Posts Tagged ‘Desktop’

Cannot Delete file on Desktop on Windows XP – The process cannot access the file because it is being used by another process.

Wednesday, August 13th, 2014

delete-locked-file-in-windows-xp-7-cannot-delete-file-on-desktop-windows-xp-file-used-by-another-process-solution-fix
I had to fix recently another Windows XP infected with plenty of malicious malware. I've used tips from http://malwaretips.com/blogs/ and launch all suggested tools to cleanup the PC. Some few thousands of infections were cleaned and the PC started working much better than earlier, however still there was one weird issue on the Windows XP desktop there was an .exe file hanging with 0 bytes size and whenever I tried to delete the file either from GUI or command line with (del command) it refused to delete with error:
 

The process cannot access the file because it is being used by another process.


Well the message clearly shows, the file can't be deleted because some program was using it however I couldn't see any program that has locked the .exe file. I've checked that in (Windows Task Manager) run from

Start -> Run:

taskmgr


I've done a quick search online to see, whether someone has fixed the issues, and saw many threads talking about the issue suggesting that the issue got solved Windows XP OS re-install, as this was not an option for me because the PC's reinstall would be at least a 2 day time work, plus it contains some programs which will probably be hard to freshly install, because they're no longed supported.

Finally I've seen in this thread suggestion to try to kill Windows Explorer after you have opened windows with windows cmd.exe because this will prevent the .exe file being locked by Windows Explorer and will allow it to be deleted with del command. This actually worked. I've launched

Start -> Run

taskmgr

windows-kill-explorer-process-to-delete-explorer-locked-file-on-windows-xp-desktop

and

cmd.exe

Found explorer.exe process and killed it, this makes the whole desktop (icons, start menu etc. disappear) – as Windows Explorer is main managing Windows app. Then using Alt+Tab to switch to Command Prompt window deleted it with:
 

del  Process_that_cannot_be_killed.exe


And finally succesfully deleted it 🙂

Share this on

Linux convert and read .mht (Microsoft html) file format. MHT format explained

Thursday, June 5th, 2014

linux-open-and-convert-mht-file-format-to-html-howto
If you're using Linux as a Desktop system sooner or later you will receive an email with instructions or an html page stored in .mht file format.
So what is mht? MHT is an webpage archive format (short for MIME HTML document). MHTML saves the Web page content and incorporates external resources, such as images, applets, Flash animations and so on, into HTML documents. Usually those .mht files were produced with Microsoft Internet Explorer – saving pages through:

File -> Save As (Save WebPage) dialog saves pages in .MHT.

To open those .mht files on Linux, where Firefox is available add the UNMHT FF Extension to browser. Besides allowing you to view MHT on Linux, whether some customer is requiring a copy of an HTML page in MHT, UNMHT allows you to also save complete web pages, including text and graphics, into a MHT file.
There is also support for Google Chrome browser for MHT opening and saving via a plugin called IETAB. But unfortunately IETAB is not supported in Linux.
Anyways IETAB is worthy to mention here as if your'e a Windows users and you want to browse pages compatible only with Internet Explorer, IETAB will emulates exactly IE by using IE rendering engine in Chrome  and supports Active X Controls. IETAB is a great extension for QA (web testers) using Windows for desktop who prefer to not use IE for security reasons. IETab supports IE6, IE7, IE8 and IE9.

Another way to convert .MHT content file into HTML is to use Linux KDE's mhttohtml tool.

linux-kde-converter-mhttohtml

Another approach to open .MHT files in Linux is to use Opera browser for Linux which has support for .MHT

Note that because MHT files could be storing potentially malicious content (like embedded Malware) it is always wise when opening MHT on Windows to assure you have scanned the file with Antivirus program. Often mails containing .MHT from unknown recipients are containing viruses or malware. Also links embedded into MHT file could easily expose you to spoof attacks. MHT files are encoded in combination of plain text MIMEs and BASE64 encoding scheme, MHT's mimetype is:

MIME type: message/rfc822
 

Share this on

MySQL SSL Configure Howto – How to Make MySQL communication secured

Wednesday, January 15th, 2014

mysql-over-ssl-how-to-configure-logo how to configure ssl on mysql server

Recently I've been asked How to make communication to MySQL database encrypted. The question was raised by a fellow developer who works on developing a Desktop standalone application in Delphi Programming Language with DevArt an (SQL Connection Component capable to connect Delphi applications to multiple databases like MySQL, Oracle, PostgreSQL, Interbase, Firebird etc.

Communicating in Secured form to MySQL database is not common task to do, as MySQL usually communicates to applications hosted on same server or applications to communicate to MySQL are in secured DMZ or administrated via phpMyAdmin web interface.

MySQL supports encrypted connections to itself using Secure Socket Layer (SSL) encryption. Setting up MySQL db to be communicated encrypted is a must for standalone Desktop applications which has to extract / insert data via remote SQL.
Configuring SQL to support communicated queries encrpytion is supported by default and easily configured on most standard Linux version distributions (Debian, RHEL, Fedora) with no need to recompile it.
1. Generate SSL Certificates

$ mkdir /etc/mysql-ssl && cd mysql-ssl

# Create CA certificate
$ openssl genrsa 2048 > ca-key.pem
$ openssl req -new -x509 -nodes -days 3600 \
         -key ca-key.pem -out ca-cert.pem

Create server certificate, remove passphrase, and sign it
server-cert.pem is public key, server-key.pem is private key
$ openssl req -newkey rsa:2048 -days 3600 \
         -nodes -keyout server-key.pem -out server-req.pem

$ openssl rsa -in server-key.pem -out server-key.pem
$ openssl x509 -req -in server-req.pem -days 3600 \
         -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem

Create client certificate, remove passphrase, and sign it
client-cert.pem is public key and client-key.pem is private key
$ openssl req -newkey rsa:2048 -days 3600 \
         -nodes -keyout client-key.pem -out client-req.pem

$ openssl rsa -in client-key.pem -out client-key.pem
$ openssl x509 -req -in client-req.pem -days 3600 \
         -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem

After generating the certificates, verify them:

$ openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem
 

2. Add SSL support variables to my.cnf

Once SSL key pair files are generated in order to active SSL encryption support in MySQL server, add to (/etc/my.cnf,  /etc/mysql/my.cnf, /usr/local/etc/my.cnf … ) or wherever config is depending on distro

# SSL
ssl-ca=/etc/mysql-ssl/ca-cert.pem
ssl-cert=/etc/mysql-ssl/server-cert.pem
ssl-key=/etc/mysql-ssl/server-key.pem

3. Restart MySQL server

/etc/init.d/mysqld restart
...

4. Create SQL user to require SSL login

Create new user with access to database;

GRANT ALL ON Sql_User_DB.* TO Sql_User@localhost;
FLUSH PRIVILEGES;

To create administrator privileges user:

GRANT ALL PRIVILEGES ON *.* TO ‘ssluser’@'%’ IDENTIFIED BY ‘pass’ REQUIRE SSL;
FLUSH PRIVILEGES;

5. Test SSL Connection with MySQL CLI client or with few lines of PHP

To use mysql cli for testing whether SSL connection works:

$ mysql -u ssluser -p'pass' –ssl-ca /etc/mysql-ssl/client-cert.pem –ssl-cert /etc/mysql-ssl/client-key.pem

Once connected to MySQL to verify SSL connection works fine:

mysql> SHOW STATUS LIKE 'Ssl_Cipher';
 +---------------+--------------------+
| Variable_name | Value              |
 +---------------+--------------------+
| Ssl_cipher    | DHE-RSA-AES256-SHA |
+---------------+--------------------+

If you get this output this means MySQL SSL Connection is working as should.

Alternative way is to use test-mysqli-ssl.php script to test availability to mysql over SSL.

$conn=mysqli_init();
mysqli_ssl_set($conn, '/etc/mysql-ssl/client-key.pem', '/etc/mysql-ssl/client-cert.pem', NULL, NULL, NULL);
if (!mysqli_real_connect($conn, '127.0.0.1', 'ssluser', 'pass')) { die(); }
$res = mysqli_query($conn, 'SHOW STATUS like "Ssl_cipher"');
print_r(mysqli_fetch_row($res));
mysqli_close($conn);

Note: Change username password according to your user / pass before using the script

That's all now you have mysql communicating queries data over SSL

 

Share this on

Torus Trooper – Cool 3D Tunnel Speed Up Spaceship game for Linux

Wednesday, December 18th, 2013

Torus Trooper linux tunnel 3d fast pace speed up game screenshot

Whether you're looking for a game to kill some time and enjoy the old "spaceship shoot and run games" check out Torus Trooper.
Originally game was developed for MS Windows and is remake of an old Atari Arcade Game Tempest.

Those who played Tempest know well that this game was revolution for its time and probably remember also a similar world famous Space Duel game.

Arcade atari old scool tunnel game tempest one of atari pre 3d game classics

Atari's Tempest Arcade game

The objective of Torus Trooper is mega simple as in most arcade games. You're speeding up through a tunnel all time with a spaceship with the only goal to kill as many enemies  as you can and survive as longer as possible. Playing the game you can get some memories of demoscene tracked music, future crew Second Reality / Unreal demos. Game was created by ABA GAMES company, authors Tumiki Fighters and GunRoar another 2 nice 2D Linux arcade games.

TUMIKI Fighters the boss level 1, 2d linux arcade game classic

Tumiki Fighters

Gunroar another cool linux arcade 2d game

GunRoar

Probably best thing of Torus Trooper is its nice graphics and superb demoscene like soundtrack.
I truely love the pace of the game, raising up the player adrenaline in minutes.
To install in a bundle Torus-Trooper Tumiki Fighters and Gunroar on Debian / Ubuntu Linux run the usual:

debian:~# apt-get install --yes torus-trooper tumiki-fighters gunroar
...

There is also a variation of torus-trooper called Torus Trooper, install and give it a try as well;

debian:~# apt-get install -yes torus-trooper-pure
...

In my humble opinion Torus-trooper is among golden games every Linux gamer should have installed on his Desktop.
Enjoy 🙂
 

Share this on

FreeBSD Desktop: Allow All system users to mount CDROM, DVD, USB Devices and other external devices

Friday, November 16th, 2012

freebsd allow all system users to mount CD  DVD USB in GNOME and KDE desktop - freebsd power to serve logo

Users who use FreeBSD for multiple logins Desktop host or in universities multiple login Desktop  shared user PCs will have problems with mounting CD and DVD Roms, Usbs and other external devices. To mount any of those a root or toor superuser  will be required and this makes a really bad impression to the novice users, making them think FreeBSD is user unfriendly, where in reality it was just build to behave so with higher security in mind.
This ruins a whole user GNOME experience and disappoints the end user, especially if the user is just a person who needs to do some browsing and copy few files from and to the host.
This prevents udevd and auto mount in GNOME and  KDE GUI environments to be unable to automatically mount and unmount CD / DVDs and USBS where plugged or unplugged but instead just poping up permission errors whether CD or USB is attached.
Thanksfully, you can change this behavior to make FreeBSD a bit more user friendly and of course 'less secure' by few simple commands 🙂

Here is how:

freebsd# sysctl -w vfs.usermount=1

vfs.usermount: 0 -> 1

echo 'vfs.usermount=1' >> /etc/sysctl.conf

What is required next is to add all devices which will be mountable by all users in /dev/devfs.conf.

To get a list of devices do:
freebsd# camcontrol devlist

at scbus0 target 0 lun 0 (pass0,da0) at scbus1 target 3 lun 0 (pass1,sa0) at scbus1 target 6 lun 0 (pass2,cd0) #

Most USB devices are recognized and assigned as /dev/da0, and almost all CD and DVD Rom devices will be initialized by kernel as /dev/cd0, however if you get something different just set the appropriate vals.

a) Add permission records for CD / DVD ROM in /etc/devfs.conf
freebsd# echo 'own /dev/da0 root:operator' >> /etc/devfs.conf
freebsd# echo 'perm /dev/da00 0666' >> /etc/devfs.conf

b) Add permission records for USBs in /dev/devfs.conf

freebsd# echo '## allow member of operator to mount cdrom' >> /etc/devfs.conf
freebsd# echo 'own /dev/cd0 root:operator' >> /etc/devfs.conf
freebsd# echo 'perm /dev/cd0 0660' >> /etc/devfs.conf

To allow, all present system users to have access to mount USB, CD / DVD roms, it is necessery to add all users to the operator, group. This is a security bad practice as this will make allow all users to have extra permissions to binaries on the system owned or allowed to be accessed by operator group. However for home computers, where you, your sister and a bunch of good friends have accounts, security shouldn't be of a great concern.

If you know well all your users and you have disabled SSH on the system and security is not of top priority run:

freebsd# /usr/local/bin/bash
root@freebsd~# for i in /home/*; do user=$(echo $i|sed -e 's#/home/##g'); do \
pw groupmod operator -m $user; \
done

Onwards, you can check few users to see to see if they are added to operator group

freebsd$ id
uid=1001(hipo) gid=1001(hipo) groups=1001(hipo),0(wheel),5(operator)

Well that's all now your GNOME hal process – (Hardware Abstraction Layer) will be able to manage CD / DVDs and USBs with no more weird errors.

This article was inspired by cybercity's Allow normal users to mount CDROMs DVDs and USB devices. So thanks 'em for being a source of inspiration.

Enjoy 🙂

Share this on

How to use Skype from Web from Windows PCs where stand alone desktop client is forbidden to install and use

Saturday, November 3rd, 2012

Skype web login screen - use skype from a web page, website to use skype, skype calls from the internet

I'm studying in HAN University (University of Applied Sciences Arnhem and Nijmegen). There they use Windows Domain Controller systems, where each student can login with his university access account from a Desktop PCs located in the University Library or few other Computer Labs and so called room places (they use to call boxes – where students can use a Desktop PC). Each student account is automatically logged in the central Windows Controller. All PCs in the domain controller are installed to run Windows 7 and user logins are bundled with a bunch of most useful programs, out of this Administrator choosen and university needs programs one cannot install or Run programs.

Therefore one can't Install and Run Skype Desktop Installer without Administrator access on the Domain Controller (group) and since normal user accounts like mine did not have such I'm unable to use Skype. As I need Skype daily not only for enjoyment but also to communicate with people with whom I work, I needed to be able to run Skype on this PCs. I suspected online there should be some possibility to use Skype via some Software as A Service (SAS) application and actually there is the server is called IMO.IM ( http://www.imo.im ) . It is a website via which user can login to a multitude of messengers i.e. :

IMO, Skype, Gtalk, AIM / ICQ, Yahoo, Steam, Jabber, Hyves, Facebook, VKontakte

Before I use the service I was a bit sceptical, cause probably there are many websites out there which are SCAM sites to collect Skype usernames and passwords, thanksfully imo.im turned to not one of this 🙂

skype via web page / use web skype client imo.im - nice web skype chat and skype calls

The interface of imo.im web Skype Clientis really great and very similar and even maybe a bit better than Skype's interface itself. Besides having support for Skype chat it also supports Skype Calls and maybe even Skype Calls with Camera?
I never tested Skype Calls though, so I can't positively confirm if they work or not, but if IMO Skype Calls are probably implemented using Adobe Flash most likely Skype calls should work fine too. Of course from security stand point it is very bad idea to login in imo.im, though password is transferred to it via ( Secure SSL https ) a person determined to sniff and decrypt your SSL connection can still do it if he tries hard. Moreover that probably imo.im, stores the login username and passwords of every user inside their database "for further reference" and "anti-fraud" government policies  🙂

Share this on

How to disable Debian GNU / Linux (Squeeze) Apache 2 version reporting to improve security – Hide Apache server version

Friday, October 5th, 2012

Debian GNU / Linux's Apache default behavior is to report Apache server name, version and Linux distribution version and codename.
This is shown as a minor security leak in many Security Scanner (audit) software like Nessus. It reveals a vital information which could help malicious attacker later to use exploit if the version number in question is vulnerable.

The quickest way to check, either Apache versioning and distro info is disabled is with telnet:

hipo@noah:~/Desktop$ telnet pc-freak.net 80
Trying 83.228.93.76…
Connected to pc-freak.net.
Escape character is '^]'.
HEAD / HTTP/1.0

Connection closed by foreign host.
hipo@noah:~/Desktop$ telnet pc-freak.net 80
Trying 83.228.93.76…
Connected to pc-freak.net.
Escape character is '^]'.
HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Fri, 05 Oct 2012 10:48:36 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze14
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

Disabling this Distro version codename and version number reporting on Debian is done by changing in file /etc/apache2/conf.d/security directives:


ServerTokens OS
ServerSignature On

to


ServerSignature Off
ServerTokens ProductOnly

Here important note to make is if you try adding:

ServerSignature Off and ServerTokens Prod straight in Debian general config /etc/apache2/apache2.conf, but did not change the settings set for the vars through /etc/apache2/conf.d/security; settings from /etc/apache2/conf.d/security will overwrite ServerSignature / ServerTokens settings set in /etc/apache2/apache2.conf

I tried this myself (forgotting about /etc/apache2/conf.d/security) and adding both variables straight in apache2.conf. After Apache restart Apache version number and type of distribution continued be returned by the WebServer.
I thought something specific changed in Debian Squeeze – Apache/2.2.16 so this two variables are probably not working so I did a quick research online seing other people complaining also unable to disable Apache ver and Linux distro version and looking for a reason why. Well anyways if you happen to also ponder, why ServerSignature Off and ServerTokens ProductOnly does not take effect keep in mind it is due to overwritten settings via /etc/apache2/conf.d/security, changing the values there and restarting Apache and you're done 🙂

To make sure 100% Apache is no longer returning exact version number and host installed distro type, use telnet again:

hipo@noah:~/Desktop$ telnet pc-freak.net 80
Trying 83.228.93.76…
Connected to pc-freak.net.
Escape character is '^]'.
HEAD / HTTP/1.0

Connection closed by foreign host.

Share this on

GNOME Desktop environment turns 15 – Happy Birthday GNOME :)

Saturday, August 18th, 2012

Happy 15 birthday to GNOME project

On 15 August one day before Debian Linux birthday and Debian manifesto announcement another important project for free software realm came to existence. On 15 Aug 1997 Miguel de Icaza, posted announcement explaining the major goals of the GNOME – GNOME Desktop project
The original announcement of GNOME Desktop Project can be read here
Last year GNOME has went through severe ups and downs, it was criticized and decredited by many of the true “believers” in the project because of the drastic turn the project does. Lest the ups and down, GNOME project is one of the most succesful free software project and in my view the most succesful FOSS software GUI.

Its interesting fact two major free software projects celebrate birthdays with 1 day difference. This makes August a major month for free softwar 🙂 As a long term Debian and GNOME user I felt obliged to drop few lines in thanks and congrats to GNOME which powers my desktop for 8 years already.

Happy Birthday GNOME! Happy Free Software month ! 🙂
Debian and GNOME happy birthday anniversary

Share this on

30 years anniversary of the first mass produced portable computer COMPAQ Grid Compass 1011

Thursday, July 19th, 2012

Grid Notebook Big screen logo

Today it is considered the modern laptop (portable computers) are turning 30 years old. The notebook grandparent is a COMPAQGRiD Compass 1011 – a “mobile computer” with a electroluminescent display (ELD) screen supporting resolution of 320×240 pixels. The screen allowed the user to use the computer console in a text resolution of 80×24 chars. This portable high-tech gadget was equipped with magnesium alloy case, an Inten 8086 CPU (XT processor) at 8Mhz (like my old desktop pravetz pc 😉 ), 340 kilobyte (internal non-removable magnetic bubble memory and even a 1,200 bit/s modem!

COMPAQ Grid Compass considered first laptop / notebook on earthy 30 anniversary of the portable computer

The machine was uniquely compatible for its time as one could easily attach devices such as floppy 5.25 inch drives and external (10 Meg) hard disk via IEEE-488 I/O compatible protocol called GPiB (General Purpose instrumental Bus).

First mass prdocued portable computer laptop grid COMPAQ 11011 back side input peripherals

The laptop had also unique small weight of only 5 kg and a rechargable batteries with a power unit (like modern laptops) connectable to a normal (110/220 V) room plug.

First notebook in World ever the COMPAQ grid Compass 1101,br />
The machine was bundled with an own specificly written OS GRiD-OS. GRID-OS could only run a specialized software so this made the application available a bit limited.
Shortly after market introduction because of the incompitablity of GRID-OS, grid was shipped with MS-DOS v. 2.0.
This primitive laptop computer was developed for serve mainly the needs of business users and military purposes (NASA, U.S. military) etc.

GRID was even used on Space Shuttles during 1980 – 1990s.
The price of the machine in April 1982 when GriD Compass was introduced was the shockingly high – $8150 dollars.

The machine hardware design is quite elegant as you can see on below pic:

 COMPAQ grid laptop 1101 bubbles internal memory

As a computer history geek, I’ve researched further on GRID Compass and found a nice 1:30 hour video telling in detailed presentation retelling the history.

Shortly after COMPAQ’s Grid Compass 1011’s introduction, many other companies started producing similar sized computers; one example for this was the Epson HX-20 notebook. 30 years later, probably around 70% of citizens on the globe owns a laptop or some kind of portable computer device (smartphone, tablet, ultra-book etc.).

Most of computer users owning a desktop nowdays, owns a laptop too for mobility reasons. Interestengly even 30 years later the laptop as we know it is still in a shape (form) very similar to its original predecessor. Today the notebook sales are starting to be overshadowed by tablets and ultra-books (for second quarter laptop sales raised 5% but if compared with 2011, the sales rise is lesser 1.8% – according to data provided by Digital Research agency). There are estimations done by (Forrester Research) pointing until the end of year 2015, sales of notebook substitute portable devices will exceed the overall sales of notebooks. It is manifested today the market dynamics are changing in favour of tabets and the so called next generation laptopsULTRA-BOOKS. It is a mass hype and a marketing lie that Ultra-Books are somehow different from laptops. The difference between a classical laptop and Ultra-Books is the thinner size, less weight and often longer battery use time. Actually Ultra-Books are copying the design concept of Mac MacBook Air trying to resell under a lound name.
Even if in future Ipads, Android tablets, Ultra-Books or whatever kind of mambo-jambo portable devices flood the market, laptops will still be heavily used in future by programmers, office workers, company employees and any person who is in need to do a lot of regular text editting, email use and work with corporative apps. Hence we will see a COMPAC Grid Compass 1011 notebook likes to be dominant until end of the decade.

Share this on

Installing XMMS on Debian Squeeze from a Package / Installing XMMS on Debian – the debian way

Tuesday, July 17th, 2012

installing xmms on debian squeeze linux playing free software song green skin screenshot

I use Debian Linux for my desktop for quite some time; Even though there are plenty of MP3 / CD players around in Debian, I’m used to the good old XMMS, hence I often prefer to use XMMS to play my music instead of newer players like RhythmBox or audacious.
Actually audacious is not bad substitute for XMMS and is by default part of Debian but to me it seems more buggy and tends to crash during playing some music formats more than xmms ….

As most people might know, XMMS is no longer supported in almost all modern Linux distributions, so anyone using Debian, Ubuntu or other deb derivative Linux would have to normally compile it from source.
Compiling from source is time consuming and I think often it doesn’t pay back the effort. Thanksfully, though not officially supported by Debian crew XMMS still can be installed using a deb xmms prebuilt package repository kindly provided by a hacker fellow knuta.

Using the pre-build deb packages, installing xmms on new Debian installs comes to:

debian:~# echo 'deb http://www.pvv.ntnu.no/~knuta/xmms/squeeze ./' >> /etc/apt/sources.list
debian:~# echo 'deb-src http://www.pvv.ntnu.no/~knuta/xmms/squeeze ./' >> /etc/apt/sources.list
debian:~# apt-get update && apt-get -y install xmms

There are also deb xmms built for Ubuntu, so Ubuntu users could install xmms using repositories:

deb http://www.pvv.ntnu.no/~knuta/xmms/karmic ./
deb-src http://www.pvv.ntnu.no/~knuta/xmms/karmic ./
That’s all now xmms is ready to use. Enjoy 🙂

Share this on