2009-vftgs

VSFTP

posted Jul 24, 2011, 6:07 PM by Boyce Crownover

Monday, June 8, 2009, 09:14 AM
Posted by Administrator
We have a dev server where I'm trying to find a friendly, easy to maintain and sufficiently powerful CMS to replace the system we are currently using. Currently we are testing:

* Bigace CMS
* Bloofox CMS
* CMS Made Simple
* Drupal
* Joomla

All have proven fairly easy to set up and get started with. In the process I've started and backed out of an installation of Plone because it apparently requires significant upkeep and backed out of an installation of Metadot because it didn't seem to work with the Oracle installation. (I suspect the problem is with my Oracle install so this may be revisited.)

In the Joomla set-up it wants an FTP account. I'm trying to get a VSFTP server just right for this. I like vsftp both by experience and reputation. It can be tricky though to do an install where the user credentials are external and chroot to directories by specification rather than name. Nonetheless that is what I'm attempting.

With that in mind, here are some handy vsftp links:
# http://vsftpd.beasts.org/
# http://viki.brainsware.org/?en/Virtual_Users_simple
# http://www.vsftpdrocks.org/
# http://viki.brainsware.org/?en/Home


Follow-up: After a lot of reading and checking on the CentOS install options for PAM (which doesn't include the one that will handle file based authentication) and considering the database system, I decided instead to go with the easiest configuration. I added the user: ftpjoomla and set it so that the user's home directory is the website base directory I'm aiming for, made their shell /sbin/nologin and set group on all files as joomla, made ftpjoomla a member of joomla, set +rw on all files in the joomla installation and set the vsftpd.conf to this:

write_enable=YES
listen=YES
chroot_local_user=YES
pam_service_name=vsftpd
tcp_wrappers=YES
anonymous_enable=NO
userlist_deny=NO
local_enable=YES
userlist_file=/etc/vsftpd/user_list
ascii_upload_enable=YES
ascii_download_enable=YES

Windows 7 - the boot manager

posted Jul 24, 2011, 6:06 PM by Boyce Crownover

Monday, June 1, 2009, 04:44 PM
Posted by Administrator
The boot manager has changed in Windows 7 (and maybe in some Windows Vista installs.) Instead of editing boot.ini, you have to use the bcdedit.exe utility.

To see the current configuration, launch a command line and run bcdedit with no arguments.

When you do that, you'll see each entry listed with an identifier, the simplest will probably be {current} and others will be long ids, like: {ac94140f-ef16-11dd-95f1-80da9636166b}

To backup, assuming you have a \bcdbackup directory:
bcdedit /export \bcdbackup\BCDBackup.bcd

To change a label:
bcdedit /set {current} Description "Windows 7 x64 RC1"

Lasik - My eye corrective surgery saga

posted Jul 24, 2011, 6:06 PM by Boyce Crownover

Monday, May 18, 2009, 02:51 PM
Posted by Administrator
There are two stories that could be told here: The story of what the average person should expect from Lasik surgery and The story of what I went through.

I shall elect to tell the latter, but from that, hopefully people will be able to tell how it should go instead.

I've been thinking about getting corrective eye surgery for a while. Of the types out there, I find the ones that don't involve a blade to be the most appealing. I've talked to several people who've had the procedures done, and unanimously they say that they think it was one of the best decisions they've made.

Lately I've been hearing various advertisements on the radio. I don't have a clue what to look for but there are two criteria that matter to me: competence and price. Both of those things have to fall into my comfort zone. So when I heard that Dr. Boothe (widely recognized for his advertisements of having done the most surgeries in TX) was running a half price sale, I decided to look into it.

I called on Monday, May 11th for an appointment to see if I was a candidate for Lasik. They said they could get me in on Thursday. So I got a half day off work on Thursday.

When I went in, they had me fill out some very basic forms. I'd already established with my insurance carrier, Aetna, that no discounts or coverage were available so that was pretty simple.

Next came a couple basic eye examinations, including putting a thread under my lower eye lid (hanging out) to make sure my eyes were able to produce tears. They were. They mapped my eye and poked and prodded just a bit and compared my glasses prescription to my current eyesight. They told me that I'd be a candidate and set up a meeting with a "consultant" who talked to me about the options, went over the paperwork and showed me the price list.

It ranged from around $4,000 to $2,000 with options including free adjustments for life, for a year, once etc. As is my norm, I chose one better than the base. I asked about the half price offer and was told that was included. I think it was either poor advertising or outright lying but can't decide which. The price I paid was $2700, but $150 of that was due before after the consultation before I could get an appointment. (With that $150 though came some eye drops and instructions to prep my eyes.) The appointment I could get was for the next day and after a call in to work, I agreed to it.

I then met for a consultation with Dr. Boothe himself and this is where things began subtly to go wrong. He explained that of the two types of corrective vision surgery they did the most popular was Lasik where they would cut open a flap in the eye and shape the cornea underneath and then close the flap. This typically had a recovery time in the range of hours with a week to a month for more or less full recovery on average for most patients. The other option was PRK which essentially does the same type of cornea shaping, but on the outside and without the flap part. The downside is that it takes longer to heal, three weeks before clear vision is expected. Another downside, that wasn't mentioned, is that the prolonged steroids have a higher incidence of infection. The upside though, and the reason I needed to be made aware of it, is that PRK requires less cornea loss than Lasik and my correction was significant enough that I might not have enough cornea for Lasik. He expected to make that determination at the time of surgery. In the discussion though he indicated that the only downside to PRK was the longer healing time and that the eye retained greater resistance to injury and more cornea for future correction with PRK than with Lasik.

This led me to ask why people preferred Lasik since the only downside was a longer wait for clear vision and all the upsides he had mentioned for PRK seemed to be worth the trade off. He indicated that most people weren't willing to be that patient. I asked if I could go ahead and opt for PRK now since I was willing to be patient and he told me that "sure" and "we'll put you down for it" in regards to my preference.

The nurse indicated that he had failed to mention a significant difference in discomfort after the doctor exited which made me really wonder if I had made the right choice.

With the long recovery time of PRK though, it meant that I would only have one eye done at a time. They asked me a couple questions to determine which is my dominant eye, but I don't really have a strong dominance. I shoot with my left eye dominantly and take pictures with my right eye dominantly. I suspect part of this is related to my semi-ambidextrous tendencies and another part is due to the fact that from time to time I've had to get by with only one corrective lens (contact or glasses) and at those times which ever eye was corrected would become temporarily dominant. Short version is that they decided to do my right eye first.

They explained that I would get a sedative before the surgery so I wouldn't be able to drive regardless of my vision (which for PRK on one eye is not a big deal) but that I wouldn't be able to drive for a couple of hours to allow the sedative time to wear off. They would have a driver pick me up from my workplace in Dallas and drive me to their office in Plano, but thought Watauga was just a bit too far. Post surgery the same driver would take me back.

So I took home a bottle of Bauch & Lomb's Zylet and a bottle of Vigamox. Both have very lengthy inserts but they are essentially to make your eyes ready to heal and unlikely to get inflamed or infected. I started putting in the drops every two hours at least five minutes apart as instructed, but only in my right eye.

They showed me the surgery room, but there was so much equipment that I didn't recognize that I couldn't accurately describe it and had no idea what to expect from it. I was told that the lights would be down and that they'd be playing some sort of music during surgery. I was also told to dress warmly since it would be very cool. (Not as cool as our server room, but in the same range.)

The next morning my daughter was taking a field trip to NASA and had to be to school early. This allowed me to schedule a pickup at 6:45 AM for expected surgery time of 7:45 AM. I made it with a couple minutes to spare.

My driver was named Joe and was a retired California cop. An interesting individual but not overly talkative since as a shuttle driver he tries to be very polite. We chatted a bit on the way and I really appreciated the guy.

When I got there they did some more measurements and began the process of numbing my eye. They asked my weight and gave me 1mg [[http://en.wikipedia.org/wiki/Lorazepam|Ativan]] consisting of two very small pills, sort of like mini-Skittles both in flavor and apparent texture. (I tossed them back without chewing so that's mostly a guess.)

They then began numbing my eye with drops and did some more measuring including sticking some touching of the actual eye. By this time though I was numb enough on the actual eye that it didn't bother me.

I was not sedated. As far as I could tell, I felt exactly zero effect from the Ativan. Another patient looked like she was about to drop on her feet but a young lady (yes, a looker and bright girl) also expressed a lack of subjective effect. I wondered if it might be something that was not apparent subjectively but in retrospect it seems the same to me.

So after some follow up testing, they put a green dot and a red dot on my eye with what looked like permanent Sharpie markers. They didn't say Sharpie and I'm sure they have specialization for the use, but it looked and felt that way.

So after the marking on the eye and disappointing Skittle-sedatives, we went to the other side of the offices to wait in the room there for surgery. We were probably the first group that morning and nobody told us really what to expect.

Shortly they came out and took us back to the surgery room in groups of two or three. They sat us on chairs on the side and gave us blankets and firm instructions to keep our eyes closed since they would dry out. I kept peeking from my left since I wasn't getting surgery on it but scrunching one eye is uncomfortable and most of what I could see was pretty boring anyway.

So here is the procedure though, they would come get someone and lead them to a table (still with eyes closed thank you) where they'd do something to that person. I still don't know exactly what was done but the subject process will be described shortly. Then that person would be taken to a wheel chair or stand alone chair on the other side of the surgery next to a second table where they'd rotate through in a couple minutes. On that table there was some very definite laser type of equipment and people left after they finished on that table.

My turn came and they took me to the first table where I heard someone discussing the fact that I preferred PRK and used the phrase "he's crazy" and then the fun started. They would put stuff on my eye and then start pressing on it. They had me look up into a ring of lights I should emphasize here that it was uncomfortable in the extreme, but not actually painful. The eyelid was essentially clamped open and it felt like they were sticking a soft vacuum to my eye, but the numbing drops did their job well.

Things eventually turned very dark and then they finished up and told me to "close your eyes" (there was a lot of that) and then the started moving to my left, not numb, not prepped, not marked on and not desired for surgery left eye at which point I mentioned, not very dramatically but clearly that I was only doing the one eye. It should have been obvious from the fact that I was doing PRK and obvious from the sticker I had above my right eye that indicated it was the only one to be done, but I figured they did enough Lasik that it was habit.

They then took me to the other side of the surgery and sat me down there and someone came over and asked me if I was sure I wanted PRK. He mentioned that Lasik recovered faster and that it hurt less, but I told him that I was firm in my decision because I was most interested in the resistance to injury of the relatively stronger eyes post PRK surgery.

I was then taken to the second operating table, asked to spell my name and confirm my age, and they did some more machine positioning and had me open my eye. The eyelids were braced open and then they did the flap pulling back which essentially just looks like things getting weirdly clear and blurry then staying blurry. It is similar to what you might see if you were looking up through the bottom of a glass fish tank as they started moving the water around. There was no pain, but there was just a little pressure around my eye, which was less comfortable. Once that was all in place there was a scene of changing colors and shapes as the laser shaped the cornea and a smell much like burning hair.

Very quickly there was the shifting shapes again as the doctor replaced the flap, brushing it on with what reminded me in movement of a barbecue basting brush, in appearance of a very large hair and in feeling of nothing so much as a light breeze. Then I started being able to see again, and was instructed to close my eyes.

Remember at this point I've heard one person comment on my preference for PRK as crazy, talked to another about the motivations and stopped them from doing anything to my left eye. There is a large red sticker above my right eye with an R as a visual aide. Already once I'd had to stop them from moving to the unprepared eye. And they did it again, and this one scared me enough that I partially sat up saying "WHOA!" about four or five times and obviously attracting the attention of Dr. Boothe. When I explained (again) that we were "only doing the one eye" he seemed surprised then content to allow me to continue. I strongly suspect that at this point he thought I was changing my mind rather than confirming my previous decision. The operating room is dark and there is music, though faint, and there is a very precise choreography of moving patients and operations going on. I suspect that after a while a surgeon becomes so skilled in their process that they don't need to think consciously about each move they make. And this, I suspect, was the reason for my problem, both having to interrupt to avoid surgery on an unnumbed (unmarked, unprepared) eye and also (for what I found out later) was Lasik rather than the requested PRK surgery. I doubt the doctor would have continued when he examined my left eye, but at the time I didn't trust that and wouldn't if put in the same position again.

So then it is time to go off to recovery. They put me in a wheel chair, and rolled me along and guided me to a seat. No information was proffered outside of that but I could hear other people in the room, so I said a couple things and people reacted favorably. After a bit of chat, I discovered they'd sat me next to a TV, which I turned on to the delight of the other patients, but a nurse checked in and turned it off for us and didn't seem convinced by my story that it had come on by "magic" though she did say she would see if we could have it on. She returned to say no.

After surgery my eyes were taped shut, both by the way, and so when the nurse came in to give us post-surgery instructions she said "Everyone had Lasik right?" to which I responded that I'd like to know for sure since that hadn't been my attention. There was some more shuffling of paper where she started by saying "I see that" then trailed off. More shuffling and then she said she'd be right back, she just needed to "check some things." If my life were a soap opera, and sometimes it seems like it is, this is where the ominous music would have played.

She returned after about five minutes or so and gave people instructions on how to tape clear goggle plates over our eyes for sleeping and how we would need to wear these other googles any time we were outside and how we'd need to put drops in our eyes of the same stuff we'd done pre-op, still every two hours and add re-wetting drops every fifteen minutes. I didn't get all that clearly since my question had still not been answered and I suspect it threw her rythem off too since everybody in the room being given instructions that really needed visual aides, still had their eyes taped shut.

They said that our little group was going to be setting up appointments and leaving... but then she said "but the doctor wants to talk to you first" and tapped my knee. I was taken to a new examination room and a new doctor came in to examine me. He looked at my eye and seemed satisfied with it and then I asked if I'd had Lasik, which he confirmed, then I asked why since I'd asked for PRK. He excused himself and then I got to meet Steve, the office manager.

It was confirmed that while indeed it showed I'd requested PRK, I'd actually received Lasik. This was the first time he'd encountered this particular issue and he seemed somewhat concerned about what type of reaction I'd have. He said that I could get the other eye done if I wanted to, PRK or Lasik since I'd had Lasik done and should have clear vision shortly. I pondered it for a bit and asked if I could go get some lunch before I decided since I was starting to feel more than a little hungry. They offered to bring lunch to me and they did, steak in fact, and it was pretty good, though I didn't leave that exam room.

I decided to go for doing the other eye, and do preferred Lasik since I figured the benefits of PRK only really are desirable if you're having both done that way and they said that they could indeed get me in that day. I contacted a ride since they told me they didn't expect me to be able to drive that day. I phoned a co-worker and he said that he would indeed give me a ride home and I confirmed that I'd do surgery on the other eye.

Much prodding, a little eye drawing and some numbing drops later I was in the surgery waiting room again. This time I only got one sedative-skittle and it had pretty much exactly the same effect. On the plus side, I was able to advise my fellow waiting people what to expect.


This time through for the second eye, it followed pretty much the same progression except that at the first surgery chair, someone read off to the doctor "patient prefers PRK" and things stopped. He asked me why and I said that I actually had preferred it on the other eye but now would rely on his judgement. He didn't seem to want to commit but did allow that he had better luck with Lasik so I said "then lets go with the one you have better luck with" and bada-bing-bada-burn, Lasik on the second eye.

I didn't get put back in the recovery room though this time. It may have had something to do with the wheelchair pusher saying something about Steve as we walked by and me pointing out to him that I wasn't happy about the series of events and would like to discuss them further.

We got baggies of stuff, instructions and I left with these goggles that looked like swimmer's goggles and some big clamshell things that I would need to tape over my eyes every night for a week.

I was to continue the same regime of drops and wear the swimmer (like) goggles anytime I went outside and tape the big clear clamshell thingies over my eyes when I slept... I mentioned that before but it bears mentioning again since that sucks bad enough to warrant mentioning multiple times.

That night my eyes crusted shut and I could not open them until I'd liberally applied eye drops. The next night was bad but not quite so bad and the night after that there were barely any crusties to speak of. After the first week I kept doing the drops (new group) but now there is no discomfort aside from a very mild irritation due to still having plugs in one duct on each eye.

Antivirus stuff

posted Jul 24, 2011, 5:36 PM by Boyce Crownover   [ updated Jul 24, 2011, 5:39 PM ]

Wednesday, March 4, 2009, 09:43 AM
Posted by Administrator
We've used Symantec Endpoint Protection 11 for about a year now. When I started we were still using Symantec's Norton Antivirus 9, and it was well out of date and no longer under maintainance. We knew we could trust Symantec to do a decent job so we took the path of least resistance and moved to SEP. It proved to be an adequate product, but getting support was difficult at best. It is the type of product that you need training to understand well and you need hours every week or at least minutes every day. When you want to make changes or get reports it has every bell and whistle you could ask for, but it is far from intuitive.

We trialed and then moved to Kaspersky this year. I'm not their biggest fan by any means and wouldn't have recommended their products, but I would have recommended them over Symantec and have now gained enough experience to say that it is easier to work with them and with their product.

Symantec's client installations just started using our perimeter firewall as a proxy for no particular reason the other day, so the situation became somewhat urgent and I learned a couple things that somebody should write down somewhere.

First, Symantec has a tool that will remove their products, all of them. You should get it from them.

Second, there are ways to uninstall remotely and in an automated process, which they won't tell you.

If you're not familiar with psexec, then spend the time and effort to learn about sysinternals toolset. Essentially there was this company that made a bunch of tools that helped work on MS products... so well that MS bought them eventually. One of those tools is psexec which lets you run programs remotely.

So, to do remote uninstalls, the first step is to find the Uninstallation string associated with the program. You can do this by opening up the Registry editor with RegEdit then browsing down into:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
There there will be a key for each installed program. You'll probably need to use the Edit-Search menu to find the one you're needing, but somewhere there will be the uninstall string. Hang on to that for remote uninstallations.

For Symantec Endpoint Protection 11, the key turned out to be:
MsiExec.exe /I{76B2BC31-2D96-4170-9C44-09E13B5555F3}
With a little reading and googling, I changed that to:
MsiExec.exe /norestart /q/x{76B2BC31-2D96-4170-9C44-09E13B5555F3} REMOVE=ALL

I also wanted to remove LiveUpdate, which by the same method I found to be:
"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
which, thanks to google and friends, I switched to:
"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U /q

Now, you can use psexec to run those commands on a remote machine and it will remove SEP and LiveUpdate and not reboot, but you can go even further if you're using Kaspersky. Build it into a batch file then add that as a package and you can run it from the Deployment Wizard too!

1-4 of 4