If you are a big user of Microsoft Office you will have no doubt come across large document files especially those that contain graphics. Sometimes this isn’t a problem especially if you have loads of disk space. However problems occur when you find yourself limited by e-mail size sending limits or just the amount of time it takes in space and cost to backup especially if you use one of the growing number of online backup systems that are capped.
To explain the software lets take a real world example with a file I currently have in front of me. I have a Microsoft Word file with a number of pictures that I have pasted into the document. When I pasted a lot of these shots into Word I was lazy and cropped some of them - this is a key point. The file size is now 15MB. Now I cant send this document by certain e-mail services - for instance a lot of online mail providers have things like 10MB limits and at work we have a 5MB mail transfer limit. Certainly most wont allow a 200MB PowerPoint presentation!
I could try zipping the file. With WinZip (a zip compression tool) I managed to get the file size down my 1MB to 14MB. This was still no use to me. I could use something like a file splitter but this is a nuisance. And I could upload the file to a hosting point for someone to pickup, that is presuming they want to download this on perhaps a slow link or a smartphone etc. Needless to say my 15MB isn’t as much of a problem as a 100MB PowerPoint presentation or a 50MB JPEG for instance. Another option would be to use a PDF creator which again can get the file size down significantly. However unless the other person has similar software they can’t edit the file if needed. I guess this is the key point of using NX PowerLite - the person at the other end does not need any extra software and the file format is exactly the same.
So to get around these problems my tool of choice is a utility called NX PowerLite currently at version 4. What NX PowerLite does is "optimise" the document file unlike something like a ZIP format that "compresses" it.
In the example of my Word file I can either right click on it within Windows Explorer and choose to "Optimize with NX PowerLite" or you can launch NX PowerLite and drag and drop files into it. Just a note that you can optimise multiple files at once by selecting multiple files in Windows Explorer or dragging a number of files into the software.
You then choose to optimise the file. You have 4 options as to how you want this optimised - Screen, Print, Mobile Device or Custom. On this note its maybe a good time to explain how NX PowerLite works. Firstly because of these options let’s talk about resolution. When people takes digital photos etc. they tend to forget that the resolution that the photo is taken is a lot higher than is required to print or display. For instance a picture taken on a state of the art camera is wasted on a presentation running from a machine capable of displaying only 256 colours - a bit of a far fetched example because most computers now have a much higher resolution but should give you the idea. One of the first things that NX PowerLite does is just this - it compares the quality of the images within a document and depending on the option you choose adjusts them down as necessary. Secondly it gets rid of wasted bits. Most lazy people like myself will often paste a picture into Word or PowerPoint and then crop the image to the only part required. When saving the document however the entire picture is still stored. You can get round this to a certain extent by using "Compress Image" within Office but it’s not as automatic as using NX PowerLite.
Anyway just to give you the results of my example. By default you end up with two files - your original and a compressed version with the same file name but with (NXPowerLite) appended to the end of the file. Obviously to save space you would want to delete the original when happy with the new smaller file. The 15MB file ended up the following size with the different options. Screen - 397kb, Print 1.3MB and Mobile Device 131kb. I am sure you will agree most smartPhone users wouldn’t thank you for making them download a 15MB file rather than a tiny file than can be seen just as well on there screens. This was just one example. I have compressed massive PowerPoint files to literally nothing.
NX PowerLite works on Windows 2000 or later and can optimise Office 97 documents or later (to actually integrate into the Office toolbar you need Office 2000 or later). If you are a user of Google Docs, StarOffice etc. you can also take advantage of NX PowerLite by saving the documents in Microsoft Office format. It can also integrate into Outlook and Outlook Express to automatically ask if you want to optimise an attachment. As well as Microsoft Office files NX PowerLite also supports the compression of JPEG files using the same methodology. So if you work on a lot of graphic files the software is also worth a look.
You can download a trial copy of NX PowerLite from their website. This allows 20 runs of the software to give you a feel of how well it works. I would certainly recommend giving it a go.
Friday, August 21, 2009
Thursday, August 13, 2009
How to become a walking wifi hot spot!
Every now and then I come across a little utility and think how useful could this be and why don’t more people know about? This is what happened to me when I stumbled across WMWifiRouter when doing some research on my Palm Treo Pro Smartphone.
Now my Palm Treo comes with data access - i.e. I can look at Internet sites on my phone and I can also get on the Internet on my laptop using a USB cable to my phone or via Bluetooth. In there own rights this is really useful for me. Because a lot of the phone contracts now have pretty good priced data rates for say 5GB of data downloaded in a month it is actually better value for me to use this than paying an over the top Wifi rate in a hotel. Don’t get me wrong a lot of the time it makes sense to use the free Wifi when available in places such as McDonalds etc. But when you have to pay or are in the middle of nowhere the mobile phone connection comes into its own. When I am on my own with a laptop and mobile phone the USB or Bluetooth can work fine. But what if I have a colleague with me? Or two or three people with me? Or I have more than one computer? This is where WMWifiRouter comes into its own - by sharing the mobile Internet access as Wifi so more than one device/person can use it.
Installation Requirements
First of all WMWifiRouter is only for Windows mobile devices – i.e. the operating system running on your phone. If you need this sort of a facility on a Symbian based smartphone you need something like “JoikuSpot”. WMWifiRouter is supported on Windows Mobile 5 AKU 3.3 or newer or Windows Mobile 6.x. Your smartphone will also need to have a wifi connection (not all do) and have Windows Mobile "Internet Sharing" available - some providers get rid of this built in feature. If you intend having a look at this software you can find a section for "Compatible Devices" on the web site. This not only lists devices (phones) that can share the Internet connection but those that are known to be able to receive it. Because of the way the phone creates ad hoc wireless networks some devices such as certain games consoles cannot connect to it.
Installation
The software can be installed by either downloading an EXE file to your PC and then installing using ActiveSync or directly to the phone as a CAB file. The file is around 2.5MB in size. Either way the actual installation is the same.
The installation itself is via the usual "Set-up Wizard". You are firstly asked which connection you want to "share out". On my Palm Treo I was offered "Contract WAP", "Contract MMS", "Vodafone prepay GPRS" or "Contract Internet". I shared out my contract Internet.
You are then asked what name you want to broadcast your wireless network out as when complete - by default this is WMWifiRouter but you can change this.
Next you are asked to generate a WEP key. Just in case you don’t know WEP is a way of securing your wireless connections. Some people may think that WEP is not good enough these days for security reasons and this software does not support the newer WPA standards. However what I would say is that because of the nature of moving around with a mobile phone and perhaps not using this system all the time it would be pretty hard for someone to stumble across your system looking to "hack" into your network and having enough time to crack the WEP security. But if security is a key concern this is certainly worth noting. And that’s it for the actual installation
Usage
The application is started by selecting "WMWifiRouter" from Programs. You are greeted with a simple display of six icons, one of which is "Exit" with the others being -
3G to Wifi
This is the main reason to use this application as stated above. Starting this will share the Internet connection on your mobile phone as Wifi allowing numerous people to connect at once.
3G to USB and
3G to Bluetooth
Now I have to say I am not totally sure as to what the 3G to USB and Bluetooth options bring to the party. The reason I say this is because I think you can do this using the built in "Internet Sharing" that is available in Windows Mobile. ActiveSync is needed for the USB method to work. Using USB does use less power than Wifi.
Wifi to USB
This allows you to pick up a Wifi signal on your smartphone and then deliver internet access to a laptop with a USB cable. So in other words say you go somewhere with free Wifi you pick this up on your mobile but access the Internet on your laptop. Now if you have Wifi available on your laptop (which most do now) you don’t need to this as far as I can tell.
USB to Wifi
Not to be confused with Wifi to USB above! Best way of looking at this one is with an example. Two or three people with laptops go to an office/hotel that has one wired internet connection which you can connect to on one of the laptops. You then plug that laptop into the smartphone via USB and the smartphone shares this out via Wifi. The other 2 people can then get on the Internet also (presuming there laptops have Wifi cards).
To start your connection you just click on one of the 5 relevant buttons above. Once this has done it takes around 15 seconds in the 3G to wifi connection to become enabled.
Connecting was easy enough. My laptop was given an IP address of 192.168.3.85 with a default gateway of 192.168.3.1 which was the smartphone.
2 buttons are then shown -
A graph which is you click on shows an overview of inbound and outbound traffic as well as wifi and battery usage
A simple red "X" lets you end the session.
Overall
Using this connection from my laptop was good for web browsing. Don’t forget at the end of the day its only going to be as good as the Internet connection on your mobile. Also before sharing out mobile Internet connections you need to make sure you understand how your data contract is working and how much you are allowed to download etc. With data rate prices coming down though will we see the day when you just need a mobile phone in your house for everyone to get on the Internet?
Finally with regard to the mobile phone itself. What I did notice is that battery consumption of my smartphone went down pretty quick and the phone certainly got warmer. If using for any length of time you would need your mobile plugged into power I think. I should also add that the network is not dropped if you are talking on the phone - quite an important point! The software is available on a 30 day trial from the web site so if anything in this review sounds useful it certainly worth giving it a try.
Now my Palm Treo comes with data access - i.e. I can look at Internet sites on my phone and I can also get on the Internet on my laptop using a USB cable to my phone or via Bluetooth. In there own rights this is really useful for me. Because a lot of the phone contracts now have pretty good priced data rates for say 5GB of data downloaded in a month it is actually better value for me to use this than paying an over the top Wifi rate in a hotel. Don’t get me wrong a lot of the time it makes sense to use the free Wifi when available in places such as McDonalds etc. But when you have to pay or are in the middle of nowhere the mobile phone connection comes into its own. When I am on my own with a laptop and mobile phone the USB or Bluetooth can work fine. But what if I have a colleague with me? Or two or three people with me? Or I have more than one computer? This is where WMWifiRouter comes into its own - by sharing the mobile Internet access as Wifi so more than one device/person can use it.
Installation Requirements
First of all WMWifiRouter is only for Windows mobile devices – i.e. the operating system running on your phone. If you need this sort of a facility on a Symbian based smartphone you need something like “JoikuSpot”. WMWifiRouter is supported on Windows Mobile 5 AKU 3.3 or newer or Windows Mobile 6.x. Your smartphone will also need to have a wifi connection (not all do) and have Windows Mobile "Internet Sharing" available - some providers get rid of this built in feature. If you intend having a look at this software you can find a section for "Compatible Devices" on the web site. This not only lists devices (phones) that can share the Internet connection but those that are known to be able to receive it. Because of the way the phone creates ad hoc wireless networks some devices such as certain games consoles cannot connect to it.
Installation
The software can be installed by either downloading an EXE file to your PC and then installing using ActiveSync or directly to the phone as a CAB file. The file is around 2.5MB in size. Either way the actual installation is the same.
The installation itself is via the usual "Set-up Wizard". You are firstly asked which connection you want to "share out". On my Palm Treo I was offered "Contract WAP", "Contract MMS", "Vodafone prepay GPRS" or "Contract Internet". I shared out my contract Internet.
You are then asked what name you want to broadcast your wireless network out as when complete - by default this is WMWifiRouter but you can change this.
Next you are asked to generate a WEP key. Just in case you don’t know WEP is a way of securing your wireless connections. Some people may think that WEP is not good enough these days for security reasons and this software does not support the newer WPA standards. However what I would say is that because of the nature of moving around with a mobile phone and perhaps not using this system all the time it would be pretty hard for someone to stumble across your system looking to "hack" into your network and having enough time to crack the WEP security. But if security is a key concern this is certainly worth noting. And that’s it for the actual installation
Usage
The application is started by selecting "WMWifiRouter" from Programs. You are greeted with a simple display of six icons, one of which is "Exit" with the others being -
3G to Wifi
This is the main reason to use this application as stated above. Starting this will share the Internet connection on your mobile phone as Wifi allowing numerous people to connect at once.
3G to USB and
3G to Bluetooth
Now I have to say I am not totally sure as to what the 3G to USB and Bluetooth options bring to the party. The reason I say this is because I think you can do this using the built in "Internet Sharing" that is available in Windows Mobile. ActiveSync is needed for the USB method to work. Using USB does use less power than Wifi.
Wifi to USB
This allows you to pick up a Wifi signal on your smartphone and then deliver internet access to a laptop with a USB cable. So in other words say you go somewhere with free Wifi you pick this up on your mobile but access the Internet on your laptop. Now if you have Wifi available on your laptop (which most do now) you don’t need to this as far as I can tell.
USB to Wifi
Not to be confused with Wifi to USB above! Best way of looking at this one is with an example. Two or three people with laptops go to an office/hotel that has one wired internet connection which you can connect to on one of the laptops. You then plug that laptop into the smartphone via USB and the smartphone shares this out via Wifi. The other 2 people can then get on the Internet also (presuming there laptops have Wifi cards).
To start your connection you just click on one of the 5 relevant buttons above. Once this has done it takes around 15 seconds in the 3G to wifi connection to become enabled.
Connecting was easy enough. My laptop was given an IP address of 192.168.3.85 with a default gateway of 192.168.3.1 which was the smartphone.
2 buttons are then shown -
A graph which is you click on shows an overview of inbound and outbound traffic as well as wifi and battery usage
A simple red "X" lets you end the session.
Overall
Using this connection from my laptop was good for web browsing. Don’t forget at the end of the day its only going to be as good as the Internet connection on your mobile. Also before sharing out mobile Internet connections you need to make sure you understand how your data contract is working and how much you are allowed to download etc. With data rate prices coming down though will we see the day when you just need a mobile phone in your house for everyone to get on the Internet?
Finally with regard to the mobile phone itself. What I did notice is that battery consumption of my smartphone went down pretty quick and the phone certainly got warmer. If using for any length of time you would need your mobile plugged into power I think. I should also add that the network is not dropped if you are talking on the phone - quite an important point! The software is available on a 30 day trial from the web site so if anything in this review sounds useful it certainly worth giving it a try.
Friday, August 07, 2009
Do I need a firewall? It's up to you with Comodo Firewall Pro
Do I really need to install a software firewall and if so which one do I need? This was the question I was asking myself after I stumbled across an article showing how well (or not in the case of many) certain virus, spyware and malware protection packages where performing. Of course with a bit of doomsday marketing everyone may presume they do. And if I do need some extra protection which product should I use and would I need to pay for it?
I will try and answer the question to do I (you) need a software firewall first. Then take a look at a specific package - in this case Comodo Firewall.
First off a very quick explanation of what a firewall is and does. Perhaps the best way to describe it is to let you know where the term originally came from. A firewall was a brick wall built between two buildings to stop fire spreading from one to the other. Take this analogy as one house been your home computer and network and the other house the Internet or other outside network. Anything you don't want is blocked by the firewall.
So do you actually need one? Obviously different circumstances exist and I will try and explain these. Firstly let me explain my current configuration and compare that to another example. On my laptop at home I run a well known anti-virus package that I keep updated, a well known spyware/malware protection package and I keep my Windows updates pretty much up to date. As well as this I do regular backups of both my system and my data. On top of this I run this behind a NetGear router that also includes a built in firewall (see my other review). The Windows firewall built into Windows XP is also switched on.
Now lets look at another example - someone who may well be running all of the above but has a broadband "modem" (i.e. has no built in firewall) and travels regularly connecting to WIFI in various locations and cable connections in different offices. In the modem instance they are literally attached to the internet directly and when at other locations may well trust the connection but they cannot be guaranteed to be safe.
In my case I have to say I am not convinced that I would need an extra software firewall. In the second example I think there is certainly a case of installing a 3rd party firewall. You may well ask why not install one anyway - it wont harm so put it on even if you don't think you need it? Well firstly you may well have to pay for the firewall (although in the case of my review you can get this version free). Secondly system performance. Any extra software makes the system more cumbersome and slow - just try a machine without any anti-virus, spyware protection installed to see how fast it can actually go. And finally software firewalls have generally been intrusive - its very much down to often inexperienced users to decide if something is valid to be allowed to connect to or not. Its out of the scope of this review to really help you decide if you do need a software firewall or not - a true security expert would be able to give you plenty of reasons to have one, arguing for instance that a hardware firewall could fail leaving you unprotected, telling you not to rely on the built in Windows XP firewall because it doesn't protect outbound connections etc. What I would say is try this product if in doubt. If you do find it hard to understand, intrusive or whatever you can easily uninstall it. What I would also recommend is trying an online service such as Security Space to see how vulnerable you currently are to help you decide.
After checking a number of other reviews for free firewall software and trying a couple of options I decided to fully test out Comodo Firewall. First of all you may ask if this application is any good why would it be free, there must be a catch? Basically Comodo make security certificates and so are trying to build brand awareness. One of the ways of doing this is putting out good quality free security software such as this firewall and anti-virus software.
The software is just under 80MB to download and comes bundled as part of the Comodo Internet Security package - you can also install the anti-virus module if you wish. As part of this review I didn't as I already have a virus solution I am happy with.
During the install you are asked a few questions. Firstly whether you want -
Firewall only
Firewall with optimum proactive defense
Firewall with maximum proactive defense+
This is quite an important question and one that I don't think is well explained during the installation. What it boils down to however is really how intrusive you want the system to be - i.e. how much do you want to be asked about. The default is Firewall with Optimum Proactive Defense. This can be changed once you have the software up and running.
Next you are asked if you would like to join the "Threatcast community". The default is yes and I will explain this option later. Again you can change this within the application if you decide to later.
You are then asked if you want to use the Comodo secure DNS servers or the your current DNS server (the default). DNS is the mechanism of resolving a host name such as www.yourcompany.com to a computer understandable address on the Internet. Using the Comodo DNS server in theory this has a number of advantages over normal DNS servers that may suffer from poisoning attacks (that is sending you to the wrong address). It also resolves some well known misspelled domain names to the correct location. However unless you are confident of the implications of not using your normal DNS it's probably better to stick with the default. Interestingly I did read on a some forums that the Comodo DNS feature did cause problems for some people.
Finally by default the installation will scan for already present malware. This is a good idea - no point trying to run any sort of security on an already infected computer.
So after installation what happens when you want to install something or make your first connection to the Internet with the likes of Skype, Spotify, instant messaging etc.? Well one of two things can kick in - either the Firewall or Defense+.
The firewall is the actual protection of inbound and outbound network connections. For example should you be able to receive music from Spotify or a make a call on Skype. Defense+ is something different. What Defense+ is protecting against is not the inbound/outbound network connections but what is getting written to your file system (i.e. hard disk), windows registry or memory. For instance when something like Firefox (a well known web browser) gets updated it needs to write to the hard disk to install new files.
As an example I started Skype - a valid application - that I do wanted to access the Internet to make a phone call. The Firewall popped up asking me what I wanted to do with this connection. One useful early indicator is the colour coded warning of yellow, orange or red dependent on potential risk factor. I was prompted with two pieces of information. Firstly potential "Secutiry Considerations" and because I had installed it a "ThreatCast Rating". The "Security Considerations" try and give an as un-technical explanation as they can about the implications of allowing this connection. However I have to say as with all software firewalls this is one of the major problems - it is very hard to explain to a non technical person what is actually going on. In theory then the "ThreatCast Rating" is a really good idea. It basically tells you what other people have decided to do when prompted with this information - in the example of Skype 95% of users thought it was OK. However I do have slight doubts on this too - I think of it as a bit like "Ask the audience" in "Who wants to be a millionaire" - will they always be right? At this point you basically have to choose whether to Allow or Block the request.
The Defense+ follows along the same lines exactly. The "Security Consideration" is slightly different in that it will tell exactly what resource - files on your hard disk, the registry or memory is being accessed. Again you can either Allow or Block the request. You may think what is the point of this anyway if I have virus or spyware protection? What you have to remember is that most anti-virus packages are only as good as the updates they get because somebody has had a new virus, reported it and new protection has been added to the update. With this you can block any suspicious activity.
Needless to say the product can be a lot more complicated than this. Within the application you can see what connections you have open, create special network zones and as I said within the set-up routine decide how intrusive (that is how often you want to be informed) that "something is happening on my system". The system has a good summary section which is pretty easy to understand - telling you how many potential intrusion events have been blocked and what sort of traffic has been running between yourself and the Internet.
I hope you have found this review useful. It's hard to strike a balance between something people would read and getting even more technical. I tried to write the review somewhere in the middle. I have to say I have been pretty impressed with the Comodo Firewall. It scores highly in tests trying to break through software firewalls and does its best to try and explain in plain English what it is defending you against. That said it certainly doesn't lend itself to very non technical users but this is just the nature the complications of software firewalls do bring. And finally as I said initially - not everybody needs or wants this extra protection.
I will try and answer the question to do I (you) need a software firewall first. Then take a look at a specific package - in this case Comodo Firewall.
First off a very quick explanation of what a firewall is and does. Perhaps the best way to describe it is to let you know where the term originally came from. A firewall was a brick wall built between two buildings to stop fire spreading from one to the other. Take this analogy as one house been your home computer and network and the other house the Internet or other outside network. Anything you don't want is blocked by the firewall.
So do you actually need one? Obviously different circumstances exist and I will try and explain these. Firstly let me explain my current configuration and compare that to another example. On my laptop at home I run a well known anti-virus package that I keep updated, a well known spyware/malware protection package and I keep my Windows updates pretty much up to date. As well as this I do regular backups of both my system and my data. On top of this I run this behind a NetGear router that also includes a built in firewall (see my other review). The Windows firewall built into Windows XP is also switched on.
Now lets look at another example - someone who may well be running all of the above but has a broadband "modem" (i.e. has no built in firewall) and travels regularly connecting to WIFI in various locations and cable connections in different offices. In the modem instance they are literally attached to the internet directly and when at other locations may well trust the connection but they cannot be guaranteed to be safe.
In my case I have to say I am not convinced that I would need an extra software firewall. In the second example I think there is certainly a case of installing a 3rd party firewall. You may well ask why not install one anyway - it wont harm so put it on even if you don't think you need it? Well firstly you may well have to pay for the firewall (although in the case of my review you can get this version free). Secondly system performance. Any extra software makes the system more cumbersome and slow - just try a machine without any anti-virus, spyware protection installed to see how fast it can actually go. And finally software firewalls have generally been intrusive - its very much down to often inexperienced users to decide if something is valid to be allowed to connect to or not. Its out of the scope of this review to really help you decide if you do need a software firewall or not - a true security expert would be able to give you plenty of reasons to have one, arguing for instance that a hardware firewall could fail leaving you unprotected, telling you not to rely on the built in Windows XP firewall because it doesn't protect outbound connections etc. What I would say is try this product if in doubt. If you do find it hard to understand, intrusive or whatever you can easily uninstall it. What I would also recommend is trying an online service such as Security Space to see how vulnerable you currently are to help you decide.
After checking a number of other reviews for free firewall software and trying a couple of options I decided to fully test out Comodo Firewall. First of all you may ask if this application is any good why would it be free, there must be a catch? Basically Comodo make security certificates and so are trying to build brand awareness. One of the ways of doing this is putting out good quality free security software such as this firewall and anti-virus software.
The software is just under 80MB to download and comes bundled as part of the Comodo Internet Security package - you can also install the anti-virus module if you wish. As part of this review I didn't as I already have a virus solution I am happy with.
During the install you are asked a few questions. Firstly whether you want -
Firewall only
Firewall with optimum proactive defense
Firewall with maximum proactive defense+
This is quite an important question and one that I don't think is well explained during the installation. What it boils down to however is really how intrusive you want the system to be - i.e. how much do you want to be asked about. The default is Firewall with Optimum Proactive Defense. This can be changed once you have the software up and running.
Next you are asked if you would like to join the "Threatcast community". The default is yes and I will explain this option later. Again you can change this within the application if you decide to later.
You are then asked if you want to use the Comodo secure DNS servers or the your current DNS server (the default). DNS is the mechanism of resolving a host name such as www.yourcompany.com to a computer understandable address on the Internet. Using the Comodo DNS server in theory this has a number of advantages over normal DNS servers that may suffer from poisoning attacks (that is sending you to the wrong address). It also resolves some well known misspelled domain names to the correct location. However unless you are confident of the implications of not using your normal DNS it's probably better to stick with the default. Interestingly I did read on a some forums that the Comodo DNS feature did cause problems for some people.
Finally by default the installation will scan for already present malware. This is a good idea - no point trying to run any sort of security on an already infected computer.
So after installation what happens when you want to install something or make your first connection to the Internet with the likes of Skype, Spotify, instant messaging etc.? Well one of two things can kick in - either the Firewall or Defense+.
The firewall is the actual protection of inbound and outbound network connections. For example should you be able to receive music from Spotify or a make a call on Skype. Defense+ is something different. What Defense+ is protecting against is not the inbound/outbound network connections but what is getting written to your file system (i.e. hard disk), windows registry or memory. For instance when something like Firefox (a well known web browser) gets updated it needs to write to the hard disk to install new files.
As an example I started Skype - a valid application - that I do wanted to access the Internet to make a phone call. The Firewall popped up asking me what I wanted to do with this connection. One useful early indicator is the colour coded warning of yellow, orange or red dependent on potential risk factor. I was prompted with two pieces of information. Firstly potential "Secutiry Considerations" and because I had installed it a "ThreatCast Rating". The "Security Considerations" try and give an as un-technical explanation as they can about the implications of allowing this connection. However I have to say as with all software firewalls this is one of the major problems - it is very hard to explain to a non technical person what is actually going on. In theory then the "ThreatCast Rating" is a really good idea. It basically tells you what other people have decided to do when prompted with this information - in the example of Skype 95% of users thought it was OK. However I do have slight doubts on this too - I think of it as a bit like "Ask the audience" in "Who wants to be a millionaire" - will they always be right? At this point you basically have to choose whether to Allow or Block the request.
The Defense+ follows along the same lines exactly. The "Security Consideration" is slightly different in that it will tell exactly what resource - files on your hard disk, the registry or memory is being accessed. Again you can either Allow or Block the request. You may think what is the point of this anyway if I have virus or spyware protection? What you have to remember is that most anti-virus packages are only as good as the updates they get because somebody has had a new virus, reported it and new protection has been added to the update. With this you can block any suspicious activity.
Needless to say the product can be a lot more complicated than this. Within the application you can see what connections you have open, create special network zones and as I said within the set-up routine decide how intrusive (that is how often you want to be informed) that "something is happening on my system". The system has a good summary section which is pretty easy to understand - telling you how many potential intrusion events have been blocked and what sort of traffic has been running between yourself and the Internet.
I hope you have found this review useful. It's hard to strike a balance between something people would read and getting even more technical. I tried to write the review somewhere in the middle. I have to say I have been pretty impressed with the Comodo Firewall. It scores highly in tests trying to break through software firewalls and does its best to try and explain in plain English what it is defending you against. That said it certainly doesn't lend itself to very non technical users but this is just the nature the complications of software firewalls do bring. And finally as I said initially - not everybody needs or wants this extra protection.
X marks the site!
One of the biggest annoyances with my very frequent use of use Internet Explorer favourites and Firefox bookmarks is the backing up and synchronizing of these items. Just in case you are totally new to web browsers I will quickly explain what these are - when you visit a site that you want to keep a record of you add them to our favourites/bookmarks depending on which web browser you use. I own a couple of computers at home and use a couple of computers at work and on these I have both Internet Explorer and Firefox. Until I came across Xmarks it was always a case of eight (one on each web browser remember) very different lists of my favourite sites and ones I wanted to remember to visit in the future.
Not only did I have a problem with all these different lists, each time I replaced my computers or had a full system crash I had nearly always forgotten to back these up. Sometimes I actually remembered to use the File, Import Export option in Internet Explorer but again it didn't take long to have a mix of different versions.
I tried using "Delicious" for some time and maybe this is worth a review sometime but basically I didn't get along with it (although for reference you can import "Delicious" saved bookmarks). I then stumbled across an add-in for Firefox called "Foxmarks". At the time this synchronization tool was only available for Firefox but was re-launched this year as "Xmarks" with added support for Internet Explorer and Safari on the Mac. Millions of people have now downloaded and used this tool.
As I have said the main point of Xmarks is to be able to synchronize your bookmarks (or favourites in Internet Explorer) between multiple computers and web browsers. An added feature of Xmarks in Firefox (but not in IE and Safari) is the synchronization of stored user name and passwords. Also included is "Site Suggestions" and "Smarter Search" Again I will cover this in the review.
Firstly one of the key differences with Xmarks for Firefox and Internet Explorer is the feel of the utility. Xmarks for Internet Explorer looks and feels more like a Windows service. Anytime you access Xmarks from within Firefox you are doing it from within the browser. The Internet Explorer icon however is accessed from the system tray within Windows itself. But either way it works just as well.
So let's take a look at how this works when installed. The first thing to do is synchronize one of your browsers to the Xmarks server on the Internet. A point here is that you can actually host your own internal Xmarks server. This may be useful to companies who want to sync browsers without connecting to or trusting the Internet. You then have a choice of whether you want to sync to the server, from the server or merge the two together. Eventually after running this process on each of your computers or web browser you will get a fully synched version of your bookmarks on each machine. If you may want to organize your bookmarks you can also do this centrally via a web browser by logging into the Xmarks site. So you can still get to your bookmarks even if you are on somebody else's computer or in an Internet Cafe for instance.
One useful feature is also to create profiles with your bookmarks as a subset. For instance you may not want all of your work and home bookmarks to be mixed and available on all computers and browsers. Xmarks comes with predefined "Work" and "Home" profiles so you just choose which sites you want in these and only sync this part to the computer. Another predefined profile "mobile.foxmarks.com" is used and optimised for mobile phones.
You can actually share your bookmarks by posting them to a web page. Again this can be done through the Xmarks web site.
So really that's its for the synchronization. It really is quite simple. If that wasn't good enough already though Xmarks does include some extra features. Firstly there is "Smarter Search" - this allows you to get some basic information about a site before opening it. For instance when you do a Google search an you get an icon next to the result for each site that when clicked shows you a basic screen shot from the site, reviews of the site and where it is ranked in different categories.
A couple of other features seem to be included in the Firefox version only at the moment.
When you open a site in Firefox with Xmarks installed you also have an option to "Get Site Info". This gives you a basic description of the site and also gives you its top 5 suggestions for similar sites - for instance going on Facebook suggested Twitter, MySpace etc. This is actually really useful for discovering new sites.
The final and perhaps most useful extra tool and again only available in Firefox is the synchronization of passwords. I should add actually that the Internet Explorer version of Xmarks has this as "coming soon". If you use Firefox you will know that when you log into a web site that requires a username and password you get an option to save this information. If you look in Tools, Options, Security, Save Passwords.. you will see this information. What Xmarks can do is synchronize this between your different computers. To keep this secure you not only need to log into Xmarks but create a PIN to upload/download the passwords. This is then 256 bit encrypted for security. Again I find this a really useful tool and look forward to it working within Internet Explorer too.
So that's it really. I have to say Xmarks does exactly what it promises and a little bit more and has certainly made my multiple computer/browser life much easier.
Not only did I have a problem with all these different lists, each time I replaced my computers or had a full system crash I had nearly always forgotten to back these up. Sometimes I actually remembered to use the File, Import Export option in Internet Explorer but again it didn't take long to have a mix of different versions.
I tried using "Delicious" for some time and maybe this is worth a review sometime but basically I didn't get along with it (although for reference you can import "Delicious" saved bookmarks). I then stumbled across an add-in for Firefox called "Foxmarks". At the time this synchronization tool was only available for Firefox but was re-launched this year as "Xmarks" with added support for Internet Explorer and Safari on the Mac. Millions of people have now downloaded and used this tool.
As I have said the main point of Xmarks is to be able to synchronize your bookmarks (or favourites in Internet Explorer) between multiple computers and web browsers. An added feature of Xmarks in Firefox (but not in IE and Safari) is the synchronization of stored user name and passwords. Also included is "Site Suggestions" and "Smarter Search" Again I will cover this in the review.
Firstly one of the key differences with Xmarks for Firefox and Internet Explorer is the feel of the utility. Xmarks for Internet Explorer looks and feels more like a Windows service. Anytime you access Xmarks from within Firefox you are doing it from within the browser. The Internet Explorer icon however is accessed from the system tray within Windows itself. But either way it works just as well.
So let's take a look at how this works when installed. The first thing to do is synchronize one of your browsers to the Xmarks server on the Internet. A point here is that you can actually host your own internal Xmarks server. This may be useful to companies who want to sync browsers without connecting to or trusting the Internet. You then have a choice of whether you want to sync to the server, from the server or merge the two together. Eventually after running this process on each of your computers or web browser you will get a fully synched version of your bookmarks on each machine. If you may want to organize your bookmarks you can also do this centrally via a web browser by logging into the Xmarks site. So you can still get to your bookmarks even if you are on somebody else's computer or in an Internet Cafe for instance.
One useful feature is also to create profiles with your bookmarks as a subset. For instance you may not want all of your work and home bookmarks to be mixed and available on all computers and browsers. Xmarks comes with predefined "Work" and "Home" profiles so you just choose which sites you want in these and only sync this part to the computer. Another predefined profile "mobile.foxmarks.com" is used and optimised for mobile phones.
You can actually share your bookmarks by posting them to a web page. Again this can be done through the Xmarks web site.
So really that's its for the synchronization. It really is quite simple. If that wasn't good enough already though Xmarks does include some extra features. Firstly there is "Smarter Search" - this allows you to get some basic information about a site before opening it. For instance when you do a Google search an you get an icon next to the result for each site that when clicked shows you a basic screen shot from the site, reviews of the site and where it is ranked in different categories.
A couple of other features seem to be included in the Firefox version only at the moment.
When you open a site in Firefox with Xmarks installed you also have an option to "Get Site Info". This gives you a basic description of the site and also gives you its top 5 suggestions for similar sites - for instance going on Facebook suggested Twitter, MySpace etc. This is actually really useful for discovering new sites.
The final and perhaps most useful extra tool and again only available in Firefox is the synchronization of passwords. I should add actually that the Internet Explorer version of Xmarks has this as "coming soon". If you use Firefox you will know that when you log into a web site that requires a username and password you get an option to save this information. If you look in Tools, Options, Security, Save Passwords.. you will see this information. What Xmarks can do is synchronize this between your different computers. To keep this secure you not only need to log into Xmarks but create a PIN to upload/download the passwords. This is then 256 bit encrypted for security. Again I find this a really useful tool and look forward to it working within Internet Explorer too.
So that's it really. I have to say Xmarks does exactly what it promises and a little bit more and has certainly made my multiple computer/browser life much easier.
Utilities and commands to automate the Windows 2003 Server ASR backup
In my previous Blog posting I talked about the theory in automating a Windows 2003 Server backup. Let's now look at the actual utilities and commands to make this possible. I will run through the command in the actual order I use them in a batch file. I would in fact run through these commands outside of a batch file first to check each command runs successfully on your server. Links to the utilities used can be found at the end of the Blog.
The first utility we need it Devcon. This is Microsoft command line utility that can be used instead of Device Manager. What we are going to do is disable the physical floppy disk device using this utility. Once you have Devcon installed first issue this command which should list any of your devices with the word "floppy" in it –
DEVCON find *floppy*
What this should do is return some sort of floppy disk drive if you have one installed. To disable this device I then use
DEVCON disable *floppy*
If you check Windows Explorer or Device Manager you should now find the floppy disk drive is missing/disabled.
The next utility I use is "Virtual Floppy Drive". Once this is installed I can use the "VFD" command to manipulate the virtual floppy disk drive. First I issue the following two commands –
VFD start
VFD open /force
This starts the virtual floppy and "opens" a blank 3.5" 1.44MB disk into it
Next we start the actual backup. Like I said previously I store the backups on an attached USB device that is shared. This way I already have the backup ready on a removable device. So the command issued here is quite simple –
ntbackup asrbackup /j "ASR" /f \\SERVERHOSTINGTHEUSBDEVICE\ASR$\%computername%\asr.bkf
Just running through the above the "asrbackup" just tells ntbackup that we are running an ASR backup. The /j "ASR" just gives the backup "job" a name which is useful for checking log files. The /f just says we are backing up to a file. Within the file location I add the %computername% so that I get a structure of server names on my USB device.
Once the ASR backup has finished we end up with some key files on the virtual floppy disk. So I then issue a COPY command of the floppy disk files to a subdirectory of the backup called FLOPPY. For reference it's also worth knowing you can retrieve these important files from the backup file itself. If you had to do this you open the backup file in ntbackup and open the second listed drive C. In there you will see a Windows directory and then a repair directory. You can navigate to the files within this directory and restore from there to a floppy disk.
Having copied the files from the floppy I can stop the virtual floppy disk drive. This is done using the following command –
VFD /stop /force
And once the virtual floppy disk has been stopped when can enable the physical floppy disk drive using
DEVCON enable *floppy*
So that's it really. The only additional thing is to schedule the task using the built in Windows scheduler. Just one thing to remember here and it relates to checking the backup log file. To open a log file you can open "ntbackup" and then choose Tools, Report. Just remember that if you create the scheduled task to run under a separate username the logs are stored under that user's profile. And finally this system should work exactly the same way on Windows XP.
The following utilities were used -
The utility can be downloaded from the following location -
http://support.microsoft.com/kb/311272
Virtual Floppy Drive -
http://chitchat.at.infoseek.co.jp/vmware/vfd.html
If you do have any comments or a better way of automating this system please post your comments.
The first utility we need it Devcon. This is Microsoft command line utility that can be used instead of Device Manager. What we are going to do is disable the physical floppy disk device using this utility. Once you have Devcon installed first issue this command which should list any of your devices with the word "floppy" in it –
DEVCON find *floppy*
What this should do is return some sort of floppy disk drive if you have one installed. To disable this device I then use
DEVCON disable *floppy*
If you check Windows Explorer or Device Manager you should now find the floppy disk drive is missing/disabled.
The next utility I use is "Virtual Floppy Drive". Once this is installed I can use the "VFD" command to manipulate the virtual floppy disk drive. First I issue the following two commands –
VFD start
VFD open /force
This starts the virtual floppy and "opens" a blank 3.5" 1.44MB disk into it
Next we start the actual backup. Like I said previously I store the backups on an attached USB device that is shared. This way I already have the backup ready on a removable device. So the command issued here is quite simple –
ntbackup asrbackup /j "ASR" /f \\SERVERHOSTINGTHEUSBDEVICE\ASR$\%computername%\asr.bkf
Just running through the above the "asrbackup" just tells ntbackup that we are running an ASR backup. The /j "ASR" just gives the backup "job" a name which is useful for checking log files. The /f just says we are backing up to a file. Within the file location I add the %computername% so that I get a structure of server names on my USB device.
Once the ASR backup has finished we end up with some key files on the virtual floppy disk. So I then issue a COPY command of the floppy disk files to a subdirectory of the backup called FLOPPY. For reference it's also worth knowing you can retrieve these important files from the backup file itself. If you had to do this you open the backup file in ntbackup and open the second listed drive C. In there you will see a Windows directory and then a repair directory. You can navigate to the files within this directory and restore from there to a floppy disk.
Having copied the files from the floppy I can stop the virtual floppy disk drive. This is done using the following command –
VFD /stop /force
And once the virtual floppy disk has been stopped when can enable the physical floppy disk drive using
DEVCON enable *floppy*
So that's it really. The only additional thing is to schedule the task using the built in Windows scheduler. Just one thing to remember here and it relates to checking the backup log file. To open a log file you can open "ntbackup" and then choose Tools, Report. Just remember that if you create the scheduled task to run under a separate username the logs are stored under that user's profile. And finally this system should work exactly the same way on Windows XP.
The following utilities were used -
The utility can be downloaded from the following location -
http://support.microsoft.com/kb/311272
Virtual Floppy Drive -
http://chitchat.at.infoseek.co.jp/vmware/vfd.html
If you do have any comments or a better way of automating this system please post your comments.
The theory of automating the ASR backup on a Windows 2003 Server
OK so if you have read my previous Blog post you will know how handy it is to keep a copy of an ASR backup. However at this point we have been looking at this as a manual process by starting the "ntbackup" application and running the ASR Wizard. So first of all in this Blog I am going to explain some of the problems associated with trying to automate this process and at a high level look at ways of getting round the problems. In a follow up Blog I will post the actual technicalities of getting the automated method to work.
So let's look at the first problem which is telling the Windows Backup Utility from a command line to run an ASR backup with user intervention. I am sure you will know but running "ntbackup /?" will show a list of parameters available from the command line. What isn't documented however is "ntbackup asrbackup" command. With this one command we have solved the first hurdle of automating the backup.
The second and perhaps most complex issue however is that of the floppy disk. Let's consider first the problematic scenario in that the server has no floppy disk. If we manually ran the ASR backup this wouldn't actually be a problem as we could just cancel out when prompted for a floppy disk at the end of the backup. The next problem is if the server actually does have a floppy disk drive. Most administrators would not want to leave a floppy disk in the drive for various reasons not least if the server rebooted and the boot order was set to start from a floppy disk. Before explaining how I get round these two issues I will point out one more thing. As far as these instructions go at the moment you don't need a floppy disk drive on the server to create the backup. However if your machine does not have a physical floppy disk drive you will need a USB floppy drive during the recovery operation. In a future Blog I intend to cover any potential methods of getting round this problem and would like to hear from people who have worked out a way round this problem. At the moment I keep one USB drive for all of the machines with no floppy drive.
So to address the first problem I use some virtual floppy disk drive software. This mounts a virtual drive A: that the backup can write to at the end of the process.
Second on machines with a physical floppy disk drive I also use the virtual floppy drive. However before doing this I disable the physical floppy disk drive using the Microsoft DEVCON utility. When the ASR backup has finished I enable the physical device.
And finally in this stage the actual ASR backup job is run using the built in Windows scheduler.
Before stopping the virtual floppy disk drive I copy the contents from it to a subdirectory of the backup. This saves me having to extract the files needed for the floppy disk from the actual backup file.
As for the storage of the ASR backups I use a network attached USB device that is shared from a machine. This way I don't even need to copy the backup when I need to recover a system, its already on a device I can attach to the damaged machine.
So that's it in theory. In my next Blog post I will put this together showing which utilities and commands I actually use. If you have any comments or ideas on how this process can be improved on please let me know via the comments section.
So let's look at the first problem which is telling the Windows Backup Utility from a command line to run an ASR backup with user intervention. I am sure you will know but running "ntbackup /?" will show a list of parameters available from the command line. What isn't documented however is "ntbackup asrbackup" command. With this one command we have solved the first hurdle of automating the backup.
The second and perhaps most complex issue however is that of the floppy disk. Let's consider first the problematic scenario in that the server has no floppy disk. If we manually ran the ASR backup this wouldn't actually be a problem as we could just cancel out when prompted for a floppy disk at the end of the backup. The next problem is if the server actually does have a floppy disk drive. Most administrators would not want to leave a floppy disk in the drive for various reasons not least if the server rebooted and the boot order was set to start from a floppy disk. Before explaining how I get round these two issues I will point out one more thing. As far as these instructions go at the moment you don't need a floppy disk drive on the server to create the backup. However if your machine does not have a physical floppy disk drive you will need a USB floppy drive during the recovery operation. In a future Blog I intend to cover any potential methods of getting round this problem and would like to hear from people who have worked out a way round this problem. At the moment I keep one USB drive for all of the machines with no floppy drive.
So to address the first problem I use some virtual floppy disk drive software. This mounts a virtual drive A: that the backup can write to at the end of the process.
Second on machines with a physical floppy disk drive I also use the virtual floppy drive. However before doing this I disable the physical floppy disk drive using the Microsoft DEVCON utility. When the ASR backup has finished I enable the physical device.
And finally in this stage the actual ASR backup job is run using the built in Windows scheduler.
Before stopping the virtual floppy disk drive I copy the contents from it to a subdirectory of the backup. This saves me having to extract the files needed for the floppy disk from the actual backup file.
As for the storage of the ASR backups I use a network attached USB device that is shared from a machine. This way I don't even need to copy the backup when I need to recover a system, its already on a device I can attach to the damaged machine.
So that's it in theory. In my next Blog post I will put this together showing which utilities and commands I actually use. If you have any comments or ideas on how this process can be improved on please let me know via the comments section.
Introduction to ASR
Welcome to my new Blog that covers information on PC and Server imaging and recovery using a variety of systems including Ghost, Microsoft's built in Automated System Recovery (ASR), Remote Installation Services (RIS) and Windows Deployment Services amongst others.
In my first blog I am going to look at the somewhat underrated, somewhat under documented but very powerful ASR available in Windows XP, Vista, Windows 2003 Server and Windows 2008 Server. I shall follow that with an overview of automating this process with a scheduled task - not as easy as it sounds!
OK so let's start with a look at what ASR is. I am not going to spend ages on this. At the end of the day the basics of ASR are well documented on the web by Microsoft amongst others. The first basic thing you should know is that ASR is built into the bundled Windows Backup Utility ("ntbackup"). The system is started using the "Automated System Recovery Wizard". After running the wizard you end up with two things - an actual backup in a location specified and a floppy disk that contains a couple of key files that identifies specific information about your system.
Secondly ASR is only interested in the recovery of your system partition (i.e. where Windows is installed) of your PC or server. For instance if you have a machine with drives C, D and E and your hard disk fails only drive C is going to be recovered if that's where your Windows system is installed. So ASR is not a replacement for your normal backup procedures and merely compliments it. On such a system you would restore using ASR and then restore any data on the D and E partitions using your normal backup software.
The next question is what does actually get backed up and restored using ASR? System state data which includes the likes of the registry, boot files and IIS Metadirectory (if Internet Information Server is installed) amongst others and services are all recovered. ASR documentation seems to imply that "data" does not get backed up and restored during this process. This may be referring to data as in the example above if its stored on other partitions. However in my experiments I have always found data that was stored on the system partition is backed up and recovered.
You should remember that recovering from an ASR backup is a last resort method of recovering your system. You should try using methods such as safe mode and last known good configuration before resorting to the ASR method.
To recover the system using ASR you boot from your operating source CD and then press F2 when prompted. You will be asked for the floppy disk created above and finally the location of the backup file. The floppy disk is vital this process but if you have lost it don't worry. This can be created again from the actual backup and I will cover this in the next section when we automate this process.
If you would like to comment on what you have found gets recovered and what doesn't and what problems you have found exist with the ASR process it would be great to hear from you. I will update the blog when possible from such comments.
In my first blog I am going to look at the somewhat underrated, somewhat under documented but very powerful ASR available in Windows XP, Vista, Windows 2003 Server and Windows 2008 Server. I shall follow that with an overview of automating this process with a scheduled task - not as easy as it sounds!
OK so let's start with a look at what ASR is. I am not going to spend ages on this. At the end of the day the basics of ASR are well documented on the web by Microsoft amongst others. The first basic thing you should know is that ASR is built into the bundled Windows Backup Utility ("ntbackup"). The system is started using the "Automated System Recovery Wizard". After running the wizard you end up with two things - an actual backup in a location specified and a floppy disk that contains a couple of key files that identifies specific information about your system.
Secondly ASR is only interested in the recovery of your system partition (i.e. where Windows is installed) of your PC or server. For instance if you have a machine with drives C, D and E and your hard disk fails only drive C is going to be recovered if that's where your Windows system is installed. So ASR is not a replacement for your normal backup procedures and merely compliments it. On such a system you would restore using ASR and then restore any data on the D and E partitions using your normal backup software.
The next question is what does actually get backed up and restored using ASR? System state data which includes the likes of the registry, boot files and IIS Metadirectory (if Internet Information Server is installed) amongst others and services are all recovered. ASR documentation seems to imply that "data" does not get backed up and restored during this process. This may be referring to data as in the example above if its stored on other partitions. However in my experiments I have always found data that was stored on the system partition is backed up and recovered.
You should remember that recovering from an ASR backup is a last resort method of recovering your system. You should try using methods such as safe mode and last known good configuration before resorting to the ASR method.
To recover the system using ASR you boot from your operating source CD and then press F2 when prompted. You will be asked for the floppy disk created above and finally the location of the backup file. The floppy disk is vital this process but if you have lost it don't worry. This can be created again from the actual backup and I will cover this in the next section when we automate this process.
If you would like to comment on what you have found gets recovered and what doesn't and what problems you have found exist with the ASR process it would be great to hear from you. I will update the blog when possible from such comments.
Subscribe to:
Comments (Atom)