IE8 displays pages in mobile mode

Posted at 7:14:07 PM in Recovery (43)

We had one IE 8 browser that refused to show certain web sites in anything other than mobile mode. When the same site was tested against every other IE 8 browser in the office, the page showed fine. I found one site that suggested it might be the Creative Software Autoupdate program, which when uninstalled fixed the problem. The PC we had this problem on didn't have Creative Software Autoupdate or any Creative devices / software installed.

Another site suggested that the headers might be overlong. I followed out the link for which showed several very long headers and explained where to find the entries in the registry. 

These were the registry key locations: 

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform

The keys were not in the format that I expected. They are not long strings, but rather separate key entries. I believe based on the enhanceie web site, IE concatenates the keys to form the string. Here's a screen shot of the registry.

 Not all keys have the same values. In the problem we had, the key that caused the problem was only in

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform

And contained one value TabletPC2.0. Once I removed that entry and closed all the Internet Explorer windows and reopened the site we were having problems with, it worked perfectly.

Written by Leonard Rogers on Thursday, February 16, 2012 | Comments (0)

QooBox and BackEnv Permission denied

Posted at 7:08:10 PM in Recovery (43)

Couldn't delete BackEnv folder from inside the QooBox file, which I understand is created by Combofix. I found several posts which suggests using some other application to delete the folder, but I found it was a simple windows security issue. Here's what I did:

1. Right-click on BackEnv, select properties

2. Select security Tab (won't work in home versions, but if you have the pro version OS and that tab is missing, change your folder options and clear Use Simple File Sharing under the View tab).

3. You will note you have full control. Click the Advanced button. Note the first option is to deny Everyone.

4. Clear the Allow inheritable permissions from parent. It will ask if you want to copy, Select Remove button

5. Add the Administrator for the PC. You will not be able to save this change just yet.

6. Select Owner tab and take ownership using Administrator account. Then go back to Permissions and replace permission on all child objects and click OK

You should now be able to delete the folder without any problem.

Written by Leonard Rogers on Wednesday, February 15, 2012 | Comments (0)

MIPSpace Email Market Service IP Block listing

Posted at 3:22:48 PM in Vendors (35)

Well, I finally had my first run in with MIPSpace. Needless to say it was very annoying. You can find their web site at Their motto is that users have the right to block everything (Actually, it's "Why can't users just say NO?") The problem with a user being able to add IP addresses to a public database that will block access to email from that IP for everyone else who uses the service is simply wrong. Of course, they will argue, based on their motto, that I am wrong and so we have a difference of opinion.

The problem becomes even more pronounced when the avenue for correcting issues can only be done by the owner's of the IP. The suggest that you have your IP addresses SWIP'd to you, which can't be done by Tier 2 or Tier 3 providers and even most Tier 1 providers won't do it because of the transient use of the IP addresses. Say if I'm getting my service through FiOS. Verizon will not SWIP the IP address groups to the end user, so I'd have to go get Verizon to tell MIPSpace that I'm not a bulk email marketing provider??? So, apparently, you can easily get on the list, but getting off is retardedly impossible.

The service that adds this list is at which provides a IP address reputation service. MIPspace is just one of the sources they use to come up with a reputation. I'm sure they provide a "score" of sorts, so if only one of the sources they use marks you as a bad reputation you might still consider getting email from that source. That leaves it up to the email administrator. My experience is, never just accept the resource's decision on what is bad and what is good. 

So, while I think MIPspace is off it's rocker, it is ultimately up to the email administrator to determine what gets into the mail system. And even then, it would be wise to allow the users to set their own white lists.

Written by Leonard Rogers on Tuesday, February 14, 2012 | Comments (1)

AsteriskNOW Install - 10 Second disconnect extension to extension

Posted at 11:22:14 PM in Installations (47)

I discovered more important information on the proper network setup. I was getting disconnected on calls to voice mail, attempting to record greetings, echo test or just calling another extension. I believed it was caused by one of the upgrades to FreePBX or Asterisk addons. I ended up installing AsteriskNOW 3 times before I found the problem.

1. VERBOSE settings in CLI will not give the error. I also discovered that the extra v's you see after the -r sets the level of verbosity. The default is level 3. By typing asterisk -rvvvvv you will see a message on the CLI screen that indicates the old verbosity and the new level which I believe the above would give level 4. But again, it doesn't show the problem in CLI. 

What I saw was "Spawn extension (from-internal, *43, 4) exited non-zero on 'SIP/1014-00000000" and then the steps to hang up the call. These fired about 10 seconds after the call was started.

I finally ran tail -f /var/log/asterisk/full which added two lines just before this spawn from hell.


[Feb 12 00:30:29] WARNING[4357] chan_sip.c: Maximum retries exceeded on transmission 50ac34bf-32b2571f@ for seqno 102 (Critical Response) -- See doc/sip-retransmit.txt

[Feb 12 00:30:29] WARNING[4357] chan_sip.c: Hanging up call 50ac34bf-32b2571f@ - no reply to our critical packet (see doc/sip-retransmit.txt).

I did a Google search on chan_sip Maximum retries exceeded on transmission and found the solution. ( This guy actually had to come back an answer his own question after much searching. His solution was to edit the sip.conf file which I had already explained in a separate entry that FreePBX maintain that file so we can't put anything in it if we don't want it to be overwritten. So I had to find how to do it in FreePBX.

In order to get to the SIP settings in FreePBX, the Asterisk SIP settings Module needs to be installed from the Module menu.

Then you should have a screen like this: 


What I didn't realize was the need to include all of the subnets that my phones have to pass through. I also mentioned before that the outside address is Nat'd through a IPCOP firewall, and that's the local network address I originally used. However, my office is on the GREEN network which has a different subnet and I'm also behind a router. Each subnet needed to be added by clicking the Add Local Network Field. Once it was submitted at applied, the disconnects on my calls ceased!



Written by Leonard Rogers on Saturday, February 11, 2012 | Comments (0)

AsteriskNOW Install - Network

Posted at 8:45:34 PM in Installations (47)

One thing to note. Changes to the OS don't take effect immediately. I'm sure there is a command to run that will install the changes, but I'm not a Linux guru. Namely, the IP address assigned to the network card. It doesn't register until after a reboot. 

When I first setup my AsteriskNOW PBX server, I used an internal network address. However, when it came time to install the SIP trunks, that setup proved to be impossible to work with. My router is behind several routers, so port forwarding was out of the question. I ended up moving my AsteriskNOW server to a position behind one firewall (IPCOP - orange network) and port forwarding UDP 5060 and UDP's 10000 - 20000 to the IP address of the AsteriskNOW server. Installing the SIP truck still has an issue if the outbound IP address is different than the public IP address assigned. As with most routers that allow you to put multiple public IP addresses on the WAN port, the inbound and port forwarded packets will reach the correct server, but all transmitted packets will have the IP address of the router which can differ from the extra one assigned.

I used a post routing command on the firewall in the IPCOP machine to masquerade the correct IP address if it was coming from that server. The only problem I had then was in passing the firewall test. I found that by changing the ports for RTP, in /etc/asterisk/rtp.conf, from rtpstart=10000, to rtpstart=10001. I was able to pass the test. During the first days of trail and error, I read that the ports to forward were 10001-20000. I don't know why those ports were listed that way as it should be 10000-20000, but since I set my firewall to start with 10001, the firewall test failed until I changed rtpstart.

On a plus side, you can get these settings to register by restarting asterisk...

amportal restart

Written by Leonard Rogers on Saturday, February 11, 2012 | Comments (0)

BC.Exploit.CVE_2011_3412 clamwin (false positive???)

Posted at 2:33:23 PM in Recovery (43)

Got several virus alerts from Clamwin in several old .xls files. Looking up the info, it appears that this was a false positive last year. See this post: Did a little research and this particular file seems to be imbedded in publisher files and emailed to victims per NIST: ( Not sure if the code executes in an excel file or not, but Clamwin is finding code that it believes to be this virus.

Written by Leonard Rogers on Saturday, February 4, 2012 | Comments (0)

Joomla 2.5.1 Still no PostgreSQL option available

Posted at 11:26:37 AM in Installations (47)

 I've been checking the Joomla multi database support ever since an article came out in Jan 2012. This is one example:,-search-support

So, I went to the Joomla web site and installed it on my PHP server with PostgreSQL extensions installed. I checked all the requirements and pgsql and pdo_pgsql show as registered in php_info(). But PostgreSQL does not show as an option for database install. I posted request specifically to this issue on their forum but got no replies (except for my own replies where I posted additional information). 

This page (!topic/joomlabugsquad/4RLnsIvDCVY) indicated that 2.5.1 was coming out soon to fix many problems. There was no specific mention of PostgreSQL, but the non-tracker specific mention of database updates led me to believe that maybe the promised support would be there.  It is not. So I posted again but I doubt I will get any replies.

Written by Leonard Rogers on Friday, February 3, 2012 | Comments (2)

AsteriskNOW Install

Posted at 6:29:02 PM in Installations (47)

Just recently installed AsteriskNOW 1.7.1 32-bit ISO Image This is my first installation and was done as a test while I'm investigating options for a client request. I should keep better notes, but my style of investigation leaves little for education for others. However, I will try to document what I've found so far.

I originally found Asterisk on while looking for telephony solutions. When I downloaded the ISO image, I had no idea I was also getting FreePBX with it.

The system is not ready out of the box. Several preliminary steps need to be taken. It's not even ready to run test local phone extensions. Apparently an upgrade is needed, plus; you may find your spending hours trying to figure out why the phone extension won't register. I thought a firewall was blocking port 5060, but discovered after a lot of work that Asterisk doesn't start listening on port 5060 until an extension is installed and you have rebooted or restarted with amportal restart (which is run at the root prompt, not inside the Asterisk OS). 

After the initial installation, the login screen says to connect to the server at the IP address, which brings FreePBX. The instructions on the web site, state to edit sip.conf and extension.conf. But when you open those files, there is a message at the top that says don't edit these files, FreePBX will edit the files.

I'm releasing this now because of the on going FreePBX setup. Needless to say, I found numerous mis directions during the setup. My guess is the person was writing the manual setup procedures while someone else was writing the FreePBX interface updates.

The other thing I discovered is the need for license purchases. The fax module won't work until you install the license. Even after you install the license, you get an error message that indicates that other items need to be installed in order to get it to work. The first license can be free if you want, but you can't be moving it all around. I decided not to install it on my first junk server because I was running into problems along the way and thought I might have to re-install and that'd really mess things up. 

I started running in to a problem where I could get inbound calls, but I couldn't call even the echo test on the server without getting disconnected. I'd listen to 10 seconds of recording and then it'd cut me off. No SIP or firewall involved. I searched every answer I could find on it. It seemed as though everyone who reported a problem on disconnects was for outgoing calls. A few had problems with connecting to the server, but it was obvious it was the device they were connecting with. I decided to ignore the issue and wait for my new server.

Well, the new server arrived. I was quickly installed (due to all the trial and error learning). And also quickly back at the same problem with the disconnect. Unfortunately, I bought a codec g729 and I installed the Free Fax for Asterisk. Then, in an effort to fix the problem, I kept upgrading FreePBX. I got it up to version 1.9 and still had the disconnect problem. Then on the way to FreePBX 2.10, I discovered that Asterisk 1.8 needed to be installed. It seemed odd to me to be pulling the core function out from under the Web page, then install a new core function and the web page would know it had the right version. I had to lookup how to do it and of course, it didn't work. I got error all along the way. I still ran the 2.10 upgrade even though Asterisk would start. That only destroyed the web interface. 

So, now I'm reinstalling everything from scratch again. Great. Gotta love GNU stuff.

Written by Leonard Rogers on Thursday, February 2, 2012 | Comments (0)