Fraudulent (Nigerian) Buyers

OK, No technical blogpost this time, its all about (Nigerian) fraudulent buyers active on 2nd hand websites like marktplaats.nl. This story starts when I decided to create an ad on the dutch 2nd hand website marktplaats.nl when I wanted to sell my DSLR camera. Only few hours after placing the ad I got an reaction (in poor  dutch) by mail from Janine (janinejinwood@hotmail.com) :

“Hallo, Mag ik weten waarom je verkoopt dit item? Zoals ik interested.Kindly ik weer terug naar Mij. “

Initially I remarked the poor dutch language but I replied (in dutch):

“Beste Janine, De reden dat ik hem wil verkopen is omdat ik zelf een andere wil gaan halen.”

Within a few minutes a received this reply:

Hello There Leon,
Thanks for the reply.Having gone through the item,I want you to know that,I am satisfy with condition and the price of the item.I live in Groningen, but I wouldnt be able to meet you for collection due to the nature of My Job and moreover I am buying this item for My god-son who just graduated abroad as a gift .Due to this,I have made inquiry from Postnl  the postage cost of the item abroad and I was told €45.I will appreciate if you can help Me send the item directly to him.I have set up a PayPal account so I can pay you with.Kindly Request the payment to:janinejinwood@hotmail.com

As soon as I receive the request I will get payment done.
Janine.J.

From this moment I thought there was something wrong because:

1. I put the camera on marktplaats.nl as an bid item so there was no selling condition
2. She asked me to send the camera directly abroad. (without inspecting a 300+ euro item)

So I replied to “her” on purpose in dutch:

“Bedankt voor je interesse in de camera, maar zoals je gezien hebt heb ik de advertentie als “veiling” op Marktplaats gezet. Ik wil je daarom uitnodigen een bod te plaatsen, Wanneer er een bod is geplaatst waartegen ik het item wil verkopen dan zal ik contact opnemen met degene die dat bod heeft geplaatst. De camera staat nog geen 24 uur op Marktplaats en wil daarom afwachten hoeveel biedingen het op gaat leveren. Als je soortgelijke advertenties bekijkt op marktplaats dan zit de verkoop prijs van die advertenties rond de 400 – 500 euro. Nogmaals nodig ik je uit een bod te plaatsen.”

Almost instantly I got this reply:

“I dont have the time to place bid,I want to pay you €455”

This offer was exactly what I was looking for but I already became hesitant so I replied:

“I agree on the price of 455 euro’s, but I will have to send it to Groningen. (because of legal issues) “

Again Instantly I got a reply:

“I want it sent abroad as I have no time to send it Myself.What legal issue?”

Still hesitating I replied, I wanted some warranty about the transaction:

“I’m not sure if I receive confirmation the item has been received, if it’s send abroad?  Where should it be sent to?”

Also this time I almost instantly got this reply:

“Sure it will definitely get to its destination as this not the first time sending things to the place.

Festus Adams
3,Anuoluwapo Street,Off Market
Shomolu
Lagos
Nigeria
23401

I await your request.”

At this time all alarm bells where ringing big time because I was reading about this fraud not so long ago.  so I sent this mail to bail out of the deal.
“Due to recent (Nigerian)scam pratices I will not send you the payment request and neither the camera.
After sending this mail I reported this activity to the support team of marktplaats.nl, After only few hours they responded it was indeed an fraudulent buyer and the banned the e-mail address from the website.

 

 

 

HOWTO: XenServer configure an ISO repository on Local Storage

When building my homelab with XenServer 5.6 FP1, I needed an ISO repository on local storage. Although I found some guides on the internet none of them actually worked/suited my needs. However after some research I found this way working. In my case I wanted to use the free space of volume SDA3.

Only use this procedure in your LAB environment as it is not supported.

Before you start you have to delete existing SR’s/LVM’s/VG’s on SDA3 [search]

Now create the File System the filesystem on empty sda3.

  • mkfs.ext3 -m 0 /dev/sda3 <where sda3, is the volume I want to use on local disk>

Create a mount point for your new created File System.

  • mkdir /mnt/iso_import

Add the following line to /etc/rc.local to mount the filesystem on boot.

  • mount /dev/sda3 /mnt/iso_import

To prevent a reboot, let’s mount it manually.

  • mount /dev/sda3 /mnt/iso_import

Now add the repository to XenServer

  • xe sr-create name-label=<desired name> type=iso \device-config:location=/mnt/iso_import \device-config:legacy_mode=true content-type=iso

Now the repository should be available within XenCenter. Copy your ISO’s to the repository location with your favorite SSH client.

RES Launches VDX

Today RES Software launched their RES Virtual Desktop Extender (VDX). The patented product offers companies the unique  oppertunity to seamlessly extend the virtual desktop with resources that are available locally (DVD Burner, resource intensive applications) With VDX local and virtual resources are available to the user without having to switch (desktop) session.
Visit their website for more information or download the Virtual Desktop eXtender Brochure (573).

Citrix accuses VMWare of lying. (updated)

What an interesting start of the week, today Citrix’s desktop CTO Harry Labana wrote a blog post accusing VMware of lying while refering to a Gartner Report about the TCO of SBC comparing to (un)managed desktops. In this article about VMware’s View, the company refers tho the report and insinuates that VMWare View incorporates SBC technology (which it doesn’t).

As you might know, one of the big differences between VMware’s and Citrix’s desktop virtualization solutions is that  Citrix XenDesktop incorporates VDI/Desktop virtualization capabilities but also includes XenApp which delivers shared Terminal Server-based desktops and applications. While VMware View only incorporates  VDI/desktop virtualization.

Therefore their press release is inaccurate and subject to rectification, in my opinion.

Stay tuned for more….

UPDATE: Brian Madden also picked up the story and has some background information, he also responds to the reaction from VMWare.

The recent joint announcement between Wyse and VMware, on February 9, featured a quote by Gartner looking at the TCO benefits associated with server-based computing (SBC). The Wyse portfolio of thin, zero and cloud PC client solutions supports both SBC and VDI. It is appropriate for Wyse to choose the feature this when talking about their products. VMware’s portion of the announcement featured customer momentum and results related to our portfolio of desktop and application virtualization technologies.

Who knows if it was on purpose or an oversight? They’ll claim it was a mistake. The conspiracy theorists will believe otherwise. If you asked me over a beer I’d tell you that I don’t believe they did it on purpose, but that it was not wise to respond with the statement they used. Instead they should have put a new quote with VDI-specific data in it and reissued the press release. Then they’d be done. But now we’re left with a release where TS is doing the heavy lifting to power the “success” of the TCO savings of VDI. And that’s exactly what I accused them of doing three years ago, which I wish was a thing of the past.

Also Harry Labana responded on his blog to VMWare’s reaction:

Fundamentally VMware is trying to defend an inaccurate press release. After a history of getting away with elastic facts, getting caught twice, the appropriate thing to do would be to retract the statement and claims of SBC having anything to do with VMware.

Citrix PVS command-line tools

After exploring and mastering a product through the GUI, It always tickles me to get to the CLI and get myself fimiliar with the true power and scripting possibilities of that product.  The standard tool for Citrix PVS is MCLI.exe and is installed by default when the console is installed. after installing the PVS Console you may have to run the setup of the SOAP Server Communication, use this command to set the values for the SOAP Server

connection:
MCLI Run SetupConnection -p name=value[ name2=value2]
Setup the SOAP server connection that will be used for the MCLI and PowerShell command line interfaces.

-p Parameters needed for this Run.

Optional
server Server used for the connection.
Default=localhost

port Port used for the connection.
Default=8000

user User used for the connection.
Default=Current user

domain User domain used for the connection.
Default=Current user

password User password used for the connection.
Default=Current user

Add a device
MCLI Add Device -r deviceName=Device1 deviceMac=1a-2b-3c-4d-5e-6f description=”A description”

Remove a device:
MCLI Delete Device -p deviceName=Device1

To get a detailed overview of the capabilities of this interface I have attached the programmer’s guide, there is a Powershell guide available too.

MCLI Powershell Guide (1650)
MCLI Programming Guide (1205)

Visio Stencils for Citrix Products

When I was drawing an architectual document in visio, I needed some stencils after a quick search on google I found some and bundled them for my convinience hopefully you like them as well.  Visio Stencils for Citrix Products (1157)

Flexible Active/Idle Session Timeout

Yesterday I was asked to implement a time-out on active citrix sessions. The purpose for the script was to limit the maximum active session time for the user. The HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\ICA-TCP\MaxActiveSession registry key was not flexible enough and I couldn’t find a ready made solution. I decided to develop my own script based on information in the XenApp Management SDK and on CDN. After some time of scripting I found the following script working and flexible enough to meet the demands of the customer. Basically you schedule the command with the following parameter “cscript <filename.wsf> min <time-out in minutes>”

XX minutes before the session if logged off the user is send an message, the XX minutes is defined by the WarnThreshold value in the script. the Message can be customized by editing the strMsg + strTitle value.

The script can be easily adjusted to be used for a flexible Idle Time-out . the only property that has to be adjusted is Session.LogonTime into Session.LastInputTime

All warnings are logged to a logfile which you can set in the script. Make sure the account used for running the script is a XenApp Administrator.

Off course the usage of the script is based on own risk.

Download file here: Active Session Time-out (851)

Changelog:

V.1.1 

  • Changed calculation logic
  • Changed MessageType to SystemModal + Warning

V.1.0

  • Initial Release

HOW TO: Add Cities to HTC Weather Widget (Android)

Lately I was pretty annoyed that the HTC Weather App only contains a list of major cities and no option to add you own little village. In my case i’m interested in adding the skiresort Saalbach (Austria) to the database. This is how it’s done:

1. Download SQLite Database Browser 2.0 beta1. [link]

2. Make sure you have root access, connect your phone via USB (USB debugging must be enabled).

3. Pull the following file off your phone: adb pull /data/data/com.htc.provider.weather/files/WP_0409WWE.db

4. Open the WP_0409WWE.db file in SQLite Browser.

5. Click on the “Browse Data” tab.

5. Click the “Table:” dropdown box and choose “locationlist”.

6. Click on “New Record” on the top right, it creates a new (blank) record at the end of the list.

7. Find your location on: netweather.accuweather.com, Click “Get My Weather”.

8. Enter your location of choice in the “Choose Location:” input box, Click Search.

9. Select your location and click next 2 times, Agree to the Terms and Conditions.

10. In the “Webpage Code” box search for you location. copy the code (EUR|AT|AU005|SAALBACH|).

11. Return to SQLite Database Browser and select the new record.

12 Double-click on the empty box under “code” and enter the code you you copied in step 10. In my case EUR|AT|AU005|SAALBACH|.

8. Under “name”, Enter the desired city name, such as “Saalbach”.

9. Under “state”, enter the name of the state(not mandatory)

10. Under “timezone”, enter your timezone, the time zone is in minutes. -60 for Saalbach. you can lookup the time zone by searching the database for a major city near the one you want to add.

11. Under “timezoneId”, enter your timezone. Search it in the Database. for saalbach it was: Europe/Sarajevo
12. Save the Database and quit SQLite Database Browser.

13. Push the file back to your phone with ADB enter following command:
adb push WP_0409WWE.db /data/data/com.htc.provider.weather/files/WP_0409WWE.db

14. Reboot your phone, after the reboot you can add your desired location to the HTC Weather application.

[source]

Change NIC Configuration by command-line

Last week I was looking for a way to configure certain NIC  options by command-line/script. Options like binding order and disable services on nic’s. Initially I found it hard to find any scripts/tools. Eventually I was pointed (thanks Edwin) to a tool called NVSPBind.

To get help run “nvspbind.exe /?”

C:\>nvspbind /?

Hyper-V Network VSP Bind Application 6.1.7690.0.
Copyright (c) Microsoft Corporation. All rights reserved.

Usage: nvspbind option NIC protocol

Options:
/n display NIC information only
/u unbind switch protocol from specified nic(s)
/b bind switch protocol to specified nic(s)
/d disable binding of specified protocol from specified nic(s)
/e enable binding of specified protocol to specified nic(s)
/r repair bindings on specified nic(s)
/o show NIC order for specified protocol
/+ move specified NIC up in binding order for specified protocol
/- move specified NIC down in binding order for specified protocol
/++ move specified NIC up to top of binding order for specified protocol
/– move specified NIC down to bottom of binding order for specified protocol

There are three variations available here:

Microsoft_Nvspbind_package.EXE is the standard 64 bit version for server core.
32bit_Nvspbind_package.EXE is a 32 bit version that works on Vista and newer.
XP_Nvspbind_package.EXE is a reduced functionality 32 bit version that works on XP and newer.

Mcafee ePo considerations using Citrix Provisioning Services

In a hunt for complete best practices guide I found the following considerations:

ePo Agent recommendations:

Delete the Agent GUID for McAfee EPO agent; otherwise all machines deployed came up in EPO server as the same computer. So, if you are going to use the Provisioning Services image in Shared Image mode, Citrix recommends stopping the McAfee framework service and deleting the following registry key, just before your create your Provisioning Services image.
  • Stop the McAfee Framework service (but leave on Automatic start up) and delete the AgentGUID registry value: HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\
Additional registry keys may need to be cleared or deleted before rolling out an image in Standard Image mode. To run McAfee 8.5i and EPO on a vDisk in Standard Image mode, the values for the following registry keys must be deleted before imaging the Master Target Device (this could also be done after building the image by putting the image back into Private Image Mode):
  • Associates\ePolicy Orchestrator\Agent\AgentGUID
  • Associates\ePolicy Orchestrator\Agent\MACADDRESS
  • (if using Host Intrusion)
Make sure there is not a policy applied to this PC on EPO that restarts the framework service after X seconds…. (Otherwise this key might be recreated before you start the Provisioning Services image creation process).
The problem here is that each time a PC restarts in Shared Image Mode, a different GUID is recreated. It might be necessary to set EPO to delete stale entries from its Asset database. The results might also not provide a true reflection in reports of a particular PCs infection history, as it will have a new record in the EPO database each time a reboot occurs. This is preferable over having lots of PCs with only one of them having updated antivirus at a time.
Virusscanning recommendations:
  • Scan local drives only. DO NOT scan network drives.
  • Only scan “Incoming” files (ie. write events).
  • Exclude the pagefile(s) from being scanned.
  • The “%ProgramFiles%\Citrix” folder contains many configuration and log files that are always changing, especially the Local Host Cache (imalhc.mdb) and Resource Manager Local Database (RMLocalDatabase.mdb). You could exclude the whole folder. More specifically, the main ones are:
  • “%ProgramFiles%\Citrix\Citrix Resource Manager\LocalDB”
  • “%ProgramFiles%\Citrix\Citrix Resource Manager\SummaryFiles”
  • “%ProgramFiles%\Citrix\Independent Management Architecture”
  • “%ProgramFiles%\Citrix\logs”
  • Exclude the Print Spooler (%SystemRoot%\System32\spool\PRINTERS) folder. Note that in our deployments we typically place these folders on the non-System Drive.
  • We would recommend excluding as much of the user’s profile (%UserProfile%) as possible. In fact, the only folder that is of major concern is the Temporary Internet Cache (”%UserProfile%\Local Settings\Temporary Internet Files”).
  • If you do not exclude the Profiles, then exclude the user‘s Presentation Server Client bitmap cache (”%UserProfile%\Application Data\ICAClient\Cache” or “%AppData%\ICAClient\Cache”) used for ICA pass-through connections by the locally installed PNClassic and PNAgent.
  • Exclude .dat and .tmp files.
  • Disable the heuristics mode of scanning, this setting can be very intensive on the system
  • Exclude smss.exe, winlogon.exe, userinit.exe, csrss.exe and wfshell.exe
  • Exclude the Softgrid folders (especially the cache)
Provisioning Services recommendations:

Limit antivirus definition updates to the Target Device. Create a plan to upgrade the vDisk periodically using manual, automatic or automated techniques such as Automatic vDisk updates or by using something like WorkFlow Studio.
  • Avoid scanning your disk write cache location if that write cache is hosted on the Provisioning Services server. In limited testing it has been observed that most scanners cannot detect a virus within this location because of their inherit design and the methods used to determine a virus.
  • Do not scan your Targets I/O stream in real-time. This can cause excessive retries when the Target expects it’s I/O and that process is delayed by real-time scanning, there is good potential for a second and maybe more requests for the same packet fragment.
  • Avoid scanning the BNDevice.exe process on the Target. There are a few drivers that should be excluded from scanning, as well, in the <systemroot>\windows\system32\drivers directory you can exclude BNNS.sys, BNNF.sys, BNPort.sys, and bnistack.sys

source

General server recommendations

  • Turn off scanning of the Windows Update or Automatic Update database file (Datastore.edb). This file is located in the following folder: %windir%\SoftwareDistribution\Datastore
  • Turn off scanning of the log files that are located in the following folder:
  • “%windir%\SoftwareDistribution\Datastore\Logs” Specifically, exclude the following files:
1 2 3 4