Friday, July 17, 2009

Windows 7 Available on New Computers!

Or more accurately, free upgrade to Windows 7 once it becomes available. I've even seen this made available to users who purchase computers with an XP Downgrade.

What's so cool about Windows 7?
  • It's faster than Vista. If your computer runs Vista, this will make it run faster. If you use a computer that is more than three years old it will be sluggish if you upgrade it from XP.
  • It will run your old programs. That popular time and attendance application that hasn't been updated since 1994? Worked fine from Windows 3.1 to to Windows 95, NT4 to 2000 to XP, then POW, it won't work on Vista. The camera view zooms out. Snow falls silently. Crouched at the edge of the bamboo is . . . XPM. XPM is XP Mode, and it is here to help you. I haven't tried it out yet, but as a fan of Microsoft VirtualPC, I'm willing to believe the hype.
  • The cool effects are actually useful and make sense in their various contexts. You're just gonna have to trust me on this one.
  • It's easier to support - my job will be much easier with the new Problem Steps Recorder, which allows the user to record a video of what is going on in their computer, add comments to it, then save it to a file that can be emailed to the support tech. Rock on for thinking about me, Micro$oft!
What sucks about it?
  • It's an incremental upgrade, not a radical rethink (despite what Microsoft says about it) - it's like Windows ME was an upgrade of Windows 98, but this time it won't suck. As bad. We hope.
  • It looks like Vista. You know how caterpillars have distinctive colors to let birds know that they taste bad and might be poisonous? The bird eats a pretty caterpillar, gets sick, and remembers what they look like so they don't do that again. Humans can be like that bird - I cringe at the Vista interface not because it's a bad interface but because Vista sucked.

Monday, July 13, 2009

Sysco TraySys Network Configuration

Dietary Managers across the Midwest, and likely across the country, use a handy program called TraySys to manage their residents' dietary needs and to print tray cards to insure that these needs are accurately met.

Most facilities have one computer in the Dietary department, and it will likely stay that way. However, some facilities have multiple dietary users - say a Dietary Manager and a Dietitian. Both need access to TraySys, and it's mighty convenient to have it in a server for both users to use.

However, the documentation and support for a network environment are virtually non-existant. Sorry, Sysco, but someone dropped the support ball on this one. I was told by telephone support to RTFM (Read The Fine Manual). The manual said nothing about network support.

Through trial and error I figured it out:
  1. You must install the software locally on each computer
  2. Create a share on the server that is accessible to both users and map it as a network drive (I chose T: because it stands for TraySys)
  3. Run TraySys on each computer, one at a time and do the following:
  4. Click Tools -> Network Configuration
  5. Fill in or browse for the new mapped drive you created
  6. Check "Use Data Server"
  7. ONLY if you have already been using TraySys locally should you click the Copy Data to Server button, and ONLY on the 1st computer - if you do it from subsequent computers the data will be overwritten with blank data.
  8. Click Connect to Server and wait for a success message.

Saturday, July 11, 2009

Free Antivirus Roundup - Summer 2009

A lot has changed since my last post about Antivirus products - editions have been thoroughly updated and spyware has become a bigger threat than viruses.

Avast, a one-time favorite of mine (for its excellent protection) had stopped being free for home use for a short time, so I stopped using it. It is back, and freely available at http://www.avast.com/eng/download-avast-home.html for home and non-commercial use. Registration is compulsory if you plan on using it for more than 60 days, but accurate registration information I'm sure is optional. Avast is known for being light-weight with regard to system resource consumption. I hate the Avast user interface.

What you get:
  • Anti-Virus
  • Anti-Spyware
  • Anti-Rootkit
  • Resident Shield
  • P2P and IM Shield
  • Network Shield
  • Web Shield
  • E-Mail Scanning
  • Virus Vault
  • Scheduled Scans
  • Supports 64-bit Windows
  • Integrated Virus Cleaner
What's crippled unless you get the pro version:
  • Web Script Blocker
  • Automatic Updates
  • Push Updates
  • Command-Line Scanner


AVG Free has been a solid option, and there is no requirement for registration. However it periodically nags you about being a cheapskate and informs you of the many benefits of paying for your antivirus.

The new user interface for Version 8+ isn't as intimidating as previous versions, but it still sucks. Burying options behind a bunch of vague icons and menu items is no way for a product to make friends and influence people. Aside from the lousy interface I've been unimpressed with the frequency of reboots the paid product has required in order to complete updates. Come on, guys, servers can't be rebooted every week!

On the plus side, the resident application has a small system footprint (except when it's scanning) and does a great job of detecting and removing viruses and spyware. In a business environment AVG brings a lot of bang for your buck - great centralized deployment, reporting and management.

What you get:
  • Anti-Virus
  • Anti-Spyware
  • Resident Shield
  • Automatic Updates
  • Scheduled Scans
  • Link Scanner Surfing and Search Shields (real-time malicious link and site blocking)
  • Virus Vault
  • Supports 64-bit Windows
  • Integrated Virus Cleaner
What's crippled unless you get the pro version:
  • P2P and IM Shield
  • Anti-Rootkit
  • E-Mail Scanning


Avira Antivir Personal has also been a solid choice if you can tolerate the periodic nag trying to get you to fork over 50 Euros - tres costly! The minimalist user interface and tiny system footprint make this an ideal antivirus for older systems. Its detection capabilities border on supernatural.

What you get:
  • Anti-Virus
  • Anti-Spyware
  • Anti-Rootkit
  • Automatic Updates
  • Scheduled Scans
  • Integrated Virus Cleaner
  • Supports 64-bit Windows
What's crippled unless you get the pro version:
  • Web Shield
  • E-Mail Scanning

Panda Cloud Antivirus, currently in beta, is the newest kid on the Anti-virus block, and so far I'm thinking its the coolest! Minimalist user interface has no ambiguity. Real-time protection extends to the Internet - I tried downloading the Eicar test files and was prevented from doing so before they even reached the desktop.

Oh yeah, it's FREE as in beer! There is no pro version, this is the whole enchilada. I'm imagining that Panda isn't doing this altruistically - they've been an underdog Anti-virus provider for some time, so a free offering like this will get the attention of IT pros who will then be interested in the full editions with management features and such.

There is no option to schedule scans, but the real-time protection scheme might well remove the requirement for slow-ass scheduled scans. I don't know if it integrates with e-mail or not.

What you get:
  • Anti-Virus
  • Anti-Spyware
  • Resident Shield
  • Automatic Updates
  • Integrated Virus Cleaner
What's crippled unless you get the pro version:
  • NOTHING!

Microsoft Security Essentials is in a closed beta. However, it will soon be freely available to all once the beta is over. Minimal configuration options and a Spartan interface make it easy to use and understand. It will likely be an excellent option for personal antivirus as it has a small system footprint yet is highly effective at detecting threats in real-time. It doesn't integrate with e-mail products.

What you get:
  • Anti-Virus
  • Anti-Spyware
  • Resident Shield
  • Automatic Updates
  • Scheduled Scans
  • Integrated Virus Cleaner
What's crippled unless you get the pro version:
  • NOTHING!

ClamWin is the only Open Source Anti-virus offering for Windows. It has a simple user interface and reliably detects all manner of malware. It has no real-time protection, it has no web protection, and doesn't integrate with e-mail products. It is by far the most basic of Windows Anti-virus systems.

However this simplicity can be seen as a strength:

Tiny system footprint makes it ideal for low-power computers. Even while scanning the file system for viruses on a low-end system you will still be able to use the computer at a reasonable speed.

What you get:
  • Anti-Virus
  • Anti-Spyware
  • Automatic Updates
  • Scheduled Scans
  • Integrated Virus Cleaner
What's crippled unless you get the pro version:
  • NOTHING!

Tuesday, July 07, 2009

FTP Applications and Squid Proxy (AdvProxy for IPCop)

I'm having a lot of trouble with Windows applications that transfer files to and from Internet-based servers via FTP or that tunnel FTP over HTTP. I know I'm in trouble with a Windows file transfer app if it has proxy settings - even if I configure them with the correct proxy info (despite the fact that its a transparent proxy it will gladly accept traffic at port 800) they still fall flat.

Passive FTP from a Windows command prompt works great. Active mode transfers fail, which I can understand as they represent a security threat (open Port 20). I also understand Squid squashing tunneling over HTTP as this is a great way to hide malicious or undesirable traffic, but I'm not sure why applications that seem to use straight Passive FTP fail when the AdvProxy is enabled even though I can use a command-prompt ftp.

I guess I need to look at the traffic with Wireshark (my favorite packet capture and analysis tool) and see what's really happening.

I'm also going to add the kernel module ip_nat_ftp to an IPCop on a network experiencing this problem - the command is modprobe ip_nat_ftp.

If someone reading this has more insight, please share!

Monday, July 06, 2009

Pitney Bowes Postage Meter and Squid Proxy

The software that comes from Pitney Bowes for loading postage into your meter doesn't work behind an IPCop running the Squid proxy - doesn't matter if its in Transparent Mode or not. I added ports and protocols, tried several options, and still no dice. It worked only when the proxy was turned off, which then makes the IPCop handle all traffic with IPTables which acts as a state-aware NAT box.

So this Geekspeek is meaningless - how do you use a Pitney Bowes postage meter when you are using an IPCop on your network?

  1. Open the IPCop web administration page.
  2. Go to Services -> Proxy (or Advanced Proxy).
  3. Uncheck "Enabled on Green."
  4. Scroll to the bottom and click "Save and Restart." - Don't close your web browser!
  5. Run your Postal Meter program and load your meter with cash.
  6. Go back to your browser and check "Enabled on Green."
  7. Scroll to the bottom and click "Save and Restart."

Thursday, July 02, 2009

Converting from HMDS to ANRMS

If you are having problems getting on AT&T and getting the error message that your User ID needs changed you will need to follow these steps to change the ID in the dialer.
  1. First, click on the icon that connects you to the AT&T dialer. The big green connect will appear.
  2. On the left hand side of screen you will see a settings tab, click it.
  3. The next thing you will see is show or set up wizard..click that. This will get you into where you need to be.
  4. Click next screen and when you do you will see your old ID. Change this to ANRMS and then click out rest of wizard to finish.
  5. Your password has been RESET - your password will be the same as your User ID. So if your User ID is h@1a2b3c, your password will be h@1a2b3c. You will be prompted to change it after you have signed in.
If you tried to transmit without following these directions, your account is locked out. If you're locked out, Contact MDS/OASIS helpdesk at (800) 905-2069 or send an email to mdcn.mco@palmettogba.com and ask for a password reset. It will be reset to your User ID within 24 hours. Please give them the full 24 hours as they take a while to reset your password and you'll be wasting your time trying to connect.

Thanks, Tracy!

You can find the latest AT&T Global network client at https://www.qtso.com/mdcn.html