Securing network - using ACL

An Access Control Lists (ACLs) is a collection of sequential permit and deny conditions that applies to packets. It let you control whether network traffic is forwarded or blocked at interfaces on a router or switch. Typical criteria are the packet source address, the packet destination address, or the upper-layer protocol in the packet. For example, network users are allowed to access the Internet except using the Telnet program; ACLs allow you to do this.

Basically the ACL definitions provide criteria that are applied to packets that enter or exit a network interface. It provides a mechanism for defining security policies by grouping various access control entries (ACEs) together to form a set of rules. Access and security permission that one network device has to another network device are affected by the entries that make up the ACL. ACEs are not necessarily a negative restriction; in some cases, an ACE is a method of granting a person or device access to something.

Most of the Security Software, for example, Cisco IOS, tests a packet against each ACE in the order they are defined until a match is found. Thus, if a network packet matches the criteria of the first ACE, the switch will apply the specified action to the packet. Otherwise, the switch continues to compare the packet to subsequent ACEs. If there is no match in any of the ACEs, the switch will drop the packet. However, if there are no restrictions, the switch forwards the packet. Since switches process ACEs in order and stops testing conditions after the first match, ACLs should be designed with care to provide good performance. By studying traffic flow, you can design the list so that the most commonly matched conditions be listed first to minimize processing time. Fewer conditions to check per packet means better throughput. As such it is advisable to order the list with the most general statements at the top and the most specific statements at the bottom, with the last statement being the general, implicit deny-all statement.

How to Add a Google Sitemap for Blogger Blog

Sitemaps are a way to tell search engines such as Google and Bing about pages on your site which the search engines might not otherwise discover. It lists pages on your website. Creating and submitting a Sitemap helps make sure that search engines knows about all the pages on your site, including URLs that may not be discoverable by them in normal crawling process.

The default XML sitemap file of any Blogger blog will have only the 26 most recent blog posts. This is a limitation because some of your older blog pages, that are missing in the default XML sitemap file, may never get indexed in search engines. There’s however a simple solution to fix this problem.

Open the Sitemap Generator at http://ctrlq.org/blogger/ and type the full address of your blogspot blog (or your self-hosted Blogger blog). Click the Create Sitemap button and this tool will generate a complete XML sitemap of your Blogger blog that mentions all your blog posts and not just the recently published blog posts.

SkyDrive

Found this service from Microsoft the other day. Like Google toolbar that save my bookmark which I can use whenever access to the Internet, SkyDrive offer free disk space for me to access from anywhere of the Internet using web browser!

What is really cool is 7GB of free online storage! On top of that, maximum file size can be up to 2GB per file. This is really nice feature! User can also configure their file private or share it with contacts or make it to be public.

This is really nice service! See SkyDrive homepage to subscribe for it!

How to access web page without Chrome, Internet Explorer, Firefox or Safari

In networking, sometime while performing network trouble shooting, you may like to quickly test if the connection to a website is available. Without using a web browser, you also can use the telnet command that is available in most of the login terminal like Command prompt, unix login shell or Cisco login terminal.

To test a connection to a website like www.abc.com just key in

How to solve GoDaddy Joomla .htaccess problem

Recently we migrate one of our sites into GoDaddy hosting server. The site used Joomla. However, when uploading all files and creating database in GoDaddy, we faced the .htaccess problem.

Following are summary of solution to Joomla .htaccess problem in GoDaddy hosting plan:

1. Delete .htaccess file if already created. Use the original htaccess.txt file from Joomla distribution and rename it to .htaccess

2. Add the following lines at the top of the .htaccess file

Remove unnecessary services on your PC or server

Whether it is a Windows PC, Cisco router, switches, Linux machine or network enable device, it is recommended to stop unnecessary services that are run by default. Every running, but unused, service on your system maybe a possible means of attack. Users may not even be aware that many of these services are running.

It is important to know the security implication of any network service before enabling it in. For example, a telnet client running on another device on the network can easily establish a telnet session to a system where telnet service is enabled; it needs only the IP address of the system and the port or socket number of the network service running on the system. The rule of thumb for TCP and UDP ports is: Turn off any services or listeners that you do not need for your application to function. One way to check the list of ports running on your system is to go to one of the many web sites that can run a remote scan of your system and tell you how secure the system.

FlvPlayer4Free - play FLV file downloaded from Youtube

One of the way to download video from Youtube to your computer is to use the following web site:

http://clipnabber.com/

Just paste the Youtube web page address (URL) for the video into the Paste URL and then click FLV download link to download the video in FLV format.

The FLV file downloaded can then be view using FlvPlayer4Free. FlvPlayer4Free is a freeware that allows users to easily play their favourite FLV files in the hard disk or from internet.

How to set default printer in Linux or Unix

If you are using terminal setup in Unix systems like Linux, you can configure your default printer by:

1. csh shell version (by editing ~/.cshrc or ~/.tcshrc configuration files%2y

setenv PRINTER your-printer-name

2. bash shell version (by editing ~/.bashrc configuration file)

export PRINTER=your-printer-name

How to generate PS file in Windows environment

In order to create a Postscript (PS) file from Windows applications: simply print from the application, selecting a postscript printer and using the printing option "print to file".

A dialog box will open, allowing you to choose the folder in which you wish to create the PostScript file. Choose a name for the file (a .prn extension will be appended to the filename). When you select Save, the printer driver will save the Postscript file in the location you select instead of actually sending the postscript file to the printer. You may need to change the file extension to .ps after file is generated.

However, very likely, using the printer driver for your own printer will result in files that are targeted at that printer, and hence not completely portable. To achieve portability, you will need to install and use another printer driver. Also you may not have any postscript printer with you at the moment. The solution to this is to install a virtual postscript printer, i.e. install printer drivers without actually having the corresponding printer.

Ctrl-Shift-Eject lock Mac screen

The Ctrl-Shift-Eject shortcut key is useful for Mac users to put the Mac to sleep mode and password protected. This is something like the Ctrl-Alt-Delete feature in Windows which locks the Mac screen. Users will need to key in password in order to access the Mac again.

How to restart CUPS in Linux

Simply execute the following command will restart CUPS (Common UNIX Printing System) service in Linux like Ubuntu:

#/etc/init.d/cupsys restart

By the way, CUPS is the standards-based, open source printing system developed by Apple Inc. for Mac OS X and other UNIX-like operating systems.

How to solve "Another blog is already hosted at this address"

Sometime when you try to publish a custom domain like ipcnetworking.com on Blogger, you may get the message "Another blog is already hosted at this address."

Most of the time, this is due to your DNS setting. Anyway make sure that you stop the web service of Google Apps if you happen to use this service.

One way to overcome this problem which I did with my sites was to configure my DNS as:

mydomain.com.          3600 IN CNAME ghs.google.com.
www.mydomain.com. 3600 IN CNAME ghs.google.com.

With this configuration, you have a "CNAME" referral which points directly to a Google server. When the Blogger script verifies that the domain URLs both point to Google, it can proceed with confidence.

How to uncompress pp_ file (compress form of PPD file)

The pp_ which is coming with printer driver is the compressed form of PPD (Postscript Printer Description) file. PPD files are created by vendors to describe the entire set of features and capabilities available for their Postscript printers.

To uncompress it you, execute the following command:

Example: file.pp_

C:\expand file.pp_ file.ppd

Picasa 3 for photo editing

Few photos start out perfectly. One of the software I use frequently in editing photos is Picasa. Picasa is Google’s freeware for photo management.

How to use RPM in Fedora Linux

RPM is used to build, install, query, verify, update, and erase individual software packages. It was originally designed to work with Red Hat / Fedora Linux. Currently it also works on other rpm-based distributions: Suse, Mandriva Linux, Conectiva and etc.

To install software packages, use the following command:

rpm -i foobar.rpm

To uninstall a software package:

rpm -e foobar.rpm

How to have Adsense appear under the first post in Wordpress blog?

To have Adsense codes only appear after the first post in Wordpress blog and nowhere else, open the index.php file and search for the following lines:

<!--p if (have_posts()) -->
<!--p $postCount=0;-->
<!--p while (have_posts()) : the_post(); $loopcounter++-->
<!--p $postCount++-->

Add the following above these lines:

<?php
$postnum = 1;
%2tshowadsense1 = 1;
?>

Have your page listed in Google Search System

You may submit your website to Google at Add your URL to Google.

This will help Google to be awared of the existence of your site. Anyway, this will not guarantee a listing in the search result. It depends.

How to convert mp4 to AVI in Windows

I usually use Windows Movie Maker which is bundled with Microsoft Windows to edit video taken using digital camera. It supports quite a number of video formats like AVI, WMV and so on. However, MP4 is not support in it so far.

To converting MP4 file into AVI file, we may use Quick Media Converter.

According to Quick Media Converter introduction, it enables users to convert between most audio and video formats, including AVI, DVD, Quicktime, Flash, Xvid, DivX, MPEG, MP3, WMA, MP4, 3GP and many others. Users can convert multiple files (of different formats) in a single process and optionally customize the output settings in Expert Mode.

Port 443 occupied by VMWare Workstation 8

In VMWare workstation 8.0.0, vmware-hostd.exe appears to grab port 443. As port 443 is the default port for https SSL, this may prevent other web servers such as IIS or Apache to start on the system.

One solution for this problem is to change its default ports. With the Shared VMs Workstation preferences, we can disable/enable the server, assign a different port for connecting, and change the Shared VMs directory.

Frontaccounting: OpenSSL PHP extension have to be enabled to use extension repository system

During the installation of Frontaccounting system, your system may face the following warning

"OpenSSL PHP extension have to be enabled to use extension repository system"

To overcome this problem, simply added the following configuration into the php.ini file:

extension=php_openssl.dll

Hope help :)

OpenEMR installation notes

To ensure proper functioning of OpenEMR, following changes are required in php.ini configuration file:

1. "short_open_tag = On"
   
2. "display_errors = Off"
   
3. "register_globals = Off"
   
4. "magic_quotes_gpc = On"
   

OpenMRS "Save Concept" button missing in Add New Concept Page

In OpenMRS version 1.8.3, the "Save Concept" button is missing in Add New Concept Page.

In order to overcome this issue, create/add CATALINA_OPTS environment variable with the value: "-Dorg.apache.el.parser.SKIP_IDENTIFIER_CHECK=true" into your computer.

How to resolve xampp 1.7.7 Tomcat startup issue

When trying to start up tomcat service in xampp 1.7.7 or earlier, it may not be able to startup properly. Following are the message I noticed when trying to execute it:

C:\xampp>"Copy of catalina_start.bat"

[XAMPP]: Searching JDK HOME with reg query ...

Error: The system was unable to find the specified registry key or value
. [XAMPP]: Cannot find current JDK installation!
. [XAMPP]: Cannot set JAVA_HOME. Aborting ...
done.
Press any key to continue . . .

yum update Red Hat Linux / Fedora

Yum (Yellowdog Updater Modified) is a powerful automatic updater and package installer/remover on RPM-based Linux distributions like Red Hat / Fedora.

Yum automatically computes dependencies and figures out what things should occur to install packages. It makes it easier to maintain groups of machines without having to manually update each one using rpm.

The main Yum configuration file is /etc/yum.conf. Basic repository listings are located in the /etc/yum.repos.d/ directory. Unless you plan on adding other repositories or have a need to tweak certain configuration settings, these configuration files work as-is. Please refer to yum.conf manual page to find out the various options for this configuration file. You may like to take note about the keepcache option in this file. Set keepcache=1 if you want to keep the downloaded RPM files from erased after they are installed. However, make sure the cachedir directory has enough space to save the downloaded files.

How to determine / find CUPS version

Simply execute the following command in your Unix machine to determine what version of CUPS running on your system.
# cups-config --version

cups-config is the CUPS program configuration utility. Some of the option available for this utility include:

--api-version: current API version (major.minor).

--cflags: necessary compiler options.

How to delete printer port in Windows

In order to delete TCP/IP printer port in windows systems, follow the following steps:

1. Open the printers folder - Start, Setting, Printers
2. Remove the related printers using the printer port
3. Select "Server Properties" from "File" menu
4. Select the Ports tab
5. Delete the related port here.

That's it!

What laptop to buy

Actually nowadays, majority of new laptops marketed are having sufficient performance to run latest OSs.

But basically i will check:

1. How much memory it has: nowadays, at least 4GB is needed if you are installing windows 7, for XP, 1GB may be sufficient.
2. How much hardisk you need. 1TB will be preferred nowadays.

How to disable beep sound in Dell Latitude

1. Open "Device Manager"
2. Click on "View"-Menu
3. Select "Show hidden Devices".
4. Click on "Non-Plug and Play Drivers".
5. Right-click on "Beep" and choose "disable".
6. Reboot your notebook.

Do I need to buy antivirus software for my PC?

It depends.

If you have budget constraint, you may like to try anti virus free software. I have been using AVG Free Anti-Virus software for years. It works really fine so far. Updates are always available. AVG Free Anti-Virus can be downloaded from http://free.avg.com/.

How to download more than 2 files at a time in Firefox

In Firefox, when you try to download a couple of files at the same time, you might have noticed everything adding up in the download manager but only two files get downloaded from a server at any moment. The process of changing this limitation is pretty simple.

Step 1: Open Firefox and type about:config in the address bar and press 'Enter'

How to make vmware Mac image run faster

A search on the web give me the following solution to this issue:

1) Set the Guest OS type to Other > Linux
2) Go in the VMWare BIOS at boot time (F2), then disable the floppy and serial ports.

Worth a try, good luck!