If your POS is not bringing up products that have short barcodes, and you find that you need to remove the leading digit and the trailing digit for them to come up, this can be fixed.
Download the manual for the scanner and find the codes to "Disable UPC-E Preamble" and "Disable UPC-E Check Digit". Scan those codes, and that should resolve the issue.
Saturday, December 19, 2009
Friday, October 16, 2009
Automated Software Installation
Ever wanted to be able to prep a new PC without having to individually download software packages and babysit the installation? Check out Volery Easy PC Setup.
Tuesday, October 6, 2009
Setting a DNS server in Fedora
Setting a DNS server in Fedora is needlessly difficult. Just edit /etc/sysconfig/network-scr
PEERDNS=yes
HWADDR=00:0d:56:27:c5:d4
TYPE=Ethernet
IPV6INIT=no
DEVICE=eth0
MTU=1500
NETMASK=255.255.255.0
BROADCAST=192.168.255.255
IPADDR=192.168.0.2
NETWORK=192.168.0.0
USERCTL=no
ONBOOT=yes
GATEWAY=192.168.0.1
DNS1=x.x.x.x
DNS2=x.x.x.x
PEERDNS=yes
HWADDR=00:0d:56:27:c5:d4
TYPE=Ethernet
IPV6INIT=no
DEVICE=eth0
MTU=1500
NETMASK=255.255.255.0
BROADCAST=192.168.255.255
IPADDR=192.168.0.2
NETWORK=192.168.0.0
USERCTL=no
ONBOOT=yes
GATEWAY=192.168.0.1
DNS1=x.x.x.x
DNS2=x.x.x.x
Turn off Autorun on USB drives
Should work for most removable storage.
http://blogulate.com/content/turn-off-autorun-on-usb-drives/
http://blogulate.com/content/turn-off-autorun-on-usb-drives/
Sunday, October 4, 2009
Top 10 Web Collaboration Tools
10. Cc:Betty - Online email organizing service
9. MediaWiki - The software that powers Wikipedia
8. TimeBridge - Meeting scheduler and facilitator
7. Google Groups - Usenet for the web
6. TextFlow - Allows you to post a document and allow users to collaborat, mark it up, and track changes.
5. DimDim - Free online webinar and meeting platform similar to GoToMeeting
4. MindMeister - Cocktail napkin sketches for the web.
3. present.io - File-sharing service that allows up to 100 MB of files without signup or software.
2. Campfire - Collaborative chat platform
1. Zoho - Vast suite of online editing and group organization tools
http://lifehacker.com/5373339/top-10-web-collaboration-tools-that-arent-google-wave?skyline=true&s=i
Top 10 Web Collaboration tools (That aren't Google Wave)
9. MediaWiki - The software that powers Wikipedia
8. TimeBridge - Meeting scheduler and facilitator
7. Google Groups - Usenet for the web
6. TextFlow - Allows you to post a document and allow users to collaborat, mark it up, and track changes.
5. DimDim - Free online webinar and meeting platform similar to GoToMeeting
4. MindMeister - Cocktail napkin sketches for the web.
3. present.io - File-sharing service that allows up to 100 MB of files without signup or software.
2. Campfire - Collaborative chat platform
1. Zoho - Vast suite of online editing and group organization tools
http://lifehacker.com/5373339/top-10-web-collaboration-tools-that-arent-google-wave?skyline=true&s=i
Top 10 Web Collaboration tools (That aren't Google Wave)
Tuesday, September 29, 2009
Cisco PIX PPOE Client
This is the proper recipe for connecting to an ISP that requires PPPOE authentication.
ip address outside pppoe setroute
vpdn group ISP request dialout pppoe
vpdn group ISP localname dsl-username
vpdn group ISP ppp authentication pap
vpdn username dsl-username password dsl-password
vpdn group ISP localname dsl-username
vpdn group ISP ppp authentication pap
vpdn username dsl-username password dsl-password
You must be using PIX IOS version 6.2 or greater for this to work.
Tuesday, September 22, 2009
Connect a USR modem to your Cisco Console and AUX port
This recipe has been tested to work on the Cisco PIX firewall. Modem was a USR 56k v.92 model 5686 modem. Plugged directly into the modem is a Cisco RJ45 to 25-pin serial adapter. This adapter is marked CAB-5MODEM on one side, 29-0881-01 on the other. A blue RJ45-RJ45 console cable was used between the adapter and the console port.
For security purposes, make sure that the console port is secured with a password or username/password and the timeout is set to something other than the default of 0. Otherwise, if you log into the port and fail to logout before disconnecting, it is possible for someone to dial into the router and take control of it without authentication.
I have not verified the instructions to connect a modem to the AUX port.
USR modem on console port
1) Set dip switches to 3,8 down, all others up
2) Connect modem to PC
3) Run hyperterminal and connect to modem at 9600 baud
4) Send init string: at&fs0=1&c1&h0&d2&r2&b1&m4&k0&n6&w
5) Set dip switches to 1,4,8 down, all others up
6) Connect modem to console port with appropriate cable
USR modem on Router AUX port
1) Set dip switches 3 and 8 down, all others up.
2) Connect modem to aux port using rolled (console) cable
and Cisco "modem" adapter.
3) Paste the following at an enable (#) prompt:
config t
modemcap edit usrmodem misc &FS0=1&C1&D3&H1&R2&B1
line aux 0
modem inout
transport input all
flowcontrol hardware
modem autoconfigure type usrmodem
autoselect ppp
autoselect during-login
exit
NOTE: You might get errors on the "autoselect" lines.
4) Dial into modem. You should get a router prompt.
Troubleshooting:
1) Type "show line" a couple of times and check
if speed of aux line is consistent. If it
changes, it is not autoconfiguring properly.
This means you do not have physical connectivity
to the modem. Power-cycle the modem, check the
cables, and then do "clear line aux 0".
2) If you get garbage when you dial into it, your
init string is bad. You may need a different
modemcap. Try this one:
modemcap edit usrmodem misc &F1S0=1
3) If you get nothing (not even garbage) when you
dial into it, reload the router.
4) If the modem does not answer when connected to
the router, but does answer when not connected,
try this modemcap:
modemcap edit usrmodem misc &FS0=1&C1&D3&H1&B1
For security purposes, make sure that the console port is secured with a password or username/password and the timeout is set to something other than the default of 0. Otherwise, if you log into the port and fail to logout before disconnecting, it is possible for someone to dial into the router and take control of it without authentication.
I have not verified the instructions to connect a modem to the AUX port.
USR modem on console port
1) Set dip switches to 3,8 down, all others up
2) Connect modem to PC
3) Run hyperterminal and connect to modem at 9600 baud
4) Send init string: at&fs0=1&c1&h0&d2&r2&b1&m4&k0&n6&w
5) Set dip switches to 1,4,8 down, all others up
6) Connect modem to console port with appropriate cable
USR modem on Router AUX port
1) Set dip switches 3 and 8 down, all others up.
2) Connect modem to aux port using rolled (console) cable
and Cisco "modem" adapter.
3) Paste the following at an enable (#) prompt:
config t
modemcap edit usrmodem misc &FS0=1&C1&D3&H1&R2&B1
line aux 0
modem inout
transport input all
flowcontrol hardware
modem autoconfigure type usrmodem
autoselect ppp
autoselect during-login
exit
NOTE: You might get errors on the "autoselect" lines.
4) Dial into modem. You should get a router prompt.
Troubleshooting:
1) Type "show line" a couple of times and check
if speed of aux line is consistent. If it
changes, it is not autoconfiguring properly.
This means you do not have physical connectivity
to the modem. Power-cycle the modem, check the
cables, and then do "clear line aux 0".
2) If you get garbage when you dial into it, your
init string is bad. You may need a different
modemcap. Try this one:
modemcap edit usrmodem misc &F1S0=1
3) If you get nothing (not even garbage) when you
dial into it, reload the router.
4) If the modem does not answer when connected to
the router, but does answer when not connected,
try this modemcap:
modemcap edit usrmodem misc &FS0=1&C1&D3&H1&B1
Monday, September 21, 2009
Cisco PIX / ASA Secure your console port
By default, the console port on your PIX or ASA is not password protected. Your enable password should keep most people out, but to be safe you should protect it:
user someuser pass somepass
aaa authentication serial console LOCAL
user someuser pass somepass
aaa authentication serial console LOCAL
Cisco PIX / ASA Syslog
Basic recipe for Cisco PIX logging to a syslog server or Kiwi Syslog:
logging on
logging timestamp
logging trap notifications
logging host inside 192.168.0.50
If you are logging across a VPN tunnel, you must add:
management-access inside
The trap levels that can be used are:
0 Emergency
1 Alert
2 Critical
3 Error
4 Warning
5 Notification
6 Informational
7 Debug
Cisco recommends level 3 for production use and 7 for debugging.
To ensure that your timestamps are accurate:
clock timezone EST -5 <--- EST is a timezone name of your choosing
clock summer-time EST recurring 2 Sunday March 2:00 first Sunday November 2:00
logging on
logging timestamp
logging trap notifications
logging host inside 192.168.0.50
If you are logging across a VPN tunnel, you must add:
management-access inside
The trap levels that can be used are:
0 Emergency
1 Alert
2 Critical
3 Error
4 Warning
5 Notification
6 Informational
7 Debug
Cisco recommends level 3 for production use and 7 for debugging.
To ensure that your timestamps are accurate:
clock timezone EST -5 <--- EST is a timezone name of your choosing
clock summer-time EST recurring 2 Sunday March 2:00 first Sunday November 2:00
Wyse S10 cannot connect to terminal server
Here's the fix, direct from Wyse tech support:
1) From your WTOS device –
Click on start > select System setup > Network
2.) From Network settings –
Input the following information
File Servers/Path: 132.237.253.32/Pub/Support/SYee/clear_license
Username: Anonymous
Password:a@a.com
Click OK and restart the S10.
When you restart, you should see an ICA
If you do not see the ICA
If you do see the icon, get back into the Network menu and clear out the information in the File Servers Path field and restart the unit.
After the S10 boots up, test your connection.
Cisco Catalyst and PIX - Set your clock timezone and DST settings
These commands will set your timezone and DST settings properly. This is especially useful so that your syslog timestamps are correct.
config t
clock timezone EST -5 <--- EST is a timezone name of your choosing, Eastern Time Zone is UTC -5
clock summer-time EST recurring 2 Sunday March 2:00 first Sunday November 2:00
service timestamps log datetime localtime
This also works for PIX but there is no service timestamps.
config t
clock timezone EST -5 <--- EST is a timezone name of your choosing, Eastern Time Zone is UTC -5
clock summer-time EST recurring 2 Sunday March 2:00 first Sunday November 2:00
service timestamps log datetime localtime
This also works for PIX but there is no service timestamps.
Cisco PIX restrict Internet but not VPN
If you have a PIX with a site-to-site VPN configured, you may want to allow all the internal hosts to utilize the VPN but only certain hosts to get to the Internet. In that case, allow traffic to your internal subnet in your access list, then allow the IP's that are permitted Internet access.
access-list 1 permit ip any 192.168.0.0 255.255.0.0 <--- This allows traffic to the internal VPN
access-list 1 permit ip host 192.168.2.2 any <----This allows a specific IP Internet access
access-list 1 permit ip host 192.168.2.3 any
access-list 1 permit ip host 192.168.2.4 any
access-group 1 in interface inside
access-list 1 permit ip any 192.168.0.0 255.255.0.0 <--- This allows traffic to the internal VPN
access-list 1 permit ip host 192.168.2.2 any <----This allows a specific IP Internet access
access-list 1 permit ip host 192.168.2.3 any
access-list 1 permit ip host 192.168.2.4 any
access-group 1 in interface inside
Cisco PIX Restrict Internet Access
Use an access list applied to the inside interface of your PIX to restrict outbound Internet access.
access-list 1 permit ip host 192.168.0.2 any
access-list 1 permit ip host 192.168.0.3 any
access-list 1 permit ip host 192.168.0.4 any
access-group 1 in interface inside
access-list 1 permit ip host 192.168.0.2 any
access-list 1 permit ip host 192.168.0.3 any
access-list 1 permit ip host 192.168.0.4 any
access-group 1 in interface inside
Friday, September 18, 2009
Cisco Catalyst Port-Security
The Cisco Catalyst switch is capable of restricting network access to certain MAC addresses. Using the port-security feature, you can cause the switch port to go into shutdown if an unauthorized MAC address is connected.
There are two other states that the switch port can go into, rather than shutdown mode. Here are all three states (taken from http://cauew.blogspot.com/2008/09/switchport-port-security-what-we-must.html)
-
Protected - When a violation occurs, it´ll simple ignore any exceeding MAC Addresses, according to your configuration (if you allow only one MAC Address, it´ll permit the first MAC Address to transmit, and drop everything else for any new MAC Address trying to transmit to this port).
-
Restrict - Does exactly the same thing as Protected mode, but will also send a SNMP Trap regarding the violation.
-
Shutdown - When a violation occurs in the shutdown mode, it sets the port to ERRDISABLE state. The port will stop transmitting anything in the ERRDISABLE state, also, the port LED will turn off. It sends out a SNMP Trap about this.
The following example shows how this is done:
config t
interface fa0/1
switchport mode access
switchport port-security
switchport port-security violation shutdown
switchport port-security maximum 1
interface fa0/1
switchport mode access
switchport port-security
switchport port-security violation shutdown
switchport port-security maximum 1
switchport port-security mac-address xxxx.xxxx.xxxx
If the switch port goes into shutdown mode because of a violation, you will have to manually log into the switch and do a shut/no shut on the port that is affected.
The commands show port-security address and show port-security interface fa0/1 will show you exactly what is going on.
Optionally, if you want the port to automatically reset itself you can add these commands to your configuration:
errdisable recovery cause psecure-violation
errdisable recovery interval 3600
This will cause the port to reset after 3600 seconds (30 minutes).
Cisco Catalyst DHCP with Reservation
The Cisco Catalyst 29xx series is capable of DHCP if you purchase a model with the LANBASE image preinstalled, such as the WS-C2960-24TT-L. Models with the suffix of "S" are LANLITE images.
This example shows a DHCP pool with a single reservation, tied to a MAC address. On the Catalyst, if you need more than one reservation, you will have to create individual pools for each MAC that you want to service. This could get unwieldy if you have many reservations that you want to create; you will want to pursue a DHCP relay configuration that relays the DHCP requests from the switch to a Windows 200x server.
ip dhcp pool Eric
host 192.168.2.254 255.255.255.0
client-identifier 0100.16d3.3e9c.f8 (the MAC address must be preceded by "01" per Cisco)
default-router 192.168.2.1
dns-server 192.168.0.50
domain-name domain.local
netbios-name-server 192.168.0.50 (this is your WINS server)
This example shows a DHCP pool with a single reservation, tied to a MAC address. On the Catalyst, if you need more than one reservation, you will have to create individual pools for each MAC that you want to service. This could get unwieldy if you have many reservations that you want to create; you will want to pursue a DHCP relay configuration that relays the DHCP requests from the switch to a Windows 200x server.
ip dhcp pool Eric
host 192.168.2.254 255.255.255.0
client-identifier 0100.16d3.3e9c.f8 (the MAC address must be preceded by "01" per Cisco)
default-router 192.168.2.1
dns-server 192.168.0.50
domain-name domain.local
netbios-name-server 192.168.0.50 (this is your WINS server)
Cisco Catalyst Syslog
This recipe will cause a Catalyst switch to log to a syslog server, or a Windows server running Kiwi Syslog.
logging on
logging trap
logging facility local1 (can use local1 through local7)
Logging Levels
Level Description Severity
emergencies System is unusable (severity=0)
alerts Immediate action needed (severity=1)
critical Critical conditions (severity=2)
errors Error conditions (severity=3)
warnings Warning conditions (severity=4)
notifications Normal but significant conditions (severity=5)
informational Informational messages (severity=6)
debugging Debugging messages (severity=7)
Thursday, September 3, 2009
Migrating a Windows 2000 or XP PC to a new Windows XP PC
Follow the steps in this document to keep your machine migrations consistent. I have developed this method and fine-tuned it over the years.
Network Control Panel
Related Files
Gather information from the SOURCE machine
Network Control Panel
- IP Address, subnet mask, gateway, primary DNS, secondary DNS of Local Area Connection
- Details of any dial-up connections such as name, phone number with area code. username. Locate the password using Asterisk Password logger.
- Computer name
- Workgroup or Domain name
Related Files
Wednesday, September 2, 2009
Cisco ASA Virtualized in VMWare
Here we have a project that has virtualized the Cisco ASA 5500 into a self-installing VMWare image. This might be useful in the future. Wish someone had done this to the PIX!
http://asa_project.gromnet.net/
http://asa_project.gromnet.net/
Cisco PIX Syslog
logging on
logging standby
logging timestamp
logging trap notifications (or warnings - notifications will send a ton of info)
logging facility 18
logging host inside/outside ip address
I also like to use the command logging device-id string name. This tags all messages in my syslog with an identifier so I know what device sent the message (by name rather than IP address).
logging standby
logging timestamp
logging trap notifications (or warnings - notifications will send a ton of info)
logging facility 18
logging host inside/outside ip address
I also like to use the command logging device-id string name. This tags all messages in my syslog with an identifier so I know what device sent the message (by name rather than IP address).
NT Backup
NT Backup sucks but sometimes you don't have any other choice. Here is a working command line that you can insert into a Scheduled Task. Make sure that the scheduled task runs as a user with at least "backup" authority, and has a password assigned to it. You cannot setup a scheduled task that runs as a user without a password. Do not use the Administrator account, because the password might get changed somewhere along the line, which will cause your backup to not run.
This command line assumes that you have gone through the NT Backup wizard and have created a job called "Daily Data Backup" while you were logged into the Administrator account.
C:\WINDOWS\system32\ntbackup.exe backup "@C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\Daily Data Backup.bks" /n "Media created 4/1/2005 at 1:44 PM" /d "Daily Backup" /v:yes /r:no /rs:no /hc:on /m normal /j "Daily Data Backup" /l:s /p "4mm DDS" /um
This command line assumes that you have gone through the NT Backup wizard and have created a job called "Daily Data Backup" while you were logged into the Administrator account.
C:\WINDOWS\system32\ntbackup.exe backup "@C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\Daily Data Backup.bks" /n "Media created 4/1/2005 at 1:44 PM" /d "Daily Backup" /v:yes /r:no /rs:no /hc:on /m normal /j "Daily Data Backup" /l:s /p "4mm DDS" /um
Subscribe to:
Posts (Atom)