Mdaemon – “The date is grossly in the future” bug

,

If you run an older version of Mdaemon 10.x (email server) then you may find this “error message” in the SMTP logs; “The date is grossly in the future”, this is caused by a bug in Spamassassin one of the antispam solutions used by Mdaemon, the problem is that this caused the spam score to get rather high and may cause Mdaemon to discard legitimate mails as spam.

You can ofcause upgrade your Mdaemon installation, but if for some reason you prefer not to do so this is the workaround;

The workaround(besides paying for updates), is to edit the rule-set.

C:\MDaemon\SpamAssassin\rules\local.cf

Add the following line score

FH_DATE_PAST_20XX 0.0

Restart Spam Engine

Curtesy of; http://www.ninjahdev.com/node/8

Just found another tip, change the end of this line to the latter (both solutions should work);

MDaemon\SpamAssasin\default_rules\72_active.cf:

{ FH_DATE_PAST_20XX header FH_DATE_PAST_20XX Date =
~ /20[1-9][0-9]/ [if-unset: 2006]

Change to;

 /20[2-9][0-9]
/by

MSN Account password hacked/forgotten

A friend of mine had his MSN account hacked and it was hacked good, thus the security question was obviously changed afterwards 🙁  so there was no way for him to regain access.

It was surprisingly hard but I finally found a link where you can rapport such problems and get assistance;
https://support.live.com/eform.aspx?productKey=wlidvalidation&ct=eformcs&scrx=1

/by

Buddy backup – “free” online backup

, , ,

Now this is somewhat clever, I have not yet tried it so I can’t say for sure how good it works but the concept is clever.

You agree with some of your friends that you will use each other as backup-hubs, install Buddy Backupand then define each other as trusted friends, then your data is backed up to your friends computers via P2P (of cause in encrypted format so your friends can’t look at your data)..

It is free and rather clever.

Read their getting started guide here

Download it here  (sadly it is not available right now, a new version should be very close to release – even so close that they removed the old version – I have written to them requesting a release date but not received any yet).

/by

Trinity rescue Kit – Malware cleanup disk

,

I just learned of a new antivirus/malware cleanup CD/iso, with support for NTFS and more.

Trinity Rescue Kit can be obtained from here;
http://trinityhome.org/Home/index.php?wpid=1&front_id=12 or http://trinityhome.org/

It sounds like a cool CD with numerous cleanup utilities, definitely worth a visit.  I for one is going to download a copy and check it out.

/by

Yubikey now with AD integration

,

yubikeyI got a newsletter some time ago informing me that www.Yubico.com (or rather one of it’s partners) had added AD integration to the Yubikey, this should allow you to use the Yubikey to login to windows something that could be quite interesting..

Read more here;
http://www.yubico.com/news/100204/

ps.
I also seem to recall stumbling across some PAM and RADIUS implementation, so you might want to check their forum if you are into Yubikeys.
http://forum.yubico.com/

/by

Free mini IDS – DecaffeinatID: a security util

,

arpgatewayEver heard about ARP spoofing or man in the middle attacks?  If not then this may not be for you, but if on the other hand “Yes” then here is a tool for you..

Our pal Irongeek has released this nifty small util “DecaffeinatID:” that will sit in your tray until it detects something nasty going on (like eg. attempted ARP spoofing of your default gateway) and then raise hell and bells to warn you.

Basically what it does it to monitor the MAC address of your default gateway, if this for some reason changes (which it never should) you will be warned and can take precautions.

Besides this ARP ‘shield’ the util offers a few other nifty security tricks, anyway check it out at;
http://www.irongeek.com/i.php?page=security/decaffeinatid-simple-ids-arpwatch-for-windows

securitylog

/by

Get notified when a service fails

, , ,

If you are a sysadmin, then you know the problem with services of vital equipment that keep failing every now and again!?  So what do you do?  Wait for the users to start calling, buy an expensive monitoring solution or just do some simple scripting?

Well I’ll just give you a quick brief on how to setup the cheap (free) scripted solution that will help keep your users happy and the services running.

I was inspired by an article at; http://www.intelliadmin.com/index.php/2010/01/get-notified-when-a-service-fails/
which was quite cool except he rely on a third party utility for mailing AND he does not relaunch the service..   I have chosen to create a VBS script that will E-Mail AND re-launch the failed service in one sweep.

Ok here goes.

  • First of all log on to the server/workstation in question (the machine where the service is running).

  • Download my vbs script here  (you may need to rightclick and choose save as)

  • Modify this part of the script in notepad with your details (smtp server, email address etc)
    script1

  • Save the file to somewhere on the C drive (I usually use “c:\windows\schedule”)

  • Now enter “Computer management” (right click on My Computer and choose “Manage”)
    commanager

  • Select the service you wish to modify/monitor and double click it

  • Modify the service as follows (you will need to modify this if you use another location for the script)
    run_a_program
    You will note that I set the script to run at the “second fail” not the first, you can set it to run at the “first fail” if you like – to avoid being bombarded I just choose first to be informed the second time a service fail.

  • The service name (described in the script) is NOT the displayname, it is the REAL name of the service, you can find this here;
    servicename

And viola you are done, from now on you will get an E-Mail every time a service has failed twice (or the first time if you prefer)..  It’s all very basic but neat.

/2 Comments/by

Writeprotect your USB devices

,

You can quite easily make all USB devices on a machine ReadOnly by adding a key to registry, it is quite easy and painless.

Once the registry key is added and set you may have to wait a bit or eject and reinsert the device but then the device is ReadOnly.  ‘Unlocking’ the drive again is equally easy, you just set the key value to “0” (zero) and everything is back to normal..

Maybe even an ide for a prank on some of your friends 😉

Key to create;
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies\WriteProtect
Value DWORD; “1” = ReadOnly, “0” = Normal mode.

registryhack1

/by