Lock down windows xp clients with windows server 2003

This took me a bunch of research so here is what I found worked best; after locking down the clients with a group policy object for the user's OU (do not modify default group policy) there were a few more things I wanted to do:

• Disable right-click on desktop (start menu and task bar already disabled with policy)
• Remove/hide Control Panel icon (but not all control panel functions - Date and time allowed for the specific application)
• Remove/hide Printers and Faxes (no need for any printing anyway but group policy didn't have the option to do so)

First thing I had to find out is the registry keys for these tasks which are as follows:

Disable or remove right click ability - set to 1:

Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu

Remove/hide Control Panel icon - set to 0:

Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel

Remove/hide Printers and Faxes - set to 0:

Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowPrinters

Next I need to push it to the systems via group policy, this was probably the trickiest part but turned out to be fairly simple as well. Create a new text file and type the following: (without =)

class user

category MySettings

policy "disable right click"

keyname "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"

explain "here is the explaination"

valuename "NoViewContextMenu"

valueon 1

valueoff 0

end policy

policy "hide printers and faxes from start menu"

keyname "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"

explain "here is the explaination"

valuename "start_showprinters"

valueon NUMERIC 0

valueoff NUMERIC 1

end policy

policy "hide control panel from start menu"

keyname "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"

explain "here is the explaination"

valuename "start_showcontrolpanel"

valueon NUMERIC 0

valueoff NUMERIC 1

end policy

end category

Save this and rename the file to something.adm. Now under the policy editor of the policy you would like to apply these right click on Administrative Template and click Add/remove templates now browse to the folder you saved the .adm file and load it in. Finally choose enable on the policies which will be under user settings>MySettings in this example, refresh the policy (gpupdate), log off and log back in with the target users and your done!

They should now have no right click functionality on the desktop, no control panel (but still date and time granted - check this by double clicking the system clock; if it opens the time and date properties then it is good) and no Printers and faxes so the system is locked.

Let me know if it's clear enough!

Start network eth0 dhcp on bootup

Ran into a problem, the only interface going up was the loopback, after some research and testing found out that I had to add the following lines to /etc/sysconfig/network-scripts/ifcfg-eth0
===================================
BOOTPROTO: dhcp
ONBOOT:yes
===================================


Not sure if they have to be in any particular location within the file but my exact file looks like this:
===========================================================
# Name of card.....................
BOOTPROTO=dhcp
DEVICE=eth0
HWADDR=00:0.................
ONBOOT=yes
===========================================================

Then just reboot and enjoy!

(reboot or init 6)

Putty fix on windows

I had some annoyance with putty on my windows systems; I always forget where it downloads, or i moved it and the shortcut wouldn't work but the program actually saves keys in registry so it doesn't really matter where it is located...

So finally I decided to place it in C:\WINDOWS\system32 and run it by pressing windowskey+r to get to the run box and type "putty" without quotes (because anything in system32 with .exe will run from run box)

One more thing I have done since then is create a one line batch file to go with putty download in order to place it in system32 everytime installing it in a new system.
The one line is the following:
move putty.exe C:\WINDOWS\system32\putty.exe

Save that in text file and rename it to something.bat with putty.exe in same folder and run the batch.
Or just download it both from HERE

How to get SSH connection from remote networks

From my original reply to post: http://communities.vmware.com/thread/184369


Remote SSH to VMware
Dec 10, 2008 12:34 PM
drummingfool (3 posts since Dec 10, 2008)

Here's my issue:

I have set up vmware running CentOS 5.2 on a vista host machine. I would like to remote SSH into my centos from anywhere. I can ssh into centos locally from the host box, but not remotely. I assume this has something to do with port forwarding. I am running straight into a modem from the host box and therefore do not have direct port forwarding. I can also VNC into the host machine remotely. Also the windows firewall is off, as well as all firewall options on centos.

Someone help! having to vnc into the host box and then use vm is getting painfully slow. Any ideas?

----------------------------------other replies cut---------------------------------------------


Re: Remote SSH to VMware Mar 5, 2009 12:14 PM
in response to: drummingfool
bplotkin (1 posts since Mar 5, 2009)
Reply 4. Re: Remote SSH to VMware Mar 5, 2009 12:14 PM
in response to: drummingfool

You will need to enable ssh for external networks.

Open /etc/hosts.allow ( something like $vi /etc/hosts.allow) and add the following line at the bottom:
SSHD: ALL

or even easier type at the prompt
echo "SSHD: ALL" >> /etc/hosts.allow

This will allow all external networks to connect to the SSH service.
otherwise you can put an IP or a range of IPs to have a more secure system (google hosts allow for more information).

Good router

Just tried out the WRT54GL from Linksys and I must say that it's just great.

UPDATE [March 2011]: if you are looking for more flash, ram and wireless N try the very cost effective:
TP-Link TL-WR741ND or a little better 
TP-Link TL-WR1043ND or one of the best available
Buffalo WZR-HP-G300NH with great specs, perfect for small business

For anyone who doesn't know, it is an open source firmware version from Linksys; which means you can change from the default routing admin interface (and features) - in which case this opens up for some amazing possibilities.

I choose the tomato firmware (just google for any others) and it just amazes me how much things get better when opening up the source code to regular people - communities form to improve software!

The major features I love are:

• Bandwidth monitoring (as my local ISP has monthly limits),
• QoS (Quality of Service) - which means downloading/uploading (things like bittorrents or moving large files) won't interrupt regular browsing on any computer connected,
• SSH service is great for me because I don't have to run another Linux box or vmware just for it,
• And finally it can also be used as a wireless bridge to connect off of existing wireless networks or to extend the range (but I havn't tried that yet so comment below if you have!).

It is really simple to upgrade:

1. Download the file Tomato_1_23.7z (or newest version) and unzip the folder

2. Log in to the Linksys firmware (Wired) at http://192.168.1.1/ (blank username, admin for password)

3. Click the Administration tab, then Firmware Upgrade.

4. Upload the WRT54G_WRT54GL.bin file - DO NOT Sneaze! this must complete without power or network interruptions, so it's best to wait patiently.
5. Wait to be prompted then enter root for username and admin for password (you should change that after logon)

Now for my favorite features (so far):

• Bandwidth monitoring is enabled by default
• Enable the QoS: click the QoS button on the left > check the Enable checkbox and click save.
• SSH is enabled ineternally and can also be enabled for external networks but isn't recommended for begginers.
• To change the wireless functions go to Basic > Network > choose Wireless Ethernet Bridge from the drop down menu of wireless section and click Save then you can click on Wireless Survey and connect to available networks.

Notice how saving settings does not restart the router as with most default firmware!

Enjoy!

How to restore iphone from 3.0 to 2.2.1

A friend of mine had recently spent 5 hours trying to find the solution which was no where on the web, so for those of you still trying to figure this out here it is:

Put your iPhone in DFU mode

1. Open Up iTunes

2. Have Your iPhone Connected To Your Pc

3. Hold Down The Power/Sleep Button And The Home Button For Exactly 10 Seconds.

4. Then Release The Power/Sleep Button And Continue To Hold The Home Button Until iTunes Brings Up A Message Saying Your iPhone Is In DFU Mode.

5. Click Ok Or Whatever It Is So That It Closes That Popup.

6. Hold Shift Then Click Restore.

7.Then Make sure You Have Downloaded the ISPW Firmware. Called:

8. Let It Restore Once Its Finished You Will Get An Error Thats Normal It Will Most Likely Be 1015 Or Something Like That.

9. Download Quick Pwn 2.2.1.

*These steps are very important!

10. Then Open Up Quick Pwn With Your iPhone Connected To Your PC And It will then Say That You Need To Hold The Power/Sleep Button And The Home button For Exactly 15 Seconds Then Release The Power/Sleep Button And Continue To Hold The Home Button For 2 Seconds. This will boot your iPhone To the Emergency Call screen.

11.Open up iTunes And Let It Activate Your iPhone.

12. Then Restore your iPhone From A Previous Backup If you Have One.

Marijuana Research

Came across this interesting marijuana documentary some time back and decided to see what truth is in it; recently found this interesting publication from the US government called "Marijuana and Health - Report of a Study by a Committee of the INSTITUTE OF MEDICINE Division of Health Sciences Policy NATIONAL ACADEMY PRESS Washington, D.C. 1982"

Many interesting points brought up in this study from 1980's including:

• EFFECTS ON THE NERVOUS SYSTEM AND ON BEHAVIOR
• EFFECTS ON THE CARDIOVASCULAR AND RESPIRATORY SYSTEMS
• EFFECTS ON THE REPRODUCTIVE SYSTEM AND ON CHROMOSOMES
• THE IMMUNE SYSTEM
• THERAPEUTIC POTENTIAL
• THE NEED FOR MORE RESEARCH ON MARIJUANA

and more.

PDF download, for text version also found on google books but more organized and summarized version will be presented here soon.

For "The union: the business behind getting high" please leave a comment if you found places to purchase it (like this Amazon UK link), otherwise about the topic or any general opinions or criticism are welcome.

Another, newer, research I made can be found HERE
Thanks for visiting my blog :)

How to read or modify Microsoft Office 2007 documents

This has been a big issue with the new Microsoft office 2007 software since day 1, new format that is not backwards compatible leaving both users of the new software and old software confused and frustrated. The main issue has been with the xml formats as Microsoft claims has new features; docx, xlsx, pptx, etc. from the original doc, xls, ppt which has been around since at least 1997...

Finally, a download has become available from Microsoft to put a small fix on the problem.

This is like an add-on to your current MS office suit (tested with 2003 so far, let me know if works with xp/2000 in the comments) which basically converts the MS 2007 documents into something readable, the neat feature thogh is that you can still save it as 2007 format (without the new features of course).

Enjoy proprietary freedom in all it's glory

How to shutdown torrent client remotly

I have experimented and implemented a simple method to shutdown my torrent client (uTorrent) in order to have faster internet speed on other computers without having to remote connect or physically go to the computer to shut it down.

It is as simple as typing the following into notepad and saving as a bat script:

taskkill /s \\boris /u boris /p 123 /f /im "utorrent.exe" /t

To explain what is going on here:
/s (system) \\domain -of the client
/u (user) username on the domain
/p (password) the password of the above user
/f force
/im executable program
/t tree of programs under it (child process) -seems to be necessary for shutting down uTorrent

once this is set up properly it can be run on the same network as your client and it will be shutdown to improve internet speed!

Note: be ware that the program does not shutdown properly and will check the downloading files next time the program is ran, if you're like me and don't mind this over faster internet connection when needed then you will enjoy this trick :)

Available for download HERE

Basics of Log Me In

Log Me In is a very powerful free web based application that is used for remote log in to desktops.

The basic installation is very simple to do, the only pre-installation requirements that Java is installed on each computer (including the one you are logging in from).

Once created a free account on the website, click "Add computer" on the computer you would like to log into from anywhere in the world (with an internet connection). Then choose the free edition, unless you would like the other version's which you may need to pay for. Now all is left to do is wait for the download and follow the on screen installation instructions.

Once complete you will be able to log into that computer from any internet connection preferably with firefox and java already installed, I would also suggest to install the firefox add-on which is prompted when connecting to your computer if possible.

Keep in mind that if someone is sitting on the computer you are logging into they will see what you do unless you check off "Blank screen" from the options. This can be useful if you are helping someone but not if you are checking some personal files or emails...

BTW happy new years everyone!

Linux Gateway automated Script by MAC addresses

Note: this script was tested in a pod environment and works in CentOS 5.2 - so this means it is likely to work on most red hat distributions (fedora, RHEL, CentOS) but has not been tested on fedora or RHEL.

First create a scripts directory in /
$ mkdir scripts

Now inside it create these files (works best by copying and pasting, I use vi so the command is:
$ vi /scripts/MAClist

(edit the MAC addresses as needed)
===============================================
#POD 1
#export P1W0= # Router's External Interface
#export P1W1=
#export P1W2=
#export P1W3=
#export P1W4=

#POD 2
export P2W0=00:16:76:35:81:38 # Router's External Interface
export P2W1=00:02:B3:1C:AE:CF # Internal - dhcp
export P2W2=00:16:76:35:83:3A # nfs
export P2W3=00:16:76:35:80:20 # dns
export P2W4=00:16:76:35:7E:66 # nis

#POD 3
#export P3W0= # Router's External Interface
#export P3W1=
#export P3W2=
#export P3W3=
#export P3W4=
===============================================


Next is the function file:
$ vi /scripts/functions
Located HERE with indentations
================================================
#!/bin/bash

getMAC() {
#
# this function will output all MAC addresses on the system
#
ifconfig -a | grep HWaddr | awk '{print $5}'
}

getInterface() {
# output all interface names (i.e. eth0, eth1) on seprate lines
iface=$(ifconfig -a | grep $thisMAC | awk '{print $1}')
}

isMAC() {
thisMAC=`getMAC`
#
# this function can only handle system with 1 NIC correctly
#
REQ=`echo $1 | tr '[a-z]' '[A-Z]'`
if [ "$REQ" = "${thisMAC}" ]
then
return 0
else
return 1
fi
}

existMAC() {
allMAC=`getMAC` # get all MAC in this system
#
# this function can handle system with more than one MAC address
#
iMAC=`echo $1 | tr '[a-z]' '[A-Z]'` # look for this MAC address
if [ "$iMAC" != "" ]
then
rMAC=`echo "$allMAC" | grep "$iMAC"`
if [ "$rMAC" = "$iMAC" ]
then
return 0 # do exist
else
return 1 # do not exist
fi
else
return 1 # non-exist MAC
fi
}

getDevName() {
MAC=$1 # to find out what device name is assign to this MAC
if [ "$MAC" = "" ]
then
: # OR echo need a MAC address
else
DevName=$(/sbin/ifconfig -a | grep HWaddr | grep $MAC | awk '{print $1}')
if [ "$DevName" = "" ]
then
: # OR echo No such MAC address
else
echo $DevName
fi
fi
}
================================================








And finally the main script:
$ vi /script/network.bash
Located HERE with indentations
================================================
#!/bin/bash

[ -f /scripts/functions ] && . /scripts/network/functions
#load getMAC(), isMAC(), existMAC(), and getDevName() functions

[ -f /scripts/MAClist ] && . /scripts/network/MAClist
# the file MAClist contains list of MAC addresses and which system they belong
# e.g. P1W0=00:16:2A:03:AB:1F:34 - external NIC interface in router on POD 1
# e.g. P1W1=00:39:00:32:23:FD:09 - internal NIC interface in router on POD 1
# e.g. P1W2=00:39:00:11:32:CC:10 - internal NIC interface in host 2 on POD 1

allMAC=`getMAC`
for thisMAC in $allMAC
do
for POD in 1 2 3 4 5 6 7 8 9 10
do
for WS in 0 1 2 3 4
do
A=P${POD}W${WS}
B=$(eval echo \$$A)

# find interfaces on machine
iface=$(ifconfig -a | grep $thisMAC | awk '{print $1}')

# set nis domain name
domainname nis.pod$POD.com


if [ "$thisMAC" = "$B" ]
then
if [ ${WS} -eq 0 ]
then
# WS 0 -> external interface
# get IP from Lab's DHCP server for the external interface

# setup NAT for the external interface
iptables -t nat -A POSTROUTING -o $iface -j MASQUERADE

# setup IP fowarding
echo 1 > /proc/sys/net/ipv4/ip_forward

echo
echo This is WS 0 \(Router\)

elif [ ${WS} -eq 1 ]
then
ifconfig $iface 172.16.$POD.$WS netmask 255.255.255.0 broadcast 172.16.$POD.255 up
echo This is WS 1
else
# WS 1,2,3,4 -> internal interface
# network 172.16.P.1 - 172.16.P.254 for POD P
ifconfig $iface 172.16.$POD.$WS netmask 255.255.255.0 broadcast 172.16.$POD.255 up

# assign default gateway for system with only 1 NIC
route add default gw 172.16.$POD.1

# set whatever you need for this NIC with thisMAC
echo This is WS 2-4
fi

echo "NIC on POD $POD WS $WS matched this MAC - $thisMAC" on interface $iface
echo

fi
done
done
done
================================================

Test your scripts by running the final script:
$ . /scripts/network.bash

May need to set permissions:
$ chmod 755 /scripts/*

If you find anything interesting or missing something from this tutorial feel free to leave a comment.

security tools exploration with live bootable ubuntu DVD

For this Assignment I have re-mastered a Linux distribution called Ubuntu which is based off of Debain Linux. The main purpose of the assignment is to implement security tools from different categories and perspectives on a custom live bootable DVD. The tools I choose to include in this DVD are: nmap, zenmap, tripwire, snort, ettercap, wireshark, kismet and john along with default packages which are pre-installed on Ubuntu. Detailing the general purpose, use of the tools, where they are and how to run them in my distributable live Linux DVD will be described.


Nmap is a tool created by Fyodor and hundreds of other contributors whom helped develop the open source security audit tool. This security tool is one of the more popular ones; it provides port scanning of remote hosts among other features to customize the scan of network host or even subnets exploration. Nmap uses raw IP packets in different ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and versions) they are running, what type of packet filters/firewalls are in use, and the list goes on. This tool was successfully installed and tested on my live Linux by opening a terminal window and running command nmap google.ca the output shows that google.ca has ports 80 and 443 open. The path to the tool in the live Linux is /usr/bin/nmap.


Zenmap is a graphical user interface version of nmap which acts as a front-end and results viewer. It aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. The many options and switches that nmap provides are made easier when using zenmap because of the easy-to-use graphical user interface with menus as well as saving host scans and results to be viewd later. For more information visit the online guides. The tool was tested successfully on my live Linux by openening a terminal and typing zenmap which will then pop up a warning that some features should be run as root, clicking “ok” will still open the tool as user. If you would like to open the tool as root or super user then type sudo zenmap in the terminal. The path location of zenmap is /usr/bin/zenmap.


Tripwire is a data integrity tool, used for monitoring and alerting when specific file changes on a system occur. It functions as a host based intrusion detection system. There are many options to configure which files you would like to monitor the configuration files are located in the default locations in /etc/tripwire/ directory includes the twcfg.txt and twpol.txt files. To iniatilize the databse of tripwire I ran tripwire --init. The path for the tripwire command is /usr/sbin/tripwire.

Snort is an open source network intrusion detection and prevention system. It is capable of performing real time packet logging and traffic analysis on a desired network. To test snort I opened a terminal in the live boot, and typed snort in the command prompt, the various options were displayed on screen. To test various options of snort I ran snort -I to set the interface on which snort should listen on. The snort program is located at /usr/sbin/snort.


Ettercap is a suite for man-in-the-middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. To test if ettercap is working on my live Linux; I opened a terminal and typed ettercap - the options display on the screen, next I can use bridged or unified sniffing if I had two targets on the LAN for example ettercap 192.168.1.3 192.168.1.4 first and second IP being target one and two respectively to be able to run the attack on them. The ettercap program is located at /usr/sbin/ettercap.








Wireshark is a GUI packet sniffer, created by Gerald Combs among hundreds of contributers. The program uses pcap to capture packets, there are many filtering options as well as highlighting of different protocols, and logical descriptions within the program display. For example when ARP is received the description shows “who is 192.168.1.2? tell 192.168.1.3” which makes this a great learning tool for ACK and other packets and protocols in general. Wireshark can be run by typing wireshark in the terminal or by clicking the shortcut which is under “Application” > ”Internet” > ”Wireshark”. The wireshark program is located at /usr/bin/wireshark.


Kismet is a packet sniffer that can be put into permissive mode to sniff wireless network traffic and analyze or audit your wireless networks security. Also features intrusion detection, and will work on any wireless card that supports raw monitoring (rfmon). To test it on my live distro I opened the terminal and typed sudo kismet – the options show up on the screen, to further test this program I would need to have a wireless NIC which I currently don’t own, but will be very useful once I get a chance to boot this live DVD in a laptop. The path to kismet is /usr/bin/kismet.


John is the password cracking tool I choose. The full name of the program is john the ripper. Written by Solar Designer, it is one of the most popular password testing/breaking programs; it combines many password crackers inside it, the great thing is it auto-detects password hash types which include; DES, MD5, Blowfish, Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL and others. To see if the program is functioning I can unshadow a user and the hasked password, then cracked it with john pass.txt command in the terminal where pass.txt is the file with the hash inside it. The location for john in the distribution is /usr/sbin/john.


This was a very interesting challenge from both tool discovery and Linux distribution creation. I have imagined that making a live bootable DVD would be more time consuming then this project ended up taking. With the help of a neat open source program called remastersys which is fairly easy to install on Ubuntu it can then run to create a distributable Linux with the chosen packages, tools and some settings which get transferred on the a new image file which can then be burned to DVD or boot from a virtual machine software within the operating system for testing purposes. This DVD will come very handy in situations where a bootable system is required, with the packages that Ubuntu doesn’t normally come with. I enjoyed making the distribution as well as discovering new tools with many interesting and powerful features.

how to print double sided in library (seneca@york)

Lexmark Ink Cartridges

First make sure you press "print current page" so only one page comes out not both(remeber the printJobName).

Second go to the printer and put a small pen mark on the top side of the paper in the tray and let the printer print the job.

Third once recieved the page go back and print the second side (remeber the printJobName).

Finally go to the same printer and place the page with the marked side down if the printed page was down (meaning the printer prints on bottom side = the pen mark will remain unprinted on)

Now you have a two sided print job in 4 easy steps!!!

sample dns linux setup

In a small test environment using two CentOS 5.2 default installs, I was able to get dns to work between the two (one client, one server).

On the Server:
First make sure the following is installed (rpm -qa | grep "bind"):

• caching-nameserver
• bind
• bind-utils
• bind-chroot
• bind-libs

Just use yum -y install bind if necessary....

edit or create the following files (keep in mind the IPs and domains are tested and can be changed to your preferred):

- /etc/named.caching-nameserver.conf -> /var/named/chroot/etc/named.caching-nameserver.conf
Located HERE with indentations
============================================
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port
// randomization
query-source port 53;
// query-source-v6 port 53;

allow-query { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
#view localhost_resolver {
# match-clients { localhost; };
# match-destinations { localhost; };
# recursion yes;
# include "/etc/named.rfc1912.zones";
#};

include "/etc/named.rfc1912.zones";

zone "mydomain.com" IN {
type master;
file "named.my-hosts";
allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.my-rev";
allow-update { none; };
};
==============================================







- /var/named/named.my-hosts -> /var/named/chroot/var/named/named.my-hosts
Located HERE with indentations
===============================================
$TTL 86400
@ IN SOA host.mydomain.com. root.host.mydomain.com. (
42 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS host.mydomain.com.
host IN A 192.168.1.5
host2 IN A 192.168.1.2
================================================

- /var/named/named.my-rev -> /var/named/chroot/var/named/named.my-rev
Located HERE with indentations
================================================
$TTL 86400
@ IN SOA host.mydomain.com. root.host.mydomain.com. (
42 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS host.mydomain.com.
5.1.168.192.in-addr.arpa. IN PTR host.mydomain.com.
2 IN PTR host2.mydomain.com.
================================================

- /etc/resolv.conf
================================================
search mydomain.com
nameserver 192.168.1.5
================================================

On the Client:

- /etc/resolv.conf
================================================
search mydomain.com
nameserver 192.168.1.5
================================================


To test your configuration:

Enter the command "nslookup -sil" and press ENTER. At the ">" prompt, type "server" and press ENTER. If you edited the file "/etc/resolv.conf" properly, you should get the following output:

>server
Default server: 192.168.1.5
Address: 172.16.1.5#53
>

you may need to modify your firewall settings and don't forget to start the services
service bind start

can windows predict the future?

found an interesting thing in my windows xp recently...

notice the "Last Used on:" seems to say it's tomorrows date ... weird eh

How to setup forwarding of email

Since there are many different web mail providers and different configurations, I will discuss just learn accounts for now.

In https://learn.senecac.on.ca after signing in go to "Options">"Settings" > there you will see "Mail Forwarding", there check off the box "Enable forwarding" and enter the email you wish to forward TO in the box (you may enter more then one).

Click "Save Changes" and you are done.

Now when you recieve email to your learn email it will be forwarded, and no one sending email's to learn will know it gets forwarded (unless you reply from the wrong email of course)

Enjoy!

Landmark education criticism review

I have heard much about the no-so-popular Landmark education program.

If you don't know what it is - basically a company that gives 3 day seminars; the seminars start at 9 in the morning and end at about 10 at night, for three days straight; Friday, Saturday and Sunday as well as Thursday evening to finish up. They occur once per month and the company spread to many major cities (if you want more info just google them).

What I found hard to understand is how such a general idea can draw on for so long, but even worse is why someone would take it (surprising at how many people show up) - would you like guidance to know what is wrong with your life?

if so I totally think you should take it, otherwise this program is NOT for you. (in my opinion)

I mean it's not a specific program to teach about a specific thing - if you want to know how to do something it will usually be specific.

For example if one would like to know how to drive a car, they would take a driving lesson or go to a driving school and NOT learn how the engine functions or the engineering aspects of the gasoline engine, transmission, etc. If you want to make more money do what you love and think how to monetize it. Granted not always an easy task but it's better than taking a seminar which would be spending more money in the wrong direction, instead maybe invest this money in something else, get a loan etc.

I could not stand the first two hours, had to tell them I'm out and got a refund.

Let me know what you think!

A little different this time

I know that usually this blog is about technological and technical solutions or tutorials, etc. but I realized the name of the blog is EduBoris AKA Educational Blog by Boris!

Since education can cover all topics as long as there is education of some kind :)

Well the mental part of education seems very interesting to me; it is almost never discussed or studies in any secondary or earlier education.

I, of course, am not in the psychological field but still find it very fascinating - looking at priority change in life and it makes me think; why is it we have priorities at some point in our life then change to completely different ones?

Let me know what are your thoughts!

how to set gmail to allways secure connection!

If you're like me, using gmail for important things over wireless technology... specially knowing how easy it is to see everything being passed over LAN/WLAN connections.

Then you will love this new feature of gmail:

All you have to do is go to your gmail settings (https://mail.google.com/mail/#settings) and scroll to the bottom, there you will see "Always use https" click that and click Save.

Done, now whenever and where ever you may log into your gmail, it will always use HyperText Transfer Protocol Secure (HTTPS) instead of the other option (http).

This isn't new - in fact I've been using the secure option for years, what is new is the option to set it for default in the settings.

I just had to manualy type in https://mail.google.com or saved the bookmark to keep me safe when checking my email :)

Try it and let me know how it goes!

how to change your DNS (and why)

If your ISP (like mine) is redirecting your searches to their own websites (with their sponsors) the problem is that your DNS is given by the ISP.

This is very easy to change, all you have to do is figure out if you are you using a router.

If the answer is yes, then you will need the router's password and username. Once obtained open a browser and type 192.168.1.1 into the address bar, this should prompt for username and password; enter your credentials and go to "Basic settings" or such and look for "Domain Name Server (DNS) Address", Enter 4.2.2.2 in the primary DNS box and save the settings.

You now have a general purpose DNS (easy to remember IP) and will not redirect to unwanted web sites.

If on the other hand you are connected directly to the internet using your PC, and you are using Windows then do the following:

"Start">"Control Panel">"Network Connections"> find the active interface and right-click "Properties"> double-click on "Internet Protocol(TCP/IP)" then go click on "Use the following DNS address" enter 4.2.2.2 into the "Prefered DNS server" box click OK to accept all the settings.

Otherwise you may be using Linux or Mac; in this case the configuration will be different:

Get to a shell prompt (command line interface) and edit the file /etc/resolve.conf remove the contents and add the following line:
nameserver 4.2.2.2