IT Solutions

A Friendly Systems BLOG

Browsing Posts published by JWohlfarth

No Gravatar
Skype Technologies S.A. logo
Image via Wikipedia

After setting up Skype then adding more ram to my laptop I started getting an error at shutdown that said “IO Device Notification” not responding .  Found that by editing the registry key HKEY _CURRENT_USER\Control Panel\Desktop, then change the value for AutoEndTasks from 0 to 1 and then reboot… fixed the problem.

Enhanced by Zemanta
No Gravatar

Malwarebytes does not have a resident component in the free version.  However, you can run the following command lines to update and scan your computer.  I have these running as nightly scheduled tasks.  The first updates the program.  The second runs the scan; if it does not find anything it terminates.  The … is the path to where you have installed the program:

…MBAM.exe /runupdate

…MBAM.exe /quickscanterminate

Here is the same command line information for Spybot:

“C:\Program Files\Spybot – Search & Destroy\SDUpdate.exe”  /autoupdate /autoclose

“C:\Program Files\Spybot – Search & Destroy\SpybotSD.exe” /AUTOCHECK /AUTOFIX /AUTOCLOSE

No Gravatar

Excerpt from MS Knowledgebase article:

http://support.microsoft.com/kb/304897

How to test for relay

You can test your SMTP server to determine if it is configured to relay e-mail messages. In the following examples, relay tests 1 through 5 are not accepted by the SMTP server and are immediately rejected. Tests 6 and 7 are accepted by the STMP server, but the e-mail message is not relayed and the server eventually generates an NDR (Non Delivery Report).

To run the following relay tests, first start a Telnet session and connect to port 25 on your SMTP server:

  1. Start a command prompt.
  2. Type telnet ServerName 25, where ServerName is the SMTP server name or IP address and 25 is the port number, and then press ENTER.
  3. Type EHLO, and then press ENTER.

Relay test 1

This is the standard test for SMTP relay. An SMTP client must not be permitted to relay in this manner unless the administrator has specifically permitted it, or unless the client first authenticates. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:UserName@DomainName.tld, where UserName is the name of the user, DomainName is the name of the domain, and tld is the top level domain such as .com or .net.The telnet session responds with text that is similar to the following:

250 2.1.0 UserName@DomainName.tld….Sender OK

  1. Type RCPT TO:RecipientName@DomainName.tld, where RecipientName is the e-mail address of the recipient.The telnet session responds with text that is similar to the following:

550 5.7.1 Unable to relay for RecipientName@ DomainName.tld

Relay test 2

This test is almost the same as relay test 1, but the sender is a local user instead of a user in a remote domain. Because FROM addresses are generally used to gain unauthorized access to a system, the server must not relay the e-mail message. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:LocalUser, where LocalUser is a local e-mail name for a user account in the domain, and then press ENTER.The telnet session responds with text that is similar to the following:

250 2.1.0 LocalUser@DomainName.tld….Sender OK

  1. Type RCPT TO:RecipientName@DomainName.tldThe telnet session responds with text that is similar to the following:

550 5.7.1 Unable to relay for RecipientName@DomainName.tld

Relay test 3

This test is for a NULL or blank FROM envelope address. NDRs and other notifications have a NULL FROM envelope address. However, notifications must not be relayed unless the domain in the TO address is a local domain. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:<>, and then press ENTER.The telnet session responds with text that is similar to the following:

250 2.1.0 <>….Sender OK

  1. Type RCPT TO:RecipientName@DomainName.tldThe telnet session responds with text that is similar to the following:

550 5.7.1 Unable to relay for RecipientName@DomainName.tld

Relay test 4

This test is the same as relay test 2, but the local domain is explicitly added to the e-mail address. An SMTP server that is closed for relay must not relay this e-mail message. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:UserName@DomainName.tld, where DomainName is the name of the local domain, and then press ENTER.The telnet session responds with text that is similar to the following:

250 2.1.0 UserName@DomainName.tld….Sender OK

  1. Type RCPT TO:UserName@DomainName.tld, and then press ENTER.The telnet session responds with text that is similar to the following:

550 5.7.1 Unable to relay for UserName@DomainName.tld

Relay test 5

This test is also the same as relay test 2, but the IP address of the server is used instead of the domain name. Although this address format is generally accepted, the server must not accept relay to a remote domain. In various other tests that use “localhost” or the Domain Name System (DNS) name of the server in the FROM address, the server must not relay e-mail messages that use this approach. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:UserName@10.10.10.10, and then press ENTER.The telnet session responds with text that is similar to the following:

250 2.1.0 UserName@10.10.10.10….Sender OK

  1. Type RCPT TO:UserName@DomainName.tld, and then press ENTER.The telnet session responds with text that is similar to the following:

550 5.7.1 Unable to relay for UserName@DomainName.tld

Relay test 6

This test is specifically for older UNIX-based servers that route e-mail messages by appending the local domain and changing the at sign (@) to a percent symbol (%). The server then relays the mail. Because a percent symbol (%) is a valid character in the local part of the e-mail address, the SMTP server may accept the message and then send an NDR if the directory lookup fails. Microsoft SMTP products are not vulnerable to this kind of relay because the message is not forwarded and an NDR is generated. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:UserName, and then press ENTER.The telnet session responds with text that is similar to the following:

UserName@DomainName.tld….Sender OK

  1. Type RCPT TO:UserName%DomainName.tld, and then press ENTER.The telnet session responds with text that is similar to the following:

250 2.1.5 UserName%DomainName.tld@DomainName.tldUserName@DomainName.tld

Note The local domain is appended to the recipient domain in the e-mail address.

Relay test 7

This test is a variation of relay test 6. Because the quotation mark character (“) is a valid character in the local part of the e-mail address, the SMTP server accepts the message and then sends an NDR if the directory lookup fails. Microsoft SMTP products are not vulnerable to this kind of relay because the message is not forwarded and an NDR is generated. To do this test, follow these steps:

  1. At the Telnet session prompt, type RSET.The telnet session responds with text that is similar to the following:

250 2.0.0 Resetting

  1. Type MAIL FROM:UserName, and then press ENTER.The telnet session responds with text that is similar to the following:

UserName@DomainName.tld….Sender OK

  1. Type RCPT TO:”UserName@DomainName.tld, and then press ENTER.The telnet session responds with text that is similar to the following:

UserName@DomainName.tld“@DomainName.tld

Note The local domain is appended to the recipient domain in the e-mail address.

How to tell whether your SMTP server is closed to relay tests 6 and 7

When you run relay tests 6 and 7 against an Exchange 2000 computer, the tests generate a message to a recipient that does not resolve, and NDRs are received by the mailbox that is specified in Exchange System Manager. You can configure the mailbox for unresolved recipients in the properties of the default SMTP virtual server in the Forward all mail with unresolved recipients to host box on the Messages tab in Exchange System Manager.

The NDRs are evidence that the e-mail messages are not relayed.

Simple fix for Exchange server:

Go into the properties of your SMTP virtual server and check the access/relay tab. make sure that the Only in list below radio button is checked, and that the bottom check box is unchecked. If either of these are checked, Spammers could be using your Exchange server to relay unsolicited email through your network.

No Gravatar

DNS & IP tools:

http://www.kloth.net/services/nslookup.php

http://www.iptools.biz/

No Gravatar

Open Relay Database check:

http://relays.osirusoft.com/cgi-bin/rblcheck.cgi

https://www.au.sorbs.net/lookup.shtml

No Gravatar

List of Blacklist monitoring services:

http://www.ahbl.org/node

http://www.blacklistedip.com/blacklist_directory1.php

http://www.mxtoolbox.com/blacklists.aspx

No Gravatar

%ALLUSERSPROFILE% -Open the All User’s Profile

%HomeDrive% -Opens your home drive e.g. C:\

%UserProfile% -Opens you User’s Profile

%temp% Opens -temporary file Folder

%systemroot% -Opens Windows folder

_________________________________________________

Management Consoles

certmgr.msc –Certificate Manager

ciadv.msc –Indexing Service

compmgmt.msc –Computer management

devmgmt.msc –Device Manager

dfrg.msc –Defragment

diskmgmt.msc –Disk Management

fsmgmt.msc –Folder Sharing Management

eventvwr.msc –Event Viewer

gpedit.msc –Group Policy -XP Pro only

iis.msc –Internet Information Services

lusrmgr.msc –Local Users and Groups

mscorcfg.msc –Net configurations

ntmsmgr.msc –Removable Storage

perfmon.msc –Performance Manager

secpol.msc –Local Security Policy

services.msc –System Services

wmimgmt.msc –Windows Management

____________________________________________________________

Shortcuts

access.cpl –Accessibility Options

hdwwiz.cpl –Add New Hardware Wizard

appwiz.cpl –Add/Remove Programs

timedate.cpl –Date and Time Properties

desk.cpl –Display Properties

inetcpl.cpl –Internet Properties

joy.cpl –Joystick Properties

main.cpl keboard –Keyboard Properties

main.cpl –Mouse Properties

ncpa.cpl –Network Connections

ncpl.cpl –Network Properties

telephon.cpl –Phone and Modem options

powercfg.cpl –Power Management

intl.cpl –Regional settings

mmsys.cpl sounds –Sound Properties

mmsys.cpl –Sounds and Audio Device Properties

sysdm.cpl –System Properties

nusrmgr.cpl –User settings

WINDOWS TRICKS & SHORTCUTS Page 1 of 2

http://www.ozzu.com/mswindows-forum/windows-tricks-shortcuts-t1858-255.html 3/31/2008

firewall.cpl –Firewall Settings (sp2)

wscui.cpl –Security Center (sp2)

_____________________________________________________________

Run Commands

Calc –Calculator

Cfgwiz32 –ISDN Configuration Wizard

Charmap –Character Map

Chkdisk –Repair damaged files

Cleanmgr –Cleans up hard drives

Clipbrd –Windows Clipboard viewer

Cmd –Opens a new Command Window (cmd.exe)

Control –Displays Control Panel

Dcomcnfg –DCOM user security

Debug –Assembly language programming tool

Defrag –Defragmentation tool

Drwatson –Records programs crash & snapshots

Dxdiag –DirectX Diagnostic Utility

Explorer –Windows Explorer

Fontview –Graphical font viewer

Ftp -ftp.exe program

Hostname –Returns Computer’s name

Ipconfig –Displays IP configuration for all network adapters

Jview –Microsoft Command-line Loader for Java classes

MMC –Microsoft Management Console

Msconfig –Configuration to edit startup files

Msinfo32 –Microsoft System Information Utility

Nbtstat –Displays stats and current connections using NetBios over TCP/IP

Netstat –Displays all active network connections

Nslookup–Returns your local DNS server

Ping –Sends data to a specified host/IP

Regedit –Registry Editor

Regsvr32 –Register/de-register DLL/OCX/ActiveX

Regwiz -Registration wizard

Sfc /scannow –System File Checker

Sndrec32 –Sound Recorder

Sndvol32 –Volume control for soundcard

Sysedit –Edit system startup files (config.sys, autoexec.bat, win.ini, etc.)

Taskmgr –Task manager

Telnet –Telnet program

Tracert –Traces and displays all paths required to reach an internet host

Winipcfg –Displays IP configuration

Wupdmgr –Takes you to Microsoft Windows Update

WINDOWS TRICKS & SHORTCUTS Page 2 of 2

From:

http://www.ozzu.com/mswindows-forum/windows-tricks-shortcuts-t1858-255.html 3/31/2008

No Gravatar

Occasionally FinePrint refuses to ‘print’ from within a Terminal Server session.  This seems to come from disconnecting and reconnecting the RDC.  There is a simple fix.  Go to Task Manager and look for the process “fppdis1.exe” (there may be several).  End all of these.  FinePrint will now work.

– James

IT Solutions is using WP-Gravatar