundreds of local addresses.  Each address caused a copy of spamassassin to launch for the delivery of that mail address.  This exceeded the memory capacity of the mail server causing it to go into swap and slowdown.

I doubled the amount of memory in the machine and re-tested, after the additional memory, the machine absorbed the list posts without any problem.