Jul 31, 2012

The Remote Desktop Services Service Terminated Unexpectedly. Windows 2008 R2.

We have several Windows 2008 R2 domain controllers in our environment, and the other day I noticed that I could not remote desktop into one of them. It was a Citrix XenServer VM, so I could still get into it remotely, I just had to use XenCenter to do it. Not the snappiest way to manage a server.

Anyway, when I logged in I check the Remote Desktop Service, and saw that it had stopped for some reason. I manually started it up, then tried remoting in with RDP again, and as soon as I logged in I was kicked out. The Remote Desktop Services had kicked off again. I checked the event logs and all I saw was an error saying:

The Remote Desktop Services service terminated unexpectedly.  It has done this 4 time(s).

You gotta love vague errors like that. Yeah, I know it terminated. Why the hell did it terminate? Well, I started Googling around, and I found a post saying it had to do with installing service pack 1, and one guy had luck by simply running updates one more time and the issue went away. This didn't work out for me. In fact, I came up with another error running updates!

This error happened when trying to install update KB2667402. I received an error with the code 8024200D. Researching that led to a forum thread where a guy said that he was getting that error too when trying to run updates, because that update was installed already. That's weird right? I mean, why would the Microsoft Update program say you needed an update that was already installed?

Well, that son of a gun was right. I checked installed updates and sure enough, that update was already installed.

So I uninstalled the update and rebooted the server and a strange thing happened after that. I COULD REMOTE IN! Yes, the Remote Desktop Service stayed running after the reboot! 

After that, I re-ran updates and the KB2667402 update was detected again, and this time it installed without an issue. After another reboot, RDP is working fine! The original install of KB2667402 seems to have been corrupted, and is what caused the issues with RDP.

Are you experiencing this issue, or have you in the past? Was this the fix for you or did you handle it differently? Let us know in the comments.

Jul 30, 2012

Secure Your Wireless People!

The other day I was at a local park having a picnic with my wife and some friends when my wife checked her phone and noticed that it was connected to a wireless connection nearby. She looked at her wireless settings and saw that the access point she was connected to was an unsecured access point with the SSID of Dlink. She had it stored in her phone's memory because she was at a friend's house a few months back with the same unsecured settings.

That prompted me to post this little public service announcement on Bauer-Power's Facebook Page:

Dlink linksys netgear ssid

I'm sure that if you are reading this blog, you are savvy enough to know that you should be at least using WPA2 encryption to keep the bad guys out. I mean there is nothing better to hide your illegal online activity, such as downloading pirated music and movies, than by doing it over your neighbor's unsecured wireless Internet connection right?

The trouble is that a lot of your non-tech savvy friends and family members have no idea that when they plug in their shiny new wireless routers, and leave the default settings that other people are probably stealing their bandwidth at the very least, and at the most doing some illegal activity.

Please click on the image, and share it on your Facebook timeline to spread the word to your friends and family.

Jul 27, 2012

Twitter's Fail-Over Setup Was an Epic Fail

Image representing Twitter as depicted in Crun...
Image via CrunchBase
You are probably aware of Twitter's major issues this week. If not, the super popular micro-blogging site seems to have some issues staying up. A year or so ago, this was a common occurrence, but over the last few months Twitter has built up their infrastructure to minimize down time.

Well they have been having issues this week. Most notably, yesterday morning they went down. According to ABC News:

At around 11:20 a.m. ET, Twitter users started to see their streams come to a screeching halt and were not able to send 140-character messages. The service did not come back online until 1:25 p.m. ET, Twitter confirmed.

They shouldn't have gone down though because like most online services they had set up their infrastructure with fail-over for redundancy. If a system goes down, the service is supposed to fail-over to the working system. This sort of setup is very common for systems requiring high availability. Twitter's fail-over setup failed though.

From Twitter's blog:

The cause of today’s outage came from within our data centers. Data centers are designed to be redundant: when one system fails (as everything does at one time or another), a parallel system takes over. What was noteworthy about today’s outage was the coincidental failure of two parallel systems at nearly the same time.  
I wish I could say that today’s outage could be explained by the Olympics or even a cascading bug. Instead, it was due to this infrastructural double-whammy. We are investing aggressively in our systems to avoid this situation in the future. 

It just goes to show you that even the biggest names in the business can have failures, and shows the importance of redundancy and if you can afford one, a DR warm or hot site. Hopefully enough CFO's use Twitter and can see that now, and will approve funds to improve redundancy in their organizations.

What were you doing while Twitter was down? Let us know in the comments.

How To Create A Custom Error Message For Blogger

One of the coolest things about the new blogger interface is the ability to create custom 404 error messages when someone hits a page on your blog that doesn't exist. Users of Wordpress have pretty much always had this, but us poor Blogger users have not.

Having the ability to use your own is nice because you can put up a custom message telling people to search your home page for the article they are looking for. It keeps them engaged, and on your site. Or you can just use to to be funny. For example, here are five funny 404 error messages you might want to use:

Here is what my error looks like. It's not as funny as the ones above:

To set this up yourself, just do the following:

  • When you first login to Blogger, click on the drop down menu to the left of the menu you want to add the custom 404 error message to, and click Settings.
  • Next, in the menu on the left under Settings, click on Search Preferences.
  • In the section that says Errors and Redirections, click the Edit link next to Custom Page Not Found. You will see a text box. In there you can type out your message, or use HTML to embed an image. Images must be no bigger than 550x280.
Once that is setup, now any time people try to visit a page on your blog that doesn't exist, they will get your new custom message!

Jul 26, 2012

Want To Keep Big Brother Out of Your Calls? Ditch Skype!

Skype Technologies S.A. logo
Skype Technologies S.A. logo (Photo credit: Wikipedia)
Microsoft recently purchased the very popular VoIP (Voice Over Internet Protocol) provider Skype for roughly $8.5 Billion, and now they are reportedly having Skype re-engineer Skype's supernodes to make it easier for government agencies and law enforcement to access your call and chat history. Supernodes are third party servers that act as a directory service for routing calls.

Arstechnica reported back in May that the original P2P supernodes that Skype used were hosted on regular users computers with sufficient bandwidth. They are now being moved to GRSecurity Linux nodes hosted by Microsoft. Via Ars:

Skype is now being powered by a little more than 10,000 supernodes that are all hosted by [Microsoft]. It's currently not possible for regular users to be promoted to supernode status. What's more, the boxes are running a version of Linux using grsecurity, a collection of patches and configurations designed to make servers more resistant to attacks. In addition to hardening them to hacks, the Microsoft-hosted boxes are able to accommodate significantly more users. Supernodes under the old system typically handled about 800 end users, Kortchinsky said, whereas the newer ones host about 4,100 users and have a theoretical limit of as many as 100,000 users.

The move is being criticized by various hacker groups that the move to centralized servers hosted by Microsoft will make it easier to intercept users communications so they can be logged and turned over to the authorities.

From Extreme Tech:

Microsoft is re-engineering these supernodes to make it easier for law enforcement to monitor calls by allowing the supernodes to not only make the introduction but to actually route the voice data of the calls as well. In this way, the actual voice data would pass through the monitored servers and the call is no longer secure. It is essentially a man-in-the-middle attack, and it is made all the easier because Microsoft -– who owns Skype and knows the keys used for the service’s encryption -– is helping.

As a rebuttal, Skype's Adrian Asher contacted Extreme Tech with the following statement:

As part of our ongoing commitment to continually improve the Skype user experience, we developed supernodes which can be located on dedicated servers within secure datacenters. This has not changed the underlying nature of Skype’s peer-to-peer (P2P) architecture, in which supernodes simply allow users to find one another (calls do not pass through supernodes). We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.

Alleged leaked source code says otherwise though. Softpedia reported back on July 18th that a hacktivist affiliated with the Anonymous group known as Stun claimed responsibility to the code theft, and as released the code on The Pirate bay. Via Softpedia:

An Anonymous-affiliated hacker that goes by the name of Stun, claims to have leaked Skype’s source code and the de-obfuscated binaries as a form of protest against the “governmental backdoor.”

“After Microsoft acquiring Skype for 8.5 billion dollars and proceeding to add back doors for government to the program, the software has been hacked and it's source code released,” Stun wrote next to links that point to three files hosted on The Pirate bay.

In the same article on Softpedia, a security researcher named Janne Ahlberg said that the code that Stun released was really old reversed engineered code from another researcher released earlier this year. Skype took legal action against that researcher last year. Either way, Ahlberg says the leak is a hoax.

What do you think about this? Can Skype be trusted? Let us know how you feel in the comments.

Freedom Toaster: Delivering Free Software To The 3rd World

I love me some open source. You know that already because I write about free open source software quite a bit. I even release my own version of Ubuntu Linux called Bauer-Puntu. Freedom truly is open source!

That is why the project that I am writing about today is so awesome. They help spread free and open source software to places where it isn't that easy to get it. Places like Africa where most people can't afford internet. This project is called Freedom Toaster. From their page:

The Freedom Toaster was originally conceived and developed by the Shuttleworth Foundation in an initiative to deliver open source software to the masses. While much of this software is available on the Internet, in South Africa restrictive bandwidth and the “pay-per-megabyte” structure of telecommunications makes it impossible for many people to obtain software without paying for it.  
Making open source software available free of charge on the Freedom Toaster is part of a greater effort to bridge the digital divide, empower people, and facilitate education in an environment where technology is continuously becoming more important to the economic success of people worldwide. Freedom Toaster is a non-profit organization and available to all.
Check out this video that better explains what it is that Freedom Toaster is trying to do:

As the video shows, these devices makes it easy to deliver free software to schools, and more importantly children in impoverished nations to help them succeed in their education. All kids need to do is bring a CDR and they can get their software from a Freedom Toaster.

What do you think about this project? Let us know in the comments!

Jul 25, 2012

Google's Bouncer Getting Bounced at Black Hat

You may, or may not have heard of a security tool Google deployed to Google Play (Formerly Android Market) to detect and remove apps with malicious code. The tool is called Google Bouncer. Google implemented Bouncer back in February of this year.

Well this week at Black Hat, the worlds biggest hacker convention in Las Vegas Nevada, a security firm called Trustwave will be demonstrating how they were able to circumvent Google Bouncer using a masking technique.

Trustwave proved to itself that its masking technique could get past Bouncer's detection by getting a malicious app it created into Google Play earlier this year, says Nicholas Percoco, senior vice president and head of Trustwave's SpiderLabs advanced security team. "We wanted to test the bounds of what it's capable of," he says, describing how Trustwave as a registered Android developer created an app called "SMS Blocker." When downloaded to a smartphone, the app would be able to steal contacts, SMS messages and photos, and basically know anything about the device. The app could also make the phone go to arbitrary Web pages or launch a denial-of-service attack. He says: "Google never flagged it."

Scary news to people already worried about malicious apps on the Android platform. It just goes to show you that nothing is bullet proof, and people need to be careful of the apps they download.

[Via Tech World]

Add Meta Descriptions To Individual Blog Posts on Blogger

As a part of the redesign of Bauer-Power, one of the things I am trying to do is boost my SEO since I pretty much got crushed by the Panda update last year. I mentioned last week that I went from getting roughly 200,000 page views per month to 40,000. That is really significant.

One of the things I noticed with the new Blogger layout is that you can now add individual meta descriptions for each blog post you write. That can be huge for SEO! Setting it up is simple too!

  • When you first login to Blogger, click on the drop down menu to the right of the blog you want to add this feature to and click Settings.
  • On the menu on the left, click on Search Preferences.
  • Under Meta Tags, click the Enabled radio button, and enter in a description for your blog. This will enable to option to do the same for individual posts, then save your changes.
  • Now in the post editor, you will see a new option in the menu on the right saying Search Description. You can now enter in descriptions for individual posts so they rank better in search engines!

Pretty cool right? One thing to keep in mind is this does not automatically add descriptions to old posts. You will have to manually go back into old posts to add descriptions to them. Other than that, it's pretty great right?

Know of any other useful SEO tips and features with the new Blogger layout? Let us know in the comments!

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam