Author Archives: manojlovicl

Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing

1 Reply

Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing

Nekaj zlatih pravil na katere moramo biti pozorni pri konfiguraciji poštnih strežnikov. / Some rules to be aware of when configuring mail servers.
DNS nivo / DNS layer

1. MX zapis mora obstajati / MX record must exist
Za test lahko v ukazni vrstici vpišete ukaz / For testing you can try to get the MX record using nslookup command:
nslookup
set type=MX
company.com
Kot rezultat bi morali dobiti / As result you should get:
company.com MX preference = 10, mail exchanger = mail.company.com

2. Forward in reverse DNS zapis se morata ujemati / Forward and reverse DNS record must be the same
Primer / Example:
Recimo, da MX zapis za domeno company.com kaže na poddomeno domene company.com in sicer na mail.company.com. V primeru, da izvršimo ukaz ping v ukazni vrstici dobimo rezultat: / Let say, that MX record for domain name company.com points to subdomain of company.com – mail.company.com. In this case you can check by pinging hostname and get the result:

C:>ping mail.company.com
Pinging mail.company.com [123.123.123.123] with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=119ms TTL=238 …

Ce pa izvršimo ukaz, ki nam iz IP naslova razreši DNS zapis moramo dobiti rezultat: / If we try to make a reverse lookup we should get the same result:

C:>ping -a 123.123.123.123
Pinging mail.company.com [123.123.123.123] with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=111ms TTL=238

Nivo poštnega strežnika (SMTP strežnika) / Mail server layer (SMTP server)

SMTP strežnik se mora oglasiti z istim imenom, kot je vpisan v MX zapisu – v našem primeru: mail.company.com. To pa lahko preizkušamo tako, da se z uporabo programa telnet povezemo na poštni strežnik na portu 25. / SMTP server should present with the same name as a name in MX record. In our case this is mail.company.com. This can be tested using telnet program connecting to port 25 of our mail server.
Kot rezultat bi morali dobiti: / As a result you should get:

220 mail.company.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Mon, 5 Feb 2007 23:07:34 +0100

http://www.dnsreport.com – preverite nastavitve svoje domen / check your domain name configuration
http://www.dnsstuff.com – dodatna orodja za pregled DNS zapisov / additional tools for checking DNS records
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/ – Sender policy framework – generator TXT zapisa / Sender policy framework TXT record generator

  I. del / Part I. – Message delivery properties – general
(wink source) 

 II. del / Part II. – Message delivery properties – Connection filtering
(wink source) 

 III. del / Part III. – Message delivery properties – IMFv2 / Sender ID filtering
(wink source) 

 IV. del / Part IV. – Activate filters on SMTP server
(wink source) 

 V. del / Part V. – SMTP server name

Vohljanje paketov z brezžičnimi omrežnimi karticami, ki v Windows okolju tega ne omogočajo … / Sniffing packets with wi-fi network cards that do not support that in Windows environment …

1 Reply

Vohljanje paketov z brezžičnimi omrežnimi karticami, ki v Windows okolju tega ne omogočajo / Sniffing packets with wi-fi network cards that do not support that in Windows environment

Večkrat sem zasledil, da se z vgrajenimi wi-fi mrežnimi karticami ne da “prisluškovati” vsemu prometu, ki ga kartica dejansko “vidi”. Moj Dell Latitude 110L ima na primer vgrajeno Intel PRO/Wireless 2200 BG kartico, ki v Windows sistemu “vohljanja paketov” ne omogoča.
Zagato se da rešiti tako, da v Windows okolju instaliramo Microsoftov generični Loopback adapter, ki se manifestira kot dodatna mrežna kartica na kateri skupaj z brezžično kartico naredimo bridge. S poljubnim programom za analizo mrežnega prometa lahko potem “vohljamo” za paketi kar preko mostičenega vmesnika. S tem načinom se izognemo instalaciji spremenjenih gonilnikov, ki imajo lahko druge slabe lastnosti – izkoristimo izključno elemente, ki so že prisotni v operacijskem sistemu. Kot primer programa za analizo paketov priporočam Wireshark / http://www.wireshark.org/
There is a problem sniffing the traffic that wireless network card can “see” using default drivers in Windows environment. My laptop’s card Intel PRO/Wireless 2200 BG adapter does not allow me to sniff wi-fi packets that are not directly sent to my adapter.
The solution is that we install Microsoft loopback adapter and then create Network bridge using Wi-Fi adapter and Loopback adapter. After reboot of the system we will be able to use prefered network analyser to “sniff” traffic on Bridge adapter which can “see” all traffic the Wi-Fi card can see.
I suggest you to try Wireshark – network analyzer: http://www.wireshark.org/

 I. del – Predstavitev problema / Part I. – The problem
(wink source) 

 II. del – Instalacija Microsoft omrežni adapter s povratno zanko / Part II. – Installing Microsoft loopback adapter 
(wink source) 

 III. del – Mrežni most / Part III. – Network bridge 
(wink source) 

 VI. del – “Vohljanje” paketov / Part IV. – Sniffin’ 
(wink source)

VPN tutorial

Leave a reply

Windows XP VPN odjemalec / Windows XP VPN client

 Privzete nastavitve / Default settings
(wink source)

 Brez uporabe privzetega prehoda na oddaljenem omrežju / Without using default gateway on remote network
(wink source)

Uporabi privzeti prehod na oddaljenem omrežju? Da? Ne? / Using default gateway on remote network? Yes or no?
Kje je razlika? / What’s the difference?

Z uporabo prehoda na oddaljenem omrežju se vsi paketi, ki niso naslovljeni v vaše trenutno lokalno omrežje posredujejo skozi VPN in nato v npr. internet. Celoten promet v internet gre preko oddaljenega VPN strežnika. To je privzeta nastavitev, ker omogoča večjo varnost – ob enem pa je ponavadi dostop do interneta upočasnjen še posebej, če ima VPN strežnik majhno izhodno hitrost (dober primer so ADSL povezave v Sloveniji, kjer je izhodna hitrost znatno manjša od vhodne). Z izključitivjo parametra “Use default gateway on remote network” vsa promet poteka normalno, preko VPN povezave potuje samo promet, ki je dejansko namenjen v omrežje na drugi strani VPN tunela.

If you use default settings all packets that are not addressed to your current local area network are sent through VPN tunel and only after that for example in internet. This is Microsoft default settings when you configure VPN connection becouse it is more secure, but in other hand there are practical reasons for not using this parameter. Internet connection on our machine will get slower becouse it will be routed over VPN server at the other side of VPN (a good example are servers which are on ADSL connections here in Slovenia – we have fast download but slow upload speed). By removing parameter: “Use default gateway on remote network” only traffic directed to the other side of VPN tunel is router through VPN. Everything else is working normaly.

Video tutorials / Video učenje

Leave a reply

Rad bi vam predstavil mojo novo podstran ali rubriko moje strani namenjno učenju. Za lažje razumevanje in da se vam nikdar ne bo pripetilo, da si boste rekli “keko je to že šlo?” so vam v rubriki Video tutorials / Video učenje na voljo “video” posnetki računalniških posegov. / I would like to introduce you my subsite dedicated to self-learning. For better understanding and that you will never get to an issue and say “How it was done?” you can get free video tutorials.

Velikost map v raziskovalčevem oknu Windows2000/XP/2003 / Map size in explorer window Windows2000/XP/2003

Leave a reply

Velikokrat se zgodi, da bi rad pregledal velikosti map kar v raziskovalčevem oknu. Še posebej je ta primer izrazit pri “Users shared folders” na strežniku, kjer bi radi enostavno ugotovili kateri uporabnik zasede na strežniškem diskovju največ prostora. !!!Pozor, ne instalirajte programske opreme na streznik temveč na eno od delovnih postaj. In prej preberite rubriko “Known issues!”!!! / It happens sometimes that you would like to know the size of folders directly from explorer window. My experience is that I am sometimes curious to see which user uses most server disk space in “Users shared folders” on server. I suggest to try the folowing software – for me, it worked perfectly. !!!Do not install it directly on server – install it on a workstation. And first read “Known issues!”!!!

http://foldersize.sourceforge.net/

Microsoft SMTP limanica / Microsoft SMTP Tarpit

Leave a reply

Z orodjem, ki ga lahko poberete na spodnji povezavi (.reg in .bat datoteki) lahko enostavno aktivirate 10 sekundno limanico na vašem SMTP servisu (deluje tudi z Exchange 2003). Z upočasnitvijo SMTP komunikacije pripomorete k zmanjšanju SPAM-a v vaših e-poštnih nabiralnikih. / With the tool that you can download (.reg and .bat files) you can very quickly enable 10 seconds tarpit of your SMTP servis (it works also on Exchange 2003). With reduction of SMTP coversation speed you get less SPAM in your mailboxes.

Microsoft SMTP tarpit.zip
Microsoft SMTP tarpit-5.zip – v primeru, da ste imeli kakšno težavo s 10 sekundnim zamikom je tu na voljo še reg datoteka s 5 sekundnim zamikom. / if you encountered any problems with 10 sec. tarpit you can try with this registry file with 5 sec. delay.

Keywords:
SMTP tarpit, SMTP tarpitting, Exchange 2003 tarpitting, Exchange 2003 tarpit, SMTP delay

Sources:
http://support.microsoft.com/kb/842851
http://www.petri.co.il/tar_pitting_exchange_2003.htm
http://msexchangeteam.com/archive/2004/12/06/275851.aspx

Nagios – monitor and get reports about just… Anything!

Leave a reply

Nagios is an open source host, service and network monitoring program. Who uses it? Lots of people, including many big companies and organizations. Where can I get it? Right here. Can I get support for it? Yes! If that didn’t satisfy you, click here to get answers to some of your basic questions about Nagios… [Source: Nejc Skoberne – http://nejc.skoberne.net]
http://nagios.org

Windows Small business 2003 – Intranet setup failed

Leave a reply

Če poskušate instalirati SBS2003 premium z mediji starejšimi od 24.11.2003 (to še posebej velja za tretji CD) vam bo celotna instalacija uspela, zataknilo pa se bo pri instalaciji in konfiguraciji companyweb-a torej sharepoint services intranetne strani. Več si lahko preberete v MS članku: http://support.microsoft.com/kb/829114 / If you try to install SBS2003 premium using CD older than 11/24/2003 the setup will complete with error message about companyweb. So your intranet site will not be installed and configured. More about this issue you can read and then implement on your server by reading folowing MS article: http://support.microsoft.com/kb/829114

Windows Sharepoint services z dodatnimi ikonami za datoteke z NE-Office končnicami. / Windows Sharepoint services with additional icons for NON-Office files extensions.

Leave a reply

Večkrat so me uporabniki Sharepoint services vprašali zakaj Sharepoint ne zna prikazati določenih ikon “znanih” datotek. Spodaj si lahko poberete zip datoteko z ikonami, XML konfiguracijsko datoteko ter .BAT(ch) datoteko, ki vam vse avtomatsko instalira/integrira. Odslej boste v svojem sharepointu lahko imeli “lepe” ikone za PDF, Excel webquery file, ZIP, RAR ter DWG. / More than one I have been asked how to add or maybe why Sharepoint does not support some known file extensions icons. So I created a zip file with icons, XML configuration file and .BAT(ch) procedure for automatic install/integration of this new icons to your Sharepoint.

Povezave / links: http://www.microsoft.com/technet/windowsserver/sharepoint/default.mspx
http://msmvps.com/blogs/cgross/archive/2004/10/26/16679.aspx
http://www.kbalertz.com/kb_837849.aspx

Current version 1.0 supports // PDF, DWG, ZIP, RAR, IQY (Excell webquery file) //
Sharepoint icons 1.0.zip