I was compelled to set up a file server because my clients maxed out their Dropbox. Originally, they were only sharing about 100MB worth of documents, so, I figured Dropbox was the ideal solution for them. Of course as they got real comfortable, they started sharing folders and moving enormous PDFs, .wav files and videos into the Dropbox. Needless to say, they maxed it out pretty quickly. I could upgrade their Dropbox, but then I’d have to upgrade everybody’s Dropbox and at this point there are at least ten different clients accessing the data at any given time. So, a dedicated file server seemed like the logical choice.

After reading Paul Thurrott’s review on the SuperSite a number of years ago, I had high hopes for Windows Home Server (WHS) but never had a reason to set one up until now. I was excited to try out a new Microsoft OS and have an always-on dedicated FTP file server to support the needs of my clients in a scalable way. So I did, I grabbed an old Compaq desktop PC that was given to me by a client who called it a “boat anchor” (a 2007 “vista capable” computer that came with Vista pre-SP1 installed on it) and told me to just get rid of it — obviously, I can’t do that — so now it is a file server.

I burned the MSDN ISO of WHS to a DVD/RW and began installing it. The installation screen had a strange mix of new and old; it has the same Windows XP installer look, but with some sleeker Windows Vista style informative tidbits. Half way through the installation it displays this oldschool looking DOS installer whereby it installs additional components, on the top of the screen it indicates Windows Server 2003, which WHS is based on. I’m told the stability is amazing.

WHS boots up and makes you do that Control-Alt-Delete thing to get in. I’m told that this is for security reasons, but I can’t exactly recall why. VNC lets you execute controls like C-A-D so I’m at a loss. Maybe it’s a dated security feature. Once you get to the desktop, you’re greeted with a local webpage indicating to you that you shouldn’t be using WHS directly, but rather via the Windows Home Console on another computer. Okay, fine, but I have to set all that up first. So, thanks for the premature warning I guess, Microsoft.

So, I close the awkward local html file warning page. Looking around, it looks like Windows XP, except a little off. The start menu is missing a bunch of stuff like on those heavily restricted public computers. All of the visual niceties have been disabled, so when you drag windows around there is that oldschool outline, Windows Classic theme, no fading/sliding on right-click, shadows, etc. It looks like Windows 98, XP and Vista all at the same time. And since it’s a server, that’s fine, however I thought that this OS was meant for somewhat novice home users to configure on their own? If that’s the case, then this whole thing definitely falls short in the ease of use/configuration category.

So, to begin, I click Windows Home Server Console and a wizard takes you through the steps of setting up the Console. It was simpler than I expected, considering the awkward and unfriendly UI experience it started with. Once it got to the remote access and Internet accessibility of the Console, however, things came to a halt. Cleverly, WHS tries to enable UPnP (Universal Plug and Play) in your router to make things easy. However, just like with ActiveX, UPnP was/is the cause of many security exploits and malware so by default, many routers have UPnP disabled — including the one I am using. So, I enabled UPnP on this Netgear router and then the wizard was able to proceed, however, it still briefly flashed  that orange exclamation mark icon before stating that everything was A-OK and later on down the line it would tell me periodically that remote access functionality wasn’t working. To fix it, I would click repair and it would show me a spinny wheel for a while, then, somehow, it would be fine… for a while. Fortunately, I don’t rely on gimmicky “remote access” hubs/add-ins, I use the real deal: UltraVNC.

So, having read a great deal about WHS, I know what it’s meant to do and I elected to use it because I’ve heard such great things about the stability of Server 2003/2008, and since WHS is based on Server 2003, I figure that’s as stable as it’s gonna get. Also, the Console has a terrific quasi-RAID feature called “Folder Duplication” which will automatically make extra copies of whatever folders you select to a second drive installed on the server. That’s pretty awesome, especially since the “server” I am using is just a plain Compaq desktop with no onboard RAID.

After trying to set up my FTP server using FileZilla, I decided I wanted anti-virus protection because I don’t necessarily trust that my clients are going to always be using updated anti-virus software themselves. So, I went to download Microsoft Security Essentials (MSE) only to learn that Microsoft doesn’t support their own operating system, Windows Server 2003/Windows Home Server! So, I started looking around for other choices and was surprised to find a very limited selection. Still wary about WHS, I elected to go with a free a/v, ClamWin and see how that goes.

The Console has an “add-ins” section where you can extend the functionality of the Console with all sorts of third party extensions like audio-streamers, sync tools and anti-virus utilities. Installing ClamWin was, in a word, awkward. That’s fine, since it’s free and clearly stated as a work in progress by the author. Nevertheless, the fact that Microsoft doesn’t support their own MSE on their own operating system is very odd. WHS shares so many similarities to XP and I can’t imagine it would take much to make it work on there.

So I performed a virus scan with ClamWin. I didn’t have a very reassured feeling about the whole thing. In the terminal-like window it told me that my version was out of date, but not to panic (?). I went looking for a newer version and was unable to find it. Awkward.

Setting up FTP was difficult. I kept getting inconsistent results. It would connect fine on some connections and not others. VNC also presented an issue, it suddenly stopped working at one point providing me with a vague error message: “End of stream.” In six years of near-daily VNC use, on dozens of computers, I’ve never gotten that error message. I wasn’t using any of the Console features, anti-virus was awkward, FTP was inconsistent, VNC no longer functional — I reformatted & installed a standard Windows XP installation to see if it would better suit my needs.

Maybe not so surprisingly, after I disabled a bunch of unnecessary services, installed a hundred updates, and stripped everything down — my standard XP installation was more reliable and I was able to get everything (FTP, VNC, A/V) working and stable in about twenty minutes. To keep overhead as minimal as possible, I didn’t install any graphics drivers and disabled everything that wasn’t being used such as serial ports, audio drivers, etc. 800×600 resolution. Very easy to administer. Note the locked LAN IP “.45″ and custom port 8888 to make room for other systems on the same network to use VNC:

You cannot easily split an Ethernet jack the same way you can split a phone jack. So, I was at a loss for where to physically place the server. I decided to place it inside a box designed to house the modem/router and switch for the whole floor:

Problem is, since there’s no ventilation in the box, the server slowly started to bake. Not as hot as I was expecting, but when I saw the little flame icon on SpeedFan I decided it was time to move the server.

So, because each area of the floor only has one Ethernet jack, and they are all being used, I used a spare 16-slot rack-mounted switch & used that to split the Ethernet between the copier & server. The switch seems like overkill, but I didn’t have anything simpler or smaller to use. The temps are now stable at ~44°c.

So, WHS would be fine for other purposes I suppose. It’s designed to be this all-in-one hub for your LAN so that users can have auto-backups and easily accessible media. I can’t help but feel like it’s a stretch to expect the average user to set up something like this. I almost found it easier to set up the FTP server than to configure the WHS Console to be stable. Because it relies on UPnP as the default configuration method, it provides very little information on which ports to forward and doesn’t stress any importance on anti-virus protection. I’m betting that the UPnP will fail on 19/20 routers unless UPnP is explicitly enabled. Moreover, because everything is configured via the Console, why is the underlying OS Windows Server 2003? That Console application I’m sure could easily be ported to run on Windows XP, Vista or 7. It seems all seems very basic, yet overly complex for the average user — which it seems to be designed for. I think Microsoft can do better. I gotta wonder who is taking notes at their focus groups.

If you’re curious to try out Windows Home Server, and I know you are, Microsoft offers a 30-day trial of it.

I’ve been running Microsoft’s free anti-virus solution for quite some time now. I’ve been a fan of Microsoft’s security attempts beginning with their buyout of Giant Anti-Spyware way back in 2004 (then imaginatively named Microsoft Anti-Spyware). Since then, service-started protection was necessary and thus Windows Defender was created to serve that purpose as well as provide the necessary x64 compatability as well. They essentially rewrote the entire program.

Since then, Microsoft has made the largest leap of all by providing free anti-virus to anyone running a “genuine” version of Windows (i.e., not pirated). For most users, nothing will change since most hardware vendors will not equip their machines with MSE since it will not subsidize the cost of the machines as do Symantec products.

This is unfortunate because MSE is a near-perfect solution for combating viruses. It is self updating and generally not annoying. It’s green when everything is OK, yellow or red when action is required. The thing is so silent that you’d never even know you had it installed if no viruses are ever detected.

As I’ve mentioned in previous posts, I used to use a hex editor in a masochistic endeavor to determine viruses out of .exe files back in the mid-90′s. Since then, my first experiences with anti-virus programs were AVG Anti-Virus which I used and recommended for many years.¬† Right around version 8, however, AVG started to become a little too Norton-like for my tastes — bloated, slow to start, nag screens, etc. I then switched to Avast! anti-virus, which I then recommended highly because of its light memory footprint and unobtrusive nature. Unfortunately, Avast! requires an annual registration, even for the free version. This tends to confuse people who are not familiar with the product, “my avast is expiring? what do i do?!” Mandatory registration for a free product is relatively perplexing. MSE deals with all of these issues and is the perfect anti-virus solution. It even uses less memory than any other anti-virus program I have ever tested.

There is so little that needs to be managed or customized for the end user that there is not much left to say. This is a rare and positive feature to appear amidst a category of otherwise insipid yet necessary software. Download it now!

admin@variableghz.com

I remember beta testing Windows 95 when it was code-named Chicago. Back then, I was running MS DOS 6.22 and running Microsoft Windows for Workgroups 3.11. I also beta tested numerous versions of Windows 98 when it was codenamed Memphis, Windows 2000, Windows XP, which brings us to this century where I beta tested so many versions of Microsoft Windows Vista (or, Longhorn) that I can’t even recall. I watched as Microsoft scrambled to try to meet the security disaster that were plaguing Windows XP. Some of you may not recall, but Windows XP was such a disaster in terms of security that it was rare to find a computer running a default copy of Windows XP, without a ridiculous infestation of spyware of some kind.

Back in the DOS days, I rarely used Windows 3.11 for hardly anything. I would use DOS to copy files, defragment my computer, browse BBSs, send e-mails, write batch scripts, just about everything. In fact, even when I switched over to using Windows more often I would still go back to DOS to do simple copy commands because it was easier for me to just write out the commands longhand. I used a hex editor to check executables for viruses because I didn’t have any antivirus software at the time. I guess my point is that Microsoft has had more than enough time to make a working security model for Windows.

The fact that they missed that opportunity, decided on UAC (User Account Control), made updates in service pack 1 (SP1) for Vista, and it still prompts me every single time I uninstall a program despite the fact that I may have uninstall the program dozens of times… is absurd. Why is there no option for me to check a box labeled simply “do not prompt me again.”? The lack of such a checkbox is what drives me to completely disable UAC.

For those of you who don’t know, to disable UAC simply open up the control panel type “UAC” in the upper right search box, click “Initial Turn User Account Control On or Off” uncheck the box and press OK, then reboot.

I read numerous articles by Paul Thurrott telling me to keep UAC enabled because it’s far more secure. I agree. It is more secure for a variety of reasons that operate under the hood, but I just can’t bring myself to do it. Simply the fact that Windows Vista comes with Windows Defender in many ways makes Windows so much more secure than XP particularly when combined with powerful anti-virus such as a Avast! That it seems unnecessary to piss off end users with UAC.

Obviously, on Microsoft’s decision to have every single user treated as a default administrator in Windows XP was a catastrophe. I know that I’m writing this article a little bit late, given that Microsoft is about to release Windows 7 in short order and they intend to fix UAC dramatically. However, I felt it necessary to explain why I still refuse to enable UAC on my computers.

Initially, I was very excited about UAC. Microsoft promised again and again (SP1 articles, but you get the idea) to make UAC less intrusive and less irritating in general. At the time of launch, however, it was still prompting far too frequently. None of this morning, in any way, is going to affect the type of people who actually need to be warned of their stupidity. The above linked articles discuss SP1, but it’s essentially the same thing, Microsoft said it before launch, and they said it again before SP1… it still pisses me off.

Simply put, UAC is a nice gesture and in some ways an improvement, but I just don’t see how it can practically prevent anything more than antivirus and anti-spyware solutions already provide. That is to say, I cannot imagine anybody actually clicking cancel and preventing something from loading. I just don’t expect the average computer user to know what should and should not be running. Isn’t that how Norton has gotten away with making millions off of people not knowing anything better? Average computer users don’t know what should be allowed to run, it is the job of anti-spyware and antivirus to figure this out for the average computer user. I was happy to hear that Microsoft has announced that they intend to offer free antivirus software (codename: “Morro”) for this exact reason. Maybe this will have the added benefit of finally getting rid of Symantec once and for all. Good riddance.

I get particularly bothered when UAC prompts me for things like disk defragmenter. How on earth can the disk defragmenter possibly have any sort of adverse effect on the entire system? What sort of malicious software would ever want to launch the disk defragmenter? And, if so, and worst-case scenario the disk defragmenter were maliciously launched, then what?

If you can think of any time that UAC has actually helped you prevent anything bad from happening, please let me know.

Related software: TweakUAC.

As always, e-mail or comment with questions.

admin@variableghz.com