Wednesday, March 27, 2019

Optical Mice Can Get Dirty Too

I remember when I was a kid and my dad showed me a memo he had gotten from the IT guy at his work instructing users on the proper technique for cleaning their mouse balls. It was funny because it went into great detail about the entire process of cleaning them in a way that made the author appear to be blissfully ignorant of the fact that, to most lay persons at the time, it seemed to be describing a very different act than what he had intended.

Today, many of us can look back - perhaps with nostalgia - on the days when our mice had balls. Some of us may even recall the annoyance that dirty mouse balls could cause. The pointer just wouldn't move exactly where you wanted it to. Often, it would skip right over that spot no matter what you did. That is, until you turned it over, rotated the cover 45 degrees counter-clockwise, removed the ball, and then scraped the gunk off of the two rollers that corresponded to the X- and Y-axes.

Well, friends, I am here to tell you that optical mice are not immune to the accumulation of detritus and debris. Why, just a few minutes ago I was getting very irritated because the optical mouse I've had for about 15 years was not as responsive as it used to be. I had tried replacing the battery and reconnecting it to the base station, but to no avail. It turns out that the hole in the bottom where the laser and optical sensor are housed had become partially filled with dog hair. Yes, dog hair. Gross.

I got a Q-Tip, twirled it around in the hole a few times, pulling out a little more hair each time, and then blew out the rest. Now my optical mouse is as responsive as it was when I first got it.

If your mouse doesn't move like it used to, now you can do something about it: Simply turn it over to expose the hole in its underside, moisten one end of a Q-Tip, stick it in the hole, and twirl it around a few times until nothing else come out. Then blow into the hole a couple of times for good measure. Your mouse will thank you.

Wednesday, March 20, 2019

Vulnerability in WinRAR Actively Being Exploited by Attackers

If you have WinRAR installed, stop what you're doing right now and go update it to the latest version. There is a vulnerability in all previous versions of WinRAR that is being actively exploited by attackers. Seriously, do it now.

Is That Software Download Safe?

These tips can help you to reduce your risk of accidentally downloading malware:

  • Always download software from its official website. There are very few exceptions to this rule.
  • Never download software using a link in an email, on a blog, or even an ad in search engine (e.g.: Google) results.
  • Never download anything that is offered to you. If you didn't go looking for it, don't download it.

Saturday, November 29, 2014

Enable Two-Factor Authentication Now!

With all of the online data breaches these days, it's more important than ever that you take measures to protect your online accounts. A powerful way to do that is to enable two-factor authentication (2FA) on any sites that support it. Here is a link to a Lifehacker article with a list of sites that provide 2FA:

Friday, September 5, 2014

Windows Server Running IIS Fails PCI Compliance Scan

If your web server is failing a PCI compliance scan because a specially crafted HTTP/1.0 GET request without a host header is causing it to divulge an internal private IP address, then read on.


In IIS 7 on Windows Server 2008 and higher, there is a vulnerability that will cause it to accept such a GET request and respond with the internal IP address as the realm for basic authentication. This does not happen with an HTTP/1.1 request.

More Information

In this example, the GET request was for /autodiscover/autodiscover.xml, which is in the Autodiscover application under the "SBS Web Applications" site in IIS 7 on a Windows Small Business Server 2008 computer.

You can test for the issue with openssl on Linux by running the following command:
$ openssl s_client -host hostname.domain.tld -port 443
Substitute the actual hostname for hostname.domain.tld. The server will respond with a bunch of SSL information ending in "---" followed by a blank line. On that line, type or paste the following:
GET /autodiscover/autodiscover.xml HTTP/1.0
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language: en
Connection: Keep- Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Send a blank line at the end; the server will not respond until you do. An example of a response from a server affected by the vulnerability follows:
HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/7.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm=""
X-Powered-By: ASP.NET
Date: Fri, 05 Sep 2014 16:25:59 GMT
Connection: close
Content-Length: 58

You do not have permission to view this directory or


To resolve the issue in this example, do the following:
  1. Open the IIS 7 console, expand SBS Web Applications and click on Autodiscover.
  2. Double-click Authentication.
  3. Right-click Basic Authentication and select Edit...
  4. In the Realm field, type the server's public hostname in the format hostname.domain.tld and then click OK.
  5. If applicable (e.g.: on Windows SBS 2008), repeat the above process for the Microsoft-Server-ActiveSync and EWS websites in addition to Autodiscover.
Performing the same test in this example should now yield the following response:
HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/7.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="hostname.domain.tld"
X-Powered-By: ASP.NET
Date: Fri, 05 Sep 2014 16:30:41 GMT
Connection: close
Content-Length: 58

You do not have permission to view this directory or

Monday, September 10, 2012

Get Out of a Windows 7 Update Loop

If you've just installed Windows Updates and Windows is stuck in a loop of applying updates and then rebooting, try this method (adapted from an answer in this forum):
  1. Insert the Recovery/Install DVD into the computer.
  2. Boot off of the DVD. When you first start your computer, the first screen you see should give you the key combination to press to enter a 'multi-boot' menu. On an HP, hit Esc then F9 for the boot menu (or F11 for recovery if you don't have a DVD). On a Dell, hit F12 for the boot menu. It varies by each manufacturer. Once you find it and are at the multi-boot menu, choose to boot from CD/DVD.
  3. When prompted (after it has booted to the DVD) choose "repair my computer" and enter the command prompt.
  4. Type C: (with colon) and press enter.
  5. Then type cd c:\windows\winsxs and press enter.
  6. Then type del pending.xml and press enter.
  7. Restart your computer.

Wednesday, November 2, 2011

Automate network printer installation via logon script

If you manage a Windows server and would like to have network printers automatically installed on users' workstations at logon via a batch script, here's how to do it.

To add a network printer:
rundll32 printui.dll,PrintUIEntry /in /q /n\\ServerName\PrinterName
To delete a network printer:
rundll32 printui.dll,PrintUIEntry /dn /q /n\\ServerName\PrinterName
For more information, read this TechNet article.

Friday, October 14, 2011

A better way to send large files

If you've ever needed to send a file to somebody, but it was too big for e-mail or DropBox, you may have looked at services like YouSendIt. However, if you're concerned about the file being stored on a third-party server and somebody other than the intended recipient getting it, then perhaps you've been wary of services like that.

If so, then justbeamit is for you. It initiates a peer-to-peer connection between you and the recipient, allowing you to monitor the transfer in real time and avoiding the need to store it on a server somewhere. Once you close your browser window or navigate away from the page, the link to the file is invalidated.