July 2008 - Posts
Today I had to add a bunch of IP addresses to my public facing servers. The first one I did manually and let me tell you, it gets old real quick. So I did a quick Google search and came up with this:
netsh interface ip add address "Local Area Connection" 192.168.0.1 255.255.255.0
Where "Local Area Connection" is the name of your adapter and 192.168.0.1 is one of the IPs you are wanting to add. 255.255.255.0 is the subnet mask for the IP you are adding.
Just make a quick copy of that in notepad, change the IPs to what you want and then copy and paste into a cmd prompt window. TADA, it will start adding your IPs to the interface.
Quick, easy and clean.
Gotta love it.
Again, I'm still reading through Exodus and this morning this really jumped out at me. Ex 33:11
The LORD would speak to Moses face to face, as a man speaks with his friend.
Moses had such a strong relationship with God, that God called him His friend. He spoke to him as a friend.
Moses says to God "Now show me your glory." And God does it, God tells Moses that he can't see His face or he will die, but God lets Moses see Him.
And the LORD said, "I will cause all my goodness to pass in front of
you, and I will proclaim my name, the LORD, in your presence. I will
have mercy on whom I will have mercy, and I will have compassion on
whom I will have compassion. 20 But," he said, "you cannot see my face, for no one may see me and live."
Stacy brought up a great point about how in verse 11 Moses and God are speaking face to face and how in verse 20 God says Moses can't see His face. One thing I love about God and His word is that I don't have to understand everything, cause it keeps giving me something new to learn.
Moses even questioned God on numerous occasions.
12Then Moses said to the LORD, "See, You say to me, '(R)Bring up this people!' But You Yourself have not let me know (S)whom You will send with me (T)Moreover, You have said, 'I have known you by name, and you have also found favor in My sight.'
13"Now therefore, I pray You, if I have found favor in Your sight, (U)let me know Your ways that I may know You, so that I may find favor in Your sight (V)Consider too, that this nation is Your people."
So how is your relationship with God? Are you close enough to be called His friend? Do you listen to Him? Do you allow Him to speak to you? Can you ask Him questions? I'm not saying you should treat God as if He is an old college buddy, you still need to treat Him with reverence. Remember, He is not a tame God.
I'm having my quiet time this morning and reading Exodus 28, when near the end I read this:
It shall be on Aaron when he ministers; and its tinkling shall be heard
when he enters and leaves the holy place before the LORD, so that he
will not die.
OK, my first thought was, "heh, God said tinkling". Shouldn't He use a more manly, awesome word than tinkling? But then, when you're talking about bells the size of a dime, I guess they would make a tinkling sound.
This just to say God is true and accurate. If the bells make a tinkling sound, that is the word God will use. If they make a gong sound then that is what He will use. We have to keep our thoughts and impressions of what the bible "should" say out of our study/quiet time. We have to read His word and let it tell us what it says. We have to use exegesis to truly understand what God is saying to us.
So remember, God is bigger than any box you or I want to put Him in. He can use the word tinkling to describe little bell sounds. He can take care of us in ways we can't even imagine. He loves each one of us individually. How awesome is that? The creator of EVERYTHING loves you and me, not only collectively, but individually.
And since it is running through my head right now:
God is bigger than the boogyman, and He's watching out for you and me. 
Over the past couple of days I have spent about 3 hours trying to get SQL Server 2005 installed on a new PC. The basic install process was going well until time to start the service and every time the service would fail. Checking the event log I was able to find this error: Microsoft SQL Server 2005 -- Error 29503. Of course the built in MS help wasn't. But I was able to find an old post about SQL 2005 not installing on AMD K6-2 processors because the processors use an instruction set that SQL can't understand.
So I'm not sure exactly what is happening here, but I would assume that we have a similar occurance here.
I used to love AMD, but this really gives me grief. I see that the original issue was probably a problem with MS, but three years later and this is AMD's problem. I'm sure they knew about this instruction set problem and should have tested better to prevent it in the future.
I recently had an issue with one of the sites that I manage getting hit with a SQL injection attack. ARG!!! What a pain in the butt!! Fortunately Steve Schofield had posted some great info about closing down the attack surface here and here. After a little bit of work cleaning all the injected crud out of the DB all was back up and running in just about 2 or 3 hours of work. Many thanks to Steve for his help.
But, now to the real point of this post. If you are like me in this case and run a website and webmail from the same IIS server if you use URLScan and add the SQL injection rule you will find that your SmarterMail webmail starts to have problems.
I made the mistake (kinda) of applying URLScan to the entire IIS server and letting it trickle down to all sites on the server. Obviously for attack prevention this is the best way, but it did cause the problem with SmarterMail. So, my first idea was to adjust the rule to allow the text that URLScan was blocking. After having to do this a couple of times I started to worry that I was leaving too many wholes in the URLScan filter.
Then I had the better idea, I just removed the URLScan filter from the SmarterMail site in IIS and put the removed rules back in place in URLScan. I don't have to worry about SQL injection on SmarterMail since it doesn't integrate with SQL. Another alternative would be to have a second URLScan instance on the server and customize the filter to work with SmarterMail. I'd have to really think hard on this, but with the right situation it might be better to have a dedicated instance of URLScan for each site that you run. This would allow you to completely "tweek" your filter to block everything but what that specific site needs. Obviously on a large scale this does add alot of overhead, but it might be mitigated because your security is tighter and you are less likely to need to spend time fixing problems.