John Croson's Blog Home

My wife and I recently purchased a Panasonic SDR-H40 for capturing video of our son and daughter, after our Canon MiniDV crapped out last year. It was disappointing when the Canon failed again...TWO times this thing decides to get tape debris caught in the heads. This was the most delicate camera ever owned, and captured excellent quality footage, but I will NEVER buy another tape-based machine. The Panasonic falls short in the quality department as compared to the Canon, and we knew that going in. The maximum video quality is 10mbps, which seems to be pretty good quality on a laptop. I haven't tried it on a analog TV yet. Image via CrunchBase I needed to post these clips on YouTube for family and friends located in various parts of the planet, and rapidly discovered that the MOD files stored on the SDR-H40 can be accessed easily as plugging in the USB card, and waiting for udev to automatically mount it on my shiny new installation of Ubuntu. I discovered that t

As a consultant, I used GFI LANguard (7?...it was at least 2 years ago) as a tool, in conjunction with nmap and some others, to perform security audits for our clients. Now I've an opportunity to use it again, and agreed to give it a review. Environment Dell Dimension 5150 P4 3ghz, 2gb Ram SLED 10.1, running VMWare Server 1.x 768mb allocated for XP SP2 Instance LAN, 2003 Domain in mixed mode The download from GFI's website was surprisingly small; only 50mb. The installation was straight forward, with only two questions; installation location, and initial credentials to use for scanning your domain. The UI is no different, very intuitive. I'd expect nothing else from GFI, since most of their products are the same way. The product is broken up into four components: Management Console - the central location for launching scans, view saved scans, configure options, and use specialized network security tools. Attendant Service - runs scheduled scans and patch deploymen

Yesterday, attended a birthday party for our friends 2 year old at Chucky Cheese. My first thought was that this was going to be fun for our young son, who's not had this kind of experience before. We try to expose him to as many things (read: safe, reasonable. i.e. Not bungee jumping. Yet.) as we can. What we encountered can only be described as what we used to call in the Army, as a "cluster f$%k". It was 20 degrees outside. There were at least 30 people waiting to enter, most for parties. We were all freezing our asses off, half inside the building, half outside. Would that be "half-assed"? I digress. The young man checking guests in, appeared new, because he was not bothering to check if some of us were attending parties, or just looking for somewhere to drink while our kids spread our particular variety of bactiria and virus around. So we waited. And waited. And waited. Finally the manager comes over to do her job, and find out why we are all standing aroun

After upgrading from SEP 11 MR2 to MR3, my users 0x800CCC0F Outlook error stopped....for one day, then re-appeared. This issue ONLY occurred during his mail retrieval process. During my troubleshooting, I had initially opened a command prompt, and issued the command: telnet pop.myserver.com 110 And received an inline PGP reply, that it was proxying the connection. That prompted me to do a little Googling, but revealed nothing. I found a MS Kb article that pointed to some troubleshooting steps, but they didn't help at all, and neither did Symantec's kb or forums Much to my surprise and glee, he started to experiment with his POP settings. After setting his POP connection to SSL, his problems went away!

Not much to mention...it_just_works. THIS TIME. Steps for upgrading: Download MR3 Stop all SEPM services. Run installer over the top of previous installation. Interestingly, researching an Outlook error 0x800CCC0F while POP'ing email down from our mail host, I found this article about how much better MR3 will perform, even over the likes of v10. Hopefully my test client will not experience any issues, as the SEPM surely didn't.

I need a method to reinstall a SEP client package. Unfortunately, SEPM doesn't have a method in their GUI to do this...*nudgenudgewinkwink*, you must use the Migration and Deployment Wizard, and choose the default option Deploy the Client , and then Select and Existing Package to Deploy . I found a clue in a thread at Symantec's forums where one can use the %PROGRAMFILES%\Symantec\Symantec Endpoint Protection Manager\tomcat\bin\ClientRemote.exe utility, which is usually only revealed when you use the wizard, or initially install the product. You'll find your repository of packages you created in said installation at %PROGRAMFILES%\Symantec\Symantec Endpoint Protection Manager\Inetpub\ClientPackages, one folder for each package represented in SEPM, with a sub-folder called full. Unfortunately the folder names are named using the package checksum number, and I can't immediately tell by looking at the GUI which one is which. Fortunately for me, I only created two packa

This morning, home sick, reading /. I find this story about the Sinowal Trojan . Evidently, starting in 2006, this Trojan has been stealing sensitive data from thousands of Internet users across the globe, except for those in Russia. Seems even the Russian mob has a heart. This all raises a question I've often asked myself. I've been managing enterprise environments for years now, using a variety of methods to protect the sheep, in hopes that the worst is avoided; a full network infection. It's happened to me once, when I worked for the Racine Art Museum. I'd been hired to oversee the IT side of a new museum we were raising capitol for. The environment was rather new at the time; NT Back Office server, 2000 clients, Trend AV suite. Unfortunately, as in some environments like this, there are applications that require elevated privileges to run. I suspect that this may have had something to do with the rapid spread of this virus. The signs were odd; in each network

The GOP made me do it...and a friend who forwarded it. 'Twas the night before elections And all through the town Tempers were flaring Emotions all up and down! I, in my bathrobe With a cat in my lap Had cut off the TV Tired of political crap. When all of a sudden There arose such a noise I peered out of my window Saw Obama and his boys They had come for my wallet They wanted my pay To give to the others Who had not worked a day! He snatched up my money And quick as a wink Jumped back on his bandwagon As I gagged from the stink He then rallied his henchmen Who were pulling his cart I could tell they were out To tear my country apart! 'On Fannie, on Freddie, On Biden and Ayers! On Acorn, On Pelosi' He screamed at the pairs! They took off for his cause And as he flew out of sight I heard him laugh at the nat

I just had a frustrating experience with my health insurance company, UHC , and their preferred drug supplier, MedCo . My wife received a call from MedCo , and suggested that they could save us money on our prescriptions. Interestingly, they knew about every prescription my wife had, and the physicians that prescribed them. I'm sure the lawyers have that loop-hole covered... Back to our savings. They indicated they could save us plenty in co-pays, but my wife clearly stated our plan was about to change, and she needed to talk to me first, so NO, DON'T SHIP IT was the answer. Funny. The agent clearly knows more about my wife's health care, because a few days later, we received our first shipment of medication. My wife called and complained to the agent, who indicated they could not take the drugs back. She protested, and demanded to speak to the agents supervisor, who suggested we would have to submit an appeal in writing to UHC . Bah! I called a couple of days lat

After all the work I did on these batch files that decrypt PGP files, and un-tar the contents, I've found an error, and a pretty major *duh* one at that. Seems my logic was way off when it came to doing some date checking. Since the files I check have a naming convention that uses the previous days date, I was simply subtracting one from %TODAY%. Seems ok, right? No. This is the *duh* part. I simply subtracted 1. From 1001, that makes 1000. That's not a day, when you are using MMDD as the convention. What I was looking for was 930. NOT the same. SSSssoooooo, I added a bit I found on Experts Exchange (THANK you..for saving me MUCHO time). I was also having some issues trapping the ERRORLEVEL. Apparently, since FOR loops in DOS batch scripts are executed as one command, PGP never has a chance to pass it's exit code to my IF check, so this was also modified. The modded file is here .

I really like highlighting my code in this blog. Ever since finding the Google SyntaxHighlighter Widget at FaziBear's , I've been going through all my old code, and cleaning up my posts. I read a nice article at WaltCo Tech about extending it to incorporate other brushes for WordPress. He also seems to do what I do, but a bit better when it comes to explaining things: WriteItDownNowBeforeYouForgetHowYouDidThatOldMan I'm really not that old, but I do tend to stick my fingers in many things, and coding tends to be one of them. At times, I'll find myself trying in vain to use a function from VB in PHP, or something of that nature. One of the hazards of not being fluent maybe? In any case, I've created my own brush for DOS Batch scripts: dp.sh.Brushes.Batch = function() { var builtins = 'APPEND ATTRIB CD CHDIR CHKDSK CHOICE CLS COPY DEL ERASE DELTREE ' + 'DIR EXIT FC COMP FDISK FIND FORMAT FSUTIL HELP JOIN ' +

If you code, and like to save snippets like I do, you MUST get this .

This process outlined is not unlike what I wrote about in my post here , but involves a bit more logic. The script has to check for files that were posted that morning, but also have a file naming convention of the previous day. I've also got about 200 EMR postscript files to sort by date of service. First, the source PGP/tar files must be checked for existence, and must be a pair with the proper date formatted file name. @ECHO OFF SETLOCAL ENABLEDELAYEDEXPANSION :: ////////////////////////////////////////////// :: :: Set path variables for key access, passphrase, :: and source our key files. SET PGPPATH=C:\PGP_keys\ SET PGPPASS=MYPGPPASS :: The "KEY" to a successful import of our keys is running these coMMands as the user :: that will be running this script. :: pgp +batchmode -ka %PGPPATH%SECRING.SKR :: pgp +batchmode -ka %PGPPATH%PUBRING.PKR :: pgp -ke 0xEC671710 <-- after this coMMand, you will be asked to trust the key; this must be done! :: ///////////

This script was recently written to automatically process files on our FTP server. They come in daily, in pairs, and dated with todays date, e.g. XXERUP0912.dat.pgp. The script checks for existence, ensures a pair is found, makes sure they are the right and same date, then decrypts them and calls an external program I wrote to inject them into a SQL database for querying via ASP, which I also wrote. If any of the steps fail, it gets logged, and an email notification is sent to a number of folks. I had a bit of an issue with expansion, but found the error of my ways in short order... @ECHO On SETLOCAL ENABLEDELAYEDEXPANSION :: ////////////////////////////////////////////// :: :: Set path variables for key access, passphrase, :: and source our key files. SET PGPPATH=C:\PGP_Keys\ SET PGPPASS=MYPGPPASS :: The "KEY" to a successful import of our keys is running these commands as the user :: that will be running this script. :: pgp +batchmode -ka %PGPPATH%SE

Well, after my short test of Windows Search, I've come to this conclusion; Not ready for prime-time. My expectation was that it Should Just Work (tm). I really think they tried to come up with a good search tool, but this doesn't come close to the polished utility I expected. It seems to have issues with resetting to default index locations periodically, not providing an uninstallation method, rebooting without an option to delay it when installing, etc. etc. Just check the forums here: http://forums.microsoft.com/msdn/ShowForum.aspx?ForumID=127&SiteID=1 I'm moving on to have a look at Locate32.net, an application not unlike updatedb in the unix world. I should have stuck with this one to begin with, since I AM a Linux snob.

I'm keeping a close eye on the status of Windows Search on my Windows 2003 Server. The SAN shares out hundreds of gb of data, but I only need to index about 100gb... :-0 When I initially installed the new Windows Service, it occurred to me that I could roll it out to all the users, and let them index what they wanted...rrriiiiiight. I read an article that indicated when WS4 is installed, it automatically adds mapped locations to the index. WOW, that would be tons of network traffic, even if the service does throttle it back to minimize network impact. I found it to be a better implementation to install it on the server, wait for the index to complete, then roll it out to the users, and control the index locations via GPO, keeping them off the network. Unfortunately, the index database has grown to 25gb, and shows no signs of stopping. Good thing I decided to home the database on a volume with enough room... I'll post back when the indexing process completes. In a day or two

I'd written an article a couple of months ago about leveraging Microsoft Indexing Services in the enterprise to facilitate searching network shares and publishing an ASP interface to an intranet for your users. My environment consists of a Windows 2003 Standard server providing the Indexing Services, a second AD / ASP / MS SQL 2k Windows 2003 Standard server with attached SAN and numerous network shares holding nearly 1tb in size, indexed by the Indexing Server. The Indexing Server also hosts the ASP pages for user searches. I've found out several things lately about Indexing Services, and would like to take a moment to point out some basic principle's of this technology: It's not necessary for the windows workstations to have Indexing Services enabled to enjoy a speedy network file search experience. In fact, many people will recommend that this service be turned off and disabled on workstations, since it can slow performance. To give Windows Desktop Search (WDS) th

I was trying to find a quick and dirty method of exporting, and subsequently importing CSV data into MS SQL; programmatically. I'm dealing with rather small amounts of data, so this method may not work for many, but it Works For Me (tm). My source data comes from an AIX / uSQL box running Misys Tiger. Yes, I realize I could query that database directly, if I purchased the Transoft ODBC drivers for Server 2003, but at a couple grand it's much more cost effective to do it this way. The easiest method to retrieve my data is to use Misys Query, create a scheduled job, and export the resulting data to a network location for DTS (Data Transformation Services) to pick it up. The data is a rather exhaustive list of Insurance Companies, and their related plans. As one could imagine, this data is ever changing, a result of new "product lines" being developed by the lumbering health engine we call commercial payors. In the past, we exported the reports to PDF, and used the buil

I've looked around a bit for a utility for highlighting my code samples here on BlogSpot, and found a couple of useful tools. The first is code2html , which has been around for some time, and turns your perl, python and other types into pretty, formatted html. It works well, is CGI, but has some limits to its' implementation. Then I found a great swiss-army knife of a utility, called highlight.js . It will automatically detect code blocks, and highlight them for you. It does have issues with too much code, or intermixed code on one page, but does a nice job. If it fails to correctly identify your code, a sample export page is included with the package that allows you to manually format your code to html. Happy highlighting!

Most healthcare professionals know at this point that all providers of health care, require NPI (National Provider Identifier) numbers. Without one, it will become increasingly difficult for claims to be paid by commercial payers, and impossible to collect medicare and medicaid payments. Since we are a coding/billing/collection/management agency, we have frequented the NPPES (National Plan & Provider Enumeration System) to lookup NPI information. Unfortunately, there have been brief periods of downtime of the site, causing us to implement our own solution: a backup of the registry. I have a daily cron job that downloads the NPI database, push it into MySQL, giving us an albeit slow, but accurate access to an off-line version of this data. The shell script below performs the retrieval: #!/bin/sh WORKDIR="/srv/htdocs/npi" LOG="$WORKDIR/npi.log" MONTH=`date +%b` LASTMONTH=`date +%b --date='1 month ago'` YEAR=`date +%Y` URL="http://nppesdata.cms.h