Archive for February, 2009

Filezilla Stops Accepting New Connections After Upgrade

Friday, February 27th, 2009

This problem almost killed me the other day. I upgraded a Filezilla FTP Server to the latest version. I went ahead and made a backup of the FileZilla Server.xml file and ran the installer. An hour later I get an email from a user informing me that they could not longer log into the server. After logging in myself I saw that the server was refusing connection. My heart sunk. I tried reinstalling, fresh config files, everything, I changed every connection related setting in Filezilla to no avail. What did work was I manually copied the user and group configuration section out of FileZilla Server.xml and copied them onto a fresh config file. The server started accepting connections again. This means that one legacy setting in the old version of Filezilla Server must have been preventing new inbound connections. I had to reconfigure the settings of the FTP server but at least the user/group settings were still working. Crisis averted, but barely.

Posted in Experiences | No Comments »

unrecognized: ‘httpd_accel virtual 80′

Friday, February 13th, 2009

Trying to install a Transparent Squid Proxy?

Keep getting the error message:

  • 2009/02/13 17:09:31| parseConfigFile: line 15 unrecognized: ‘httpd_accel_host virtual’
    2009/02/13 17:09:31| parseConfigFile: line 16 unrecognized: ‘httpd_accel_port 80′
    2009/02/13 17:09:31| parseConfigFile: line 17 unrecognized: ‘httpd_accel_with_proxy on’
    2009/02/13 17:09:31| parseConfigFile: line 18 unrecognized: ‘httpd_accel_uses_host_header on’

?

Squid deprecated that format you can now replace all of that section with

  • http_port host:port transparent

Which in my case is:

  • http_port 3128 transparent

Voilà !

Tags: , , , , ,
Posted in Uncategorized | 2 Comments »

How to Install Windows XP on a Dell Vostro 220 or Vostro 1520, the Crashless way!

Thursday, February 12th, 2009

Steps that you must perform before Windows XP will Install: Below is a narration.

Switch Hard Drive Controller from AHCI to ATA:

  1. F2 at BIOS Screen
  2. Standard CMOS Features
  3. SATA Mode: Change from AHCI to ATA

Make sure your Windows XP CD is Slipstreamed to SP2 or 3

  1. Download nLite from here
  2. Download Service Pack 3 here
  3. Use nLite to Copy files from XP CD, Slipstream and make ISO with the new disk image.

I customer brought in a machine I had ordered for them needing Windows XP. I had ordered it with Vista and assured her that everything would be okay. Well, unfortunately the hospital she works for will not support Vista. So with my foot in my mouth I put in my trusty Windows XP Home CD for customers. The machine loads up the first part of Windows Setup then crashes with a BSOD (Blue Screen of Death). Saying that I need to run chkdsk /f , along with some other information that I didn’t read. Well first thing this makes me think is SATA Controller? That’s exactly what it was.  Windows XP apparently doesn’t work well with AHCI (out of the box), so you’ll have to use the above steps to switch the machine to ATA mode in the BIOS. After that I got almost to the same place then I got a pci.sys error. Which is apparently caused by another piece of hardware not supported by Windows XP until Service Pack 2. My Slipstreamed SP3 disk is was having CD-KEY issues with the Pre SP3 OEM key so I had to slipstream a new one using nLite. Once I had those two things out of the way Windows XP SP3 installed swimmingly

Watch out on the License Keys, you may have to use SP2.

Update 28 Mar 09:

Eric reports that if you install the chipset drivers before installing the other drivers you can end up experiencing a variety of strange issues. Eric reports that you can solve the problem by installing “Desktop System Software (DSS)” which is found in the System Utilities section [under Vostro 220 on the Dell Support site]. When checking the offerings I noted that one download was recently updated and marked “Urgent”.

If you found this article helpful, please link to it from your blog, or vote it on one of the Share and Enjoy links below. Google determines quality based on your link-support!

Tags: , , , , , , , , , , , , , , , ,
Posted in Product Reviews, Walk Throughs | 54 Comments »

No Incoming Calls from Gizmo5 on your PBX in a Flash/Asterisk Install?

Tuesday, February 10th, 2009

I copied over my configuration from Trixbox to my new PBX in a Flash install. I could make outgoing calls over Gizmo5, but incoming calls were disappearing. I found this post on the Gizmo5 Forums that cleared things up.

change the context=* field to: context=from-pstn. I reloaded asterisk and bam, everything worked. I had copied that field directly from Trixbox which has a Gizmo5 module. PBX in a Flash needs to have that setting manually configured.

Tags: , , ,
Posted in Uncategorized | No Comments »

Removing Antivirus 2009 with a Hijacked Browser, and Blocked Applications

Tuesday, February 10th, 2009

As a foreword, this guide is intended for Technicians, End-Users will find some of the terminology difficult to understand. I recommend that people who do not feel comfortable making system wide changes should consult a certified technician.

I had the great privilege the other day of removing one of the worst AV2009 (Antivirus 2009) infections I have ever seen. This Trojan is frighteningly hard to get rid of. What probably makes it most dangerous is not the actually annoying AV2009 popups but the other infections that AV2009 downloads onto the system.

Here are some symptoms I’ve seen caused by AV2009:

  • Hijacking of TCP/IP Stack. Websites would be redirected affiliate pages.
  • A wide number of secondary infections downloaded.
  • Execution prevention of HijackThis, Spybot, SUPERantispyware. Malwarebytes Anti-malware, Killbox.
  • Fake reboot screen and BSOD which makes the user think that purchasing is necessary to continue.

The most frustrating part of this entire endeavour is that most of the tools that the average technician is used to have been blocked by the trojan and its minions. Not to mention the enduser typically can’t download a remote control tool from a Technician’s portal. Here is what I had to do to remove the infection it was a slow process but it worked.

At nearly every step of the process it is necessary to rename the .exes of installers and executables. I recommend that before you get started you download the following apps from an uninfected computer to a flash drive.

Rename each of them from their original filenames to something that will allow you to recognise them but remove important identifiers. An example would be SSD.exe instead of spybotinstall.exe. Copy them all to a flash drive so that you can avoid the frustration of dealing with a hijacked browser.

The trick to removing this infection is throwing everything at it. You’ll need to chisel away at the number of infections by using everyone of these tools to go at it from a different angle. The best way to deal with the hijacked connection is by setting up a proxy server on another machine on the network and using it as the internet connection.

I will provide you with the order I typically use, although you can can follow whichever you prefer.

1. I recommend the first thing you do is to install Spybot’s Teatimer. This will allow you to control infections that may try to rewrite Registry values once you’ve deleted them. Often times the update server will be rerouted to localhost 127.0.0.1. If this happens, elect to not install updates immediately in the installer, you can specify a proxy later.

2. Nextly I usually run HijackThis and remove all the alien entries. Most of the harder infections will resist this because they use WinLogon and DLL hooks. But the simpler infections will not come back on next reboot.

3. Reboot the machine. This should let your HijackThis changes set in.

4. Run ATFCleaner. This will delete your Temporary Internet Files and System Temp files. This means that your scans will move a lot faster. Sometimes up to an hour faster.

5. I recommend that you now install Avira Anti-vir and have the real-time virus protection run. This means that while the other scans are running it will also double check the files. It means the scan will go much slower, but you won’t have to run a full scan later with Avira.

6. I now recommend that you run, Spybot, MBAM, SUPERAntiSpyware, PCTools Spyware Doctor. Reboot between each of these, if the application requests to run on reboot. Run it. This is going to take a while so let the applications run whenever they ask to. When the scans starts to come up clean, you can skip to the final step.

7. Use Unlocker/Killbox to remove any particularly stubborn files thatkeep coming up in the scans. Use safemode with command prompt to increase the likelihood that you’ll be able to delete the file. The Spyboot File Shredder is also a very useful way to destroy a stubborn file. Process Explorer is a useful way to see if a stubborn dll file is still loaded.

8. Finally check HijackThis one last time to verify that it comes up clean. From command prompt run “sfc /scannow”. This will check your windows installation for corrupt files. It should make sure that any files corrupted by the infections will be repaired.

Voilà. If this doesn’t work, you’re going to have to get creative. Or better yet, reformat. This infection is a real pain and you can’t win every battle.

Tags: , , , , , , , ,
Posted in Walk Throughs | No Comments »

NC91-230-LF Linux Installation Guide / Howto / Rant

Tuesday, February 3rd, 2009

My new Jetway Mini-ITX ATOM Motherboard as part of my Jetway JBC110C91-230-B Barebones wasn’t as easy as I had hoped to get working. I’m trying to build a PBX and router to replace my current Trixbox PBX and WRT54G running DD-WRT. The hardware seems very capable and speedy but I’m having serious issues getting Linux to run properly on the hardware. Most of the issues I’ve been dealing with seem to be hardware related. The chipset according to Jetway is the INTEL®945GC + ICH7 Chipset. Here are the chronicles of my journey.

UPDATE

After I gave up and installed two Intel NICs, someone else got everything working alright! Here is a walkthrough on the Trixbox Forums, I haven’t actually tried it yet. It looks pretty similar to what I did, perhaps they fixed the problems in the kernel that were causing my crashes.

I will break down the issues based on Operating System:

Gentoo: x86 and amd64 (x86_64)

  • Must start with option “nosound” or else startup hangs.
  • LiveCD detects IDE hard drive as /etc/hdc then when machine boots it detect as /dev/sda
  • Kernel Panics with unable to mount FS (filesystem) even when grub menus are edited to correct hard drive
  • IDE Controller driver issues? Did I screw up menuconfig?
  • Trys to load RTL8139 Driver module, which will not load (Solved; See Below):

I actually had a separate PCI RTL8139 NIC installed in the machine so I didn’t immediately realise the solution to this problem. What happens is the onboard NIC detects as needing the RTL8139 module, however it is incompatible with it. You must compile support for the card into the kernel to be able to use it correctly, it’s under hardware support / Ethernet

  • Unable to test onboard NIC once kernel support is compiled because of IDE issue.

CentOS (PBX in a Flash, Trixbox  and CentOS 5.2)

  • Will not boot hangs on LiveCD startup, caused by overzealous realtek drivers.
  • centos-crash-1Above error message in Trixbox, PBX in a Flash and CentOS 5.2 LiveCD below.
  • centos-crash

The issue is with the rtl8169 module. It is not compatible with the onboard NIC but it doesn’t seem to know that. So it attempts to load anyway. This was also happening on Gentoo but I didn’t notice it because it is compiled as a module rather than part of the kernel. The solution is to Disable the PCIE NIC in the BIOS, do the installation with a PCI NIC or a USB Ethernet Adapter and then install the correct drivers.The CentOS Website has an article on the Acer AspireOne which has the same family of NIC as we do.

To get the Onboard NIC to work follow the follow steps under a CentOS based Distro:

Here is what you need to do to get the network adapter working. You can compile it from scratch but I’ve noticed no improvement over the binary.

  • Download a version of the kernel module from here
  • rpm -Uvh kmod-r8101-1.009.00-1.i686.rpm
  • modprobe r8101
  • nano /etc/modprobe.conf

Add the Lines:

  • alias r8169 off
  • alias eth0 r8101

If you see it; Remove the Line:

  • alias eth0 r8169

You may issue a problem whereas the machine will crash anytime you try to unload or disconnect the interface. You’ll get an error “BUG: soft lockup – CPU #0 stuck for 10s”. I know I do. I might just disable the onboard network adapter and use two PCI NICs. It’s apparently a known issue. I wasn’t able to determine if they solved based off of googling. It seems as if in order to get the PCI Bus to work properly they had to do a little hacking. The end result is that Linux views the PCI Bus in doubles causing it to get confused. That apparently compounds the r8101 problem, and there are some ACPI issues thrown in for good measure. It seems like they developed a patch but I’m not able to gleam any additional info from the bug tacker.

Tags: , , , , , , , , ,
Posted in Product Reviews, VoIP | 5 Comments »