Mr. Szymanski

For some reason unbeknownst to myself Adobe decided to stop releasing flash player for Macintosh as a package sometime this summer. This is very inconvenient when trying to deploy the player on multiple machines in order to push patches to security holes in their software. With a little poking around I found that the package is in the download you just need to extract it. To do so…

1. Download the player from Adobe’s site
2. CTRL-Click on the file and choose show package contents
3. Open the “Contents” folder and then the “Resources” folder. Inside you will see a files called “Adobe Flash Player.pkg”
4. Drag/Drop or copy that package somewhere and use that to deploy the player with Apple Remote Desktop

Macintosh

Flash

Adobe

Apple Remote Desktop

This is an example of how to deploy firefox remotely to your windows based domain client machines using psexec with proxy settings. First you need to download the latest 7-zip from here: www.7-zip.org after you have that installed find your firefox installer package. As of this articles writing the name of this file was “Firefox Setup 3.6.4.exe”. Right-click on it and choose the menu item under 7 zip called: Extract to Firefox Setup 3.6.4″

Once the package unzips go into the directory called Firefox Setup 3.6.4 and have a look around.

Home Page Setup:

The first folder is called “localized” open the file called “browserconfig.properties” with wordpad and edit the urls to reflect the homepage that you want your clients to have. In my case the file looked like this when I was done…

browser.startup.homepage=http://szone.berlinwall.org
browser.startup.homepage_reset=http://szone.berlinwall.org

There is also a prefs.js file in the localizeddefaultsprofile directory. You can add entries here is you like and they will be the default preferences. Having a look at about:config will give an idea of options that you can set: http://www.mozilla.org/support/firefox/edit#aboutconfig

Proxy Settings:

The proxy settings can be set in all.js file found in the nonlocalizedgreprefs folder. Search for the phrase proxy.type to jump to the part we are looking for. By default the value is 0 (no proxy). Setting the value to 1 will enable the proxy. If you have auto detection setup on your network you can use 4. Firefox 3 added the option of 5, which will use your “system” proxyIf your proxy was 192.168.1.1:8080 then you would make the file look like this…

pref(“network.proxy.type”, 1);
pref(“network.proxy.ftp”, “192.168.1.1”);
pref(“network.proxy.ftp_port”, 8080);
pref(“network.proxy.gopher”, “192.168.1.1”);
pref(“network.proxy.gopher_port”, 8080);
pref(“network.proxy.http”, “192.168.1.1”);
pref(“network.proxy.http_port”, 8080);
pref(“network.proxy.ssl”, “192.168.1.1”);
pref(“network.proxy.ssl_port”, 8080);
pref(“network.proxy.socks”, “192.168.1.1”);
pref(“network.proxy.socks_port”, 1080);
pref(“network.proxy.socks_version”, 5);
pref(“network.proxy.socks_remote_dns”, false);
pref(“network.proxy.no_proxies_on”, “localhost, 127.0.0.1,.192.168.1.1 , yourlocalserver.com”);

There are a lot other settings in this file. Take a long look at it and make any changes you would like.

Disabling Suggested Searches

If you do not want hundreds of queries for search suggestions every time a single letter is typed in the search bar then open this file: nonlocalizeddefaultspreffirefox.js and search for “suggest”. You should find: pref(“browser.search.suggest.enabled”, true);

Change it to: pref(“browser.search.suggest.enabled”, false);

Disabling Application Updates

When installing Firefox in an enterprise setting you do not want it to look for updates when a regular/non-admin user is logged on (You don’t let your users logon with administrators accounts do you?). In the firefox.js there is a line that looks like this: pref(“app.update.enabled”, true); Change that to: pref(“app.update.enabled”, false); and then your clients will not check for updates automatically.

There are many other preferences in this file. Take a look at it and make any other changes you like.

Remote Deployment

Use the method that I share on this page: http://szone.berlinwall.org/win32/DeployinganInstallationPackagetoMultipleClients

The batch file for firefox would be a little different than the example in that article. Something like this should work…

echo “checking for Installers directory on the target…”
if not exist %1C$installers mkdir %1C$installers
if not exist %1C$installersfirefox3.6.4 mkdir %1C$installersfirefox3.6.4
echo “copying Firefox install to install directory…”
xcopy “MyServerUpdatesfirefox3.6.4*” “%1C$installersfirefox3.6.4” /e /y
echo “Installing Firefox…”
psexec.exe %1 “c:installersfirefox3.6.4setup.exe” -ms
echo “All Done.”

Credits: http://www.appdeploy.com/packages/detail.asp?id=357 (For the silent install switch)

Moved Here

Windows

FireFox

Silent Installation

Senario:
Our webservers use a database backend which is also replicated to two other servers. In the even that there is a failure then one of the others can take over. oldserver1.berlinschools.org was not doing well and was also the master in a mysql replication setup with two “slave” servers. One older (olderserver2.berlinschools.org) and one basically new (newserver.berlinschools.org). The need was to make it so oldserver1’s master status was passed onto newserver and oldserver2 would look to ne for slave updates.

Preparation:
To make this easier on myself first in preparation I made sure that every php/mysql web app that I have running is using a dns name for its mysql server setting (drupal, moodle, gallery, xoops, etc). I choose master.berlinschools.org. To test this name I made sure that the command: dig master.berlinschools.org would respond correctly. I also checked the hosts file for entries. One did have this setting, because it was using an external service provider’s DNS instead of our internal.

Making it happen:
I opened 3 separate terminals to each mysql server and logged in as root. Then I logged onto mysql as root with this command…
mysql -u root -pMyMYSQL-PasswordHERE (Note: no space between -p and the actual password)

DNS:
I moved back to my dns configuration and punched in the new ip address for the mysqlmaster dns entry and forced DNS to update. I updated the HOST file on the one that needed it.

MYSQL:
On the master first ran…
FLUSH LOGS;

On the new master I ran…
STOP SLAVE;
RESET MASTER;
CHANGE MASTER TO MASTER_HOST=’newserversIPaddress’;

On the slave I ran…
STOP SLAVE;
RESET MASTER;
CHANGE MASTER TO MASTER_HOST=’newserversIPaddress; (current IP of newserver)
START SLAVE;

Back to the old master I ran…
STOP SLAVE;
RESET MASTER;
CHANGE MASTER TO MASTER_HOST=’newserversIPaddress’;
START SLAVE;

See the MYSQL official replication FAQ for more information:

http://dev.mysql.com/doc/refman/5.0/en/replication-faq.html

MYSQL

Replication

Disaster Prevention

Over the last few months I have seen and heard or quite a few computers infected with the “Conficker” worm ( also know as Downup, Downadup and Kido). It is truly a nasty piece of software that ingrains itself so far into the system that it has been impossible to remove from any of the systems that I had not personally secured myself with the steps I outline here. That one machine the person had actually clicked on the “yes” button to install the worm. Luckily it was with the non-administrative account and I was able isolate the files and remove them.

I did some research around the web on so called removal instructions and came across Microsofts…

microsoft.com – “How do I remove the Conficker worm? If your computer is infected with the Conficker worm, you may be unable to download certain security products, such as the Microsoft Malicious Software Removal Tool or accessing certain Web sites, such as Microsoft Update. If you can’t access those tools, try using the Windows Live OneCare Safety Scanner.”

This is totally useless. I’ve spent hours using a manually downloaded MSRT and the Live OneCare Scanner. It might tell you that it cleaned the machine and the everything will look good, but after a couple reboots and even opening Internet Explorer once will bring it right back. You might be able to “remove” it, but the problem of Windows XP or Vista setting up all home user account as administrators of the local machine still exists. The point of infection is still available and any account that uses the computer can infect the system. Try to remove this infection is an exercise in futility.

If you have been infected I think it is best if you backup your documents and re-install the Operating system from scratch (Don’t forget to scan them with an update Antivirus before putting them back on your computer). This way you can be truly sure that there is no infection. It is not wise to trust a machine that has had such a bad infection. This is especially true for someone who does online banking or conducts other business transactions on the Internet. It is better to start fresh and make sure that the system is secure. Follow the steps on the checklist. If you cannot, then find someone that can.

Windows

Security

Worms