Friday, November 23, 2007

IP Communicator Overtakes Port 80

Update 10-19-2011
Just to keep this up to date, I have tested this on IP Communicator running on Windows 7 32bit and confirmed that it indeed still runs a web server HOWEVER, setting the WebServerDisabled registry key no longer works to disable the local webserver.

Now you need to browse to your Cisco IP Communicator install directory (typically C:\Program Files\Cisco Systems\Cisco IP Communicator) and then rename the HTTPService.dll to HTTPService.dll.old. Make sure IP Communicator is not running when you do this. Now start IP Communicator. You might get a COM Surrogate error but it won't prevent you from using IP Communicator normally without that pesky webserver running.

Many companies these days use VoIP (Voice Over IP) as a cheaper alternative to expensive PBXs and the cost and issues of maintain another copper plant (thats industry speak for all that phone wiring). One of the benefits of VoIP is the portability of your phone. With IP Communicator (requires a per seat license from Cisco) and a secure connection to your corporate network, you can work remotely as seamlessly as if you were at your desk even if it is around on the other side of the world.

Despite the benefits, I noticed a downside to the Cisco IP Communicator client. It appears that it contains an embedded webserver from Allegro Software called RomPager which is basically just a super thin webserver capable of HTTP requests and CGI. Its issue: it runs on TCP PORT 80!! You might think "no worries, I am already running a webserver which is bound to TCP Port 80 so when it tries to bind to it, it will fail. Nope, sorry, its smarter than that. What does it display? Basically, it displays connection and settings information in a webpage format presumably so your technology department can determine what settings the client has without walking the user through an annoying series of menus.

A thorough search through the preferences and options revealed no mention of a webserver or management page. My next thought was, "Can I at least change the port". I turned to the Cisco Administrative Guide for more information. Fortunately, they documented a registry key you can set to disable the webserver but no way to change the port. Good enough I suppose.

Here is the registry key for your enjoyment.

1. Start -> Run -> Regedit
2. Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems, Inc.\Communicator
3. Create a new DWORD called WebServerDisabled (skip this step if it already exists)
4. Set its value to 1
5. Restart IP Communicator

Friday, August 17, 2007

Getting an OpenXML (.docx) file to open in OpenOffice.

So someone sent me this .docx file the other day. I don't have office installed and in fact I had no idea what .docx was. I actually thought it was a typo but after a little googling noticed it was the extension for Microsoft's new OpenXML format which is not yet standardized but can be looked up under ECMA 376. So how do you get it to open up in OpenOffice?

If you are using a RedHat, Suse, or other RPM based distribution, then its easy. Just go to Novell and download then install the ODF convertor.

If your running a debian based distribution, its a little more difficult. You still need to download the ODF convertor. Save it to a smart location like /downloads/ODF Convertor

Now if you don't have Alien installed, then you need to install it. Say yes to all the prompts.

root@laptop:~# apt-get install alien

Now we need to convert the RPM to a tar.gz file.

root@laptop:~/ODF Convertor# alien -ct odf-converter-1.0.0-5.i586.rpm

Now that the tar.gz file is generated, you need to extract it. I just used Gnome's fileroller but you can use the cammand line if you want.

Next we need to copy a bunch of files. Browse to the location where you extracted these files. then run the following commands.

root@laptop:~/ODF COnvertor/odf-converter-1.0.0.tgz_FILES# cp usr/lib/ooo-2.0/program/OdfConverter /usr/lib/openoffice/program/

root@laptop:~/ODF COnvertor/odf-converter-1.0.0.tgz_FILES# cp usr/lib/ooo-2.0/share/registry/modules/org/openoffice/TypeDetection/Filter/MOOXFilter_cpp.xcu /usr/lib/openoffice/share/registry/modules/org/openoffice/TypeDetection/Filter/

root@laptop:~/ODF COnvertor/odf-converter-1.0.0.tgz_FILES# cp usr/lib/ooo-2.0/share/registry/modules/org/openoffice/TypeDetection/Types/MOOXTypeDetection.xcu /usr/lib/openoffice/share/registry/modules/org/openoffice/TypeDetection/Types/

Thats it! Now just open OpenOffice and try to open your .docx file. It should work flawlessly.

Tuesday, July 31, 2007

Cloning a MAC address in IPCOP

IPCop is a great SOHO linux firewall distribution that is custom built using the Linux From Scratch (LFS) toolkit. I have been using it for many years first toying with the 1.3.x versions and finally deploying the 1.4.x versions to my home network and in productional enterprise environments. I have been very impressed that given minimal hardware (200MHz PII, 128MB SDRAM, and 10GB HDD), I have been able to obtain darn close to wirespeed routing with NAT translation for 100Mbps connections (actual speeds were able to hit 12MBps sustained). With built in DHCP server, support for up to four networks (public (RED), private (GREEN), DMZ (ORANGE), and a seperate LAN (BLUE often used for wireless networks), there are really a lot of options available.

My biggest gripe has been with their lack of supporting MAC address cloning. As many of you that have cable networks know, cable companies often use poor man's security by adding MAC address restrictions to their DHCP servers. In order to get an IP address that is routable to the the Internet, you need to have the MAC address with which you originally registered with the cable company. Many of us are ditching our Linksys boxes in order to use a better featured and more powerful firewalling solution and therefore our only option is to either clone our MAC or attempt to suffer through the tech support hotline music only to get a rep that has no idea what a MAC address is. Don't you hate it when you the customer have to tell the company's representative how to do their job?

Well, according to many of the blogs and posts out there, thats your only option with IPCop. I am here to say "Not any more." We just need to change the MAC address on the public interface BEFORE IPCop attempts to make a DHCP request. I figured out a real clean way to do this before after spending a few hours in the code base but have long since forgotten where I documented what I did. This time I had less time and had to find a faster way even if it was less elegant.

First log into the box (either on the console or through SSH) and login as root (you remember your root password right)? Edit the following file (vi and nano are installed by default):

nano /etc/rc.d/

This is merely a perlscript file that will get executed as the last part of the rc.netaddress.up process. Scroll past the first few lines. You will see a boilerplate header, some includes, some variable definitions, and finally, look for the section that says:

# read vars back from file

In my version (1.4.13), there are 4 lines after that line. Add a carriage return to get a new line and add the following line after all those &General:readhash lines:

system ('/sbin/ifconfig', 'eth2', 'down', 'hw', 'ether', '00:12:ef:34:2a:ee');

Replace eth2 with the name of your WAN (RED) interface and, of course, use the MAC address which you want the IPCop box to clone. Save the file, reboot, and enjoy your night free of long monotonous elevator music.

Sunday, July 01, 2007

Designing applications for the enterprise and the home

While working for Purdue University as the Technical Lead for Application Development, one of the topics I stressed the most was designing applications to be Reusable, Extensible, and Scalable. While many people agreed that applications should be designed in a modular fashion, few agreed that even the smallest utility should employ such a design.
Why should I spend an extra hour writing a bunch of classes chock full of properties, methods, and constructors when a simple class with a bunch of "functions" would work just fine?
This is a very valid question. The underlying reason many people even ask this question is because they are thinking small. They don't realize that the functionality or effort that they are placing in their utility could be utilized by someone else for another purpose. This all boils down to coupling. Coupling is the term that expresses how dependent a given module is on another module.

For example, I have noticed that many PHP applications are written in a tightly coupled fashion. In a given method or function, the developer is performing data validation and sanitation, manipulating inputs and performing calculations, and finally is executing data backend transactions. That is highly coupled code. If you wanted to reuse that data cleansing and validation functionality, your only option would be to copy it into your own method. Ok, thats no big deal. Now imagine that the backend database changed and the cleansing requirements change. Now the nightmares begin. In how many different areas was this cleansing code implemented. Worst off, how many different times was it written. Developer B did not like Developer A's variable names so completely renamed all of the variables and changed some of the logic design. In a loosely coupled design, the data validation and cleansing functionality would be abstracted into its own set of classes under some Data Utility namespace. Now requirement changes are a simple line edits in a single location away.

Now rethinking the previous example. Suppose the developer had written the application in a loosely coupled fashion however all this code is stored under the developers local hard drive. How does this help the situation. All code that is written should be stored in a central versioning repository. In addition, an entry should be made into a Wiki or other central publishing store so that other developers can find this code easily by category, namespace, or search. Personally, I really like the MSDN style of documentation. In fact, there are many utilities that can automatically generate this documentation so all you need to do is write up a small blurb about the class, method, etc and some skeleton code as how it should be used.

So what are the disadvantages of designing applications with loose coupling in mind. Well one is performance. I will not try to disagree with the procedural type developers and argue that loosely coupled code is faster. With proper design techniques and resource management you can minimize performance issues. Despite this, the cost of hardware these days is small but the cost of labor is quite high. In addition, having loosely coupled code also allows you to be a lot more nimble as design changes can be easily implemented.

Another difficulty encountered with loosely coupled code is that of deployment. Versioning of all levels of components is CRITICAL! A proper versioning pattern should be in place to ensure that every release (whether beta, alpha, production, release, internal, etc) is properly versioned and its features, bugs, known issues, and API specification is well known. In addition, with loosely coupled code, you want to make sure that your resulting libraries maintain API compatibility through the major version number. That means that if you have a typical versioning scheme of Major.Minor.Revision.Build, a dll with version should be binary compatible with That means, you should be able to reference any 1.x.x.x dll in your application and it should work (minus any bug fixes) without changing a single line of code.

One addition critical element required for loosely coupled design is refactoring. Refactor is the name given to the process of changing the code design without changing the functionality or results of the code. I love the word balance and try to implement it always in my life. I also keep in mind balance when designing applications. Sometimes, I will tolerate a certain degree of coupling because the costs of trying to abstract the code further outweigh the benefits. Since we live in a dynamic world, sometimes the benefits will start to outweigh the costs. As soon as this scale starts to tip, its EXTREMELY important to refactor. Many companies don't encourage refactoring because it does not make them any money. Your not fixing bugs and not introducing new functionality. Despite this, the long term cost advantage is hard to deny.

So whether your a small single developer or a large enterprise, loosely couple code along with proper versioning and refactoring can be a way to dramatically reduce development time and cut costs while increasing quality and delivering greater value.

Yes it is possible to have your cake and eat it too.

Sunday, January 14, 2007

Copyright Chaos

To be honest with you, I am viciously sick of all these copyright laws and discussions being held. Americans and society in general has gotten so self centered yet so apathetic that they don't even realize the horrible rules and laws that are coming down among them. In an effort to curb what seemed to be an epidemic of illegal digital media sharing, the RIAA through the prominent voice of Lars, convinced the guilty public and friendless lawmakers that something needs to be done about this. Encryption technology had started emerging for securing and tethering music to a single computer however the intelligent people at the forefront of this war understood that software is breakable hence the term software. In order to discourage and subsequently legally punish these hoodlums of the new world, our trusty media mongrels convinced our government to pass the infamous DMCA (Digital Millennium Copyright Act) which seeks to apply severe limitations on the older sibling, the Copyright Act. The DMCA gives media distributors and publishers explicit rights to release their works in DRM (Digital Rights Management) package which ensures that the content is only used in the manner they deem allowable. With DRM they can control how, when, the number of times, and on device you choose to consume their content. If they don't want you copying it to another device, DRM can prevent that. If they don't want you to see it more than once, DRM can prevent. If your computer crashed midway through playing the file, oops, too bad. Better buy another license. If your computer crashed and you lost all your data before watching your movie, oops, too bad. If you decide you want to watch it in the comfort of your big lazy boy with a nice bucket of popcorn and a blanket then DMCA can say NO! We will not allow you to copy this here movie to DVD just because the industry says you must use 239829832983 different types of technology. Each technology requires a new license and new payment for that license.

The authors of the original Copyright Law understood that certain exceptions needed to be made however they were not explicitly clear in what was allowed and what was not. It was then left up to the judges to decide what constituted "fair use" and what was an obvious ploy to benefit off other peoples work. The RIAA realized that not all people would try to circumvent their technologies to make a profit, rather, the customers would circumvent their technologies in order to consume the content in a manner and on a platform of their choosing. This meant potentially missing out on huge licensing fees they could charge for the right to play a given file on your computer, DVD player, CD player, laptop, PSP, iPod Video, or else. They wanted each platform or device to require a seperate license. Hence the DMCA which states that distributing tools that allow you to circumvent the copy protection, play protection, and device locking schemes is highly illegal. Now, unless you as the individual know how to crack encryption code, your S.O.L. because the guy that does know how is not allowed to even give you a copy of his tool for fear of being fined billions of dollars. Why would be fined just for trying to help someone else fairly use their media? Well, the media conglomerates are afraid that as soon as you crack your media that your going to distribute it to the world or so that is what they claim. Really, I believe they are pissed because they want to sell you more licenses for each device.

If we carry this same mentality over to the analog world like newspapers, radio, and TV, then what would things look like. Well, every copy of a newspaper you get would be scrambled. You would get a special pair of glasses that allowed you to read the paper normally but as soon as you opened the package, the glasses started to darken until they were no longer usable. This means that you have enough time to read the paper but you better do it all at once because if you set the glasses down to do something else, they will still continue to darken and your paper would be worthless. In addition, you could not just give the glasses to someone else unless you did not plan to read the paper yourself. Forget about saving old editions for reference, all they are good for now is starting fires.

What about radio? This will require a special ear implant. In order to listen to the radio or other audio sources, you would need to get an implant in your ear that will decode the special audio being transmitted. The implant is not transferable. If you try to take it out, it becomes unusable. Soon food will carry such restrictions too. Everytime you go to the grocery, you will have to choose how you will prepare that food item and how many people will consume it. You then buy licenses for this use. Using the food in a manner not consistent with the license purchased is an illegal activity. In addition, spontaneously inviting people over for dinner and sharing that food that you purchased as a single person license is also punishable by the law.

Think I am crazy? Well your right but seriously, think for yourselves. Just how far is too far. We all know that complete freedom means no freedom but regulating everything also means no freedom. We need to start valuing certain freedoms and demanding certain rights and then enact laws to protect those freedoms and rights else these huge inanimate beings called corporations and special interest groups will rape all of humans of any rights we do have. People are waiting for the day when machines rule the world. Well, I argue that machines already do just we don't recognize them as machines yet.