Windows Security Software

Over the last few months I've been asked several times what security software I use for my Windows host. I mostly run OS X / Unix, so I may not be the best source of information, but I'll give it a shot.

I sat down with my netbook running Windows XP and looked through everything I do security related. Most of this I don't notice on a day-to-day basis, so I was a little surprised how much there is.

Software:

• Anti-virus: Avast (free for personal use)
• Firewall: Sunbelt Personal Firewall (free for personal use)
• Anti-spyware: Adaware Free and Spybot S&D. Both are free.
• I started playing with Malwarebytes today. Based on the reviews, I would recommend it (again, it's free), but can't yet say for sure how good it is myself.

I also

• only install necessary software,
• read email in my browser instead of a fat-client (I use GMail) and
• only use Internet Explorer when I absolutely must and I feel I can trust the site.

Not reading email in a fat-client means less chance of a virus (Google has malware detection built in) and I don't have to run anti-spam software (again, it comes with GMail).

I run Firefox as my primary browser with a couple plug-ins installed to enhance its security and improve my browsing experience:

• NoScript blocks most scripts on a web page unless I explicitely allow them
• Adblock Plus kills most of the ads on web pages
  
• RequestPolicy allows me to control redirection and cross-site requests

None of these products is the necessarily the best product available, but the combination does seem to work and it's free other than the time to set it up, which was, surprisingly, not bad. It is quite a few packages to keep up to date.

On the otherhand you can pick up an Internet security suite (ISS) and just install one product. If you want to go this route, you might check out Checkpoint's ZoneAlarm Extreme Security. I have not used it, but have heard good things about it.

Norton 360 seems to be getting good reviews, but I haven't used one of their products since Norton became the entry point used by several viruses back around 2005. I find that Norton products do well in reviews but not on the end-user, real-world scoring (see CNet, where it scores four stars in the editors review and one and a half in the users reviews).

Formatting new hard drives in Leopard

I've noticed lately that to get my external disks to work with OS X correctly I have to

1. open Disk Utility,
2. click on the disk (not the slice),
3. click Partition,
4. clear the partition table,
   
5. click Options and change the partition scheme to GUID (Thanks, Charles),
6. create a new single partition and create the new OS X journaled file system

If I don't do this the "underlying operation fails" when Disk Utility attempts to format the hard drive.

Hiding Mounted Drives in OS X

To hide a mounted drive in OS X:

• /Developer/Tools/SetFile -a V Time\ Machine
• sudo killall Finder

To unhide a mounted drive in OS X:

• /Developer/Tools/SetFile -a v Time\ Machine
• sudo killall Finder

I'll have to try to make that pretty later.

Push Google Apps email to the iPhone

Setup your MobileMe account in Google Apps

1. In a web browser log into email on your Google Apps account (not the management screen).
2. Click on Settings (top-right corner)
   
3. Switch to the Accounts tab
4. Add your MobileMe account to the "Send mail as" list
5. Set the radio button under "When receiving a message" to "Always reply from default address".
6. Stay in Settings for the next step.

Forward your Google Apps account to your MobileMe account

1. Switch to the Forwarding and POP/IMAP tab
2. Set "Forward a copy of incoming mail to" to your MobileMe email address and decide what you want to do with the mail that has been forwarded (I leave it in my inbox).
3. Click Save Changes

Configure MobileMe on your iPhone

1. Setup MobileMe push email on the iPhone (not covered here).
2. In the Account Info, SMTP settings (Settings -> Mail, Contacts, Calendars -> "Your Account" -> Account Info -> SMTP), deactivate smtp.me.com.
3. Add a new server smtp.gmail.com.  Put in your user name and password.  Turn on SSL. Authentication should be Password, Server Port should be 587.  Make sure this SMTP server is turned on.

Send a test message to your Google Apps account, verify that it gets pushed to the iPhone.  Reply to the message.  In the sending email account verify that the sending address is your Google Apps account.

Theming Windows

(hey, if you've gotta run it, at least you can make it more attractive)

1. Find the correct version of uxtheme.dll.  Best to Google for this as download locations come and go.
2. Download Replacer.  I used the stable version.  Unzip it, etc.
3. Run Replacer.  
4. Drag the original uxtheme.dll file (c:\windows\system32\uxtheme.dll) onto the command window and hit Enter.
5. Drag the replacement uxtheme.dll file onto the command window and hit Enter.
6. Confirm you want to replace the file.
7. Download themes and install them.  I like OpusOs (deviantart.com).  To install it, download and unzip it, then doubleclick on the OpenOS visual style file.  Changing the wallpaper is up to you.

Setup Mail.app with GMail iMap Quick Reference

Server Settings:

Incoming Mail Server:  imap.gmail.com, port 993 (SSL)

Outgoing Mail Server:  smtp.gmail.com, port 587 (SSL)

Mailbox Behaviors:

Store Draft Messages on the server:  Yes

Store Sent Messages on the server:  No

Delete Sent Messages when:  Never

Store Junk Messages on the server:  Yes

Delete Junk Messages when:  Never

Move deleted messages to the trash folder:  No

Store deleted messages on the server: No

Permanently erase deleted messages when: Never

Disable junk mail filtering if this is the only mail account.

Launchd gem server on Mac OS X

I wanted to have gem server running on my Mac at all times to look up Ruby documentation easily. The following launchd script will start it when you boot

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>KeepAlive</key>
    <true/>
    
    <key>Label</key>
    <string>org.rubyforge.gem-server</string>
    
    <key>Disabled</key>
    <false/>
    
    <!-- <key>Program</key>
    <string>/usr/bin/gem</string> -->
    
    <key>ProgramArguments</key>
    <array>
      <string>/usr/bin/gem</string>
      <string>server</string>
      <string>--port=8000</string>
    </array>
    
    <key>RunAtLoad</key>
    <true/>
    
  </dict>
</plist>

I named the file org.rubyforge.gem-server.plist and saved it into /Library/LaunchDaemons. Once the file is created run

sudo launchctl load ./org.rubyforge.gem-server.plist

and connect to http://localhost:8000 in your browser to test that everything is working.

Quick note on generating an SSL cert for Apache2

mkdir /etc/apache2/ssl

RANDFILE=/dev/random openssl req $@ -new -x509 -days 365 -nodes \
-out /etc/apache2/ssl/apache.pem \
-keyout /etc/apache2/ssl/apache.pem

chmod 600 /etc/apache2/ssl/apache.pem

Copying the virtual machine:

1. Copy the Debian package directory in Finder.
2. In Terminal, cd into the package, rename all the files from <old_host_name>* to <new_host_name>*
3. Edit <new_host_name>.vmx
4. Replace instances of <old_host_name> with <new_host_name>
5. Drag the VM into the Virtual Machine Library
6. Start the VM

Fixing the new virtual machine:

1. Change the hostname (if appropriate)
1. vi /etc/hostname
2. Change the hostname to what you want the new hostname to be
3. Run hostname <new_host_name>, log out and back in if you want the change to take affect without rebooting.
   
2. Recover eth0 (this assumes you only have one Ethernet on the VM, you might have to tweak these instructions if you have more)
   
1. vi /etc/udev/rules.d/*_persistent-net.rules # (there should be only one file that matches)
2. Delete the line containing the old eth0 and its associated comment
   
3. Change eth1 to eth0 on the remaining line
4. Save your changes
3. Reboot

How to post pretty code on Blogger

I've been trying to find an easy (lazy) way to post prettied code to Blogger. For my interests the majority of that code will probably be Ruby, Shell, maybe some AppleScript and Perl, but predominantly Ruby, so I wanted to use the Syntax GEM. I found quite a few suggests to use iframes posted on another hosting option, but that was too much work, plus I wanted the consistency and easy of modifying that CSS would give me. Next up was embedding CSS directly into my template. Two problems: 1. I'm lazy and I want to be able to easily change between the default Blogger themes when the mood strikes me and 2. I'd like to be able to use the same CSS on the rest of the BlueZucchini domain, not just in my blog (I almost have this working on Google Apps -- I'll post a follow-up entry once it's working). So I came up with the following.

To use the Ruby code below you will need to install a couple GEMS and be on a Mac. If you're on Linux or Windows you'll have to figure out what methods to use to get at your clipboard, but it shouldn't be that hard to modify to work. On OS X run

sudo gem install syntax
sudo gem install rb-appscript

Create a CSS file and post it to a public web site, here's mine:

pre {
  margin:      5%;
  border:      1px solid white;
  padding:     1ex 1ex 1ex 1ex;
  overflow-x:  auto;
  background:  #0B1021;
  font-style:  monospace;
  font-size:   10px;
  font-weight: normal;
}

.attribute { color: #009900; }
.char      { color: #F00000; }
.class     { color: #FF6410; font-weight: bold; }
.comment   { color: #0000FF; }
.constant  { color: #81A6CE; }
.escape    { color: #6A5ACD; }
.expr      { color: #2222CC; }

.global    { color: #11AA44; }
.ident     { color: #CFD72C; }
.keyword   { color: #FBBF26; }
.method    { color: #FF6410; }
.module    { color: #A020F0; font-weight: bold; }
.number    { color: #CDF636; }
.punct     { color: #E7F8F8; }
.regex     { color: #61CE3C; }
.string    { color: #3AAE3A; }
.symbol    { color: #81A6CE; }

Add the following line to your Blogger template just before the /head tag:

<link rel="stylesheet" type="text/css" href="<uri_to_css>"></link>

To post code, copy the code you want syntax highlighted into your clipboard and then run the following script

#!/usr/bin/env ruby -wKU

require 'rubygems'
require 'syntax/convertors/html'
require 'appscript'
require 'osax'

include Appscript
include OSAX

code = osax.the_clipboard
converter = Syntax::Convertors::HTML.for_syntax "ruby"
osax.set_the_clipboard_to(converter.convert(code))

This will create the syntax highlighted HTML and put it into your clipboard. From there just post it directly into a blog posting and that should be it.