DS32.com - Welcome

1md.be is probably the best promotion of creativity that I’ve seen since Modernista. Very nice:)

Very useful article on Petri.co.il about redirecting the favorites folder using group policy. This came in handy for me as I needed to replace roaming profiles (too slow!) – so after some GPO folder redirection and the addition of a few login scripts I had a good alternative – except users wouldn’t be able to hold on to their favorites when moving to another machine – enter Petri’s GPO extension!

Welcome to my new layout. I have simplified my design, its inspired in part by http://www.fastcodesign.com/ and http://www.weblator.com/.

I have moved all of my articles/tutorials etc to faq.ds32.com so I can keep this site purely as a blog.

Came across a vertually undetectable virus today that was randomly redirecting search results on google -for example, if you searched for “bt email” the number 1 result (btw website) would be redirected to an ask.com advertising page. I tryed all the usual stuff -an avg scan, a malware bytes scan and a thorough check with hjt, none of which found anything.

I also checked the hosts file, but there was nothing suspicious in there.

Finally I done an avg scan with the hard drive attached to another machine, and it turned out that atapi.sys, located in windows/system32/drivers, had been infected with a Trojan.

After copying the un-tampered atapi.sys file from another pc, the issue was resolved -this goes to show that hijack this can no longer be trusted to detect all viruses!!

Nyone know what was on this blog? It’s in the top 100 sites in the world (alexa) but when you try and visit the blog, it seems as though it doesn’t exist…?

Had an issue today with Windows Media Center where ehrec.exe was using nearly 100% CPU shortly after the PC had started up. In addition to this, after the desktop appeared, there was a 2-3 minute gap before any applications could be used – for example if you ran internet explorer, it would not open for about 3 minutes (or untill the networking icons showed up in the task bar).

Anyway, after a bit of research and troubleshooting, it turned out to be and update from Microsoft – .NET Framework 4 Client Profile (KB982670) that seems to have a bad reaction to ehrec.exe (apparently a component of Windows Media Center that controls TV recordings???).

Once this update was removed, all works fine. Apparently this issue only exists in Media Center – HOWEVER, this isnt the first time the NET Framework Client Profile has come up in conversations regarding a Windows issue. So I will be marking that update as “Don’t show again!!”.

Why does Word press attract so much spam?

Have been struggling with this all day today so just thought Id make a note of some useful information I found out. I’ll assume that people know how to connect local printers when using remote desktop (IE ticking the box that says “printers” in the remote desktop options).

However, you may have noticed that it doesn’t always work – you may find that even though this box is ticked, the printer doesn’t show up when in remote desktop.

This is a common problem and is related to the drivers not being installed on the remote machine – which seems to be the popular consensus. The information that wasn’t so clear, is confirming this; as follows:
On the remote machine, go into the event log, and look for a 1111 Event ID – this confirms that the problem is with the driver not being present. It should then just be a case of installing the driver on the remote machine – its proving a pain for me however, because I’m using a Kodak, which wont install the driver unless the printer is present – guess this will involve a little trip to the office with the printer!!

Sources: Howtofixcomputers.com

sampsonmay.com – Came across this site today, it belongs to a London based design consultancy – I love the simple layout! Very effective.

Lesson of the day: ALWAYS test and double test structural changes to a website – our best advertising space on Shareworld (top of page above menu and below logo) has been performing exceptionally bad for the last month – about 0.1%ctr – today we found out why: a link had pushed the adverts behind the menu in ie7 – so no one was seeing the advert!

It normally gets a ctr of between 2 – 4%!

Don’t think I’m going to renew my subscription to .NET Mag next time around – I know they’re probably very busy and I’m inconsequential, but they have NEVER answered any email I’ve sent them – I don’t think thats too great:(

Posted on Experts-Exchange – 17th August 2010, awaiting response!!

Can someone explain a few things about spam prevention, blacklists and exchange RBLs…

Basically, as I understood it, if you are running an exchange server then it is of primary importance that you keep your public IP(s) off of blacklists – otherwise when your sending email from your org, your IP will be flagged as blacklisted and the receiving server will not (in some instances) accept the transmission – thats fair enough.

However, I have come across situations on several occasions now, whereby emails are being blocked from some of the organizations my company manages (we are IT services provider) – even though we are using pop email!

For example, Company A that we look after, they are using pop email provided by BT Internet – they have BT email addresses which are aliased to say info@companya.co.uk

so outlook is set up with pop and smtp servers for bt – all mail is sent through bt smtp servers.

BUT, they are being blocked from sending to a particular address, say info@external.com – they are getting a message back to the effect that the mailbox doesnt exist – I know it does, because if I telnet from my location to the external addresses mx servers, I can successfully send an email to the address.

If I telnet from Company As office, I can connect, give from address, fine. But when I type in the recipients email (the contact at the external company) I get an error saying mail cannot be sent because the IP (company As public IP (which is dynamic because they’re only using pop email)) is blacklisted.

I checked company As IP address on mxtoolbox.com and it is indeed blacklisted – by SORbs and all three of the UCL Protects. Message on Sorbs is:
[MU] Dynamic/Generic IP/rDNS address, use your ISPs mail server or get rDNS set to indicate static assignment.

So I read from this that the IP is blacklisted because its on a dynamic IP block – and mail shouldnt be sent from there – also fine.

So my question (after all that) is:
If we are sending email via BTs smtp servers (which we are) why is Company A’s public IP being flagged as blacklisted – when the mail isnt coming directly from there??

And what can be done about this?

Just to highlight this some more, I know another very large corporation, who uses the same blacklisting techniques, and I cant send them email from my office – because we are also on dynamic IP (even though we use pop mail) – when I look my ip range up on mxtoolbox, it says its blacklisted like 28,000 ips in my subnet for whatever reason, so does that mean this company are possibly missing communications from such a large area because of spam prevention conditions…???

Google Caffeine has been live for some time now. Google made a big thing of their new index saying it would provide 50% fresher results, and also that it would index the internet in a more efficient way, and at a much faster rate.

They weren’t joking! I tried a little experiment this morning to see how quickly they index content with Google Caffeine.

I added a new post to ds32.com at 9.45am this morning (6th August 2010) about the iphone and turning off predictive text.
I updated my sitemap using xml-sitemaps.com, uploaded the sitemap and notified Google at 9.47am.

I done two searches on Google at 9.59am:

turning off predictive text on the iphone site:ds32.com
and
turning off predictive text on the iphone

And my page was already indexed! with out the site-search suffix, my post comes up about number 16 in Googles SERPs – thats understandable.

The point is, it took Google 12 minutes to add my page to its search index, thats really impressive!!

Think I will wait and see how long it takes for this post to be indexed WITHOUT re-submitting a sitemap.

This page is going live at 10.07am…Watch this space for an update…

Update

10.18am Google has indexed this page! However, just realised that WordPress automatically “pings” the post via pingomatic, so its the same as re-submitting the sitemap I guess… Still impressive though!

Took me ages to find out how to turn off predictive text on the iphone, so I thought Id post it here:

Settings>General>keyboard> Auto-correction=off.

Can’t beleive it -twitters down this evening ! Apparently they Have engineers working on the problem as we speak – would love to see twitters servers and how they go about trouble shooting and fixing a problem with the service!!

Shareworld has had more visitors today than it has in the last 30 days.

After our server was attacked by a Trojan last month – which was attacking other servers in the data centre – we had to completely rebuild it, this resulted in several days downtime and over a week of disruption.

Although we never managed to locate the source of the virus, we did manage to reload the server and restore the most recent backup – although it was a few days old.

The events had obviously done some damage as it took several weeks for our traffic to build up again. Hopefully all is resolved now.

It did teach us a few important lessons though – we have since removed all other domains from shareworlds server – making it easier to restore backups in the event of a problem.
We also run multiple backup schedules now – you really don’t want to be relying on one backup source – JUST IN CASE!!

Most importantly it taught us that a backup plan is no good unless it’s fully tested on a regular basis – when we went to restore our very latest backup, we found it was corrupt, as were the last few days backups – so if you are running any critical service, your backups need to be check regularly and your backup plan needs to be tested in a real scenario and on a regular basis.

I use htaccess regularly to redirect old urls to new and for removing pages that don’t exist etc. So much so that the htaccess file for Shareworld had grown to over 100kb! Part of this size was due to a past re-design where almost all of our pages had to be redirected.

I was once advised that these redirects should really be kept forever. However, I was fed up with the size of the htaccess file – considering this has to be accessed every time a page is loaded, thats quite a demand on the server.

So, I decided to check all the pages listed for Shareworld using “site:www.shareworld.co.uk” and found that a lot of the old pages I had redirected with htaccess (301) were no longer showing up in the list of pages indexed by Google – so I thought it would be safe to delete the redirects in question.

I have now managed to reduce my htaccess file from 100k down to 20k! Lets see if that makes any difference…