I was compelled to set up a file server because my clients maxed out their Dropbox. Originally, they were only sharing about 100MB worth of documents, so, I figured Dropbox was the ideal solution for them. Of course as they got real comfortable, they started sharing folders and moving enormous PDFs, .wav files and videos into the Dropbox. Needless to say, they maxed it out pretty quickly. I could upgrade their Dropbox, but then I’d have to upgrade everybody’s Dropbox and at this point there are at least ten different clients accessing the data at any given time. So, a dedicated file server seemed like the logical choice.

After reading Paul Thurrott’s review on the SuperSite a number of years ago, I had high hopes for Windows Home Server (WHS) but never had a reason to set one up until now. I was excited to try out a new Microsoft OS and have an always-on dedicated FTP file server to support the needs of my clients in a scalable way. So I did, I grabbed an old Compaq desktop PC that was given to me by a client who called it a “boat anchor” (a 2007 “vista capable” computer that came with Vista pre-SP1 installed on it) and told me to just get rid of it — obviously, I can’t do that — so now it is a file server.

I burned the MSDN ISO of WHS to a DVD/RW and began installing it. The installation screen had a strange mix of new and old; it has the same Windows XP installer look, but with some sleeker Windows Vista style informative tidbits. Half way through the installation it displays this oldschool looking DOS installer whereby it installs additional components, on the top of the screen it indicates Windows Server 2003, which WHS is based on. I’m told the stability is amazing.

WHS boots up and makes you do that Control-Alt-Delete thing to get in. I’m told that this is for security reasons, but I can’t exactly recall why. VNC lets you execute controls like C-A-D so I’m at a loss. Maybe it’s a dated security feature. Once you get to the desktop, you’re greeted with a local webpage indicating to you that you shouldn’t be using WHS directly, but rather via the Windows Home Console on another computer. Okay, fine, but I have to set all that up first. So, thanks for the premature warning I guess, Microsoft.

So, I close the awkward local html file warning page. Looking around, it looks like Windows XP, except a little off. The start menu is missing a bunch of stuff like on those heavily restricted public computers. All of the visual niceties have been disabled, so when you drag windows around there is that oldschool outline, Windows Classic theme, no fading/sliding on right-click, shadows, etc. It looks like Windows 98, XP and Vista all at the same time. And since it’s a server, that’s fine, however I thought that this OS was meant for somewhat novice home users to configure on their own? If that’s the case, then this whole thing definitely falls short in the ease of use/configuration category.

So, to begin, I click Windows Home Server Console and a wizard takes you through the steps of setting up the Console. It was simpler than I expected, considering the awkward and unfriendly UI experience it started with. Once it got to the remote access and Internet accessibility of the Console, however, things came to a halt. Cleverly, WHS tries to enable UPnP (Universal Plug and Play) in your router to make things easy. However, just like with ActiveX, UPnP was/is the cause of many security exploits and malware so by default, many routers have UPnP disabled — including the one I am using. So, I enabled UPnP on this Netgear router and then the wizard was able to proceed, however, it still briefly flashed that orange exclamation mark icon before stating that everything was A-OK and later on down the line it would tell me periodically that remote access functionality wasn’t working. To fix it, I would click repair and it would show me a spinny wheel for a while, then, somehow, it would be fine… for a while. Fortunately, I don’t rely on gimmicky “remote access” hubs/add-ins, I use the real deal: UltraVNC.

So, having read a great deal about WHS, I know what it’s meant to do and I elected to use it because I’ve heard such great things about the stability of Server 2003/2008, and since WHS is based on Server 2003, I figure that’s as stable as it’s gonna get. Also, the Console has a terrific quasi-RAID feature called “Folder Duplication” which will automatically make extra copies of whatever folders you select to a second drive installed on the server. That’s pretty awesome, especially since the “server” I am using is just a plain Compaq desktop with no onboard RAID.

After trying to set up my FTP server using FileZilla, I decided I wanted anti-virus protection because I don’t necessarily trust that my clients are going to always be using updated anti-virus software themselves. So, I went to download Microsoft Security Essentials (MSE) only to learn that Microsoft doesn’t support their own operating system, Windows Server 2003/Windows Home Server! So, I started looking around for other choices and was surprised to find a very limited selection. Still wary about WHS, I elected to go with a free a/v, ClamWin and see how that goes.

The Console has an “add-ins” section where you can extend the functionality of the Console with all sorts of third party extensions like audio-streamers, sync tools and anti-virus utilities. Installing ClamWin was, in a word, awkward. That’s fine, since it’s free and clearly stated as a work in progress by the author. Nevertheless, the fact that Microsoft doesn’t support their own MSE on their own operating system is very odd. WHS shares so many similarities to XP and I can’t imagine it would take much to make it work on there.

So I performed a virus scan with ClamWin. I didn’t have a very reassured feeling about the whole thing. In the terminal-like window it told me that my version was out of date, but not to panic (?). I went looking for a newer version and was unable to find it. Awkward.

Setting up FTP was difficult. I kept getting inconsistent results. It would connect fine on some connections and not others. VNC also presented an issue, it suddenly stopped working at one point providing me with a vague error message: “End of stream.” In six years of near-daily VNC use, on dozens of computers, I’ve never gotten that error message. I wasn’t using any of the Console features, anti-virus was awkward, FTP was inconsistent, VNC no longer functional — I reformatted & installed a standard Windows XP installation to see if it would better suit my needs.

Maybe not so surprisingly, after I disabled a bunch of unnecessary services, installed a hundred updates, and stripped everything down — my standard XP installation was more reliable and I was able to get everything (FTP, VNC, A/V) working and stable in about twenty minutes. To keep overhead as minimal as possible, I didn’t install any graphics drivers and disabled everything that wasn’t being used such as serial ports, audio drivers, etc. 800×600 resolution. Very easy to administer. Note the locked LAN IP “.45″ and custom port 8888 to make room for other systems on the same network to use VNC:

You cannot easily split an Ethernet jack the same way you can split a phone jack. So, I was at a loss for where to physically place the server. I decided to place it inside a box designed to house the modem/router and switch for the whole floor:

Problem is, since there’s no ventilation in the box, the server slowly started to bake. Not as hot as I was expecting, but when I saw the little flame icon on SpeedFan I decided it was time to move the server.

So, because each area of the floor only has one Ethernet jack, and they are all being used, I used a spare 16-slot rack-mounted switch & used that to split the Ethernet between the copier & server. The switch seems like overkill, but I didn’t have anything simpler or smaller to use. The temps are now stable at ~44°c.

So, WHS would be fine for other purposes I suppose. It’s designed to be this all-in-one hub for your LAN so that users can have auto-backups and easily accessible media. I can’t help but feel like it’s a stretch to expect the average user to set up something like this. I almost found it easier to set up the FTP server than to configure the WHS Console to be stable. Because it relies on UPnP as the default configuration method, it provides very little information on which ports to forward and doesn’t stress any importance on anti-virus protection. I’m betting that the UPnP will fail on 19/20 routers unless UPnP is explicitly enabled. Moreover, because everything is configured via the Console, why is the underlying OS Windows Server 2003? That Console application I’m sure could easily be ported to run on Windows XP, Vista or 7. It seems all seems very basic, yet overly complex for the average user — which it seems to be designed for. I think Microsoft can do better. I gotta wonder who is taking notes at their focus groups.

If you’re curious to try out Windows Home Server, and I know you are, Microsoft offers a 30-day trial of it.

Having just (relatively) recently begun using Windows 7 in a complicated and demanding work setting, I can truly see why it takes businesses years to upgrade to the latest from Microsoft. My office uses a series of encrypted volumes, which are mounted and then shared across our network. It’s not terribly complicated since there are no multiple domains or active directory stuff, but it does need to have effortless n0-nonsense sharing and be totally reliable.

So I installed Windows 7 on my primary office system which acts as a bustling hub of data. Several computers access and search across hundreds of gigabytes of data from multiple encrypted volumes. For this reason, this particular system is mission-critical and downtime must be minimized; as a result, I stuck with XP since 2007 because Windows Vista was simply not up to snuff at the time and launched only a few months after I built it.

Windows 7 beefs up the security significantly over Vista. It still retains certain quirks I find obnoxious, like UAC. For example, UAC continues to prompt me every time I launch CCleaner — while I can of course completely disable UAC, there’s still no simple checkbox to “never ask again” for individual programs. That kind of thing makes me want to disable UAC for good, however, I’ve noticed that some programs won’t install correctly if you have UAC disabled so for that reason I am leaving it on for now.

In Vista, to share an encrypted volume all I had to do was mount the volume using TrueCrypt, go to Computer, right click the drive and hit Properties, go to the Sharing tab and then click Advanced Sharing then click `Share this folder`, click Permissions, then click Allow for full control for “Everyone” (or enter in the individual computers as necessary). A lot of steps, sure, but at least it worked immediately without any other fiddling around.

In order to allow sharing of a volume in Windows 7, you must take ownership by entering your “username”, which is different than your hostname or computer name. (You can quickly determine your hostname by opening a command prompt and simply typing “hostname”; or, right-click Computer on the start menu and clicking Properties, you’ll see it under there as “computer name”). The username — the name you set for yourself which appears on the login screen — can be identified quickly by hitting the Windows Key + L to “lock” the screen. So, I can take ownership of the drive by typing in my username, or by typing “everyone” if I trust my network. In addition, Windows 7 does not provide “Everyone” there by default, making this necessary.

Without taking these steps, you get the dreaded “Windows cannot access \\hostname [...] The network path was not found.” This is particular infuriating error since the network path can obviously be found, since the system is clearly visible on the network and Windows provides very little information on how to resolve this newfound problem which did not exist on any prior versions of Windows. So, the photo below shows how I enabled full root access for Everyone on the network to ensure foolproof access.

The good news is that you only need to do this once, even when you dismount the volume Windows will still remember your ownership settings. So once we’ve taken ownership of the volume, we can then enable sharing like before.

To get the sharing done, we have to right click on the drive, click Properties, then navigate to the Sharing tab. Because we’re attempting to share an entire drive, and not just a folder, Windows 7 disables the simple “Share…” button (see below), so we must click Advanced Sharing and then click “Share this folder” checkbox. Then we can select Full Control – Allow for Everyone which will allow everyone on the network full root access to the drive with no questions asked.

Under the Share Permissions, you can enter different usernames of specific systems you wish to share the volume with. Unfortunately, if this is an encrypted volume, you will need to do it again for each time you mount the drive which can be a hassle. For physical hard drives, Windows 7 should remember your sharing preferences each time you plug in the drive.

admin@variableghz.com

All of my years of experience with proxies doesn’t much help those who want the benefits of a proxy, yet don’t have the technical wherewithal to accomplish it. As such, I set out in search of a sure thing, a foolproof proxy that anyone could use with minimal setup. I was surprised to find Vidalia.

Vidalia has proven by far the simplest (free) proxy solution. By GUI-ing Tor & combining a Torbutton for Firefox, it couldn’t be simpler. Here’s how to anonymize your Internet activity in just a few minutes.

- Go to www.whatismyip.com and take note of your IP address.

- Go to the download page.

- Select the Installation Bundle for Windows.

- Install with default options. Install the Torbutton extension for Firefox. Restart Firefox.

- Let Vidalia connect — it should connect in about 10-15 seconds.

- In Firefox, go to View > Toolbars > Customize; find the Torbutton icon, click and drag it somewhere to the right or left of the address bar. Single click it to enable Tor. At the bottom right it’ll say “Tor Enabled” in green.

- Go to www.whatismyip.com again to verify that you are indeed browsing via another IP address. All done.

In my experience, performance has been acceptable — not blazing fast, but not entirely sluggish either. I’ve read that it is horrendously slow for some, your experience may vary.

admin@variableghz.com

The Symantec Corporation, makers of the decades-old Norton Security/Productivity suite, has been around a long, long time. I happened across an advertisement for Norton 2009 in Time magazine.

What struck me about this ad, was that Symantec seems to have finally admitted that their Norton suites wreaks of bloat. By stating: “Norton Internet Security 2009 is the fastest security suite anywhere…delivering fewer, faster, shorter scans” tells me that maybe Symantec has learned from their mistakes.

I’d like to think so, in reading a review, I came across two quotes of interest:

NIS 2009 [Norton Internet Security] may be focused on being lighter weight than previous versions, but it is just as pervasive as ever. In addition to the main software, you will get both Norton IPS 1.0  plugin and Norton ToolBar 3.0 in Firefox, a persistent icon in the Windows taskbar, and a toolbar in IE7 as well.

That right there sounds like the Symantec I know. However, this sounds like promise:

…might win over some of the people who have learned to hate security software packages. …because it is so extensive, should win back some of the free antivirus crowd….this is the least annoying, lightest weight security package you‚Äôve probably ever used …

The Norton box is still rather uninspiring:

For me, my distaste for the Symantec corporation goes back a really long time. For example, Acronis TrueImage displays incredible programming ingenuity by creating full hard disk images while Microsoft Windows is actively running whereas Norton Ghost has to reboot into an oldschool DOS era screen rendering the computer unusable for the duration of the “ghosting” process. This, obviously, isn’t a big deal, but it’s just another example of how I feel that Symantec’s Norton is the Yahoo of security tools, and it would take a lot of work to convince me otherwise after so many years of fighting to get Norton off of systems just to get them fast enough to open a web browser at a reasonable speed.

See, Symantec products are very much in the same realm as Yahoo. (One could also argue this for older products like AOL, RealNetworks, etc.) They are the default security software for nearly every new PC manufactured, the majority of PC users do not know how to deal with security, and Symantec uses tactics like these to coerce people into subscribing to their software:

As a result, it’s no surprise that they are still in business. Only recently are they under renewed pressure to perform as a result of the integration of Microsoft’s Windows Defender in Vista, and the soon to be Anti-Virus solutions they’ve mentioned. Enough.

I could go on about Symantec products. I’ve had to restore MBR’s (Master Boot Record) of computers that have had failures due to people using the Norton GoBack (which is now Norton Ghost 14) utility which can cause serious low-level problems to a system. Fortunately, it’s a relatively simple task for an IT professional to restore an MBR, but for the average computer user? I don’t think so.

My hope is that Symantec finally gets it figured out, not for the sake of their business, but for the masses — the uninformed users they push their software on.

admin@variableghz.com

I remember beta testing Windows 95 when it was code-named Chicago. Back then, I was running MS DOS 6.22 and running Microsoft Windows for Workgroups 3.11. I also beta tested numerous versions of Windows 98 when it was codenamed Memphis, Windows 2000, Windows XP, which brings us to this century where I beta tested so many versions of Microsoft Windows Vista (or, Longhorn) that I can’t even recall. I watched as Microsoft scrambled to try to meet the security disaster that were plaguing Windows XP. Some of you may not recall, but Windows XP was such a disaster in terms of security that it was rare to find a computer running a default copy of Windows XP, without a ridiculous infestation of spyware of some kind.

Back in the DOS days, I rarely used Windows 3.11 for hardly anything. I would use DOS to copy files, defragment my computer, browse BBSs, send e-mails, write batch scripts, just about everything. In fact, even when I switched over to using Windows more often I would still go back to DOS to do simple copy commands because it was easier for me to just write out the commands longhand. I used a hex editor to check executables for viruses because I didn’t have any antivirus software at the time. I guess my point is that Microsoft has had more than enough time to make a working security model for Windows.

The fact that they missed that opportunity, decided on UAC (User Account Control), made updates in service pack 1 (SP1) for Vista, and it still prompts me every single time I uninstall a program despite the fact that I may have uninstall the program dozens of times… is absurd. Why is there no option for me to check a box labeled simply “do not prompt me again.”? The lack of such a checkbox is what drives me to completely disable UAC.

For those of you who don’t know, to disable UAC simply open up the control panel type “UAC” in the upper right search box, click “Initial Turn User Account Control On or Off” uncheck the box and press OK, then reboot.

I read numerous articles by Paul Thurrott telling me to keep UAC enabled because it’s far more secure. I agree. It is more secure for a variety of reasons that operate under the hood, but I just can’t bring myself to do it. Simply the fact that Windows Vista comes with Windows Defender in many ways makes Windows so much more secure than XP particularly when combined with powerful anti-virus such as a Avast! That it seems unnecessary to piss off end users with UAC.

Obviously, on Microsoft’s decision to have every single user treated as a default administrator in Windows XP was a catastrophe. I know that I’m writing this article a little bit late, given that Microsoft is about to release Windows 7 in short order and they intend to fix UAC dramatically. However, I felt it necessary to explain why I still refuse to enable UAC on my computers.

Initially, I was very excited about UAC. Microsoft promised again and again (SP1 articles, but you get the idea) to make UAC less intrusive and less irritating in general. At the time of launch, however, it was still prompting far too frequently. None of this morning, in any way, is going to affect the type of people who actually need to be warned of their stupidity. The above linked articles discuss SP1, but it’s essentially the same thing, Microsoft said it before launch, and they said it again before SP1… it still pisses me off.

Simply put, UAC is a nice gesture and in some ways an improvement, but I just don’t see how it can practically prevent anything more than antivirus and anti-spyware solutions already provide. That is to say, I cannot imagine anybody actually clicking cancel and preventing something from loading. I just don’t expect the average computer user to know what should and should not be running. Isn’t that how Norton has gotten away with making millions off of people not knowing anything better? Average computer users don’t know what should be allowed to run, it is the job of anti-spyware and antivirus to figure this out for the average computer user. I was happy to hear that Microsoft has announced that they intend to offer free antivirus software (codename: “Morro”) for this exact reason. Maybe this will have the added benefit of finally getting rid of Symantec once and for all. Good riddance.

I get particularly bothered when UAC prompts me for things like disk defragmenter. How on earth can the disk defragmenter possibly have any sort of adverse effect on the entire system? What sort of malicious software would ever want to launch the disk defragmenter? And, if so, and worst-case scenario the disk defragmenter were maliciously launched, then what?

If you can think of any time that UAC has actually helped you prevent anything bad from happening, please let me know.

Related software: TweakUAC.

As always, e-mail or comment with questions.

admin@variableghz.com