PXE is a great way of booting client machines from a network card. It's useful for accessing network resources, disk tools and imaging software and you don't have to mess around with bootable CD's or floppy disks.
Companies like Symantec sell quite high end solutions that allow PXE to be on their networks yet you don't need to spend a single penny in order to get a useful, working PXE environment - This is how you do it for free.
1. Obtain the following software:
TFTP32
WinImage
3Com's MBAUTIL (This one might be a pain to get hold of. If so, drop me an email and I can make it available for download from this site).
2. On a Windows DHCP Server (it might work on others but this is untested) add the following options:
66 Boot Server Host Name
67 Bootfile Name
Bootfile Name should be mba.pxe (Which we will create later).
Boot Server Host Name should be the IP address of where the TFTP server will live.
3. On the server you want to have acting as a PXE server install TFTP32.
4. Create a folder called PXE on the root of C:\ then Launch TFPT32 and click on Settings.
5. Configure TFTP32 as follows:
turn OFF DHCP Server, Syslog Server and SNTP Server.
Change the DEFAULT folder to C:\PXE
Close and relaunch TFTP32.
6. Install WinImage onto your workstation.
7. Either take an existing floppy boot image or take an actual bootable floppy and allow Winimage to create a IMA file. DO NOT use compressed IMZ format. For this example I'm using a bootable version of partition magic.
8. On the PXE server, create a folder called PXE and drop the IMA file from step 7 into it.
9. On the workstation or on the PXE server install the 3COM MBAUTIL tool. Because this is a 16 bit tool do NOT install it into program files. The root of C: is best.
10. Launch c:\MBAUTIL\IMGEDIT\IMGEDIT.EXE and accept all the defaults.
11. Click on 'Create a PXE menu file' - Add in options for Hard Disk boot and for the floppy disk tool you are going to convert. save this file as c:\pxe\mba.pxe
12. On the main IMGEDIT menu click on Edit an existing file.
13. Click on the IMA file in the C:\PXE folder.
14. Click on Properties and then change.
15. Change the type to TCP/IP and select the PRE-OS and WRITABLE radio buttons. You need to do this every time you modify the IMA file or drop a new one in the PXE folder.
That's It! You now have a working PXE environment. To try it boot a machine from it's network card. REMEMBER! The machine MUST be on the same subnet as the PXE server otherwise it may not be able to get across the router without additional router configs. This increases complexity and makes it a pain to troubleshoot.
Friday, August 25, 2006
Wednesday, August 23, 2006
More August patch woes for Microsoft
Microsoft is having a seriously bad time with MS06-042.
Not only does the original patch cause IE to crash when browsing websites using the HTTP 1.1 protocol but now they have found out that this bug the security patch is EXPLOITABLE.
So Microsoft's own security patch is a security risk. This is utterly inexcusable and shows that something is missing at Redmond's testing labs. Hopefully they will not make this mistake again. For now though, This fixed patch remains unreleased.
EDIT: Microsoft have now re-released the patch. Interestingly enough, the patch name stays the same put the version number on the web page has changed and also the published date on the website stays the same. I'll keep an eye on this and post any further news that comes this way.
Not only does the original patch cause IE to crash when browsing websites using the HTTP 1.1 protocol but now they have found out that this bug the security patch is EXPLOITABLE.
So Microsoft's own security patch is a security risk. This is utterly inexcusable and shows that something is missing at Redmond's testing labs. Hopefully they will not make this mistake again. For now though, This fixed patch remains unreleased.
EDIT: Microsoft have now re-released the patch. Interestingly enough, the patch name stays the same put the version number on the web page has changed and also the published date on the website stays the same. I'll keep an eye on this and post any further news that comes this way.
Wednesday, August 16, 2006
MS06-040 & MS06-042 News
Seems that Microsoft is having more patch fun and games.
As per my previous blog entry, if you have not deployed MS06-040 then do so as soon as possible. There are several trojans running around that exploit this security hole and whilst none of them do much in the way of damage it has to be assumed it's only a matter of time until something nasty occurs.
At the time of writing several worms were know to be in the wild, Symantec have a good summary of the type of trojans that are being seen.
According to Microsoft Security blog article part of MS06-042 is going to be re-released by 22nd August thanks to a bug in HTTP 1.1 compression routines.
As per my previous blog entry, if you have not deployed MS06-040 then do so as soon as possible. There are several trojans running around that exploit this security hole and whilst none of them do much in the way of damage it has to be assumed it's only a matter of time until something nasty occurs.
At the time of writing several worms were know to be in the wild, Symantec have a good summary of the type of trojans that are being seen.
According to Microsoft Security blog article part of MS06-042 is going to be re-released by 22nd August thanks to a bug in HTTP 1.1 compression routines.
Monday, August 14, 2006
Replace W32tm with a GUI tool
I think most people understand that time is getting more and more important to computers.
With various tools relying on timestamps you really need to have a good understanding of how time services work in your environment. I am planning a blog article that will go into a lot more detail of the various tools and options for time in Windows and other platforms later on but for now I have come across a nice little tool that can take some of the immediate pain out configuring time on Windows servers.
Greyware make a very nice range of NTP tools and have just started offering a free control panel applet that manipulates w32tm (the DOS time sync tool) in a nice and simple GUI.
If you have ever had to mess around with W32tm then you will now how welcome this GUI tool is! It can be downloaded from here.
With various tools relying on timestamps you really need to have a good understanding of how time services work in your environment. I am planning a blog article that will go into a lot more detail of the various tools and options for time in Windows and other platforms later on but for now I have come across a nice little tool that can take some of the immediate pain out configuring time on Windows servers.
Greyware make a very nice range of NTP tools and have just started offering a free control panel applet that manipulates w32tm (the DOS time sync tool) in a nice and simple GUI.
If you have ever had to mess around with W32tm then you will now how welcome this GUI tool is! It can be downloaded from here.
Sunday, August 13, 2006
Deploy MS06-040 if you have not done so.
Microsoft have advised that MS06-040 should be deployed ASAP.
This security hole does have a confirmed exploit that is limited in the damage it can cause but the simple fact that there IS an exploit out there means that a serious exploit could be just around the corner. Patch NOW and save yourself the possible later grief!
This security hole does have a confirmed exploit that is limited in the damage it can cause but the simple fact that there IS an exploit out there means that a serious exploit could be just around the corner. Patch NOW and save yourself the possible later grief!
Friday, August 11, 2006
Novell Zenworks
The last day of my course touched on Zenworks and when I say touched I mean that we spent a day on Zenworks yet looked at just a VERY small handful of the suite.
To say Zenworks is huge is a bit like saying a nuclear explosion is a 'bit noisy'. This thing contains support for pretty much everything out there from laptops to desktops to servers to handhelds and beyond.
The area we looked at on the course was Zenworks for desktops. Basically this requires a NetWare server for the explorer components which goes out on the network, finds all the machines and reports them to the Zenworks database.
Once in the database you have all sorts of management and monitoring as is normal with these types of products. Alerts will be reported into a central database and can be send out via email, pager, SMS or other combination.
Zenworks appears to be a pure 'back end' product. There is no 'nice' front end from which the status of a network can be easily worked out it really is a techie back end tool.
From what I saw of Zenworks there is very little it cannot do but it requires NetWare and eDirectory which if not already used day to day by clients in an environment can really complicate the environment. In these cases something much simpler such as SMS would undoubtedly win.
To say Zenworks is huge is a bit like saying a nuclear explosion is a 'bit noisy'. This thing contains support for pretty much everything out there from laptops to desktops to servers to handhelds and beyond.
The area we looked at on the course was Zenworks for desktops. Basically this requires a NetWare server for the explorer components which goes out on the network, finds all the machines and reports them to the Zenworks database.
Once in the database you have all sorts of management and monitoring as is normal with these types of products. Alerts will be reported into a central database and can be send out via email, pager, SMS or other combination.
Zenworks appears to be a pure 'back end' product. There is no 'nice' front end from which the status of a network can be easily worked out it really is a techie back end tool.
From what I saw of Zenworks there is very little it cannot do but it requires NetWare and eDirectory which if not already used day to day by clients in an environment can really complicate the environment. In these cases something much simpler such as SMS would undoubtedly win.
Wednesday, August 09, 2006
Novell's iFolder
One of the oft overlooked tools in the Novell collection is iFolder. This little tool can be installed as part of a NetWare installation or downloaded separately and installed onto Linux.
I'm not sure of the exact licensing but I think iFolder may be a freebie if you get it from the spin-off http://www.ifolder.com website
iFolder is a simple tool that via a client installation allows you to point to a network folder and synchronize it down to your PC. When on the network the sync is in the background and when off the network it's accessible it simply re-syncs everything.
Overall, it's a very simple sync tool that you can plug into an existing network and it just works. iFolder 2 which is the version that comes with NetWare supports encryption where as iFolder 3 which is available for download from the above weblink DOES NOT support encryption.
There are other solutions out there that will do a lot more and are much more configurable - Connected Data Protector springs to mind and this application has quite powerful features as well as strong encryption.
Either way, iFolder is a nice little tool and even better that it's free to download and use. Next week I plan on trying out iFolder 3 on my test network to see how 'easy' it is to get it up and running on Linux.
I'm not sure of the exact licensing but I think iFolder may be a freebie if you get it from the spin-off http://www.ifolder.com website
iFolder is a simple tool that via a client installation allows you to point to a network folder and synchronize it down to your PC. When on the network the sync is in the background and when off the network it's accessible it simply re-syncs everything.
Overall, it's a very simple sync tool that you can plug into an existing network and it just works. iFolder 2 which is the version that comes with NetWare supports encryption where as iFolder 3 which is available for download from the above weblink DOES NOT support encryption.
There are other solutions out there that will do a lot more and are much more configurable - Connected Data Protector springs to mind and this application has quite powerful features as well as strong encryption.
Either way, iFolder is a nice little tool and even better that it's free to download and use. Next week I plan on trying out iFolder 3 on my test network to see how 'easy' it is to get it up and running on Linux.
Tuesday, August 08, 2006
NetWare 6.5
Today was the first time I have played with NetWare since version 4.11. NetWare 4.11 was also known as Intranetware and contained a host of improvements. NetWare 4 also introduced NDS - Novell Directory Services several years ahead of Active Directory.
I did briefly touch NetWare 5 during a migration of a companies NetWare 5 server to our Windows NT4 environment but I never had the chance to really look at it to see what changes had been made so this was the first real chance I have had to get back into NetWare until just recently,
NetWare has changed between a lot between NetWare 4 and 6.5. Whilst it still requires a hefty chunk of memory at start you can tweak it by removing things like the seriously memory intensive JAVA GUI front end and running with the really 1980s style front end.
Don't let the old style menus fool you though because NetWare still has some amazingly capabilities that you pay a small fortune for on other platforms.
Out of the box NetWare is still far superior as a file server compared to a Windows server. It's quota configuration really is years ahead of Microsoft's or even NetApp's quota system.
Like NetApp a NetWare server can be a storage target for both Windows and Unix/Linux (NFS)
platforms but unlike NetApp a NetWare server has a lot more tricks up it's electronic sleeves. One of the really nice features is the Novell Remote Manager pictured on the right. This is a damn useful web tool for monitoring your server and seeing exactly what is going is. This is something Microsoft and Linux both lack.
It's a shame that the general thought in the IT industry is that Novell is close to dying or being bought out because it is stopping NetWare making even a tenth of the sort of inroads in had in the past and I really don't see this changing at anytime.
I did briefly touch NetWare 5 during a migration of a companies NetWare 5 server to our Windows NT4 environment but I never had the chance to really look at it to see what changes had been made so this was the first real chance I have had to get back into NetWare until just recently,
NetWare has changed between a lot between NetWare 4 and 6.5. Whilst it still requires a hefty chunk of memory at start you can tweak it by removing things like the seriously memory intensive JAVA GUI front end and running with the really 1980s style front end.
Don't let the old style menus fool you though because NetWare still has some amazingly capabilities that you pay a small fortune for on other platforms.
Out of the box NetWare is still far superior as a file server compared to a Windows server. It's quota configuration really is years ahead of Microsoft's or even NetApp's quota system.
Like NetApp a NetWare server can be a storage target for both Windows and Unix/Linux (NFS)
platforms but unlike NetApp a NetWare server has a lot more tricks up it's electronic sleeves. One of the really nice features is the Novell Remote Manager pictured on the right. This is a damn useful web tool for monitoring your server and seeing exactly what is going is. This is something Microsoft and Linux both lack.It's a shame that the general thought in the IT industry is that Novell is close to dying or being bought out because it is stopping NetWare making even a tenth of the sort of inroads in had in the past and I really don't see this changing at anytime.
Sunday, August 06, 2006
This coming week
This coming week sees me on a customized Novell training course that will cover eDirectory, Novell's Identity Manager and Zenworks.
As this week will be a fully fledged Novell week for me I thought it would be good if the blog reflected that so expect a few Novell postings!!
As this week will be a fully fledged Novell week for me I thought it would be good if the blog reflected that so expect a few Novell postings!!
Wednesday, August 02, 2006
Microsoft acquire SysInternals
If you work in the IT field then chances are you know of Sysinternals. For those that don't, Sysinternals is a website dedicated to advanced utilities that can dig down deep into the bowels of the Windows operating system.
Mark Russinovich, Owner and founder of Sysinternals announced the he had sold the rights to Microsoft and will be heading off to work for them. Typically this announcement caused a 50/50 split between fans of Sysinternals concerned that the utilities and information found on the sysinternals web site would no longer be available or would be hidden in the bowels of Microsoft's web site.
Personally, I think the move could be a good one as it may help to revamp some of the tools in Microsoft's operating systems that have been around since day one - Task Manager for example could easily be replaced by Process Explorer.
Interesting enough, Marks first blog entry as a Microsoft employee does talk about several internal tools he was shown at Microsoft that do some very clever things with analyzing performance. If Microsoft is serious about this sort of thing it would be good to see them release free performance analysis tools suite.
Right now it seems that the move Mark has made to Microsoft could be a good one. I just hope that he is given the freedom necessary to keep developing his own products and to keep the sysinternals website working.
Either way, this weekend I will be downloading all the sysinternals tools just in case Microsoft either decide to remove them or relocate them behind all the validation checks they have started doing on Microsofts download page.
Mark Russinovich, Owner and founder of Sysinternals announced the he had sold the rights to Microsoft and will be heading off to work for them. Typically this announcement caused a 50/50 split between fans of Sysinternals concerned that the utilities and information found on the sysinternals web site would no longer be available or would be hidden in the bowels of Microsoft's web site.
Personally, I think the move could be a good one as it may help to revamp some of the tools in Microsoft's operating systems that have been around since day one - Task Manager for example could easily be replaced by Process Explorer.
Interesting enough, Marks first blog entry as a Microsoft employee does talk about several internal tools he was shown at Microsoft that do some very clever things with analyzing performance. If Microsoft is serious about this sort of thing it would be good to see them release free performance analysis tools suite.
Right now it seems that the move Mark has made to Microsoft could be a good one. I just hope that he is given the freedom necessary to keep developing his own products and to keep the sysinternals website working.
Either way, this weekend I will be downloading all the sysinternals tools just in case Microsoft either decide to remove them or relocate them behind all the validation checks they have started doing on Microsofts download page.
Subscribe to:
Posts (Atom)