I was testing a new VMware security application (Tripwire ConfigCheck).  I downloaded it to a virtual machine and followed the instructions to run the application (a cmd file), but it didn’t run – I edited the cmd file & added a pause to see if I could tell where it stopped & it appeared to be before calling a .jar file – I did not have Java installed, so I installed Java & tried again – still failed – I read the instructions & found it supports JRE 1.5 or higher, but just in case, I installed the older version (1.5) to see if it would work – still didn’t work – finally, I opened up a command prompt & ran the cmd file from there & received an error that stated your display settings must be at 1024 X 768 for the application to run – my virtual system resolution was too low ...

We frequently use comments in Word documents as part of our Information Security Audit process and I finally looked for a keyboard shortcut to insert a comment.  The shortcut is Ctrl+Alt+M.  However, the most useful thing I found when looking for this was a comprehensive Word 2007 keyboard shortcut list at http://www.keyxl.com/aaa367b/5/Microsoft-Word-keyboard-shortcuts.htm.  KeyXL.com has keyboard shortcuts for all types of Microsoft, Adobe, Google, and other applications.  It's definitely worth adding a bookmark for if you're a fan of using shortcuts.

ServerFault.com is a new site that describes itself as "a collaboratively edited question and answer site for system administrators and IT professionals."  It's free and no registration is required.  The site is kind of like a cross between Yahoo Answers, Wikipedia, and Digg.  Anyone can ask questions on the site.  Other users can vote questions up or down and that affects how visible the question is on the site.  As users answer questions, those answers can be voted up or down and marked as "the answer".  All questions and answers can also be edited like a Wiki.  What you end up with when you run accros the site from google is usually the question your looking for and right below it the best answer to the problem.  Unlike forums where the best answer is the last post in the thread or burried in the middle.  Plus if the something changed and a once correct answer is no longer valid then the correct answer can be edited to be made correct again.  The site was basically built because the developers hated the spamy nature of Experts Exchange and how it always ranked high in Google for their own questions they searched for.  You can read the FAQ (http://serverfault.com/faq) or the About page (http://serverfault.com/about) for more details. Read More...

Out of the box, Windows XP doesn’t have Remote Desktop enabled for connecting in to the PC.  You can access the registry of the remote machine and change the setting that will allow access (at least to administrators).

The target PC must have remote registry service enabled.  If it isn’t, you can open services.msc and connect to the remote PC and start it.

The next step is to open regedit and connect to remote PC.  Look for the following Registry key:

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnection

Set the value to 0 to enable Remote Desktop, or 1 to disable.

I pay for eBay purchases and, increasingly, purchases at scores of online vendors using PayPal.  Despite using a complex password, given that my checking and credit card accounts are linked to my PayPal account, I was delighted to discover an additional security measure for the sites.  PayPal has offered a Security Key Token (see picture) for some time.  The token generates a one-time security code which is entered into the website after your username and password, providing true dual factor authentication (something you “know” (the username and password) and something you “have” (the token).  The token is available for only $5 but it is just another bulge on my key chain and I don’t use PayPal often enough to lug the token around all the time.

I discovered an iPhone app from VeriSign that generates a one-time security code (just like the token).  VIP Access, according to the VeriSign website, works with PayPal and eBay.  After downloading and installing the app and searching all over the PayPal and eBay’s sites, I could never find a reference to VIP Access, let alone how to configure it to work with my profiles on those sites.  Read More...

Sdelete is a small useful utility by Mark Russinovich that will perform a secure delete within Windows.  In addition to deleting files and folders it has an option to cleanse free space on the disk.  This came in very handy when I needed to clean up a PC but couldn’t rebuild it.

You can download the utility and find lots of good information about how this works at http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx

You cannot remote control another user’s session in terminal server through terminal server manager when connected to the console.  The only way it works is by originating through another RDP session.  I guess I haven’t been in this scenario before to run into this.

Connecting via VPN to a customer site has always caused problems with me trying to access the local network. My computer would try and use my VPN credentials to access the network, and naturally fail. A co-worker showed me the “cmdkey /delete /ras” command that would clear out those credentials so browsing the local network would work. Read More...