Listen up.
Here's a great way for all you script kiddies to do a good deed and still feel all
l33t about it and everything. Short story.. the Iranian government is clamping down on free speech protesters by shutting down connectivity to social networking sites.
What can you do? Set up a fuckin proxy is what you can do. At least when these people are being shot down in the street like dogs for exercising a basic human right, they will be able to Tweet about it. That sounds trite, but it's true. The worst death is a death without reason. That said...
Step 1 - Pick a box you don't care about trashing.
Step 2 - Install squid or your proxy of choice
Step 3 - set up the following allow rule:
These directions pertain to Squid only.
Inside the text editor search (Control-W) for the line “http_access deny all” and change it to “http_access allow all”. This will make your proxy open and accessible to the world. If you would like to limit your proxy to Iranian IP blocks, you want to change “http_access deny all” to read “http_access allow TRUSTED” add a line (BEFORE the http_access line to setup an access control list [ACL]). This ACL line that defines TRUSTED should read:
I would highly recommend doing this.
acl TRUSTED src 62.60.128.0/17 62.193.0.0/19 62.220.96.0/19 77.36.128.0/17 77.77.64.0/18 77.104.64.0/18 77.237.64.0/19 77.237.160.0/19 77.245.224.0/20 78.38.0.0/15 78.109.192.0/20 78.110.112.0/20 78.111.0.0/20 78.154.32.0/19 78.157.32.0/19 78.158.160.0/19 79.127.0.0/17 79.132.192.0/19 79.170.144.0/21 79.175.128.0/18 80.66.176.0/20 80.69.240.0/20 80.71.112.0/20 80.75.0.0/20 80.191.0.0/16 80.242.0.0/20 80.253.128.0/20 80.253.144.0/20 81.12.0.0/17 81.28.32.0/20 81.28.48.0/20 81.31.160.0/20 81.31.176.0/20 81.90.144.0/20 81.91.128.0/20 81.91.144.0/20 82.99.192.0/18 82.115.0.0/19 83.147.192.0/18 84.47.192.0/18 84.241.0.0/18 85.9.64.0/18 85.15.0.0/18 85.133.128.0/17 85.185.0.0/16 85.198.0.0/18 86.109.32.0/19 87.107.0.0/16 87.247.160.0/19 87.248.128.0/19 89.144.128.0/18 89.165.0.0/17 89.221.80.0/20 89.235.64.0/18 91.98.0.0/15 91.184.64.0/19 91.186.192.0/19 91.206.122.0/23 91.208.165.0/24 91.209.242.0/24 91.212.16.0/24 91.212.19.0/24 91.212.252.0/24 92.42.48.0/21 92.50.0.0/18 92.61.176.0/20 92.62.176.0/20 92.242.192.0/19 93.110.0.0/16 93.190.24.0/21 94.74.128.0/18 94.101.128.0/20 94.101.176.0/20 94.101.240.0/20 94.139.160.0/19 94.182.0.0/15 94.184.0.0/17 94.232.168.0/21 94.241.128.0/18 95.38.0.0/16 95.80.128.0/18 95.81.64.0/18 95.82.0.0/18 95.82.64.0/18 95.130.56.0/21 95.130.240.0/21 188.34.0.0/16 188.93.64.0/21 188.121.96.0/19 188.121.128.0/19 188.136.128.0/17 188.158.0.0/15 193.189.122.0/23 194.225.0.0/16 195.146.32.0/19 212.16.64.0/19 212.33.192.0/19 212.50.224.0/19 212.80.0.0/19 212.95.128.0/19 212.120.192.0/19 213.176.0.0/19 213.176.32.0/19 213.176.64.0/18 213.195.0.0/18 213.207.192.0/18 213.217.32.0/19 213.233.160.0/19 217.11.16.0/20 217.24.144.0/20 217.25.48.0/20 217.64.144.0/20 217.66.192.0/20 217.66.208.0/20 217.146.208.0/20 217.172.96.0/19 217.174.16.0/20 217.218.0.0/15
Those are the Iranian IP blocks in case you're curious.
You should expect this server to be attacked and compromised as the Iranian government realizes it's out there. (Does that sounds bad ass or what?) So implement reasonable counter measures.
My basic approach would be to do this with a knoppix machine on a separate vlan from the rest of my network. Knoppix is a live CD so if the box is trashed you just bounce it and reinstall the proxy. The network stuff is easy enough to do with dd-wrt.
Once your server is up and running please email me@austinheap.com and let him know! He will distribute the proxy address to the Iranian underground.
Now quit scrwing around, grab your Mountain Dew, and get your Jack Bauer on!
-CG
Thursday, June 18, 2009
Wednesday, May 20, 2009
Tuesday, May 19, 2009
When a Speech Impediment is a Viable Alterative for GoToMeeting
In my usual fashion of being behind the times I recently came across a nifty service that is a workable alternative to the WebEx or GoToMeeting type products. Welcome to DimDim. In spite of the fact that the name is reminescent of a Tourette's convenion drunken brawl, they actually have what appears to be a decent offering - and at a killer price point. $19 a month at the time of this writing. Got your attention yet? Thought so.
Now I haven't taken the time to conduct a point by point comparison between DimDim and GTM, but to be honest I don't use either one much so I don't give two shits whether one performs better or how the licensing stacks up between the two, yada yada.
I'm not in the business of free hand jobs so you get to go do your own homework on this one. All the same, this type of service is becomming a commodity so if DimDim can beat out the big players, then you're only dryhumpng yourself if you don't try them out.
-CG
Now I haven't taken the time to conduct a point by point comparison between DimDim and GTM, but to be honest I don't use either one much so I don't give two shits whether one performs better or how the licensing stacks up between the two, yada yada.
I'm not in the business of free hand jobs so you get to go do your own homework on this one. All the same, this type of service is becomming a commodity so if DimDim can beat out the big players, then you're only dryhumpng yourself if you don't try them out.
-CG
Friday, May 15, 2009
The "I Can't Access" Client
It's become apparent to me that Microsoft and organized religion have much in common. A few examples:
1. a Cult-like following for no apparent reason
2. They are convinced that they have the absolute *and only* truth despite any claims or evidence to the contrary - effectively lumping Linux and Wicca into the same category (which is not as far fetched as it may sound)
3. They both need all your money and will do almost anything to get it.
Point three apparently includes kicking your bedpartner off onto the floor in the morning after a great night of high caliber ugly bumping.
"CG, what in the mickey mouse fuck are you talking about," you may ask?
A fair critique.
I give you http://support.microsoft.com/kb/949914
The jist of it is that Microsoft's money grab is causing issues with older versions of the ICA client. You see they updated the encryption of the TSCal from 512 bytes to 2048 bytes.
This plays havoc with older versions of the ICA client because they choke on the new key and consequently take a dump - or actually they write a dump assuming you've got some kind of debugging going on. None the less...
You can't tell me that there's a line of people trying to crack the TS license encryption. Defeating the terminal server license model is trivial. I've never met anyone that honestly cared that much about it. That is of course unless you're using Citrix and in that case you're screwed because upgrading your terminal server build gives your user base the middle finger.
This is where I would normally make some cheeky remark about how maybe Citrix should write some function in their XenApp Server code that causes the server to blue screen, but upon reflection I realize that it's hardly necessary. Microsoft seems to be doing quite well in that regard.
Just in case you were wondering what a 182 billion dollar douche bag looks like.
-CG
1. a Cult-like following for no apparent reason
2. They are convinced that they have the absolute *and only* truth despite any claims or evidence to the contrary - effectively lumping Linux and Wicca into the same category (which is not as far fetched as it may sound)
3. They both need all your money and will do almost anything to get it.
Point three apparently includes kicking your bedpartner off onto the floor in the morning after a great night of high caliber ugly bumping.
"CG, what in the mickey mouse fuck are you talking about," you may ask?
A fair critique.
I give you http://support.microsoft.com/kb/949914
The jist of it is that Microsoft's money grab is causing issues with older versions of the ICA client. You see they updated the encryption of the TSCal from 512 bytes to 2048 bytes.
This plays havoc with older versions of the ICA client because they choke on the new key and consequently take a dump - or actually they write a dump assuming you've got some kind of debugging going on. None the less...
You can't tell me that there's a line of people trying to crack the TS license encryption. Defeating the terminal server license model is trivial. I've never met anyone that honestly cared that much about it. That is of course unless you're using Citrix and in that case you're screwed because upgrading your terminal server build gives your user base the middle finger.
This is where I would normally make some cheeky remark about how maybe Citrix should write some function in their XenApp Server code that causes the server to blue screen, but upon reflection I realize that it's hardly necessary. Microsoft seems to be doing quite well in that regard.
Just in case you were wondering what a 182 billion dollar douche bag looks like.
-CG
Friday, April 17, 2009
License and Proof of Registration Please.
Ya know, Sometimes it's important to know what the original license key for your version of Windows or MSOffice is. For example, you may find yourself needing to conduct an audit to make sure your company is compliant with their Microsoft EULA. You may find yourself needing to identify invalid installations of Windows in your environment. Conversely, you may endeavor to bolster the economy by starting a pirated software clearinghouse. Our economy rests on the shoulders of the small business man, after all.
And if I can provide you with a tool to help make your job easier, then I'm humbled to be of service. The following bit of code will enumerate, decrypt, and provide to you the raw license key for the version of windows or office that you have installed on your server.
'------------------------------
'Begin license auditing code to be used for only legal and ethical purposes-
'Never for nefarious or naughty endeavors. You cheeky monkey.
'-----------------------------
Dim objFS, objShell
Dim strXPKey
Set objShell = CreateObject("WScript.Shell")
strXPKey = objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName")
If Len(strXPKey) > 0 Then
InputBox vbcrlf & "Your Windows Product Key is " & vbcrlf & vbcrlf & vbcrlf & vbcrlf & vbcrlf & "(Use Ctrl + C to copy IP Address to Clipboard)", "Get XP Product Key", GetKey(objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId"))
'// Begin MSOffice Code
'// NOTE: Replace the above code block with this one to enumerate MSOffice Keys.
'// The script has not been tested with both options enabled.
'//
InputBox vbcrlf & "Your Office Product Key is " & vbcrlf & vbcrlf & vbcrlf & vbcrlf & vbcrlf & "(Use Ctrl + C to copy IP Address to Clipboard)", "Get XP Product Key", GetKey(objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\11.0\Registration\{90110409-6000-11D3-8CFE-0150048383C9}\DigitalProductId"))
'//
'// End MS Office Code
End If
'// Here's the money shot.
Function GetKey(rpk)
Const rpkOffset=52:i=28
szPossibleChars="BCDFGHJKMPQRTVWXY2346789"
Do
dwAccumulator=0 : j=14
Do
dwAccumulator=dwAccumulator*256
dwAccumulator=rpk(j+rpkOffset)+dwAccumulator
rpk(j+rpkOffset)=(dwAccumulator\24) and 255
dwAccumulator=dwAccumulator Mod 24
j=j-1
Loop While j>=0
i=i-1 : szProductKey=mid(szPossibleChars,dwAccumulator+1,1)&szProductKey
if (((29-i) Mod 6)=0) and (i<>-1) then
i=i-1 : szProductKey="-"&szProductKey
End If
Loop While i>=0
GetKey=szProductKey
End Function
And if I can provide you with a tool to help make your job easier, then I'm humbled to be of service. The following bit of code will enumerate, decrypt, and provide to you the raw license key for the version of windows or office that you have installed on your server.
'------------------------------
'Begin license auditing code to be used for only legal and ethical purposes-
'Never for nefarious or naughty endeavors. You cheeky monkey.
'-----------------------------
Dim objFS, objShell
Dim strXPKey
Set objShell = CreateObject("WScript.Shell")
strXPKey = objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName")
If Len(strXPKey) > 0 Then
InputBox vbcrlf & "Your Windows Product Key is " & vbcrlf & vbcrlf & vbcrlf & vbcrlf & vbcrlf & "(Use Ctrl + C to copy IP Address to Clipboard)", "Get XP Product Key", GetKey(objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId"))
'// Begin MSOffice Code
'// NOTE: Replace the above code block with this one to enumerate MSOffice Keys.
'// The script has not been tested with both options enabled.
'//
InputBox vbcrlf & "Your Office Product Key is " & vbcrlf & vbcrlf & vbcrlf & vbcrlf & vbcrlf & "(Use Ctrl + C to copy IP Address to Clipboard)", "Get XP Product Key", GetKey(objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\11.0\Registration\{90110409-6000-11D3-8CFE-0150048383C9}\DigitalProductId"))
'//
'// End MS Office Code
End If
'// Here's the money shot.
Function GetKey(rpk)
Const rpkOffset=52:i=28
szPossibleChars="BCDFGHJKMPQRTVWXY2346789"
Do
dwAccumulator=0 : j=14
Do
dwAccumulator=dwAccumulator*256
dwAccumulator=rpk(j+rpkOffset)+dwAccumulator
rpk(j+rpkOffset)=(dwAccumulator\24) and 255
dwAccumulator=dwAccumulator Mod 24
j=j-1
Loop While j>=0
i=i-1 : szProductKey=mid(szPossibleChars,dwAccumulator+1,1)&szProductKey
if (((29-i) Mod 6)=0) and (i<>-1) then
i=i-1 : szProductKey="-"&szProductKey
End If
Loop While i>=0
GetKey=szProductKey
End Function
Friday, March 27, 2009
Destroy Your Printer
Sorry folks it's been a while since I posted, but in all honesty I haven't had much of anything to talk about so I figure why blither on at the expense of your time right?
In any case, this has nothing to do with Citrix, Terminal Services, or SBC, but it it very profound.
Talk about this. Call your printer manufacturer and tell them that you don't appreciate the gleeful fashion with which they sold you down the river. This, my friends is no bullshit. Just goes to show that there is something to be said for the old Knight Rider approach of writing out your ransom notes with random magazine clippings.
-CG
Are you your printer's bitch?
In any case, this has nothing to do with Citrix, Terminal Services, or SBC, but it it very profound.
Talk about this. Call your printer manufacturer and tell them that you don't appreciate the gleeful fashion with which they sold you down the river. This, my friends is no bullshit. Just goes to show that there is something to be said for the old Knight Rider approach of writing out your ransom notes with random magazine clippings.
-CG
Are you your printer's bitch?
Wednesday, February 4, 2009
Citrix Missed Laying off 500 people by "That Much"
So it seems that not even the "Big C" is immune to the faltering economy. In various news sources a few days ago, the mothership announced that it will be shit-canning 500 people. Everyone is trimming the fat these days, but I have to say that I'm a little surprised that Citrix is hurting as badly as it seems to be.
With the economy resembling a steaming pile of llama squat these days, many shops are trying to downsize and consolidate their access infrastructure. EMC has seized on this and has happily been spoonfeeding VMWare deployments to companies that are suddenly finding it difficult to buy corporate jets. There is a very simple reason for that. The vast majority of CPU cycles in any data center are spent waiting around for some kind of user input. Virtualizing idle hardware saves money. Plain and simple. And it saves it immediately. That's important.
So why the woes at Citrix? Could it be that because the up front costs to implement their solutions are so ridiculously high, that they have become prohibitive in a down market? Could it be that the financial pressure is forcing would-be Citrix customers to go to companies like Quest, Ericom, or even (excuse me while I throw up a little in my mouth) plain terminal server?
I don't know. And things are happening so fast that no one really does know or know enough to get their head around it - not even that mad money jackass guy.
So kids, the employment outlook just got a whole lot shittier for you and me. Citrix has effectively taken an upper-decker on the thin market by flooding it with 500 or so (supposedly) qualified engineers. So we just have to sit back and watch them quickly gobble up any market demand that might be floating about.
With a down economy, niche skills get ass-slammed. You need to be able to offer a holistic solution and show a payback on the front end right away in big powerpoint motion-tweened letters. No one wants to hear about ROI when they're just trying to keep the lights on. My advice to any Citrix engineer out there - employed or not - learn VMWare (fuck that Xen stuff), get a development skill (VBScript or preferably powershell and .NET), set yourself up for an alternate source of income with side projects or consulting, update your certs, and downsize your lifestyle.
We'll get through this, but grab your altoids cause it's gonna taste shitty for a while.
-CG
With the economy resembling a steaming pile of llama squat these days, many shops are trying to downsize and consolidate their access infrastructure. EMC has seized on this and has happily been spoonfeeding VMWare deployments to companies that are suddenly finding it difficult to buy corporate jets. There is a very simple reason for that. The vast majority of CPU cycles in any data center are spent waiting around for some kind of user input. Virtualizing idle hardware saves money. Plain and simple. And it saves it immediately. That's important.
So why the woes at Citrix? Could it be that because the up front costs to implement their solutions are so ridiculously high, that they have become prohibitive in a down market? Could it be that the financial pressure is forcing would-be Citrix customers to go to companies like Quest, Ericom, or even (excuse me while I throw up a little in my mouth) plain terminal server?
I don't know. And things are happening so fast that no one really does know or know enough to get their head around it - not even that mad money jackass guy.
So kids, the employment outlook just got a whole lot shittier for you and me. Citrix has effectively taken an upper-decker on the thin market by flooding it with 500 or so (supposedly) qualified engineers. So we just have to sit back and watch them quickly gobble up any market demand that might be floating about.
With a down economy, niche skills get ass-slammed. You need to be able to offer a holistic solution and show a payback on the front end right away in big powerpoint motion-tweened letters. No one wants to hear about ROI when they're just trying to keep the lights on. My advice to any Citrix engineer out there - employed or not - learn VMWare (fuck that Xen stuff), get a development skill (VBScript or preferably powershell and .NET), set yourself up for an alternate source of income with side projects or consulting, update your certs, and downsize your lifestyle.
We'll get through this, but grab your altoids cause it's gonna taste shitty for a while.
-CG
Tuesday, January 13, 2009
Bad ass needs a job
So I have this friend.. I mean seriously, not like when someone says I have a friend and they're really talking about themselves. Because let's be honest.. no one falls for that shit. Not really.
Anyways - so I have a friend that I used to work with that is looking for a job. He's done Citrix for about 5 years and is sharp as a tack. He's also got a hefty package of development skills swinging from his belt to boot. You know what they say about that... once you go .NET you never go back.
So I know that for some reason this blog gets alot of traffic despite the fact that I've completely neglected it. I know times are shitty, but if anyone is looking for a solid engineer I can put you in touch with this person.
I'm not going to get all sentimental about it. You can go ask for reach-arounds on your own time, but I'll leave it at this. I'm not one to put up with dumb people or shitty work. This guy is probably the best engineer I've worked with. If you have an open position you would be a toothless sister-humping fuckwit not to hire him.
-CG
Anyways - so I have a friend that I used to work with that is looking for a job. He's done Citrix for about 5 years and is sharp as a tack. He's also got a hefty package of development skills swinging from his belt to boot. You know what they say about that... once you go .NET you never go back.
So I know that for some reason this blog gets alot of traffic despite the fact that I've completely neglected it. I know times are shitty, but if anyone is looking for a solid engineer I can put you in touch with this person.
I'm not going to get all sentimental about it. You can go ask for reach-arounds on your own time, but I'll leave it at this. I'm not one to put up with dumb people or shitty work. This guy is probably the best engineer I've worked with. If you have an open position you would be a toothless sister-humping fuckwit not to hire him.
-CG
Subscribe to:
Posts (Atom)