Work

How to identify vmware-vmx.exe process to a VM

3 years ago

by Jonathan Puddle in Tech, Work

I’ve often had the need to figure out which vmware-vmx.exe process (on a Windows VMware Server host) matched which virtual machine. Maybe a development machine has locked up, or otherwise won’t respond to VMware server shutdown requests… it happens to me semi-regularly.

I found the answer here. You can use the SysInternal tool “Process Explorer” to see what command line argument has been executed for each process. In the case of vmware-vmx.exe, the virtual machine client name is in the command line executable, so you can figure out which VM matches the process.

Genius. Thanks a lot rsa911!

Setting up a road warrior style VPN connection with pfsense and OpenVPN

3 years ago

by Jonathan Puddle in Tech, Work

VPN is a wonderful thing. I’m particularly fond of IPSEC and OpenVPN, as they allow some great tunneling and remote connection possibilities. Following is a basic tutorial to get your pfsense firewall to handle OpenVPN road warriors, and how to configure the clients. This is based on the tutorial by Frewald on the pfsense forums, but simplified for my personal benefit.
OpenVPN on pfSense – Installation guide for Windows Dummies :- road-warrior.

The first thing you need to be aware of, is that you’re likely going to authenticate to pfsense’s OpenVPN implementation with certificates. The OpenVPN client includes everything you need to create server and client certificates, but you need to bear in mind that server certificates made by “machine A” will only ever validate client certificates also made on “machine A”. For me this meant finding a permanent location, a machine on my network that’s not going to go away, from where to generate all the certificates. If you’re just testing OpenVPN, this is no big deal, and you can download the client to your laptop and generate the certificates from there. If you’re planning for production use however, you’ll need to find a good home. Whatever you choose, this machine doesn’t need to be accessible to clients to authenticate against; once the certificates are created you’ll copy them to the firewall which will handle authentication. I chose to create the certificates (install the OpenVPN client) on one of my certificate authorities, because it’s here for the long haul.

The first thing you need to do is generate keys and certificates for your clients and pfsense to use.

2. Start a command prompt with administrator-rights. In Vista this is done by clicking on START and then type CMD… CMD.EXE should appear, you can RIGHT-Click on it and select ‘Run as Administrator’

3. Change the command prompt directory to the directory you installed OpenVPN, and the easy-rsa directory inside of that. Such as c:\programfiles\openvpn\easy-rsa

4. Run the “init-config.bat” file. This creates the initial configuration files.

5. Edit ‘vars.bat’ file, in your favourite text editor. I tend to use Wordpad, as Notepad can’t always handle linebreaks. If using Vista, you may need to open Wordpad as an administrator (you can follow the procedure in Step 2, above). The following lines in the file need to be edited:

“set KEY_COUNTRY=XX”
2 Letters country ID – I use CA for Canada

“set KEY_PROVINCE=XX”
2 Letters Province ID – I use ON for Ontario, but you could use na as in ‘Not Applicable’

“set KEY_CITY=XXXXXXX”
Name of your city (can be longer than the above line).

“set KEY_ORG=XXXXXXXXXXXXXX”
The name of your company or organisation.

“set KEY_EMAIL=youremail@address.com”
Put an email-address here. Don’t use a private personal address, since this address will be attached to the Certificate Authority certificates. You generally don’t need to put a real address here at all.

Save the file.

6. Run the “vars.bat” file.

7. Run the “clean-all.bat” file.

8. Run the “build-ca.bat” file. This will create the certificate authority records. You will be prompted to enter some various answers. You should be able to leave them as their defaults (populated by what you entered in the vars.bat file), except “Common Name” – here you should put something like “pfSense-CA” (in my case I chose a name related to the certificate authority I was generating these keys and certs on).

9. Run the “build-key-server.bat server” file. You’ll be prompted again for some answers; leave them as their defaults except for “Common Name”, you should use the value “server”.

10. Run build-dh.bat

These are all the steps necessary to generate the certificate authority keys and certificates. You only need to follow these steps once, per installation of pfsense. You could begin to setup pfsense with these certificates now, but we’ll leave that step till the end, seeing as we still need to make the keys and certificates for the clients to authenticate. The following section can be repeated for each additional client you wish to add.

12. Now you’ll need to copy files (some of your newly created keys and certificates) out of the easy-rsa keys directory, and into the OpenVPN config directory. If you’re testing and you chose to create the certificates on the same machine that will be your client, this is simple; you can simply copy from “c:\program files\openvpn\easy-rsa\keys” to “c:\program files\openvpn\config”. However, if you’ve generated the certificates on a central server, such as I did on my certificate authority, then you’ll need to transfer a copy of these files to the actual CLIENT’s install of OpenVPN. In any case, the following files should now be copied from “c:\program files\openvpn\easy-rsa\keys” to “c:\programfiles\openvpn\config”.

(Remember, “client1″ is the name you chose when creating the client certificates. If you’re copying the files to another client, make sure you give the correct set of files to the user who needs them. If you don’t see a .crt file but only a .csr file, chances are that you don’t have admin privileges, or something else went wrong in the process. If you’re using Vista, you may need to look at generating the keys and certificates on a NON-Vista machine.)

13. On the OpenVPN client machine, make a file in the “c:\program files\openvpn\config” directory (this is the same place you just placed a copy of the keys and certificates), called “client1.ovpn” (or whatever name you chose for your client, above). Edit the file in your favourite text editor, and enter the following lines (leave out the hashes/pound signs):
####
client
dev tun
proto udp
remote [ip or DNS name of your pfsense server] 1194
ping 10
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
pull
verb 3
####
You’ll need to enter the public IP address or DNS name of your pfSense box in the ‘remote’ line. You can also adjust the port, if for some reason you are choosing to not use the standard one. For the lines beginning with ‘cert’ and ‘key’, make sure you enter the name of the files you copied across in step 12.

Congratulations, you’ve got everything ready on the client side to connect to pfsense! This section is the only one that needs to be repeated, for future clients. If you have more than one OpenVPN client (and created keys and certs for them in step 11), you may choose to make all the .ovpn files for your clients now (with the corresponding .key and .crt names). These would need to be copied to the appropriate clients install of OpenVPN, like the keys and certs did in step 12.

Now we need to configure pfsense.

15. Select VPN/OpenVPN on the menu, and add an entry in the ‘Server’ tab. Use the following settings:
Protocol: UDP
Local port: 1194
Address pool: 192.168.200.0/24 (Pick any network that you DON’T currently use, this will be assigned to your OpenVPN clients.)
Local Network: 192.168.0.0/24 (Enter whatever the network is that you want the VPN clients to connect to, ie. your local network.)
Remote Network: blank
Cryptography: BF-CBC (128 bit) – or use what you want
Authentication Method: PKI

You can choose to use TCP and/or a different port number, if you have a reason for doing so. Remember you’ll need to set that custom protocol and port in the .ovpn file created in step 13.

Now you need to have access to some of the files created in step 12. If you made the keys and certs on a central server, you’ll need to access them there. The folder is “c:\program files\openvpn\easy-rsa\keys” (or wherever you chose to install).

20. Tick DHCP-Opt: Disable NetBIOS (I don’t use it anyway)

21. Tick LZO Compression

Well done. Now pfsense has the CA keys and certificates installed, so it can validate requests made to authenticate against it. Now we need a few simple rules in the firewall.

You can choose to check the log box, if you’d like to be sure traffic is being passed. Remember if you chose to use custom protocols and ports for OpenVPN in steps 13 and 15 above, you’ll need to adjust this rule accordingly.

23. Add a rule on the interface that contains the network you defined in step 15 (local network), this may be LAN:

PASS
Any protocol
Source: 192.168.200.0/24 (whatever the range of the network defined in step 15′s “address pool”)
Destination: LAN (or whatever the local network is)

24. Depending on how locked down your local networks are, you may need to add another rule on the interface that contains the network you defined in step 15 (local network), this may be LAN:
PASS
Any protocol
Source: LAN (or whatever the name/IP range of the network defined in step 15′s “local network”)
Destination: 192.168.200.0/24 (This is the OpenVPN network that you entered as “address pool” in step 15.)

25. Apply the new rules.

That’s it! Your clients should now you should be able to connect using OpenVPN. Right click on the OpenVPN icon in the system tray and select Connect.

As a bonus, you can configure OpenVPN on pfsense to allow clients to access additional networks. In our case we have multiple VLANs and multiple IP ranges for VPN clients, and we want our OpenVPN clients to be able to access ALL these networks. To do this, you need to “push” the address ranges out to the clients, so that the client machines know how to route to those networks. (This is basic TCP/IP routing stuff, and is beyond the scope of this guide.) You’ll also need the appropriate rules in pfsense to allow this traffic. Go to VPN/OpenVPN in the pfsense web-gui, browse to the bottom of the Server tab, and look for the “Custom options” input box. You can enter multiple custom options separated by semi-colons. The option for pushing additional networks is:
push “route 192.168.4.0 255.255.255.0″ (or whatever the network range happens to be)

Amazon’s new packaging initiative: Oh please oh please!

3 years ago

by Jonathan Puddle in Tech, Work

I came across Jeff Bezos’ announcement on Amazon yesterday, regarding their new packaging plan. Slashdot reported it as well. Basically, they’ve convinced a number of manufacturers to simplify and green-ify their product packaging, and are hoping this will catch on over the next few years.

All I can say is good freaking job Amazon. Here is a company using it’s clout to effect some positive change. I am sick of the massive amount of plastic and crap I get sent when I order just about anything, from just about anywhere. Simplicity of opening is one thing, as I have certainly sliced my fingers (and mouth) when trying to open plastic sealed RAM and memory cards, not to mention toys. But the materials used are what urks me the most; so much plastic for often small items. It’s very wasteful.

My only fear is that this may result in some cases of mindless box sizing. Like the example I posted previously of HP sending ridiculous packaging, we get the same thing from Ingram Micro and CDW. They generally have a set number of box sizes, and the minimum size may be much larger than some of the items they ship. Periodically you’ll get a USB hub smaller than your fist arriving in a 1 foot by 1/2 foot box. Sad really.
But if companies can avoid this pitfall, then more power to Amazon and this great initiative!

News

All systems are go

3 years ago

by Jonathan Puddle in Work

Work has been pretty wild lately. I was talking to my boss today and I said that IT at TACF is probably about as full-on as it has been in about 5 years.

- I’m managing the relaunches of 5+ websites, which as anyone familiar with that process knows, can be a crapload of work. We’re going to rebuild our DotNetNuke infrastructure from a clean slate, as we’ve been upgrading this thing since version 2, and have fundamentally different requirements since the customizations made at that time.
- We’re ramping up our CRM/ERP application, Everest, customizing it more than we’ve ever done, utilizing more areas of it than we’ve ever done, and plan to have the remaining departments at TACF into the system within the next 6 months. This has been a mammoth effort, for the last 3 years, and we’re nearing the next phase, which is optimization and cleansing.
- We’re developing a bunch of sweet applications to make our lives easier and more productive.
- We’re testing an Asterisk based VoIP solution and integration with our existing PBX, to leverage all sorts of great new features. We’re also looking at a Jabber/XMPP server (Openfire) and rolling out staff wide intranet chat.
- We’re evaluating a large software rollout for the final few months of this year, possibly rolling out Office 2007 to our staff. Our long term plans involve more open source usage, like Open Office, so I’m hoping we can use Office 2007 for a couple of years, and then when it’s time to move on from that we go open.
- We’re also finally examining Windows Server 2008, and what systems of ours could benefit from that.

There’s lots of other stuff too… it’s all go. It’s exciting. I love it.

iPhone working with Microsoft Exchange

3 years ago

by Jonathan Puddle in Tech, Work

I’m happy to say that we at TACF have our one iPhone updated with version 2.0, and have got it syncing with Exchange 2003.

Apple provide a document that offers a trivial level of assistance in setting things up. If you’re already using ActiveSync for other devices, then you’ll be working already. If you’re not using ActiveSync (or aren’t sure if you are), but you are using Outlook Web Access already, then you’re just a couple of steps away. There are a few guides out there for enabling ActiveSync, which is really a simple matter of enabling in Exchange System Manager, and ensuring it’s enabled for the user that needs it (enabled by default for all users).

In our case, we had a small spanner thrown into the mix, because we use forms authentication on Outlook Web Access. I suppose this would affect anyone setting up Exchange ActiveSync, if they also used HTTPS and Form Authentication for their OWA. You can test ActiveSync/OMA (Outlook Mobile Access) by browsing to “http://servername/oma”. If it’s working, you should receive a login prompt, and then posssibly a warning about an unsupported device, followed by being able to get into some sort of email account display.

We received the following, from OMA:

Outlook(R) Mobile Access is supported only on Microsoft(R) Exchange Server 2003. Currently your mailbox is stored on an older version of Exchange server. Please contact your system administrator for additional assistance.

This is the error manifested by using Forms Authentication with HTTPS, specifically on the “servername/exchange” directory. Microsoft describes the fix in this article. We went with resolution method 2, that requires you to copy the Exchange virtual directory (in IIS), and then adjust registry settings to point to the new copied folder (which doesn’t use forms auth or ssl).

After a few IIS restarts and a couple of tests, we had our iPhone syncing like a champ!

SQL Query contraints of a database

3 years ago

by Jonathan Puddle in Work

Another useful query I was in need of, and found, yesterday. This one is care of Pinal Dave (who writes a very useful blog, which has helped me before), though I added the “Order By” line. This query lists all the constraints of a database. Replace AdventureWorks with your DB name.

USE AdventureWorks;
GO
SELECT OBJECT_NAME(OBJECT_ID) AS NameofConstraint,
SCHEMA_NAME(schema_id) AS SchemaName,
OBJECT_NAME(parent_object_id) AS TableName,
type_desc AS ConstraintType
FROM sys.objects
WHERE type_desc LIKE ‘%CONSTRAINT’
ORDER BY NameofConstraint
GO

Query a MSSQL database for table sizes

3 years ago

by Jonathan Puddle in Work

We use Microsoft SQL 2005 for our mission critical and web databases. In one instance, we’re able to use SQL Express just fine, but lately I had been keeping an eye on a DB that was approaching the 4GB limit imposed on SQL Express. I had a Google for queries to list the table sizes (it’s simple enough to find out the size of a single table in Management Studio, but querying is clearly simpler/faster). I found exactly what I was looking for, thanks to Scott Moss. Paste this below, replacing OnePoint with your DB name. Everything else is fine as is.

– 12/16/2007
– Any DB will show the table size in MegaBytes
– worked with a SQL Guru at M$ for a few hours last week, here are some fruits of mostly his labor
Use OnePoint
Go

select object_name(id) [Table Name],
[Table Size] = convert (varchar, dpages * 8 / 1024) + ‘MB’

from sysindexes where indid in (0,1)
order by dpages desc

– Have A great Week!

Thank you Scott Moss!

More reasons to stay away from GoDaddy

3 years ago

by Jonathan Puddle in Tech, Work

The first few domains I set up I had hosted with GoDaddy, as they seemed like a decent company. I moved my domains away from GoDaddy a couple of years ago, as I started to feel uneasy about them, but couldn’t put my finger on anything in particular (other than fishy pricing). Over the last couple of years a lot has been surfacing about their business practices, and other things I didn’t agree with. I moved TACF’s domains away from GoDaddy, largely due to their Superbowl adverts (which I find amusing, but tasteless).

A little while ago ICANN slapped GoDaddy down for their domain expiry and information update policies. Turns out, GoDaddy told ICANN “Alright, we’ll be good,” but didn’t actually change a thing. Now we have more ammunition. GoDaddy VP caught bidding against customers Honestly, these guys are just scum now.

Someone on Slashdot has compiled a nice list of articles:
http://tech.slashdot.org/comments.pl?sid=598685&cid=23989627

How to email FROM specific IPs, using Linux and Postfix

3 years ago

by Jonathan Puddle in Tech, Work

I was asked recently to find an email solution for a new marketing firm. The solution specifically, was for the problem of outbound IP binding. That is what IP address email is sent from. If you’re providing email outsourcing for multiple clients, it’s important to keep each client on it’s own IP(s) so one being blacklisted won’t affect another.
It’s a simple matter to add IP addresses to a server for the purposes of listening, but to tell a mail server to send from a particular IP(s) (and not just the default IP) can be a pit tricker. Depending on the resources available to you though, this option really isn’t hard. We started by looking at Qmail, as it’s a popular choice, but we ran into a number of problems applying a patch to allow it to dynamically bind to an IP per outgoing email sender domain. In the end, I built a solution using multiple Postfix instances, that each bind to the appropriate IP. You’re going to end up with:
smtp1.domain.com
smtp2.domain.com
etc.

The first thing you’ll need is a working server. That’s well beyond the scope of this, but for the record I sandbox in VMWare Server using CentOS 5, with MySQL, Apache, VIM, compiling tools and so on. Second thing you’ll need is a working Postfix installation. This took me a long time at first, due solely to a formatting error step 4, below. That was very frustrating…. but if you learn from my mistakes you’ll have an easier time. Trick is to format the make command just right.

1. Grab the Postfix source, and untar. I used the guide here for the install, it’s got all the basics that you need. You should really follow along in that, and turn here if it’s instructions are a little spartan.
2. You’ll need to ensure MySQL and MySQL-devel are installed. My finished Postfix instances didn’t use them (because they weren’t receiving mail, just sending), but I couldn’t see how to compile without the MySQL step. I had to reboot after installing MySQL-devel.
3. Run:

make -f Makefile.init makefiles \
‘CCARGS=-DHAS_MYSQL -I/usr/include/mysql’ \
‘AUXLIBS=-L/usr/lib/mysql/ -lmysqlclient -lz -lm’
make

4. If steps 3 throws errors, you’re going to have to hunt for a solution. Once successful, run the following. This will build makefiles, using the following directories for data, config, and queues. Adjust as necessary. (Bear in mind, multiple Postfixes only need a single set of binaries, but multiple conf and spool folders):

make makefiles CCARGS=’-DDEF_CONFIG_DIR=\”/etc/postfix1\” -DDEF_DATA_DIR=\”/var/lib/postfix\” -DDEF_QUEUE_DIR=\”/var/spool/postfix1\”‘
make

5. If step 4 was a success, you just cut 4+ hours out of my initial setup time. Congrats. Now you need to create some users and groups. I use Vim to edit the conf files. If you don’t know what the following does, best to check up on users and groups principles.

vim /etc/passwd:
[insert] postfix:*:12345:12345:postfix:/no/where:/no/shell

vim /etc/group:
[insert] postfix:*:12345:
[insert] postdrop:*:54321:

5. Now you get to install! Lovely. The default options were fine for me all the way through (this is dependent on the makefiles we made earlier).

make install

6. You’ll need to add a hostname (or two?) at this stage, as Postfix wants a hostname, not an IP when you configure it in the following steps. Again, I use Vim, and obviously use your own IP here. You may want to use smtp1.domain.com, or whatever else:

vim /etc/hosts
[insert] 192.168.0.1 host.domain.com

7. Now you need to configure main.cf with the default minimum options. Configure master.cf with default options as well. (The hostname you configure Postfix with is the one you just entered into the hosts file). Note that this scenario has you binding Postfix to different IPs, so the advise to comment out a line in master.cf (if sending only) does NOT apply. Also, add the IP you wish to bind to (mail will come FROM this IP), to main.cf:

smtp_bind_address = 192.168.0.1

8. Start that sucker:

postfix -c /etc/postfix1 start

Once that’s up and running and you’ve tested it (also a good time to check the SPF records of your domains), you can go get yourself a beer. The hard part is over. You’ll also need to create a startup script for that Postfix instance. See below for a sample.

Now you can create any number of additional Postfix instances quite simply. I used the guide here, andI’m pasting below my stripped down version again (for my own records, more than anything).

9. Copy the conf files to a new directory:

cp -rp /etc/postfix1 /etc/postfix2

10. Adjust the new conf to look at a new spool directory, which you will need to create. Then have Postfix check things and create files as necessary:

vim /etc/postfix2/main.cf
[edit] queue_directory = /var/spool/postfix2

mkdir /var/spool/postfix2
postfix -c /etc/postfix2 check

11. Edit the conf of the original Postfix instance to see this new set of conf files, so the Postfix daemon will load them as well:

vim /etc/postfix1/main.cf
[insert] alternate_config_directories = /etc/postfix-out

12. Now, edit the new conf file again, to adjust the hostname and the IP it’s going to bind to, and you’re just about done.

vim /etc/postfix-out/main.cf
[edit] myhostname = smtp3.domain.com
[edit] smtp_bind_address = 192.168.0.2

13. Now you’ll need to create a new startup script for the new instance. Here’s mine, for CentOS/RedHat. It assumes that Postfix binaries have been installed with the defaults from the install and any instance specific folders (conf, and spool) are “postfix2″. You can just run a find and replace to adjust the postfix2 path to postfix3 (or to postfix1, if this is your first startup script), and so on.

#!/bin/sh
#
# postfix2
# Postfix second instance for Redhat Linux and CentOS
# description: Postfix is a marvelous SMTP server.

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

[ -x /usr/sbin/postfix ] || exit 0
[ -d /etc/postfix2 ] || exit 0
[ -d /var/spool/postfix2 ] || exit 0

RETVAL=0

start() {
# Start daemons.
echo -n “Starting postfix2: ”
if [ ! -e /var/spool/postfix2/etc/resolv.conf ]; then
cp -f /etc/resolv.conf /var/spool/postfix2/etc
fi
/usr/sbin/postfix -c /etc/postfix2 start 2>/dev/null 1>&2 && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix2
echo
return $RETVAL
}

stop() {
# Stop daemons.
echo -n “Shutting down postfix2: ”
/usr/sbin/postfix -c /etc/postfix2 stop 2>/dev/null 1>&2 && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix2
echo
return $RETVAL
}

reload() {
echo -n “Reloading postfix2: ”
/usr/sbin/postfix -c /etc/postfix2 reload 2>/dev/null 1>&2 && success || failure
RETVAL=$?
echo
return $RETVAL
}

abort() {
/usr/sbin/postfix -c /etc/postfix2 abort 2>/dev/null 1>&2 && success || failure
return $?
}

flush() {
/usr/sbin/postfix -c /etc/postfix2 flush 2>/dev/null 1>&2 && success || failure
return $?
}

check() {
/usr/sbin/postfix -c /etc/postfix2 check 2>/dev/null 1>&2 && success || failure
return $?
}

restart() {
stop
start
}

# See how we were called.
case “$1″ in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
abort)
abort
;;
flush)
flush
;;
check)
check
;;
status)
status master
;;
condrestart)
[ -f /var/lock/subsys/postfix2 ] && restart || :
;;
*)
echo “Usage: postfix2 {start|stop|restart|reload|abort|flush|check|status|condrestart}”
exit 1
esac

exit $?

14. You can start your new instance with:

postfix -c /etc/postfix2 start

15. Test again mate!

16. Once that’s done, you’re gold. You can repeat steps 9 – 15 for additional Postfix instances.

Bonus: I use PHPlist for subscriptions and mailing. To configure PHPlist to send using a particular SMTP server, look for this configuration directive (near the end of config.php). Any number of PHPList instances can now be configured to use the appropriate SMTP servers, keeping each one separate from the other, and passing SPF records and keeping spam-rule friendly.

define(“PHPMAILERHOST”,’host.domain.com’);

Non admin users running scheduled batch tasks

3 years ago

by Jonathan Puddle in Work

I ran into a problem a few months back where I found non-admin users on Windows Server 2003 couldn’t run batch files in scheduled tasks. I just gave up then as it wasn’t important, but I had to find a solution for the same issue today. Didn’t have to look far, it turned out:

SYMPTOMS
When you run a batch job that runs under the context of a regular user account on a Microsoft Windows Server 2003-based computer, the script may not run. If you run the batch job by using the Scheduled Tasks feature, the following error message may be logged in the Scheduled Tasks log file (Schedlgu.txt):
0×80070005: Access is denied.

CAUSE
This issue occurs if all the following conditions are true:
• You run the batch job on a Windows Server 2003-based member server.
• The batch job runs as a non-interactive process.
• The batch job is configured to run under the context of an account that is not a member of the Administrators group.
In Windows Server 2003, the Users group does not have Read and Execute permissions to the command processor (Cmd.exe).

Work

How to identify vmware-vmx.exe process to a VM

Setting up a road warrior style VPN connection with pfsense and OpenVPN

Amazon’s new packaging initiative: Oh please oh please!

All systems are go

iPhone working with Microsoft Exchange

SQL Query contraints of a database

Query a MSSQL database for table sizes

More reasons to stay away from GoDaddy

How to email FROM specific IPs, using Linux and Postfix

Non admin users running scheduled batch tasks

Recent Comments

Tweets

Recent Posts

Archives

Work

Recent Comments

Recent Posts

Archives

Tags