2010年10月27日星期三

微軟重申Security Essentials 2010是病毒

微軟的免費殺毒軟件Microsoft Security Essentials(簡稱MSE)如今已經躋身頂級殺毒軟件之列,近日全球知名獨立安全研究和評測機構NSS Labs近日的殺毒軟件測試報告顯示,微軟的免費殺毒軟件MSE比一些付費殺毒軟件的性能還要好,這其中包括賽門鐵克、卡巴斯基等。

正因為大受歡迎,很多流氓軟件盯上了微軟MSE。早在今年2月份的時候,一款名為Security Essentials 2010的虛假軟件就開始偽裝成MSE的樣子來欺騙用戶。當時微軟就特地發表聲明揭穿了其面目,並且發佈了專門的惡意軟件移除工具幫助用戶檢測並移除Security Essentials 2010。

近日,Security Essentials 2010死灰復燃又重新,實際上這是病毒「Win32/FakePAV」。如果你不小心感染了該病毒,它會在開機時自動啟動,對計算機進行掃瞄,當然這是假的。

掃瞄結束後它會提示計算機有病毒,並給出詳情,此外還提供多款殺毒軟件供用戶使用,其中包括多款免費軟件。當然這一切都是假象,如果你的計算機已經被感染,那麼微軟建議使用真正的MSE進行查殺。

微软重申Security Essentials 2010是病毒
掃瞄結束後病毒提示

微软重申Security Essentials 2010是病毒
查看詳情

微软重申Security Essentials 2010是病毒
Security Essentials 2010提供的殺毒軟件方案

微软重申Security Essentials 2010是病毒
其中提供的免費殺軟可以下載

http://news.mydrivers.com/1/177/177885.htm

在 Windows 透過 SSH Tunnel 收發郵件

緣起: 某 Yahoo! 付費郵箱使用者無法在某社區網路發送郵件 (SMTP 連線失敗)
方案: 透過 SSH Tunnel 收發郵件
環境:

  • SSHD Host: Fedora Linux
  • Windows Client: Windows 7, Windows Live Mail

SSHD Host

useradd -s /bin/bash myaccount
passwd myaccount
su - myaccount
mkdir ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 $_

註: $_ 取得前次指令的最後一個參數

Windows Client

下載並安裝 Windows Live Mail

PuTTY Download Page 下載: putty.exe, pscp.exe, plink.exe, puttygen.exe, 儲存到 %HOMEPATH% (如: C:\Users\your_account\ )

執行 puttygen.exe, 產生金鑰:

  • 按下 Generate 按鈕後, 隨意移動滑鼠游標產生金鑰
  • 按 Save private key 按鈕, 將 Private Key 存入 %HOMEPATH%\private_key.ppk
  • 複製畫面上的 Public Key, 貼入 myaccount@my.sshd.host:.ssh/authorized_keys

啟動 "記事本", 編輯以下內容, 儲存到 %HOMEPATH%\mail.bat (如: C:\Users\your_account\mail.bat )

1@echo off
2start /min plink.exe -N -L 25:smtp.mail.yahoo.com.tw:25 -L 110:pop.mail.yahoo.com.tw:110 -i private_key.ppk -P 22 myaccount@my.sshd.host
3"c:\program files\windows live\mail\wlmail.exe"
4taskkill /f /im plink.exe > nul

註: start = 背景執行指令; taskkill = 刪除執行中的程序 (process)

將 %HOMEPATH%\mail.bat 傳送到桌面 (建立捷徑), 將捷徑更名為 "Windows Live Mail", 按右鍵調整內容:

  • 執行: 最小化
  • 變更圖示: 以 C:\Program Files\Windows Live\Mail\wlmail.exe 為圖示

執行桌面上的 mail.bat 捷徑, 建立郵件帳號, 手動設定伺服器設定:

  • 內送郵件伺服器: POP, localhost, 110
  • 外送郵件伺服器: localhost, 25, 需要驗證(打勾)

以後只要點擊桌面上的 Windows Live Mail 圖示, 就會執行 %HOMEPATH%\mail.bat, 自動建立 SSH Tunnel 並啟動 Windows Live Mail, 透過 SSH Tunnel 收發郵件.

SSHD 安全須知

因為 SSH2 連線使用 -N 參數不會啟動 shell, 若無 shell 操作需求, 可將該帳號的 shell 改成 /bin/false (sudo chsh -s /bin/false myaccount)

或是為這些帳號 建立 ssh chroot 環境

由於 shell=/bin/false 的帳號能藉由 -N 參數的 SSH2 連線產生 SSH Tunnel, 因此最好在 /etc/ssh/sshd_config 加上 AllowUsers 限制 sshd 只允許某些帳號的連入, 如: AllowUsers myaccount vipaccount otheraccount (帳號以空白隔開)


http://cha.homeip.net/blog/2010/10/2767.html

2010年10月26日星期二

ACDSee的完美替身Imagine 1.0.7

自從ACDsee的「墮落」之後,圖像瀏覽工具一直沒有一個完美的替代品,這也直接導致了不少用戶還在使用經典的3.1版的ACDSee。

提起Imagine可能知道的用戶並不是很多,它正是大名鼎鼎的TotalCommander中的圖像瀏覽插件。此次給大家介紹的正是其獨立版本。

下载:ACDSee的完美替身Imagine 1.0.7
很清晰的主界面

Imagine在啟動速度和打開圖片的速度都很不錯,而且,軟件非常小巧,體積僅為1M,而且軟件完全免費綠色,支持包括簡體中文在內的多國語言。

下载:ACDSee的完美替身Imagine 1.0.7
功能豐富的設置頁面

Imagine支持眾多圖像格式及壓縮文件,而且支持64位系統,支持Unicode。其功能上非常接近ACDSee,而且分的更加細緻,比如:裁 剪,尺寸修改,圖片旋轉,更改圖片色調,圖片批量轉換,幻燈片,提取圖片,動態圖片製作,建立多重頁面等功能,還可以更換主題,可以自定義鍵盤快捷鍵和自 定義鍵盤多組鼠操作模式等。

下载:ACDSee的完美替身Imagine 1.0.7
簡單易用的動畫作坊

下载:ACDSee的完美替身Imagine 1.0.7
批量轉換的功能比較集中

有興趣的朋友不妨體驗一下,說不定你會喜歡上Imagine。

4.8吋1080p 全球最小高清液晶屏問世

日本ORTUSTECH公司日前宣佈,他們已經成功開發出了全球最小的FullHD高清液晶面板,在4.8吋的尺寸下即可實現1920x1080分辨率。

ORTUS Technoloy公司由日本凸版印刷株式會社和卡西歐合資,今年4月剛剛成立,專門進行中小尺寸顯示技術的研發和製造。這塊突破性的高清液晶面板基於該 公司獨有的HAST(Hyper Amorphous Silicon TFT),以a-Si TFT非晶硅液晶面板為基礎,通過精細加工技術、液晶配向技術和面板驅動技術上的改進,實現高分辨率、高開口率。

這塊4.8吋1920x1080分辨率面板的像素密度已經達到458ppi,比蘋果「Retina」視網膜屏幕的327ppi更勝一籌,已經遠超過 人眼分辨的極限,號稱可實現自然而有立體感的精細圖像表現力。如果大家親身體驗過iPhone 4/iPod touch 4的高分屏快感,就應當可以想像這塊屏幕所能達到的驚人效果。

該面板視角為160度,可顯示1677萬色,色域72% NTSC,未來將主要面向電視台用攝像機顯示器、監視器等行業用途,今年11月會進行首次展示。

4.8寸1080p 全球最小高清液晶屏问世

4.8寸1080p 全球最小高清液晶屏问世

http://news.mydrivers.com/1/177/177779.htm

2010年10月22日星期五

找出是誰抄襲我的圖片作品!

今天看到一則新聞,由政府主辦的「著作權海報設計比賽」,校園組首獎竟然是抄襲國外藝術家的作品!這倒是提醒大家注意著作權的重要性了(完全凸顯比賽主題),也許這就是參賽者的本意??好啦,這不是今天講古的重點,這件事引發凱撒之鷹另一個想法--要如何在網路上找到別人抄襲你的圖片作品呢?

注意喔,這裡所指的「抄襲」並不是純粹盜圖,而是你的創作圖片被拿去修改後,變成另一張雷同度極高的圖片,如果沒有人跟你說,自己要怎麼發現有這件事呢?

先跳開話題一下,如果是想知道文章有沒有被抄襲,那用Google比對文字是還蠻簡單的,只要拿文章中的某一串句子去做搜尋(最好前後加上 "  " 引號夾註起來),就能很快找出相同或類似的句子。但是Google只能用關鍵字去搜尋圖片,雖然文字搜尋方面很強,卻無法直接「以圖找圖」,所以Google大神這時候就派不上用場了。


這裡介紹一個專門「搜尋相似圖片」的搜尋引擎 TinEye,它的專長就是以圖找圖:你先上傳一張圖片(或圖片網址)給它,TinEye 就會幫你比對網路上幾十億張圖片,然後挑出類似的圖片給你看,這樣就很容易知道有沒有被抄襲修改了。

TinEye網站 http://www.tineye.com 


實作示範

以前面那則抄襲國外作品的新聞為例,如果在沒有人發現的情況下,要怎麼用 TinEye 找出它可能有抄襲某張圖片呢?方法很簡單:

1. 我是在聯合新聞網上面看到這則新聞,裡面有疑似抄襲作品的圖片,那我只要先把圖片的網址複製起來。當然如果一開始並沒有新聞報導,那你在現場把照片拍起來存進硬碟裡也行。

2. 接著到 TinEye 網站,把要比對的圖片網址貼上去,再按下[Search]鈕進行比對。如果是自己硬碟裡的圖片,就用左邊的[選擇檔案]鈕來上傳。

3. 比對結果馬上就出來了,果然網路上有一張圖片非常相似,可能就是當初「參考」的原圖。

4. 點擊圖片下方的「Compare」連結,還能讓兩張圖片更進一步比對。它會把圖片重疊放在一樣的位置,你按[Switch]鈕反覆切換來切換去,就能更清楚看出哪裡被修改過了。

5. 只有找到一張類似圖片,也許能證明來源圖片有抄襲,但原圖的創作者是誰呢?雖然所找到的圖片會有附上網址,不過以此例而言,它是被收錄在某個圖庫網站中的 一張圖片,並不是原作者本身的網站。沒關係,我們用同樣方式繼續找下去,把找到圖片的連結網址再copy起來,重新用TinEye進行搜尋看看。

6. 這下找到更多一樣的圖片了,接下來就要考驗耐心,一個個點進去看看,也許就能找到原作者的網站囉!這種偵探式的搜索就留給有緣人去做吧 =_=

>> 找出是誰抄襲我的圖片作品!

臨時找不到OCR軟體沒關係,Google幫你辨識

如果想要把手邊紙本書的部分內容轉成電子檔,除了利用掃瞄器掃進電腦外,還需要借助OCR文字辨識軟體,才能把掃進去的圖檔轉換成文字檔。一套 OCR軟體可不便宜,可能不少人知道Office軟體裡面有附一套文字OCR辦識工具(什麼~ 你還不知道?快打開Office工具群組裡面的「Office Document Imaging」),但是如果你的電腦沒有安裝Office,那Google也可以幫上忙。Google線上服務現在開始支援OCR功能,目前雖然還不能 辨識中文字,不過未來應該是有希望的,我們就先來玩看看囉!

 

▼這是我們要測試的圖片檔,內容為英文文字。

1. 開啟瀏覽器,連至「http://docs.google.com」,登入Google帳戶後,按左上方的〔上載〕。

2. 點選「選取要上載的檔案」,並選取我們要辨識的檔案。

3. 勾選「將 PDF 檔案或圖片檔案中的文字轉換為「Google 文件」」,然後按〔開始上傳〕。

4. 上傳完畢後,開啟剛才上傳的文件。

5. 可以發現原本圖片檔內的文字,通通都經過自動辨識成可編輯的文字檔,無法辨識的部分還會特別用黃底標示,辨識度相當不錯呢,可惜目前還不支援中文字。

>> 臨時找不到OCR軟體沒關係,Google幫你辨識

 

免費軟體 - 影音轉檔助手

影音轉檔工具種類非常多,幾乎已經到了走在路上隨便都會踢到一款免費轉檔軟體的地步XD而台灣用戶最常口耳相傳推薦的是「格式工廠」,但以筆者經 驗,即使是格式工廠,對有些真的很不熟電腦的用戶還是覺得不會用。這時候,或許下面要介紹的一款叫做「倉鼠100%」的工具就可以幫上你的忙。

嗯!好啦!筆者承認這款軟體其實不是叫做「倉鼠100%」,官網上對這款軟體的說明是「免費視頻轉換器:倉鼠--100%免費下載」,但是「倉鼠100%」這個名字大家不覺得比較歡樂有fu嗎?

倉鼠(Hamster)這款免費軟體最大的特色,就是使用上非常非常直覺,完全沒有任何一個讓用戶覺得疑惑、不懂的地方(例如冒出什麼專業的影音格式名詞或選項),整個使用流程也精簡成三大步驟:

 

  • 1.我要轉哪個影音檔案?
  • 2.我要轉成「可以在哪個設備上播放」的影音格式?
  • 3.轉到哪裡儲存。

 

如果這樣還不會用,那可能就真的沒輒了。

 


  • 步驟1:

首先到Hamster網站下載軟體,也可以順便看看上面介紹的軟體功能,與支援的大量影音轉檔格式,如果你跟筆者一樣有看沒有懂的話,這部份完全可以給它跳過去。

 

  • 步驟2:

下載後開始安裝,在安裝介面上只有簡體中文,但是安裝完成後就有繁體中文了,台灣用戶不用擔心。

 

  • 步驟3:

在安裝步驟中,當詢問你要選擇完整安裝或自訂安裝時,記得選擇「Customization」,然後將下面兩個要把你的首頁和搜尋引擎改成Ask.com的選項「取消勾選」。

 

  • 步驟4:

全部安裝完成後啟動Hamster Free Video Converter,基本上右邊只是給你預覽,主要的動作都在左邊,我們也可以看到倉鼠很貼心的幫我們把整個轉檔過程分成了三大步驟。

而第一步就是〔添加文件〕,這裡可以直接把檔案「拖曳」到視窗中,也可以一次處理多個檔案,非常方便。

 

  • 步驟5:

把想要轉檔的檔案都拖曳進來後,切換到〔編輯〕畫面,你可以選擇要轉檔成什麼格式,也可以在下方選擇想要轉檔到哪種設備上使用。

在右邊則可以選擇轉檔後的檔案要儲存到哪個資料夾。

 

  • 步驟6:

最後進入〔轉換〕頁面,只要點擊開始轉檔就等著大功告成囉!

完全不需要任何影音知識,即使是電腦新手相信也可以對倉鼠簡單易懂的介面輕鬆上手,推薦給大家試用看看。

http://pcuser.pixnet.net/blog/post/27408088

2010年10月20日星期三

Defraggler:不到1MB的全能磁盤整理大師

或許你用過一款叫做CCleaner的免費系統清理軟件,那麼你一定會喜歡Defraggler,它和CCleaner師出同門,都是由Priiform所開發,也同樣秉承了一貫的輕巧,高效,免費的特點,官方精簡版本大小甚至不到1MB。

雖然Defraggler的體積很小,但是功能上卻絲毫不含糊,磁盤狀態查看,磁盤碎片搜索,磁盤信息檢索,快速碎片整理……基本上涉及到磁盤整理 的工作它都可以勝任。並且整理也有兩種方式,快速整理和全面整理。快速整理可以在非常短的時間內對於系統磁盤進行簡單而高效的整理,全面整理則是對於磁盤 進行100%的徹底整理。

Defraggler:不到1MB的全能磁盘整理大师

Defraggler當前最新版本為2.00.221 Beta,相比於之前的1.0版本不同,除了在界面上的改動以外、新版在基本功能繼續改進,號稱進一步提升了磁盤整理速度,有效降低了用戶所耗費的時間。 與此同時,新版本提升了對於64位系統的兼容性,並且可以完美支持更大的硬盤,這對於64位系統和大硬盤用戶來說是一個福音。

對於這麼一款輕巧,高效,免費的磁盤管理軟件,你有什麼理由拒絕呢?

Defraggler:不到1MB的全能磁盘整理大师

版本更新:2.00.221 Beta

- 使用了新樣式的硬盤視圖;

- 進一步提升整理效率;

- 解決在64位系統下的一些兼容性問題;

http://news.mydrivers.com/1/177/177436.htm

2010年10月19日星期二

微軟修復喚醒Win7需登錄兩次問題

你有沒有遭遇當系統從休眠狀態中恢復時,登錄界面出現兩次的情況?微軟日前發佈了一個熱修復補丁程序(hotfix),修復了這個存在於Windows 7和Windows Server 2008 R2中的登錄問題。

登錄界面出現兩次的前提條件是:

1、計算機運行Windows 7或Windows Server 2008 R2;

2、用戶曾安裝了熱修復補丁程序KB976427,該補丁程序修復了啟用屏保後系統恢復時黑屏並停止響應的問題;

3、在「睡眠喚醒」設置中啟用了需要密碼選項;

在這種情況下,用戶喚醒系統時,登錄界面可能會出現兩次,用戶必須輸入兩次密碼。

該問題的產生是由於當重用首次登錄時,系統有多個掛起進程等待處理,遇到這種情況是,WinLogon會將用戶登出。

如果你在遭遇了上述情況,那麼不妨下載KB2345131中的Fix333423來修復該問題。用戶可以點擊以下鏈接索取熱修復補丁程序:

http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2345131&kbln=en-us

微软修复唤醒Win7需登录两次问题

http://news.mydrivers.com/1/177/177282.htm

2010年10月18日星期一

下載:強力系統清理器KCleaner 0.21.0

KCleaner是一款體積小巧的綠色免費軟件,它沒有多餘的功能及組件,其用途只有一個-清理系統中的各類臨時文件及緩存文件。

KCleaner開啟後會先彈出功能豐富的設置界面,我們可以選擇我們想要清理的文件類型,當然語言選項自然是簡體中文了。對於對數據安全有需求的用戶,可以選擇「數據安全」中的選項,已達到文件粉碎的效果。另外可以通過設置實現自動檢查和清理工作。

下载:强力系统清理器KCleaner 0.21.0
詳細的設置功能

軟件運行分為手動模式和自動模式,通過菜單中的選項可以方便的切換為專家模式和簡便模式,而且在清理完成後,可以通過詳細的日誌功能來查看對那些文件進行了清理。

下载:强力系统清理器KCleaner 0.21.0
簡單模式

下载:强力系统清理器KCleaner 0.21.0
專家模式

KCleaner的更新雖然不算很頻繁,但每次更新都是對清理數據庫進行完善,推薦對系統垃圾反感的用戶使用體驗。

本地下載:

http://www.myfiles.com.cn/soft/42/42902.htm

下载:强力系统清理器KCleaner 0.21.0
清理過程

下载:强力系统清理器KCleaner 0.21.0
清理完成後的效果

下载:强力系统清理器KCleaner 0.21.0
詳細的操作日誌

http://news.mydrivers.com/1/177/177131.htm

2010年10月15日星期五

微軟提供新版免費XP、Vista鏡像下載

為了彌補Windows平台只能安裝單一版本IE瀏覽器的缺陷、幫助開發者在不同系統平台測試各種版本的IE瀏覽器,自2006年IE7發佈以來,微軟開始向開發者提供Windows客戶端虛擬鏡像免費下載,也就是眾所周知的IE應用程序兼容性VPC鏡像(Internet Explorer Application Compatibility VPC Image),其中包括XP、Vista平台不同版本IE瀏覽器的虛擬鏡像文件。

早在今年6月,微軟就通過下載中心發佈了5個以上的免費XP和Vista虛擬機鏡像,不過作為的試用軟件,它們目前已經過期。為了繼續這項服務,微軟昨日發佈了最新版的IE應用程序兼容性VPC鏡像。

微軟IE產品主管Pete LePage解釋稱:「在2011財年之初,我們改變了VHD文件開發方式。首先,我們決定自己來完成這項工作,而不再讓廠商來開發;其次,我們認識到有 些舊系統已經退役(Windows XP SP2),因此花費了一些時間來尋找新的替代方案來繼續支持Windows XP VHD。」

最終答案就是,微軟發佈了新的XP、Vista免費副本。LePage指出:「這些鏡像的最大改變就是,Windows XP SP3不再是『全功能產品』,取而代之的是『試用版本』。這就意味著,這些免費Windows副本不再沿用以往複雜的期限機制,由於是試用版本,它們在 90天試用期結束後將自動失效。」

也就是說,此次發佈的多個版本XP、Vista鏡像都將在2011年1月11日到期

微软免费提供XP、Vista镜像下载

官方下載

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=21eabb90-958f-4b64-b5f1-73d0a413c8ef&displaylang=en

http://news.mydrivers.com/1/176/176956.htm

Building a site-to-site VPN tunnel between SonicWALL and IPCop

To perform this task, I used:
A SonicWALL TZ170 Running SonicOS Enhanced 3.2.0.3-54e
A PC running IPCop v1.4.11, with the built in VPN functionality

SonicWALL is becoming ever more popular as a good solution for the small to mid-sized business due to its lower TCO over products such as Cisco. In the same regard, IPCop has grown in popularity for its open source nature, and its large list of features. Therefore, I thought it would be interesting to see how difficult it might be to merge two companies using these very different products. In the end I can say, "not too difficult at all".

Some things to remember:
* You must have two different networks, with different network ID's. That is, if one company has a network ID of 192.168.0.0/24, than the other side cannot also be 192.168.0.0/24. This will be a routed network. You cannot route between two networks, that are actually the *same* network!

* SonicWALL is a commercial product and is backed by toll free phone support (which varies by product and status). Help is most certainly guaranteed. IPCop is open source. That means that your support comes in the form of forums, IRC, etc. Also note that the use of open source software comes with an agreement. Make sure that your company or organization is permitted to use open source software.

Step #1 – Set up the SonicWALL side of the tunnel.
Log into the SonicWALL Administration page. Click "VPN" on the left side, and ensure that you are now looking at "Settings". Now under the "VPN Policies" click the Add button.

Leave the authentication drop-down at its default. Name your policy whatever you wish. You can use spaces here, it doesn't matter.

For "Primary Gateway" you need to enter the IP address of the IPCop firewall. If this address was obtained via DHCP and will be changing, then you will need to set up Dynamic DNS for that box (Google for help on that). The SonicWALL *will* accept a hostname here instead of an IP address if DDNS is in use. For the "Secondary", you can enter 0.0.0.0, or if left blank, the SonicWALL will enter that for you. This would be used if you had a "backup VPN" in place to another box in case this VPN fails.

Enter a secret password into the "Pre-Shared Key" area. You will need to enter this same password on the IPCop firewall. The longer the password is, and the more obscure the characters are (!@#$%^, etc), the better your encryption will be. So be creative.

For your "peer ID's", I would typically recommend using the default which is "IP Address". And normally you would leave the fields blank. But, SonicWALL and IPCop did not handle that well at all. I suggest using something textual such as "E-Mail addresses". The idea here is you would use a contact at the SonicWALL site for the SonicWALL side, and the address of an employee at the IPCop side for the IPCop settings. It doesn't even have to be a real e-mail address, but whatever you enter in these boxes, must match the other side when we are done (local to remote, remote to local).

When done, it will look something like the illustration below. Click the Network Tab to continue.



Things may get tricky here depending on how complicated your network is. We will assume that you have one standard reserved network address on your local network. In our case, the SonicWALL's network is known as "192.168.199.0" with a subnet mask of 255.255.255.0. We could create a new "object" for that address, but instead used the default object, "LAN Primary Subnet". If you have a whole slew of networks, or you want the wireless network to be reachable through the VPN, etc – I would suggest going through this once for one network. When you have success with one network, go back and add the others. Each end of this tunnel must be aware of the other ends networks!

For the Destination Network, we will need to create an object. So click the drop-down under "Choose a network from the list", and then select "Create new address object". You can name this whatever you want, but for the sake of other administrators – or yourself at a later date – use a sensible name (like the network ID itself).

Zone Assignment MUST be set to "VPN"! Next, choose "Network" as the type, and enter in the network ID information for the IPCop side of things.



Click "OK" when done, and you should have something like this …



Now, click the Proposals tab. We will have to make a few changes here to find a middle ground between our two different ends of this tunnel.

For Exchange, choose Main Mode. For DH Group, choose "Group 2". Note that we also want Group 2 down below, but we can't change that (and don't need to) unless "Perfect Forward Secrecy" is enabled. For Encryption, go with "3DES" (aka Triple DES). Authentication, "MD5". Could we go with better encryption? Probably. But SonicWALL tends to have a harder time working with other devices when using stronger protocols. If you want this to work well, stick to this path. For lifetime, go with the default. We will match this on the other side. For those keeping track, 28800 seconds translates to 8 hours.

When you are all done here, it should look like this …



On the Advanced tab, there is not much that will need changed here. I like to enable a "keep alive" on one end of the VPN tunnel. This will keep the tunnel up, even when no traffic is being passed through it. In most cases, you want that kind of functionality. The alternative is a tunnel that is built "on the fly" when users start trying to send traffic through it.

You may also want to enable NetBIOS. I often do for my customers. But if this was my network, I wouldn't want Windows broadcasts going through my tunnel. This should be a routed network! Theres a good reason that broadcasts are not routable. Additionally, if you enable that here, you may be in trouble with how the IPCop handles it at the other end.

Leave this other options alone. You're done here. Click "OK".



The SonicWALL will go ahead and enable this policy for you. Since only one end is complete, you should disable it. Find the little checkbox under "Enable" and uncheck it.

Now, you are halfway there.

Step #2 Configure the IPCop side of the tunnel.
Connect to your IPCop's web administration. This can probably only be done from the LAN side, unless you have enabled remote administration. Remote administration for an IPCop box is tricky, as it entails setting up SSH – and configuring an SSH tunnel at the remote end. Again, use Google or the Ipcops.com forums for help on that.

From the admin interface, click "VPN's" and "VPN's" as the only choice. If you are an OpenVPN user as well, you should be happy that these two seem to work together without any problems.

On the "Global Settings" screen, enter the IP address or hostname of this IPCop firewall if it's not all read there. For the MTU, you will need to enter "1500", or you will have serious problems. The SonicWALL defaults to 1500. Do not enable the VPN yet. Click "Save" toward the lower right of these settings. Smile.

Now scroll down a bit to "Connection status and control" and click the "Add" button lingering around the lower center.

We will be building a "Net to Net", so choose that second option and then click "Add".

For name, choose anything you want. But it must be one big word without spaces or special characters. For the "IPCop side" leave the default setting of "left" (this is an obscure reference to Open SWAN settings).

In the Remote Host box, enter the IP address of the SonicWALL. This is the "public address" which should be reachable from the Internet.

For "Local Subnet" enter the ID of this IPCop's network. All ready in there? Good! Leave it alone. For the Remote Subnet, enter the SonicWALL's network ID in the same fashion. Network ID first, then a forward slash, then the subnet mask (for us it was 192.168.199.0/255.255.255.0).

Leave "Dead peer detection" at its default, "restart". If the VPN goes to hell in a hand-basket, it will drop and re-establish itself.

For "Options", we will need to enter Local and Remote ID's. As I mentioned earlier, these are textual. Normally, the IP address is used. But I had problems with that. My advice, use email addresses. You will need to put an "@" symbol in front of them.

So for Local ID, put in the address used as the remote "Peer ID" of the SonicWALL. Then for "Remote", use the local "Peer ID" that you used on the SonicWALL. Be sure to put them in with @ symbols leading the address, but of course still plant the @ symbol in the address where it belongs (such as "@steve.ballantyne@gmail.com").

The "Remark" is just a comment. Leave it blank.

For Authentication, we need to enter our Pre-Shared Key (the secret password). This should match what we used on our SonicWALL to a tee, or this won't get off the runway. Before clicking "Save" at the bottom, scroll up and uncheck the "Enable" at the top. We aren't ready to bring this up just yet! Now, click Save.

No errors? So far, so good. Scroll down to your new VPN under "Connection status and control" and find the edit button. It looks like a little pencil. Double check your settings for consistency.

Now scroll all the way to the bottom and click "Advanced".

NOTE: In some areas, there will be two options set (such as Grouptype). That will only confuse the SonicWALL and make life miserable for you. De-select all but what we specify (if it's darkened, or highlighted, it's selected).

IKE Encryption: 3DES
IKE Integrity: MD5
IKE Grouptype: MODP-1024 (this equates to "Group 2")
IKE Lifetime: 8 hours (you will need to change this)

ESP Encryption: 3DES
ESP Integrity: MD5
ESP Groutype: MODP-1024
ESP Keylife: 8 hours

Uncheck all other options at the bottom, including "PFS".

It looks like the picture below … Click Save.



Before bringing up your tunnel, you should probably be ready to debug it. So SSH into the IPCop firewall, and run "tail –f /var/log/messages". You will be watching your log running by. If it's moving too fast, that indicates a busy network … which means your timing probably isn't good for making network changes. ;-)

If possible, get the SonicWALL Administration web page open too and head into the Log area. Now we can be ready for any error messages that hit.

Enable the IPCop side first by checking "Enabled" and "VPN on Green" and clicking the Save button. You should see some stuff roll into your log. Let it settle down.

Now go to the SonicWALL, click VPN > Settings. Enable the VPN we created earlier. Watch the IPCop log now as it fills up with interesting stuff. This is not so easily read but should indicate a Phase 1, Phase 2 success followed by some confirmation messages.

Now, on the SonicWALL side, refresh your browser window. You are looking to see a "green light" on the VPN connection, as well as an active connection status displayed at the bottom. A green light does *not* indicate success. I have had many green lights that were actually crippled non-working tunnels.

On the SonicWALL, go into the Log and see what you have. You should see several messages, the last of which will be "SA Added" indicating success. No such luck? Start debugging.

The good news is that if it didn't work, it's probably just a mis-match in settings. The bad news is that there are a lot of things to look over and the error messages generally are not all that helpful. So check, double check, and re-check the settings at both ends. One small typo will blow the whole thing up.

To test your VPN you can (depending on your access rules) try pinging hosts. From the SonicWALL you can click System > Diagnostic and use the Ping utility. Do not try to ping the public addresses of the firewalls, and do not ping the private addresses of the firewalls themselves. The SonicWALL will not allow you to, and the IPCop will probably lie about where the reply is actually coming from. Rather, find a host on either end that will allow ICMP traffic and ping back and forth – and ping those.

Does it all work? Good. If you are have checked everything, and can't seem to get things to work, feel free to contact me. Just know that you understand your own networks far better than I do, so a resolution may be difficult coming from someone outside.

Enjoy,

-Steve Ballantyne

http://steveballantyne.blogspot.com/2006/12/building-site-to-site-vpn-tunnel.html

BitDefender發佈「超級工廠」Stuxnet病毒專殺工具

Stuxnet蠕蟲病毒也就是「超級工廠」病毒是世界上首個專門針對工業控制系統編寫的破壞性病毒, 能夠利用對Windows系統和西門子Simatic WinCC系統的7個漏洞進行攻擊。該病毒威力不小,之前曾造成伊朗核電站推遲發電,在今年9月份,該病毒流傳到了我國。

Stuxnet蠕蟲病毒對西門子Simatic WinCC系統危害更甚,會對其監控與數據採集(SCADA)系統進行攻擊,由於該系統在我國的多個重要行業應用廣泛,被用來進行鋼鐵、電力、能源、化工 等重要行業的人機交互與監控,所以如何查殺該病毒對於此類企業尤為重要。

近日BitDefender發佈了Stuxnet病毒的專殺工具,支持32位和64位系統,能完全清除目前所發現的所有Stuxnet變種,這其中也包括對Stuxnet蠕蟲殘留在系統中的Rootkit驅動程序的清除。

Stuxnet蠕蟲專殺工具官方下載
http://www.malwarecity.com/community/index.php?app=downloads&showfile=12

BitDefender中國在官方網站上描述道:「BitDefender最早於7月中旬發現超級工廠病毒Win32.Worm.Stuxnet, 超級工廠病毒Stuxnet的目的不像一般的病毒,干擾電腦正常運行或盜竊用戶財產和隱私,其最終目的是入侵Simatic WinCC SCADA系統,該系統主要被用做工業控制系統,能夠監控工業生產、基礎設施或基於設施的工業流程。類似的系統在全球範圍內被廣泛地應用於輸油管道、發電 廠、大型通信系統、機場、輪船甚至軍事設施。

『超級工廠』利用的是微軟的零日漏洞進行系統攻擊和進行傳播的,而且會通過可移動磁盤來傳播。它由一個惡意構造的Lnk文件和一個動態庫構成。通過 偽裝RealTek與JMicron兩大公司的數字簽名,從而順利繞過安全產品的檢測,當用戶打開U盤時,無需點擊任何程序,僅查看該病毒文件,該文件就 可以利用多個Windows漏洞加載起來,從而執行具有破壞行為的惡意代碼。」

BitDefender在線威脅病毒實驗室主管Catalin Cosoi表示:「BitDefender於7月19號將Stuxnet蠕蟲簽名正式加入到BitDefender病毒庫中,防止該蠕蟲通過零日漏洞感染 更多的電腦。當然我們考慮到為了幫助全球千萬用戶免受該蠕蟲的攻擊,我們特發佈了針對該蠕蟲的專殺工具。即使您的電腦沒有安裝BitDefender,也 可以免費下載該專殺工具來徹底查殺Stuxnet蠕蟲」

http://news.mydrivers.com/1/176/176940.htm

2010年10月14日星期四

Free Video Converter update CUDA

Faster video conversion with CUDA technology

Freemake Video Converter has recently integrated NVIDIA CUDA technology for faster and more efficient video conversion.

By outsourcing tasks normally handled by CPU to the graphics card, CUDA not only increases the program performance dramatically but also provides a significant acceleration of the entire conversion process. Now if your PC is equipped with NVIDIA-powered graphics card and the card driver is updated, you can feel all the benefits of CUDA-accelerated conversion.

Update your Freemake Video Converter here.

This is Free Video Converter

Freemake offers absolutely free programs developed as alternatives to paid ones. Make sure that our free video converter is freeware in the truest sense of the word: no adware, no spyware, no toolbars, no online registration!

2010年10月13日星期三

VB100十月殺毒軟件測試報告出爐 全年回顧

VB100 Award獎項(通稱VB100殺毒認證)是英國著名的獨立病毒測試中心Virus Bulletin以世界性組織Wild List病毒資料庫作為病毒來源,對世界各國的防病毒軟件進行測試後,診斷率100%、誤診率0%時賦予的獎項,VB100是非商業性組織,測試嚴格,在 業界內贏得了極好的口碑。近日,VB100出爐了10月份測試結果,此次的測試平台是Windows Server 2003。VB100會在每年的偶數月份發佈報告,由於Windows Server 2003並不是主要面向普通PC用戶推出的版本,所以VB100在4月份和8月份基於Windows XP和Vista的測試報告更具有參考性。

從10月份的VB100測試報告中可以看出,眾多知名國外殺毒軟件都通過了認證,比如Avast、AVG、小紅 傘、BitDefender、卡巴斯基等等。很多用戶比較關注的微軟免費殺毒軟件MSE並未參與此次測評,原因很簡單,它不支持Windows Server 2003平台。我國部分殺毒軟件廠商也參與了測試,其中可牛殺毒軟件等通過了認證,不過可牛殺毒軟件採用了卡巴斯基殺毒引擎,能通過此次測試也不足為奇。

VB100十月测试报告:两款国内杀软获认证

正如本文開頭所述,4月份和8月份的VB100殺毒軟件測試報告對於普通用戶來說更具參考性,所以下面我們再來回顧一下這兩個月份的測試結果。

4月份VB100測試基於Windows XP平台,8月份測試基於Windows Vista SP2企業版本,Avast、AVG、小紅傘、F-Secure、卡巴斯基、Sophos、賽門鐵克這些大家耳熟能詳的殺毒軟件都是全部通過,無論你是XP用戶還是Vista用戶,上述這些殺毒軟件絕對是不錯的選擇。

完整測試結果如下:

VB100十月测试报告:两款国内杀软获认证
 「×」表示未通過測試,「方塊」表示未參與測試,帶有VIRUS100 Logo表示通過測試

http://news.mydrivers.com/1/176/176757.htm

網管 7 武器

Seven Secret Weapons for Network Management on a Budget
http://www.cio.com/article/623863/Seven_Secret_Weapons_for_Network_Management_on_a_Budget?page=1#slideshow

http://www.networkworld.com/slideshows/2010/101110-seven-secret-foss-weapons-for-net-mgt-ciscosubnet.html