Top
Connect
email: vic at hong . com . au
mobile: +1 604-783-6519
office: +1 604-677-2829


Search

Twitter Updates

    Blog Categories
    Admin
    Section2
    Thursday
    25Jun

    Desktop Restore - Restore icon position

    DateThursday, June 25, 2009 at 10:50AM

    Don't you just love it when ever you update your Nvidia video drivers, or change to a smaller resolution, all your desktop icon positions get reset? This is especially annoying when you have multi monitor setup, and you are really lazy to keep all the icons organized!

    I found a great utility, that runs as an explorer right click (on desktop) extension that will save your icon positions, and can restore them in a click.

    Works on Vista 32 and 64bit. It is called simply Desktop Restore.

    CommentPost a Comment |
    tagged , , , in
    Wednesday
    24Jun

    Open-Mesh.com Review - create a wifi mesh for your business / neighbourhood

    DateWednesday, June 24, 2009 at 12:35PM

    I started testing Open-Mesh around half way through 2008, as part of an investigation for a wifi network a client could install for a building development they were doing.

    What I was looking for was something similar to Meraki, but with a lower price point. I stumbled across a new open source development that started out as disgruntled Meraki users (from what I could tell) that didn't like the price hikes.

    No frills Open-Mesh Mini RouterI went ahead and ordered 2 Open-Mesh basic routers. These were under $50US, but landed in Canada, with tax and UPS "handling" fees, ended up around $150CAN. All you have to do is hook these puppies up, at least one wired into your network, and the other just needs to be with-in wifi signal distance. From there, you log into the open-mesh.com web based control panel and setup your wifi mesh.

    Unfortunately for the first 6 months or so, the firmware was very flakey on the original router hardware. There has been a new hardware revision that has since been released that features temperature and power spike awareness and recovery, but on the current firmware everything seems very stable now, no long requiring a manual power cycle to get the mesh back up and running. Thankfully, firmware updates are silently pushed out to the routers.

    At least one of the routers needs to be wired - the rest just need to be in mesh wifi rangeI have yet to play around with the captive portal options, but there are now many options if you wish to advertise, or collect payment for access to your wifi mesh. The ability to limit the maximum upload/download speeds is great so that your mesh users don't nail your internet link. The other feature is that it will isolate the network traffic from your internal network, so there isn't a way for the users to snoop around on your LAN subnet.

    Overall, nice product at the right price point!

    CommentPost a Comment |
    tagged , , , , , in
    Thursday
    18Jun

    Thinstation + Terminal Server + old hardware = recession IT solution

    DateThursday, June 18, 2009 at 9:27AM

    I have one client that has most users connecting to a Terminal Server. This means that desktop support is generally a non event. As time goes on, I have found a workstation here and there has died, power supply gone or dead hard disk.

    This client had plenty of Pentium III and Pentium 4 machines lying around, and what better way to save them some bucks, than to rebirth them, as hard disk less thin clients that boot off a CD, and connect straight up to the Terminal Server! Welcome to a simple opensource solution - Thinstation!

    Vintage Compaq Deskpro - Pentium III - blazing fast with ThinStation!We went with a simple setup, practically everyone in that client's office uses a resolution of 1024 x 768. So we created an image, with that resolution set, and added the details of the 2 terminal server they have running on the network - that would appear on the menu when you boot up.

    All I do, is burn off a bunch of these CDs, rip out the hard disk from the old workstations, set the BIOS to boot from the CDRom, and away we go. The CD boots into Thinstation in under a minute, the user then selects the terminal server they wish to use, and BAMM, they are instantly presented with the Terminal Server login screen!

    CommentPost a Comment |
    tagged , , , in ,
    Wednesday
    17Jun

    pfSense - Über 1337 opensource firewall / router

    DateWednesday, June 17, 2009 at 4:46PM

    I have been using pfSense since 2005. One setup has been for myself running on a PC Engines WRAP (embedded) setup. The other setup has been salvaged Pentium II Dell PC hardware to replace a malfunctioning Linksys Router for one of my clients.

    The WRAP hardware is now replaced by AMDs ALIX board, which should provide a little more horse power, however, for any average SOHO setup, the WRAP has and does provide plenty of omph (although I have seen my WRAP pfSense setup max out on CPU with large file transfers over 802.11g wifi). I purchased this hardware in Canada from Xagyl Communications .

    The first point to make, is that this is rock solid. It is the one bit of hardware that never needs to be restarted what so ever. Secondly, this is a great (and much cheaper) alternative to Cisco, and Sonicwall firewalls. No VPN licenses to worry about, there is an active community driving the opensource project forward with new features and releases approximately once or twice a year. Lastly, there is even a commercial support option.

    pfSense - use whitebox PC hardware, just add network cards for as many interfaces as you needAnother client recently has been having flaky performance from their Sonicwall - we suspect faulty hardware. So I took this as an opportunity to pitch an opensource solution, that will bring more features/option/flexibility and a lower cost. The other great feature, as you can see from the photo here, you can load pfSense up with as many interfaces as you need, including PCI wifi adapters.

    With this 5 interface setup for this client, we have implemented Linksys WRT54GL routers, flashed with the Tomato firmware, as we didn't have any PCI wifi cards lying around (but we did have a bunch of 3Com ethernet cards!). We have DHCP enabled on the WIFI interface, setup a static IP on the Linksys that has a gateway address pointing to the WIFI interface IP address. DHCP is passed through to the clients connecting to the Linksys. Then we have a rule on the firewall (via an alias) for a NOT allow traffic from WIFI subnet to the alias subnets (the LAN for example) so that we can isolate WIFI traffic from the LAN.

    Setting up firewall rules and port forwards (with port translation) is fricking basic to setup - compared to Sonicwall's Advanced OS for example. All done via web based gui. The next best thing is setting up PPTP VPN takes minutes - try setting it up on Windows Server, opening up the firewall and start accepting connections in less than 5 mins!

    CommentPost a Comment |
    tagged , , in
    Tuesday
    16Jun

    Symantec Endpoint Protection 11 - Install Guide for networks < 200 clients

    DateTuesday, June 16, 2009 at 10:55PM

    Symantec Corporate Edition was pretty much hassle free. It didn't take a whole lot of resources from the server/management end, and didn't bog down the clients with a light weight software foot print.

    Along came Symantec Endpoint Protection shortly after Vista was released. The first reports was that it the included firewall component and locking off server, and bogging down computers.

    You can read a long history of the buggy-ness of SEP 11 at the Symantec Forums - http://www.symantec.com/connect/security/forums/endpoint-protection

    What I have ended up doing, resulting in a reliable install, is to follow this points:

    • Had success with a Windows 2003 32bit Server for SEP Management Server role - at least 1 gig of memory (I do have it running on an old management server at a clients with 512meg ram - but it is slow)
    • Setup Client Install Feature Set - ONLY include Antivirus and Antispyware Protection
      • Most of my clients do email virus scanning before it hits their email server
      • DO NOT install Network Threat Protection AND Proactive Threat Protection
    • Setup Policies
      • make sure any scheduled scans happen after hours
      • do not enable start up scans (this kills computers on start up)
      • make sure that Missed Scheduled Scans is not selected
      • I usually set delete threats
    • For laptops - I will set up a different LiveUpdate Policy to allow
      • User the default management server
      • AND Use a LiveUpdate server - this allows users to update when they are on the road

    The point of this is to optimize SEP11 settings for the best performance. With everything enabled, it runs like a dog, and so far, the protection with the minimal setup options provided above are sufficient.

    CommentPost a Comment |
    tagged , , , , in
    Page 1 2 3 4 5 ... 9 Next 5 Entries »