I had a project today I needed access to the folder.jpg that various programs will make with a CD as the album art.

From the root of your music drive or from the root of your music folder the DOS command should be "attrib folder.jpg -h -s /s" this will search all your subfolders and remove the -hidded and -system attributes.

whew.

I have started a clean up project, you will now notice on the left (currently) there is a larger list of filtering options for all the posts I have, this way you can look at specific areas that I post about. More important the “nerd” section no longer has 400 posts causing my web server to choke on server side processing.

I saw the most horrific article in the WSJ today about how to defeat IT security “Ten Things Your IT Department Wont Tell You”. This is so wrong and so insecure I almost wrote the paper, but I dont care to argue with the columnist, instead I will just blog my unforgiving with them.

I wrote a response with 10 things a IT guy will tell you about why this is a Joke. note that I am 1:1 listing my items with the article so i say read that first to see my response. In the initial set-up for the story, Vauhini Vara talks about the specific reasons that IT staff block content or restrictions, she then implies in a national newspaper “not so fast…” basically this article is giving horrible ways for people to hack organization they work for. In fact she states that specifically for “hacking advice” not hacking as in modify hardware to make NES ROMS work, but hack as in bypass policy and procedure to undermine IT. unbelievable.

1. Send Giant Files

This is crazy dumb, the next time you want to transfer large files to customers of your company, ask your IT department for a FTP or file portal. anything else is defiance of policy and illegal transfer of data. For IT staff to prevent this just block all major sites and use content filtering such as Secure Computing Web-Washer / Sidewinder Firewalls, or Cisco Security Agent. To rip on Vauhini she states that you can look for a “secure padlock” haha yea i think that will solve all the worlds problems.

2. How to use software that is banned

Good old local admin rights or no local admin rights, if your company restricts local admin rights the software you run isnt going to mess anything up. To prevent this for IT just GPO disable the USB storage device. as for using web based applications – if it will go thru a content filter I dont care much if you use it. Anyone ever hear of Cisco Security Agent?

3. How to visit porn sites at work

if you cant figure out how to use google image cache to your advantage then your skills arnt 1337. If your a shop with a good firewall and HTTP proxy then this issue isnt valid.

4. How to clear your tracks on your work laptop

again this is a waste of a point to make a list of ten, this will not forensically remove data for the sites you have visited. dont forget that if someone is in question, they are loging your traffic off your box anyway. IT admins its called mirror port and wireshark, or a webproxy.

5. search work for documents from home

this here is a dangerous and insane idea, this is where I got mad with the paper for publishing this. All you just did Vauhini is make me decide to block google applications on the whole to prevent morons from running google desktop at work, if you need further information on this google “google desktop security threats” to stop this Cisco CSA

6. how to store work files online

this is just like #5 if your company has no corporate policy to banish users like this, make one and banish away. see my hacks on google calendar to see the fun that happens when people publish corporate data.

7. keep privacy while using web email

yes, the tips here are true, so if i have reason to suspect or policy to stop i just block the use of any chat or personal email. good job Vauhini looks like your disabling not enabling anything here. (i explain that last sentence in my closing remarks)

8. how to steal email for your blackberry

email is corporate property, if your against policy this tip wont land you anything but a monster.com account. see comments on tip 7

9. access personal email on blackberry

there is little risk here, so unless a company just isnt a fan of corporate use for personal gain – not having personal email on a corporate asset is the least of your concerns and this tip is basically null. except for the use of copy paste to release information. so BES can disable that function  and BES has the ability to block all this. Also your corporate firewall if implemented correctly can block access to sites on a BB

10 how to look like your working

Vara looked like she was working when she alt tabed away from myspace long enough to write this column.

In the end, this list isnt anything bad, its just bad for employees that start to think they are smart by using them. If your company isn't blocking them today by technology or policy. Then your “smart” use of them will start to gain attention and they will be blocked. The tools that i linked to here will 100% block any crazy activity that the WSJ can come up with and misinform and ruin peoples day.

normally companies have guest wireless access, my recommendation bring in your own laptop and use that to do crap. Then your using a secure network for such activity and its not a company asset that your being a idiot with.

</rant>

Planet Heidi is a web comic about computer security. I did work with the writer, He now has a book its the content of the comic. You should go purchase it its $9 and you will learn something – or just find grammatical mistakes and let him know =). Either way check out the free version or buy a book.

I just noticed that i had porn on my website then i wondered what's up with that. For the first time in about 3 years i have been hit with a virus. Bad kelly.

google Trojan

 in all commical manner, I got this trojan because I got tired of IE7 security and turned it all off. say haha everyone.

Nothing will detect it yet (no data on the web at all to clean the virus) I did find it running with HiJackThis it had a DLL with the following information

"O2 - BHO: (no name) - {598F4775-6FB6-477B-9842-E0426824E077} - C:\DOCUME~1\KELLYK~1\LOCALS~1\Temp\~DP20.dll"

when that DLL is added or removed the porn will come back. However the trojan appears to still be effecting my computer or a file on my computer is infected, fun.

Found a cool site http://www.virustotal.com it will scan files with all engines, looks like that is just a adware file. how did it get there?!

Patch To Prevent it MS06–001

i dont link you tube much but this is awesome

dont copy that floppy

If you admin computers via RDP then you NEED this tool.  visionapp Remote Desktop (vRD 1.4) this tool is crazy cool. like VNC managment apps you can have a list of all your RDP servers. If you wanted you can save your cridentials (dumb) and you can view all the sessions in Tab or QuickView format. this is a MUST HAVE TOOL. (you need to register to use) http://www.visionapp.com

also your list that you make you can backup and share with fellow IT.

I have been bugged with my blog since I upgraded to IE7 so I fixed it today. Its a CSS issue in the css for the theme Project84Grass

#container{
 height:99.9%;
 min-height:99.9%;
 width:958px;

details here

so I had time today to upgrade all the blogs on my server to dasblog 1.9 so if your reading this, and your blog is on my server then your on the new version in the next 24 hours.

biggest updates are support for cell browsers, removal of emails from feeds, “email page” close comments feature, thanks Dasblog team!

I work with this guy so Digg his story for him

http://digg.com/security/Ex_Hacker_web_comic_geek_solves_murder_mysteries/who

for some reason i have a extra netflix right now I dont know if this is part of the class action (I choose not to take part in it) either way, check your flix!

today i passed my first ever certification in the technical field. ShoreTel VoIP products. it was open book and i got a 93 how do you mis 7 on a open book. sheesh.

this makes me mad (so i am blogging it) i just learned that the long waits i noticed on my netflix queue are on purpose. this is unacceptable. so netflix not only did i email you but i will blog (ha)

turns out if you watch a lot of movies they will limit you to new releases all you get is old shit (why i havent watched anything new lately) on the top of my netflix queue i have about 7 new releases, they are all “very long wait” not cool netflix. some dude has a hack for it

http://www.smorty71.com/2006/01/tip-for-beating-netflix-throttle.html

but its a lame idea i have 115 movies in my queue. I like the idea however in a comment where you make a 2nd queue (for friends or family) then drop the new release 1 by 1 into the queue i will test that later and see if it works.

BAD NETFLIX i actually loved your service until this morning. dent make me cancel you and go back to downloading.

one year ago my first post three revisions of dasBlog two other people hosting from my server with dasBlog one other person converted to dasBlog twice. and one new server hardware built just for the ocasion! surviving a nation wide new story google hits. and the following stats.

Total Posts: 281
Total Comments: 112

Total Hits: 2483

Total unique visits: 944

Average length of visit: 50 seconds

Top Search engine: Google (duh)

Top Keywords: Kelly Keeton, lace shoes, torrent, vista, black berry, trailer fabulous

Browser: 66% IE

US States(most viewed): Washington, Virginia, California, Utah

Countries(most viewed): US, China, Canada, Australia

Serving Out: 16mb of blog

Most popular month: May

here is to another year blog

Jon recently went from dasBlog to a product called DotNetNuke for his home site. I dont have any inclination why he didn't use community server which i feel is a far superior product.

Jons Needs include

• Blog Site for himself and one for his boy
• photos of his family
• a home site with his resume and the web cam where you can watch the pool get green

DNN is a huge application that seems better suited for a small company portal, who knows i might find out something way cool some day but for personal use i think CS is much better.

this entry was in protest to jon leaving dasBlog and all the times it got him thru.

BTW C.S. beta 2.0 is out I highly reccomend you go play with it. Its amazing. look for kellykeeton.com to switch to it for front end site soon!

ever have the following error with nGallery? or any other .net application for that matter?

nGallery error HttpException (0x80004005): Request timed out

nGallery crashes when you bulk upload photos.

answer is in Microsoft Q825739

haha looks like the xbox 360 hack challenge might be even more fun then the xbox!

TSOP on the 360!!! HOLY CRAP and what the guts look like

I would laugh if M$ put the TSOP chip there just to mess with the hackers and think they can hack it. – now do camp out at best buy?

as pre jons request here is a picture of my new camera taking a picture of the broken camera

I know i am asking for it. but i got real tired of seeing WET PANTIES in my stats page as a top keyword. so i disabled any comments on my photo gallery. sorry if you actually use it but in 4 months i have accumulated 7mb of xml data for the comments alone. AHH well i just turned off that feature. thanks for playing you spammers but not any more.

This also means sadly i’m sure my hits will no longer be in the 1000’s a day. damn wish i had google-ads on my photo still (it was messy) good bye google hits

 on a related topic here is my best keyword from search engine ever

well that didnt take long, a few google clicks and I stuck with my current style of camera just the newer version.

got a DSC-W5 from newegg (3 day shipping cheap!)

This camera is the exact camera I had before just with some updates. There is some new cool cameras coming out with some cool image processing but its still not cheap and I wanted to stick with sony since I own all sony camera gear. This way my lenses and memory sticks still work 1:1 only bummer is the limited edition black version i cant find. My old camera was black and that was cool. oh well no xbox 360 till next year

also FYI/PS on NewEgg shipping they say they are three day (just like zipzoomfly.com) however when you dont buy things from them more then once every two years. They put your credit card on pause for verification for 2 days then 1 whole day of “packing” then another day for shipping thats 3 days just to get it ready to ship. I know this is because of the $5 i paid but mostly just a FYI to the nation dont expect that the printed “3–day” means you will have it on friday. you still have the package in the time UPS ground is gonna get it to you! ha.

Keeping the RSS feeds popping thought i would send out a link to a collection of old US government propaganda films. Since this is all open source and paid for by the people we all own this. Therefor you can use it in your own video editing. Some of the old bomb video is good for anything. What about the flicks like sally isn't to touch boys. Good stuff

Old Government films

Old computer commercials

This is cool did you know that you can use Remote Desktop Client (RDP) or Terminal Service Connector (TSC) to connect to the Console of a box? Thus allowing the reboot of a Terminal Server or if you run a fat client that isn't capable of running in a service. Just add the /CONSOLE switch

mstsc /v:SERVERNAME /console

So your company just dumped a new HP Integrity 64–Bit Server rx7620 in your lap and said get this working yesterday? well thats not as easy as I thought. First off it needs power. According to the white page 12a a line cord at 4(12) we are actually eating power! So read the Prep Guide its handy then when you gotta put the 250lb server in a rack this is Super handy install Guide. Note that the whole line of servers has the same documentation for its individual model. I found it by selecting my server from HP site then clicking on the self-help resources and the manuals link

64 Bit Madness So here are some pointers to setting up a HP Itanium with the EFI / SCI after you read the setup guide you will have a uhh what now question like I did. Thanks HP for that. so here is some tricks to keep you from my delays.

• first have a laptop or dummy server handy to run a COM cable to its prolly not possible to have a remote COM session so just best to have a laptop or something handy. Then you can set the IP for the telnet to the MP after thats done. or leave the dummy server to do your dirty work.
• TTY with VT-UTF8 emulation
•  login of (Admin/Admin or Oper/Oper first time default) to get back to the MP for example get to the EFI and press CTL+B <– remember that
• edit your cells/partitions from the MP -make sure your COM port is pluged into the master or MP (lit up with a LED)
• once you get in you will see Server2003 Boot, then you want to access the SCI interface
• run the command ‘ch’ to list your channels then run the command ‘ch -si #’ to connect to the Unattended Setup for Windows or ‘ch -?’
• finish windows setup -reboot
• go back into the SCI and login then type ‘CMD’ this maps a command prompt to a channel
• follow the step to connect to a channel and connect to the server command line
• then set your IP if needed or find out what dhcp did with Netsh
• connect via RDP
• allow the HP scripts to run
• rename/domain/whatever your new $100k server!

Consider this HP makes a Video/USB card that will allow a local console so that you can use a keyboard and mouse and monitor just like every other non Linux hardware out there. (damn command line nerds) its the part number A6869A or get a ILO card

More handy notes

• if your dont see the boot DVD/CD go into the EFI config and edit the boot menu to allow booting DVD (add the scsi device)
• server is preloaded with 2003 to reinstall download the newest SmartSetup then boot it for OS install
• the HP docs are good to get you thru OS install
• remember its x64 so things like your DOS boot disk and ghost wont work but RIS03 will!

* netsh command is as follows for a example

netsh interface ip set address name="Local Area Connection" static 192.168.0.100 255.255.255.0 192.168.0.1 1

How to use the nparcommands to Edit the Partitions

• download the tools for 32 or 64 bit
• if your on a external host remember to add the -u -p -i (username password Ip address) options to your command line
• if your local you jsut run the commands
• figure out what your up to with the ‘parstatus’ just run that and print to screen or a file for your managment
• delete the partition you dont want ‘parremove -p 2’
• modify the partition you do want to add the cell you jsut deleted ‘parmodify -p 2 -a 0/5:base:y:ri’
• power off the cells then power them on with the PE command
• check your new config with parstatus see if you did good

this is a worthy link of the day. They review and Test most nerdy objects that I would look into. Its worth the Bookmark.

http://arstechnica.com/reviews.ars

This is not normally what I go about posting but I figured I would rip off some text from another site. But my other fab group of Movie dudes (other being zach braff who has been rather quiet lately …scrubs season two where are you?

Specs for Broken Lizard's "Puddle Cruiser"
POSTED ON 09/09/05 AT 1:30 A.M.

Broken Lizard's first feature film, Puddle Cruiser, comes to DVD just in time for Christmas.

found a amazing program today. http://www.remotesoft.com/salamander/

if you can find me a cheaper version of this program I will owe you. this is rather amazing.

so i just read Harry Potter and the Half Blood Prince well actually didn't read. I listened to it on MP3. Turns out that either the publisher, author or someone decided that they would not release the book to online e-book/mp3 book retailers like my hated Audigy company (they suck) anyway since someone feels that people would just steal the book. Well thats interesting that you can just go to the library rent the CD-Audio book then rip it and torrent it up. Well JK if your reading this FYI had you not been brain washed by the RIAA and who ever else. I would have paid auidgy for the book.

Ok rant done. So this is book 6, longer then the rest and took about two weeks to …listen to. (you suckers that read it dont get the cool voices) My review is short. The book was good. but i didn't like it on the whole. Nothing really cool happened, like it was 900 pages just to get to one death. that sucks. Throw in some romance that we all know will be some sort of trouble in the next book. and yes this was just a lead up to the next book. but thats lame now i gotta wait a year or when ever just for that. Who likes a book that ends with a sort of boring funeral? Oh yea and I Think JK went a little over the top on the chapter 23 or whatever when they were in the cave. I personally think that that is not material for children, I like that we can turn some cruel torcher/aganoy into some light hearted children book. boo on that. I guess I got what I paid for.

spare me the comments in real life how lame I am that not only did I listen to the book but that I bloged it. comment on the blog haha!

If you use my XPE (bootable XP/PE) cdrom and need a new copy I just put my 1.55 Gold today. Yes after 3 months of working on it; its done. So if you read this blog, and are from the computer fix-it world contact me for a new version.

Major Enhancements on the new release

• XpSp2
• 5 min faster boot time
• 110% better 3rd party driver support
• full dell and compaq server support
• under 650mb
• ERD 2005 tools
• 100% recoded applications dependency+'s and inf’s

Great Documents Read them if you have a server at home or at work!

Windows Server 2003 Security Guide

• Threats and Countermeasures Guide

Solution for Securing Windows 2000 Server

Each document Follows Microsoft Best Practice for Security. So unless your the DOD This is a good read.