tag:blogger.com,1999:blog-37666103612864835302024-03-13T11:05:54.712-02:30practicalrambler.Simple guides to commonly and not-so-commonly encountered technical issues.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.comBlogger37125tag:blogger.com,1999:blog-3766610361286483530.post-57595067921487844082017-02-13T12:58:00.000-03:302017-02-13T12:58:59.486-03:30Xfce - How To Execute Shell Scripts from Thunar or the DesktopThere are a few shell scripts I like to launch directly from the desktop or from Thunar - however, as of Thunar 1.6.5, this option is not enabled by default.<br />
<br />
To enable executing scripts directly from the desktop or Thunar, you'll need to change the hidden settings. This appears to only work on Thunar 1.6.6 or higher.<br />
<br />
1. Open a terminal and run the following command: <span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;"><code> </code></span></span><br />
<br />
<span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;"><code>xfconf-query --channel thunar --property /misc-exec-shell-scripts-by-default --create --type bool --set true</code></span></span><br />
<div class="codebox">
</div>
<br />
<a href="http://docs.xfce.org/xfce/thunar/hidden-settings" target="_blank">You can review the available hidden settings here.</a> To view your current Xfce and Thunar settings, there is a Settings Editor accessible from the desktop in most distributions (or just run xfce4-settings-editor from a terminal).<br />
<br />
Tested on Xubuntu 16.04.1(Thunar 1.6.10) - your mileage may vary. practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-45995278074029197992017-02-13T12:25:00.000-03:302017-02-13T12:25:13.201-03:30iOS 10 - iPad Lock Button and/or Auto-Lock Not Working FixIt appears that a recent iOS 10 update has caused an issue where some users cannot lock iPad devices. I first noticed the issue when closing my smart cover would not lock the iPad. Initially I blamed the smart cover (it was new), however, when I could not lock the device using the lock button it was apparent it is a software issue.<br />
<br />
Before doing the steps below you can ensure locking is enabled by reviewing the settings at Settings -> Display & Brightness -> Auto-Lock, and Lock / Unlock. If these settings are enabled and locking is not working, try the steps below.<br />
<br />
<br />
1. Go to Settings -> Touch ID & Passcode (you will be prompted to enter your passcode).<br />
<br />
2. Select Turn Passcode Off.<br />
<br />
3. Restart your Device (hold the lock button until the option to power off appears, once iPad is off, hold lock button until Apple logo appears on screen).<br />
<br />
4. Go to Settings -> Touch ID & Passcode.<br />
<br />
5. Select Turn Passcode On. You will be prompted about deleting saved fingerprints - DO NOT delete your fingerprints as it is not necessary.<br />
<br />
6. Test Lock Button and Auto-Lock to ensure it works!<br />
<br />
Tested on iPad Pro running iOS 10.2.1 - your mileage may vary!practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-55431561569913026642016-02-28T12:01:00.001-03:302016-03-01T21:00:13.365-03:30Fixing encrypted swap partition in Ubuntu 14.04 Having the message "the disk drive for /dev/mapper/cryptswap1 is not
ready yet or present" error on your splash screen when booting? Swap partition not working despite having set it up when installing Ubuntu / Linux Mint?<br />
<br />
There is an Ubuntu 14.04 bug in which the encrypted swap partition does not work if you chose to encrypt your disk or home directory when installing. <a href="http://askubuntu.com/questions/341979/what-to-do-about-the-disk-drive-for-dev-mapper-cryptswap1-is-not-ready-yet-or" target="_blank">All credit to the smart people that figured this out.</a><br />
<br />
Fix is here, your mileage may vary:<br />
<br />
1. <span style="font-family: "courier new" , "courier" , monospace;">sudo swapoff -a</span><br />
<br />
2. Comment line(s) in /etc/crypttab , e.g. #cryptswap1 /dev/sda2 /dev/urandom swap,cipher=aes-cbc-essiv:sha256<br />
<br />
3. Reboot.<br />
<br />
4. <span style="font-family: "courier new" , "courier" , monospace;">sudo mkswap /dev/sdXX <span style="font-family: "arial" , "helvetica" , sans-serif;">(where XX is your intended swap partition) and copy the UUID that is produced.</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">5. Edit (or create) /etc/initramfs-tools/conf.d/resume and add line:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-family: "arial" , "helvetica" , sans-serif;">RESUME=UUID=the uuid from step 4 </span></span><br />
<br />
6. Run the following:<br />
<span style="font-family: "courier new" , "courier" , monospace;">sudo update-initramfs -u</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">sudo swapon /dev/sdXX</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">sudo ecryptfs-setup-swap</span><br />
<br />
7. Edit /etc/crypttab (there should be a new line added below the line you commented in step #2) to change the UUID to /dev/sdXX, and add "noauto" and "offset=8".<br />
<br />
For example:<br />
<br />
cryptswap1 /dev/sda2 /dev/urandom swap,noauto,offset=8,cipher=aes-cbc-essiv:sha256<br />
<br />
8. Edit /etc/fstab and add "noauto" to swap partition line, for example:<br />
<br />
/dev/mapper/cryptswap1 none swap noauto,sw 0 0<br />
<br />
9. Edit (or create) /etc/init/cryptswap1.conf with:<br />
<br />
start on started mountall<br />
script<br />
/sbin/cryptdisks_start cryptswap1<br />
/sbin/swapon /dev/mapper/cryptswap1<br />
end script<br />
<br />
10. Reboot. Test if swap is working with <span style="font-family: "courier new" , "courier" , monospace;">swapon -s</span> or <span style="font-family: "courier new" , "courier" , monospace;">free -h</span>. If you're still getting the "not ready or not present" message noted above when booting, despite the fact that your swap is working upon the boot completing, edit /etc/rc.local and add the following lines above "exit 0":<br />
<br />
sleep 5<br />
swapon /dev/mapper/cryptswap1practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-73524843315726327302016-02-27T17:42:00.001-03:302016-02-27T17:42:57.485-03:30Slackware Security Updates Desktop Notifier for xfce (sort of...)How to (sort of) get slackware security update notifications on your xfce desktop:<br />
<br />
1. Grab alienbob's excellent <a href="http://www.slackware.com/~alien/tools/rsync_slackware_patches.sh" target="_blank">rsync_slackware_patches</a> script, and place it in /usr/local/bin (or somewhere you prefer in your $PATH)<br />
<br />
2. Add rsync_slackware_patches.sh to your crontab, e.g. :<br />
<span style="font-family: "courier new" , "courier" , monospace;">10 17 * * * /usr/local/bin/rsync_slackware_patches.sh -q -r 14.1</span><br />
<br />
3. Create a .forward file in /root, forwarding mail to whatever user you log in to your desktop with, e.g. user@localhost<br />
<br />
4. Enable sendmail: <span style="font-family: "Courier New",Courier,monospace;">chmod +x /etc/rc.d/rc.sendmail ; /etc/rc.d./rc.sendmail start</span><br />
<br />
5. Install <a href="http://slackbuilds.org/result/?search=mailwatch&sv=" target="_blank">xfce4-mailwatch-plugin</a> from slackbuilds.org<br />
<br />
6. Add the mailwatch plugin to the desktop (right click panel, Add New Items, Mail Watcher)<br />
<br />
7. Configure the mailwatch plugin to watch mail for yourusername@localhost (Add, Select Mailbox Type: local mbox spool, mailbox location is /var/mail/user)<br />
<br />
When the rsync_slackware_patches cronjob runs, if any updates are found, cron will mail root. The mail will be forwarded to your desktop user account, and the mail watcher will indicate new mail. Run slackpkg update and slackpkg upgrade-all.<br />
<br />
NOTES:<br />
<br />
This is a hackish solution and it won't suit a lot of setups - especially if forwarding root mail isn't a viable option.<br />
<br />
It won't notify you about updates for software installed with sbopkg or other third-party package managers. Still, it works well enough for a single-user desktop slackware install and is
useful if you have a habit of not keeping a close eye on the
slackware-security mailing list. <br />
<br />
Don't leave sendmail open to the world - adjust your sendmail config and firewall accordingly.<br />
<br />
This works for me, your mileage may vary. Tested on Slackware 14.1, 32-bit.<br />
<br />
<br />practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-51183763580872138112015-01-29T15:55:00.003-03:302015-01-29T16:02:36.325-03:30Resolving 1080p playback errors on Raspberry Pi / Raspbmc / OpenELECIf you're having issues with 1080p playback with raspbmc / OpenELEC - for me, it was garbled video or audio with no video - the issue most likely lies in the pi's boot configuration settings.<br />
<br />
1. Check out your logs: <span style="font-family: "Courier New",Courier,monospace;">~/.kodi/temp/kodi.log OR ~/.xbmc/temp/xbmc.log</span><br />
<br />
Try running <span style="font-family: "Courier New", Courier, monospace;">tail -f yourlogfile </span>and playing the file giving you the problem. If something like this appears: <code> </code><br />
<br />
<code>00:16:50 T:1257443248 ERROR:
COMXCoreComponent::DecoderEventHandler OMX.broadcom.resize -
OMX_ErrorInsufficientResources, insufficient resources</code><span style="font-family: inherit;"> </span><br />
<br />
<span style="font-family: inherit;">Y</span>ou need to adjust the pi boot config.<br />
<br />
2. Edit boot config, e.g. - <span style="font-family: "Courier New", Courier, monospace;">sudo nano /boot/config.txt</span><span style="font-family: inherit;"> </span><br />
<br />
<span style="font-family: inherit;">Change the value for gpu_mem_256 to 192. Any higher is probably going to cause other problems. If you have a B+ pi, change the value for gpu_mem_512 to a minimum of 192. It can probably be set higher safely, but 192 always worked fine for me.</span><span style="font-family: "Courier New", Courier, monospace;"><span style="font-family: inherit;"> </span></span><br />
<br />
<span style="font-family: "Courier New", Courier, monospace;"><span style="font-family: inherit;">3. <span style="font-family: "Courier New", Courier, monospace;">sudo shutdown -r now<span style="font-family: inherit;"> </span></span></span></span><br />
<br />
<span style="font-family: inherit;">4. Retry playing your content! </span>practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-50671001917583657792014-02-14T17:14:00.000-03:302016-03-01T20:53:33.162-03:30Editing the Places Menu Launcher in XFCEIf you recently upgraded to Linux Mint 16, you may have noticed that your Places menu no longer has links to the Videos, Documents, Downloads etc. folders.<br />
<br />
To customize, simply create a file called <span style="font-family: "courier new" , "courier" , monospace;">.gtk-bookmarks</span> in your home directory, with text such as the following:<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">file:///home/a/Documents Documents<br />file:///home/a/Videos Videos<br />file:///home/a/Downloads Downloads<br />file:///home/a/Pictures Pictures</span><br />
<br />
You can create a shortcut to any destination.<br />
<br />
Tested on Mint 16<br />
<br />
EDIT March 2, 2016: Using Ubuntu 14.04 / Linux Mint 17+? Create a file called <span style="font-family: "Courier New",Courier,monospace;">bookmarks</span> in ~/.config/gtk-3.0 using the format noted above. If the directory doesn't exist, you can create it. practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-32575584348851778182014-02-14T17:10:00.000-03:302014-04-14T16:18:07.146-02:30Simple PS3 Media Server Install Guide for UbuntuThis guide is for users who wish to install the latest version of PS3 Media Server on an Ubuntu-based Linux distribution. As of this post, the <a href="http://www.ps3mediaserver.org/forum/viewtopic.php?f=3&t=13046" target="_blank">current PS3 Media Server Ubuntu repository</a> uses a custom-build of PS3 Media Server that is outdated and uses versions of video software such as ffmpeg which are deprecated. Additionally, installing from the repository with Ubuntu 13.10 (saucy-salamander) is not currently working.<br />
<br />
Don't get me wrong, it works very well for most people - however, some may wish to use the latest version. Here's how:<br />
<br />
1. <a href="http://sourceforge.net/projects/ps3mediaserver/" target="_blank">Download the latest version of PS3 Media Server.</a><br />
<br />
2. Extract it to your desired install location (e.g. /home/user/PMS).<br />
<br />
3. Install the required software packages (<span style="font-family: "Courier New",Courier,monospace;">sudo apt-get install mencoder ffmpeg mplayer vlc dcraw</span>) (See note #2 regarding ffmpeg).<br />
<br />
4. Install the required additional libraries <span style="font-family: "Courier New",Courier,monospace;">libmediainfo0, mediainfo</span> and <span style="font-family: "Courier New",Courier,monospace;">libzen0</span>. You can do this from the repositories but I strongly recommend grabbing the most recent versions from the <a href="http://mediaarea.net/en/MediaInfo/Download/Ubuntu" target="_blank">MediaInfo site</a>. If you install <span style="font-family: "Courier New",Courier,monospace;">libmediainfo</span> from the .deb provided at the <a href="http://mediaarea.net/en/MediaInfo/Download/Ubuntu" target="_blank">MediaInfo site</a>, it will automatically install <span style="font-family: "Courier New",Courier,monospace;">libzen0</span> as well. <br />
<br />
5. Run <span style="font-family: "Courier New",Courier,monospace;">PMS.sh</span> (either from the terminal or launching from file manager/user-created shortcut). Check the Logs tab to ensure that MediaInfo has correctly loaded (you should see something like "Loaded MediaInfoLib - v.0.7.67).<br />
<br />
If all goes well, you should be using the latest version without issue. <br />
<br />
NOTES: <br />
<br />
1. If PMS fails to run altogether, you probably need to install java (<span style="font-family: "Courier New",Courier,monospace;">sudo apt-get install default-jdk</span>).<br />
<br />
2. The version of ffmpeg currently in the Ubuntu repositories is deprecated and will very likely fail to work with PMS, returning errors in your PMS log. To install the latest version of ffmpeg, simply <a href="http://ffmpeg.gusari.org/static/" target="_blank">download the latest static build</a>, extract, and copy the files (ffmpeg and ffprobe) to /usr/bin. If you wish, you can back up your current ffmpeg files from /usr/bin before doing so.<br />
<br />
EDIT: Keep in mind that using this method will mean ffmpeg will not be "automatically updated" and you will need to repeat this step to keep ffmpeg current. This may or may not be desirable for your setup.<br />
<br />
3. If you run PMS prior to installing <span style="font-family: "Courier New",Courier,monospace;">libmediainfo</span> and its associated libraries, you're gonna have a bad time. It caused terrible problems for MP4 playback on my PS3, with the PS3 convinced that the files were corrupted. A fix that seemed to work was to clear the cache and rescan the shared media folders, and then to quit and restart PMS.<br />
<br />
<br />
<br />
Tested on Ubuntu 13.10 with PS3 Media Server 1.90.1practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-90341777591149960532014-01-18T23:38:00.002-03:302014-01-18T23:38:51.765-03:30How to Fix Windowless / Buttonless Windows in XFCE<br />
If XFCE is not displaying window borders or buttons, give the following command a try:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">sudo xfwm4 --replace</span><br />
<br />
If this doesn't help, try this:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">sudo rm -rf ~/.cache/sessions</span><br />
<br />
Then restart xfce (or the system, if you prefer).<br />
<br />
Tested on ubuntu 12.04.3practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-56047256438310040472014-01-18T20:28:00.002-03:302014-01-18T20:35:41.305-03:30Fixing Slow Thunar in Ubuntu-based distrosIf you are using XFCE on an ubuntu-based distro (e.g. Xubuntu, Linux Mint), the thunar file browser might take a very long time to load when first run. After the first run, it will probably perform normally.<br />
<br />
To fix I found a solution online that was very simple:<br />
<br />
Edit <span style="font-family: "Courier New",Courier,monospace;">/usr/share/gvfs/mounts/network.mount</span> and change the line <span style="font-family: "Courier New",Courier,monospace;">AutoMount</span> from true to false.<br />
<br />
The flipside is that network drives (e.g. samba) will not auto mount. These can be accessed with the network:/// location in the left pane.<br />
<br />
YMMV! practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-69130461919811892702014-01-18T20:15:00.000-03:302014-01-18T20:15:25.924-03:30How to Mount and Recover an encrypted home folder in Ubuntu LinuxSo you've broken your linux install and can't get at your /home folder because it's encrypted? All hope is not lost.<br />
<br />
1. Boot an ubuntu 11.04 or higher LiveCD.<br />
<br />
2. Open a terminal and figure out where the /home folder resides (this will most likely be /dev/sda1).<br />
<br />
3. Mount the drive - <span style="font-family: "Courier New", Courier, monospace;">sudo mount /dev/sda1 /mnt</span><br />
<br />
<span style="font-family: "Courier New", Courier, monospace;"><span style="font-family: inherit;">4. Run <span style="font-family: "Courier New",Courier,monospace;">sudo ecryptfs-recover-private</span>. </span></span><br />
<br />
You will be prompted for your passphrase.
<br />
<br />
If all goes as planned, will provide you with a mount point (e.g.
<span style="font-family: "Courier New",Courier,monospace;">/tmp/ecryptfs.YttGfdzx)</span><br />
<br />
<br />
If you wish to browse the /home directory, run your file manager as superuser from the terminal prompt - for example:<br />
<span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: inherit;"></span></span><br />
<span style="font-family: "Courier New",Courier,monospace;">gksu thunar /tmp/ecryptfs.YttGfdzx</span><br />
<span style="font-family: "Courier New",Courier,monospace;">gksu nautilus /tmp/ecryptfs.YttGfdzx</span>practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-16613781570965944662013-02-09T18:38:00.002-03:302013-02-09T18:50:45.884-03:30How to Stop Geoclue on Ubuntu Linux (without losing the clock)For some reason in Ubuntu 12.04 (and possibly 12.10), the tray clock package (indicator-datetime) for unity has geoclue as a dependency. In other words, if you want to ditch geoclue, you lose your clock.<br />
<br />
Here's a workaround:<br />
<br />
1. Add the following to your /etc/hosts file<span style="font-family: inherit;"> (<span style="font-family: "Courier New",Courier,monospace;">sudo gedit /etc/hosts</span>)</span>:<br />
<br />
<pre><code>127.0.0.1 geoname-lookup.ubuntu.com
127.0.0.1 videosearch.ubuntu.com
127.0.0.1 daisy.ubuntu.com
127.0.0.1 one.ubuntu.com
127.0.0.1 musicsearch.ubuntu.com</code></pre>
<br />
<span style="font-family: inherit;">2. Change the permissions of the geoclue libs to prevent it from executing:</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><span style="font-family: "Courier New", Courier, monospace;">sudo chmod ugo-x /usr/lib/geoclue/geoclue-master</span></span><br />
<br />
<span style="font-family: inherit;">3. Restart. No more pesky connections to Canonical servers.</span>practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-41482420924631178042013-01-02T18:13:00.001-03:302013-01-04T00:04:16.629-03:30PS3 Media Server - Firewall Setup for Ubuntu 12.04 / LinuxIf you've installed PS3 Media Server in Ubuntu, and you're getting the message "No
Renderers were Found" and a great big red "X" on the Status tab, give this a try. The most likely issue is your firewall is blocking your server from establishing a connection with your media playback device (e.g. your Playstation 3). <br />
<br />
Steps:<br />
<br />
1. Open a terminal (Ctrl-Alt-T)<br />
<br />
2. Type the following command:<br />
<blockquote class="tr_bq">
<span style="font-family: "Courier New", Courier, monospace;">sudo ufw allow from <<i>your_device's_ip</i>> to any port 5001</span></blockquote>
<span style="font-family: inherit;">This assumes you are using the default PS3 Media Server port of 5001. For example, if your PS3 uses the static IP 192.168.0.100, then do:</span><br />
<blockquote class="tr_bq">
<span style="font-family: inherit;"><span style="font-family: "Courier New", Courier, monospace;">sudo ufw allow from 192.168.0.100 to any port 5001</span></span></blockquote>
<span style="font-family: inherit;">If you aren't using static IPs on your devices but wish to open the server to any device connected to your router/subnet, you can specific a subnet mask, e.g. 192.168.0.1/24. </span>If you're not using Ubuntu but <i>are</i> using iptables with your preferred linux distro, simply add an exception for port 5001, e.g.:<br />
<blockquote class="tr_bq">
<span style="font-family: "Courier New",Courier,monospace;">sudo iptables -A INPUT -s <i><your-device's-ip></i> -p tcp --dport 5001 -j ACCEPT</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "Courier New",Courier,monospace;">sudo iptables -A INPUT </span><span style="font-family: "Courier New",Courier,monospace;">-s <i><your-device's-ip> </i></span><span style="font-family: "Courier New",Courier,monospace;">-p udp <i></i> --dport 5001 -j ACCEPT</span></blockquote>
This ought to do the trick.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-13345448678696797182012-12-12T17:30:00.000-03:302012-12-16T22:23:56.008-03:30Ubuntu 12.04 - Hide the Recent Items in the Dash and Stop the Logging!<span style="font-family: inherit;">I really like Ubuntu 12.04. I even like the Unity Desktop (despite the general hatred it seems to attract amongst many users), it works really well on my netbook. However, Ubuntu has a lot of privacy issues, not the least of which is the integration of <a href="http://en.wikipedia.org/wiki/Zeitgeist_%28framework%29" target="_blank">zeitgeist</a> into Unity. </span><br />
<br />
<span style="font-family: inherit;">Here's what I did to get zeitgeist to stop logging. The "Privacy" app under System Settings never seemed to work properly, and clearing the history still left all sorts of information in the log files. </span><br />
<br />
<span style="font-family: inherit;">First, remove zeitgeist. I did this with synaptic. Don't remove the related libs, however, as Unity needs them. Restart the system. </span><br />
<br />
<span style="font-family: inherit;">Then, kill the running zeitgeist processes:</span><br />
<br />
<blockquote class="tr_bq">
<span style="font-family: "Courier New",Courier,monospace;">sudo killall -9 zeitgeist-fts zeitgeist-datahub zeitgeist-daemon</span></blockquote>
Then, remove the existing logs:<br />
<br />
<blockquote class="tr_bq">
<span style="font-family: "Courier New",Courier,monospace;">cd $HOME/.local/share/zeitgeist</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "Courier New",Courier,monospace;">rm activity*</span></blockquote>
<span style="font-family: inherit;">You can use <a href="http://srm.sourceforge.net/" target="_blank">srm</a> <span style="font-size: small;">if you feel it is necessary.</span></span> Restart the system.<br />
<br />
Upon restart, Zeitgeist will recreate the log files, albeit they will be essentially empty. Now set them to read-only:<br />
<br />
<blockquote class="tr_bq">
<span style="font-family: "Courier New", Courier, monospace;">cd $HOME/.local/share/zeitgeist</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "Courier New", Courier, monospace;">sudo chmod ugo-w act*</span></blockquote>
<br />
Restart once more.<br />
<br />
Once I did all this, the dash did not populate with recently used files, and the zeitgeist logs remained static. YMMV!practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-57808980177411275152012-10-22T16:45:00.000-02:302012-10-23T12:20:10.577-02:30Configuring PS3 Media Server with Windows 7 FirewallIf you've installed PS3 Media Server, and you're getting the message "No Renderers were Found" and a great big red "X" on the Status tab, give the following a try. It worked for me.<br />
<br />
(NOTE: These instructions are written for those using the Windows 7 Firewall. However, they should work for any other software-based firewall.)<br />
<br />
1. Open Windows Firewall control (in Start Menu run box type "WF.msc")<br />
<br />
2. You are going to create 2 new rules: 1 inbound and 1 outbound.<br />
<br />
3. On the left side, select Inbound Rules. Then, on the right pane, you will see an option for a <u>New Rule</u>. Click it (see below).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-oXMMITHiXQ4/TdHfaqrKuLI/AAAAAAAAAFs/ItYwKSKeBJ8/s1600/7.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="288" src="http://1.bp.blogspot.com/-oXMMITHiXQ4/TdHfaqrKuLI/AAAAAAAAAFs/ItYwKSKeBJ8/s400/7.JPG" width="400" /></a></div>
<br />
4. In the <u>New Inbound Rule Wizard</u> (which should appear), do the following:<br />
<br />
<ul>
<li>Choose Program and click Next</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-ONklv5I_In8/TdHfr31JiII/AAAAAAAAAFw/PG9qnB9edZY/s400/8.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="258" src="http://3.bp.blogspot.com/-ONklv5I_In8/TdHfr31JiII/AAAAAAAAAFw/PG9qnB9edZY/s320/8.JPG" width="320" /></a></div>
<ul>
<li> Select This Program Path, and enter the path to <b>javaw.exe</b> on your PC (typically \Program files\x86\java\jre6\bin)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-HNfvzIkIER8/TdHf4XgNreI/AAAAAAAAAF0/LgYEJus3OPo/s400/9.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="258" src="http://1.bp.blogspot.com/-HNfvzIkIER8/TdHf4XgNreI/AAAAAAAAAF0/LgYEJus3OPo/s320/9.JPG" width="320" /></a></div>
<br />
<ul>
<li> Choose <u>Allow the Connection, then Tick Private and Public</u>.</li>
</ul>
Complete this process by naming the rule something notable (e.g. ! - PS3 Media Server). Repeat the process in Outbound Rules. Now restart PS3 Media Server. Provided everything else is in order, it should now work.<br />
<br />
It is important to note that opening javaw.exe to inbound connections from any IP is a security risk. You may wish to limit the scope of these rules to your local subnet. You can do this by double-clicking on the rule, and selecting Scope. Here, you can limit the remote IPs that can connect to javaw.exe to your local subnet (or specific IP addresses, if you choose).<br />
<ul>
</ul>
practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-77145193466570389182012-10-22T16:06:00.000-02:302012-10-22T16:06:06.222-02:30How to Convert FLAC or OGG to MP3 - The Easy WayDownloaded some music, only to find it is in .FLAC format rather than mp3, and it won't transfer to your iPod or play on your favorite media player?<br />
<br />
Here's an easy way to convert, without using converter programs of questionable origin (some of which, despite my best efforts, are probably turning up in my advertising on this blog...)<br />
<br />
1. Download <a href="http://www.foobar2000.org/" target="_blank">foobar2000</a> , a fabulous free (<a href="http://lifehacker.com/5937787/five-best-desktop-music-players?tag=hive-five" target="_blank">and more importantly, reputable</a>) media player. Even if you choose not to use foobar2000 as your default media player, it's great to keep around and takes up very little storage.<br />
<br />
2. Download the <a href="http://www.free-codecs.com/lame_encoder_download.htm" target="_blank">LAME mp3 encoder</a>. Save wherever you like - I drop files like this in c:\utils. Unzip.<br />
<br />
3. Install foobar2000. <br />
<br />
4. Run foobar2000. Select File -> Preferences -> Advanced. On the right pane, you will see an option for Tools (see below)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-fYxDLjAKZek/UIWPQWujNYI/AAAAAAAAALY/oyd23amWQoo/s1600/01.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="291" src="http://1.bp.blogspot.com/-fYxDLjAKZek/UIWPQWujNYI/AAAAAAAAALY/oyd23amWQoo/s400/01.JPG" width="400" /></a></div>
<br />
<br />
5. Select Converter -> Additional Command Line encoder paths. Add the path where you saved LAME (for me, c:\utils). <br />
<br />
The above steps you will only need to do once. To save FLAC (or whatever format) to MP3, do the following:<br />
<br />
1. Select File -> Add Files (or Add Folder, if you like)<br />
<br />
2. Highlight the files in the foobar2000 main window, and right-click. Select Convert. Choose your options (I like 192kbps MP3).<br />
<br />
3. Select Save Destination and convert!<br />
<br />
<br />practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-60857900157028768952012-03-01T13:23:00.000-03:302012-03-01T13:23:13.549-03:30How to fix TVersity Error "Screenweaver MX was unable to LAUNCH one or more of its main windows"If the TVersity interface will not load for you, giving the error "Screenweaver MX was unable to LAUNCH one or more of its main windows. The application must close", here's how most will be able to fix it.<br />
<br />
This guide applies to Windows 7, Vista and XP.<br />
<br />
<u><b>Steps:</b></u><br />
<br />
1. Open System Properties (Right-click Computer, select Properties <b>OR </b>type "sysdm.cpl" in the Run box)<br />
2. Select Advanced System Settings<br />
3. Click Advanced Tab<br />
4. Under "Performance", click Settings button<br />
5. Click Data Execution Prevention Tab<br />
6. Select "Turn on DEP for all programs and services except those I select" (<i>see image below</i>)<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://4.bp.blogspot.com/-iY0tWbJiPqc/T0-m-f71Q5I/AAAAAAAAAKY/pMkcjna-Ppg/s1600/01.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-iY0tWbJiPqc/T0-m-f71Q5I/AAAAAAAAAKY/pMkcjna-Ppg/s1600/01.jpg" /></a></div><br />
7. Click Add, and browse to find TVersity.exe (default install location is C:\Program Files (x86)\TVersity\Media Server\web\admin\TVersity.exe).<br />
<br />
You might need a restart for the change to take effect. <br />
<br />
If this issue started for you after installing <a href="http://support.microsoft.com/kb/2458544" target="_blank">EMET</a>, you might need to do the following first:<br />
<br />
1. Run EMET<br />
2. Click Configure System button<br />
3. Change DEP setting to "Application Opt Out" (<i>see image below</i>)<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-4CseRoG6bzE/T0-oekta9pI/AAAAAAAAAKg/PlQAIERmiC0/s1600/03.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-4CseRoG6bzE/T0-oekta9pI/AAAAAAAAAKg/PlQAIERmiC0/s1600/03.JPG" /></a></div><br />
<br />
4. Restart, then complete the steps as detailed above.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-29925970584067720202011-10-03T17:30:00.001-02:302011-10-05T01:20:07.223-02:30How to Close Port 445 in Windows 7 / VistaIf you are cautious / paranoid about open ports in Windows, you may have noticed port 445 open.<br />
<br />
To close it, log in as an administrator, and do the following:<br />
<br />
1. In the run box, type "services.msc" and run the Services console<br />
<br />
2. Scroll down to find the service "Server"<br />
<br />
3. Right-click "Server" and select Properties<br />
<br />
4. Stop the service, and then click the drag-down box in the center, and select Disable.<br />
<br />
5. Restart the system.<br />
<br />
Keep in mind that any services that depend on the Server service (e.g. Homegroups, print sharing) will fail. Consider creating a System Restore point prior to making the change.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com1tag:blogger.com,1999:blog-3766610361286483530.post-83618818343801852702011-08-28T23:19:00.001-02:302011-08-29T00:32:48.211-02:30How to View Older Netflix Titles in Fullscreen - Remove the Black BarsAll content on Netflix is presented in its original aspect ratio, which for many titles, is 4:3. Unfortunately, most people view Netflix content on widescreen televisions, leading to black bars on the sides the image during playback. <br />
<br />
<a name='more'></a><br />
Many Netflix playback devices (for example, the Playstation 3) do not allow you to set content to play in 16:9 widescreen mode. The workaround for this is simple - set your television to "16:9" or "widescreen" or "full screen". Typically you can change this on the fly with the "format" or "aspect" button on your remote control. <br />
<br />
You might be thinking "well - obviously" - but many people do not realize this! You'll have to set it back to its original setting when you are finished watching. Until Netflix updates its playback software to change aspect ratio on the fly, this is the simplest solution.<br />
<br />
<b>Looking to improve Netflix performance? <a href="http://practicalrambler.blogspot.com/2011/08/how-to-improve-netflix-performance-on.html">Netflix Router Optimization Guide. </a></b>practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-56449763860828333472011-08-26T02:24:00.000-02:302011-08-26T02:24:59.551-02:30How to Turn the Internet Upside Down<div class="separator" style="clear: both; text-align: center;"><a href="http://1.bp.blogspot.com/-tN5A_YUjA9M/Tlcm_xBZFWI/AAAAAAAAAJ4/iy2CfbpdinQ/s1600/upsidedown.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="http://1.bp.blogspot.com/-tN5A_YUjA9M/Tlcm_xBZFWI/AAAAAAAAAJ4/iy2CfbpdinQ/s320/upsidedown.png" width="312" /></a></div><br />
Run Linux? People stealing your bandwidth? <a href="http://www.ex-parrot.com/%7Epete/upside-down-ternet.html">Turn their Internet upside down. Literally. </a><br />
<br />
practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-18649539364533842912011-08-25T18:03:00.016-02:302011-11-29T20:41:05.486-03:30Netflix Router Optimization Guide - How to Improve Netflix Performance on Home Networks By Using Quality of Service (QoS)Unable to Connect to Netflix? Netflix fails will drive you crazy. This guide will show you how to optimize Netflix performance on your home router, without crippling network performance for other connected devices.<br />
<br />
Netflix is a bandwidth-intensive application. Most home networks contain a LOT of devices (PCs, gaming consoles, network-connected media players, iPhones, etc.), and this can cause major network congestion - <b>causing Netflix stuttering, decreased image quality and disconnects. </b><br />
<br />
<a name='more'></a>Conversely, some Netflix-connected devices (particularly the Playstation 3), will use all your bandwidth, <b>overwhelming your network and choking / crippling Internet traffic to other devices on the network</b>.<br />
<br />
Most home routers have a feature called a Quality of Service (QoS) Engine (sometimes known as Traffic Shaping) which allows you to customize how your router handles network traffic. Before I implemented QoS rules, if a PS3 on the network was streaming Netflix, other devices connected to the network would often experience very slow Internet access, or get disconnected from the network altogether. Since implementing these rules, issues have been rare. Obviously - your mileage may vary.<br />
<br />
<br />
<u><b>Things to Consider:</b></u><br />
<br />
1. It's not possible to detail the specific steps for every kind of router - there are simply too many. If you are clueless about how to set up wireless routers, there's no shame in that. <a href="http://www.amazon.com/Book-Wireless-Painless-Guide-Broadband/dp/1593271697?ie=UTF8&tag=practicalramb-20&link_code=btl&camp=213689&creative=392969" target="_blank">Consider using a reference guide.</a><img alt="" border="0" height="1" src="http://www.assoc-amazon.com/e/ir?t=practicalramb-20&l=btl&camp=213689&creative=392969&o=1&a=1593271697" style="border: none !important; margin: 0px !important; padding: 0px !important;" width="1" /><br />
<br />
2. Some routers do not have QoS options; some do but offer less customization than others. <b>Your mileage may vary. </b><br />
<br />
3. Some routers also have features listed under QoS such as "Automatic Classification" and "Dynamic Fragmentation". Leave these enabled unless you have good reason to disable them.<br />
<br />
4.<b> If your Internet bandwidth is too low, you're going to run into problems no matter what QoS rules you implement.</b> Streaming video is bandwidth intensive; streaming HD video is <b>very</b> bandwidth intensive.<br />
<br />
<u><b>Steps:</b></u><br />
<br />
1. Make a list of all your network-connected devices and their IP addresses. Place them in order of desired bandwidth priority. If you haven't already, you'll have to reserve static IP addresses for each connected device, to ensure the device IP is always the same. For example, your list might look like:<br />
<br />
<ul><li>1 - PS3 in living room - IP address 192.168.0.199 (netflix player)</li>
<li>2 - PC in office - IP address 192.168.0.197</li>
<li>3 - PC in kid's room - IP address 192.168.0.198</li>
<li>4 - iPad - IP address 192.168.0.195</li>
<li>5 - iPod Touch - IP address 192.168.0.196</li>
</ul><br />
2. Access your router's settings interface. If you don't know how, try one of the following links:<br />
<br />
<div style="text-align: center;"><a href="http://192.168.0.1/">http://192.168.0.1</a></div><div style="text-align: center;"><a href="http://192.168.1.1/">http://192.168.1.1</a></div><div style="text-align: center;"><a href="http://192.168.2.1/">http://192.168.2.1</a> </div><br />
<br />
If you don't know your password, consult <a href="http://www.routerpasswords.com/">this page</a>, which has default router login/passwords for pretty much every router. As a general rule, the default is login: admin, password: admin (<a href="http://practicalrambler.blogspot.com/2011/04/easy-wireless-router-security-setup.html"><b>of course, if that's your password - CHANGE IT</b></a>).<br />
<br />
3. Find the Quality of Service (QoS) Engine settings (sometimes called Traffic Shaping).On D-Link routers, this is usually found on the Advanced tab. On Linksys routers, this is usually found on the Applications & Gaming tab. Your router may differ; consult the manual if you cannot find it - or google your router make & model + "quality of service".<br />
<br />
4. Assign the desired priority to each device on your network. <b>For example, if you want to give top priority to your Netflix device(s), assign these devices a priority of 1. If you want to give top priority to connected PCs to ensure Internet traffic is not slowed or interrupted, assign the PCs a priority of 1.</b> (See D-Link example below). <br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://3.bp.blogspot.com/-Uss-pksA8Sw/TlalrFm0rxI/AAAAAAAAAJ0/awnz78SEIcY/s1600/01.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="219" src="http://3.bp.blogspot.com/-Uss-pksA8Sw/TlalrFm0rxI/AAAAAAAAAJ0/awnz78SEIcY/s320/01.JPG" width="320" /></a></div><br />
<br />
5. Save settings and reboot the router. Ultimately, you will want to experiment with different configurations. Personally, I like to assign top priority to my PCs, so that web-browsing / email etc. is not slowed or interrupted if another device is streaming Netflix. <b>Every network will be different based on the needs of the user(s). </b>If you want to <i>really </i>optimize your router, <a href="http://www.dd-wrt.com/site/index">consider installing the DD-WRT Firmware</a>.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-81873303919674750932011-07-25T14:05:00.001-02:302011-07-27T17:56:16.253-02:30How To Remove Space Between Blogger Gadgets / WidgetsIf you use Blogger you may have noticed that by default, Blogger places space between gadgets appearing in your sidebar (or sidebars). <br />
<br />
Removing the space between <b>HTML/Javascript gadgets</b> (such as AdSense ads) is easy - simply merge the HTML scripts together. For example, if you have an AdSense script and an image link (like in my sidebar), cut and paste the script from the second gadget, and add it to the bottom of the first gadget. Remove the second HTML gadget. Apply to blog, and test it out to ensure proper formatting. You can stack as many HTML gadgets together as you like.<br />
<br />
Removing the space between non-HTML/Javascript gadgets (such as the Blog archive, hit counter, etc.) is a little trickier. However, <a href="http://www.southernspeakers.net/2010/11/remove-spaces-between-gadgets-in.html">this blog has posted an excellent guide</a>. Given the complexity of this, I strongly suggest backing up your blog first - click the Settings tab in the Dashboard, and choose "Export Blog" to save a copy to your computer. If something goes horribly wrong, you can always restore it.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com4tag:blogger.com,1999:blog-3766610361286483530.post-51494060899937970192011-07-04T21:34:00.012-02:302011-07-15T13:51:55.943-02:30How to Detect and Remove TDL4 / TDL3 / TDSS / Alureon RootkitsExperts are continuing to say <a href="http://gizmodo.com/5817261/theres-a-botnet-called-tdl+4-thats-virtually-indestructable">scary things about TDL4</a> and its botnet, throwing around terms like "virtually indestructible". Whether this is true or not, clearly TDL4 is a highly sophisticated piece of crimeware that has top researchers very concerned. <br />
<br />
If you think you may be infected, Kaspersky Labs has released a free tool for Windows users (all versions, 32 and 64-bit) called <b>TDSSKiller</b> which will detect and remove TDL4 rootkits / bootkits. <a href="http://support.kaspersky.com/viruses/solutions?qid=208280748">It can be downloaded here</a>. <br />
<br />
<b>TDSSKiller </b>also detects<b> </b>other TDSS-family rootkits such as TDL2 / TDL3, and unknown rootkits by analyzing for:<br />
<ul><li>Hidden or Blocked services</li>
<li>Hidden or Blocked files</li>
<li>Forged files</li>
<li>Rootkit.Win32.Backboot.gen (generic / unknown MBR infection)</li>
</ul>I'm confident those who design the TDSS rootkits will soon figure out a way to defeat Kaspersky's detection / removal, but for now, this is a great place to start if you are concerned about these rootkits.<br />
<br />
If you have no luck with TDSSKiller, you may wish to try <a href="http://www.norman.com/support/support_tools/77201/en">Norman TDSS Cleaner</a>, <a href="http://public.avast.com/%7Egmerek/aswMBR.htm">Avast's aswMBR Tool</a>, or <a href="http://hitmanpro.wordpress.com/2011/05/02/tdl4-bootkit-reinstates-64-bit-infection-capability/">HitMan Pro</a>, which also claim to detect and remove TDL3, TDL4 and its variants.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com1tag:blogger.com,1999:blog-3766610361286483530.post-23911326726997787342011-06-23T17:00:00.005-02:302011-08-29T02:11:35.594-02:30How to Create Custom / Separate Windows 7 Firewall Policies for Individual Users<b><u>How to Create Windows 7 Firewall Policies for Different Users:</u></b><br />
<br />
For various reasons, you may wish to have an account with strict firewall policies (<a href="http://practicalrambler.blogspot.com/2011/01/windows-7-firewall-how-to-always-use.html">such as those detailed in this post</a>), and another account with more relaxed policies. <br />
<br />
In order to do this, <b><u>both accounts must be Administrators.</u></b> <strike>This may also work with Vista Firewall, unfortunately I don't currently have a Vista box to test it on. </strike>This will not work on Windows Vista.<br />
<br />
1. Before doing anything, back up your current firewall policy. Run Windows Firewall with Advanced Security (type firewall in Run box).<br />
<br />
2. In the right pane, click Export Policy. Save to c:\, as firewallstd.wfw.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-yWrtTKEFpew/TgOL8o94HWI/AAAAAAAAAHw/TQ9-YhNEAC8/s1600/01.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="256" src="http://2.bp.blogspot.com/-yWrtTKEFpew/TgOL8o94HWI/AAAAAAAAAHw/TQ9-YhNEAC8/s320/01.JPG" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-maq0N8Caeb4/TgOLQbL-p2I/AAAAAAAAAHs/GaANonaT9dA/s1600/01.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><br />
</a></div>3. Create the policies you wish to implement, and export as c:\firewallstrict.wfw.<br />
<br />
4. Create this batch file, and save as c:\firewallstd.bat:<br />
<br />
------------------------<br />
netsh advfirewall import c:\firewallstd.wfw<br />
pause <br />
------------------------<br />
<br />
5. Create this batch file, as save as c:\firewallstrict.bat:<br />
<br />
------------------------<br />
netsh advfirewall import c:\firewallstrict.wfw<br />
pause <br />
------------------------<br />
<br />
6. Open Task Scheduler (type task in Run box).<br />
<br />
7. Choose Create a Basic Task.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://4.bp.blogspot.com/-4yI_e_ZCmQc/TgOQTVWvwlI/AAAAAAAAAH0/kx1-Sx84yCg/s1600/1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-4yI_e_ZCmQc/TgOQTVWvwlI/AAAAAAAAAH0/kx1-Sx84yCg/s1600/1.JPG" /></a></div><br />
8. Name this rule as you see fit.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-wIPj0MVVVIU/TgOQfTuXfNI/AAAAAAAAAH4/tOACMetQukg/s1600/2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="444" src="http://2.bp.blogspot.com/-wIPj0MVVVIU/TgOQfTuXfNI/AAAAAAAAAH4/tOACMetQukg/s640/2.JPG" width="640" /></a></div><br />
<br />
9. For task trigger, select When I Log on.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-ZWHLBJxWJ8o/TgOQwHCBjoI/AAAAAAAAAH8/N-f-L0hZntM/s1600/3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="445" src="http://2.bp.blogspot.com/-ZWHLBJxWJ8o/TgOQwHCBjoI/AAAAAAAAAH8/N-f-L0hZntM/s640/3.JPG" width="640" /></a></div><br />
10. Choose Start a Program.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://1.bp.blogspot.com/-0V9nBHDzn9Q/TgORAslGpLI/AAAAAAAAAIA/2wV7qFlsCYw/s1600/4.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="443" src="http://1.bp.blogspot.com/-0V9nBHDzn9Q/TgORAslGpLI/AAAAAAAAAIA/2wV7qFlsCYw/s640/4.JPG" width="640" /></a></div><br />
11. Choose the .BAT file you created earlier. The finishing dialog will appear. Before clicking Finish, tick "Open the Properties dialog for this task when I click Finish".<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://1.bp.blogspot.com/-8MauSV9Llxs/TgORvFbkv-I/AAAAAAAAAIE/4ysDJrlaU8A/s1600/6.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="444" src="http://1.bp.blogspot.com/-8MauSV9Llxs/TgORvFbkv-I/AAAAAAAAAIE/4ysDJrlaU8A/s640/6.JPG" width="640" /></a></div><br />
12. In the resulting window, select Run with Highest Privileges.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-wBcqP3eQ--s/TgOSDD2j6cI/AAAAAAAAAII/ZxDWg-eDOT4/s1600/7.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="http://2.bp.blogspot.com/-wBcqP3eQ--s/TgOSDD2j6cI/AAAAAAAAAII/ZxDWg-eDOT4/s640/7.JPG" width="640" /></a></div><br />
Once this is complete, log on to the other account and repeat steps 6 through 12, with the policies you desire for that account. You can remove the "pause" from the batch file if you prefer, but it is helpful to confirm that the policy has properly loaded upon logging in.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com0tag:blogger.com,1999:blog-3766610361286483530.post-11960720460361131982011-05-24T17:10:00.001-02:302011-05-24T21:08:03.185-02:30How To Delete 7-Zip Extraction / Folder History1. Open the Registry Editor (Start -> regedit.exe) and find the following key:<br />
<ul><li>HKEY_CURRENT_USER\Software\7-Zip\Extraction</li>
</ul>2. Delete the entry "PathHistory". <br />
<br />
You'll need to be <a href="http://windows.microsoft.com/en-CA/windows7/How-do-I-log-on-as-an-administrator">logged in as a Administrator</a> to make registry changes. As always, consider backing up the registry before making any changes.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com3tag:blogger.com,1999:blog-3766610361286483530.post-46036391378278287912011-05-16T23:19:00.013-02:302017-07-10T18:36:07.075-02:30How To Block All Internet Traffic / Connections If Not Connected to a VPN<div class="separator" style="clear: both; text-align: center;">
<a href="http://media.go2speed.org/brand/files/proxpn/5/set0-proXPN_468x80b2.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://media.go2speed.org/brand/files/proxpn/5/set0-proXPN_468x80b2.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a></div>
This post will outline a method using the Windows 7 Firewall to block all Internet traffic unless you are connected to your VPN.<br />
<br />
<b>This post assumes you have already followed the steps in the earlier post, <a href="http://practicalrambler.blogspot.com/2011/01/windows-7-firewall-how-to-always-use.html"><u>How to only use the VPN Connection and Block ISP. </u></a></b><br />
<br />
If you implement these rules, your system will have no Internet access unless you are connected to your VPN. That is to say, your system will be connected to the Internet, but no traffic can get in or out <u>unless specifically permitted by a separate firewall rule</u>. <b>If a rule allowing an application exists, that application's traffic will still be able to pass through the firewall.</b><br />
<br />
I have used these rules on my system without ill effect (Windows 7 Home Premium 64-bit). Depending on what other applications you use, you will likely have to create additional rules.<b> If you break your system, don't blame me</b>. <b>Always back up before messing with system settings, and take notes as you go.</b><br />
<br />
It is possible this method could still potentially leak data by way of the system process <a href="http://www.howtogeek.com/howto/windows-vista/what-is-svchostexe-and-why-is-it-running/">svchost.exe</a>. If you attempt to block svchost.exe, your PC will not be able to communicate with your router/modem, and you <i>really</i> will have blocked all network functionality - i.e. nothing will work.<br />
<br />
That being said, I have monitored VPN disconnects using <a href="http://technet.microsoft.com/en-us/sysinternals/bb897437">TCPView</a> and spotted no leaks - just all processes (including system processes) engaged in Internet traffic instantly changing from ESTABLISHED to TIME_WAIT, and shortly thereafter vanishing. <br />
<br />
<b><u>Steps:</u></b><br />
<br />
1. Open Windows Firewall with Advanced Security (<a href="http://practicalrambler.blogspot.com/2011/01/windows-7-firewall-how-to-always-use.html">in this guide, start at step #4</a>)<br />
<br />
2. Select <u>Inbound Rules</u>. The New Inbound Rule Wizard will appear.<br />
<br />
3. Select Custom Rule (see below).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-dJJrTZLLCNI/TdHCMQisE3I/AAAAAAAAAE4/JkZuW0NN5hA/s1600/new+rule1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="515" src="https://4.bp.blogspot.com/-dJJrTZLLCNI/TdHCMQisE3I/AAAAAAAAAE4/JkZuW0NN5hA/s640/new+rule1.JPG" width="640" /></a></div>
<br />
4. Select <u>All Programs</u>.<br />
<br />
5. Select Any IP Address, for both Local and Remote.<br />
<br />
6. Select Block The Connection (see below).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-6FuersZ5qsk/TdHHo8sdaBI/AAAAAAAAAFE/QNnnNZk2kbI/s1600/blockconnect4.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="516" src="https://2.bp.blogspot.com/-6FuersZ5qsk/TdHHo8sdaBI/AAAAAAAAAFE/QNnnNZk2kbI/s640/blockconnect4.JPG" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
7. Select <u>Domain</u> <strike>and <u>Private</u>,</strike> leaving <u>Private</u> and <u>Public</u> unticked (see below)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-WK_OQbFfqQ0/Tdv2jLNU_QI/AAAAAAAAAGE/eqqDt9yewdQ/s1600/6.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="516" src="https://2.bp.blogspot.com/-WK_OQbFfqQ0/Tdv2jLNU_QI/AAAAAAAAAGE/eqqDt9yewdQ/s640/6.JPG" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
8. Name your rule and click Finish. Repeat steps 1 through 8 for <u>Outbound Rules</u>.<br />
<br />
9. In the Windows Firewall with Advanced Security window, select Windows Firewall Properties (see below).<br />
<span id="goog_1273231303"></span><span id="goog_1273231304"></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-ojjz0byxNqs/TdHNLtGTaNI/AAAAAAAAAFM/JLomSa1NMMs/s1600/fwprops.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="428" src="https://1.bp.blogspot.com/-ojjz0byxNqs/TdHNLtGTaNI/AAAAAAAAAFM/JLomSa1NMMs/s640/fwprops.JPG" width="640" /></a></div>
<br />
10. In the resulting window, choose to block both inbound and outbound traffic for the <u>Domain</u> and <u>Private</u> profiles (see below). You may also want to block outbound traffic on the <u>Public</u> profile as well, but you will need to create specific allow rules for every application that needs Internet access.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-pFPPdCqFziw/TdHNht_YJtI/AAAAAAAAAFQ/o4r6uOH-uiQ/s1600/profiletabs.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="640" src="https://1.bp.blogspot.com/-pFPPdCqFziw/TdHNht_YJtI/AAAAAAAAAFQ/o4r6uOH-uiQ/s640/profiletabs.JPG" width="574" /></a></div>
<br />
You should test your configuration at this point to ensure it is working. Connect to your VPN, start up some downloads, and disconnect. All traffic should die immediately.practicalrambler.http://www.blogger.com/profile/08360260779814630069noreply@blogger.com11