Playground

After several long Saturdays and many hours by many people, we've completed the new playground at the church! The kids are loving it. We learned a lot about how these are put together and a few tricks of the trade that made it easier. The hardest part was realizing that things don't square up until its done.... then you can cement it in. Its so tempting to secure it earlier. Also that's a lot more mulch than it looks. 60+ cubic yards we delivered. Thats about 56-58, the rest will be distributed as it packs down. (just need it out of the parking lot before Cchristmas service where we'll need the two spots its taking up.

Guess we'll never get the kids to leave now!

The Tile is out

Finished tearing out over 1200 pounds of tile & rubble from the shower, here's what's left.

Next now its time to start rebuilding.  Should start tearing out the remaining plywood on the floor next to access the wiring and plumbing.  Then add shutoff values to the water supply and rewire to raise the roof.

Stay tuned

Finding my legs

After transitioning from walk/runs to running and starting to workout with a water polo team on a weekly basis, I think I'm finding my legs. They definitely don't get me to where my mind is thinking or as fast, but they are there.

Wednesday night was my weekly trek to Charlotte for Water Polo (and work). I stayed in the goal most of the time and actually got my hand on most of the balls - I didn't stop very many, but I touched most.

Running is also getting to be easier. I'm going between 2 & 3.7 miles at a time and its fairly comfortable - slow, but comfortable. I look at my pace occasionally, but I'm working on stretching out to run longer and not worry about pace. I'll be building up to 45 minutes of running this weekend.

I keep eyeing different running events, but have been busy with other activities on the weekends. There's an upcoming 5K in Greensboro on Thanksgiving day - maybe I'll have to work that in before firing up the grill.

Pumpkin Carving

It was nice to be in town this fall after years of traveling.  We actually got the pumpkins carved early.  Katie & Kyle pretty much did their own this year.  Libby still needs some help.  Maybe we'll send some seeds to Eric!

Bathroom Tear Down

Starting a new project.... Yes, just after moving in we found out that the walk in shower in the master bath was leaking into the kitchen.  Fortunately, there was a separate tub/shower to use so that gave me a great chance to procrastinate.  So I finally started, slowly first, but decided I'd just have 1000+ pounds of tile and scrap in the garage.

So here's what we started with..  

Breaking in to the wall I found this was not your modern tile installation... Of course the house was built in 1978.  

There was almost an inch of tile, etc back to the wire backing.

I took out the floor some time ago and did the entry floor last year, so I wasn't too suprised.  So I took my hammer and started after the walls.

Working around to different areas and after several hours of hauling the scrap down to the garage waiting for a trip to the dump....

I got things to the point below.  The next fun is to finish around the doorway and handle the ceiling - yes that was tiled the same way too.

Water Polo in NC

who knew, there is water polo in NC.  Years ago I played water polo in Oregon traveling up and down the pacific coast for tournaments.  It was even offered through the high schools were I got my start.  Anyway, since leaving I've found its a little more remote of a sport out east.  While its played in some colleges, there definitely is a developmental or high school program around VA, NC or SC where I've lived since moving east.  

I had practiced some time ago with a club group from Wake Forest, the closest I could find to my home, but it was really a college team and they didn't really need an old fart hanging around.  

Now I'm trying to get back into some kind of shape after neglecting myself for the last 20 years and have looked for things to do.  Running really isn't my bag.  I like cycling, but its limited during the winter months.   Swimming around hear is all but non-existent, unless you fork out the dough for a private club or the Y.

For work I travel to Charlotte, or at least try to avoid it, but it would be good to get to the main office on a regular basis.  So I expanded my search and go figure, there's a masters water polo team in Charlotte - the sharks.  Several old hands that have played various places including some at a fairly high level in CA.  They've got several new people learning the sport for the first time, so it looks like a place to try and float around as I get back into shape to try an contribute.

Yesterday was day 1.  I arrived a little early and then saw a slow procession of speedo clad people heading for the deep end waiting for the swim team to finish.  For those who detest speedo's, let me tell you that anything else and it will get ripped off you in a match.  Actually, even the speedos will get ripped, but there's less to grab.   So its better to wear two.

After a few laps to warm up we started throwing the ball to warm up.  My hands felt like cement and my legs just didn't get me where my mind thought it should be.  After about 10 minutes I was getting tired and I knew I was in trouble.

We took a few shots (at the goal) and then split into teams for a scrimmage.  5 on 5 since we were 1 short.  No one grabbed the goal, so I thought I'd play goalie and get to rest while my team was on offense.  That was the plan, good plan cause I got tired any way.  So I stayed in goal through the next three quarters.  

I actually blocked a few shots and my hands started to feel less like cement.  I guess the feeling was moving to my legs.  It became apparent I was on the weaker team for the day and there seemed to be more defense to play than rest on offense.  

The last quarter dragged on and I could tell others were getting tired too cause the number of passes and swimming before a short ground down to the bare minimum.

It was a blast getting back in and I hope to make the excuse to get to Charlotte for work more often to join them on Wednesday nights. 

If your in the area and curious, check them out at http://bellsouthpwp.net/b/5/b5english/

Feeling like an Oregonian

After a couple of days of clouds and rain here in the south, I walked into the kitchen and saw some strange square spots on the kitchen floor.  I walked over to investigate and run my foot over them…. Oh, sunshine J

 

 

If it doesn't plug in it never existsed

yep, that the perspective of kids today. Since our dishwasher broke a while back, we've been doing the dishes by hand lately. So my wife broke down a bought a dish drain. Simple enough. The kids handle the dishes in the evening, but since there were a few around, she did them during the day... in part to demonstrate the new fangled gadget.

Well my gifted child was starting to do the dishes in the evening, so he started putting away what was in the dish drain. When done, he brought the dish drain to us and asked it where it went. Then asked what it was! Mind you this is our gifted child.

Since it didn't plug in it must have no value by itself. We explained what it was and he went back to the dishes. When I went later to check, he had the drain side pointing to the counters edge so the water flowed to the floor - again our gifted child!

I showed him how it worked, and he said, gee what a great idea! Go figure how we ever existed before electricity!

Cramer: Wachovia Just Ran Out of Time - TheStreet.com

Cramer: Wachovia Just Ran Out of Time - TheStreet.com: "Wachovia is dead"

Wow, things are happening fast. What a weekend...

Just recently Bob Steele was on Cramers show and broke down how strong Wachovia was... I guess strong is $1 per share. Whats left will be very small compared to what it was. Waiting to see how this impacts my projects since they span both parts, but I'm guessing I may no longer be needed.

Is Gas Supply & Demand?

Two points recently make me really feel that gas at the pump is a futures market and not based on supply and demand.

Today I heard rumors of stations running out of gas and the pumps being set fill slowly so people will get frustrated.  So on the way home I stopped to check it out.  The first station was completely out of gas.  The next two only had regular, so I filled up (I'm glad my cars don't require high octane).    The funny part was, even though they were running short, the price dropped almost 20 cents from the last time I filled up.  My wife had the same experience at Costco earlier this week, they were completely out and went next door to sheets who had only regular.  I also got heard similar stories from friends and coworkers in other parts of NC.

The second thing is the margin that's normally claimed is pennies.  Well the last spike hit and the state started going after several of the stations that were gouging their prices.  One station offered a day of gas at cost - 3.38.... this one normally is 3.79+  That's not tons, but its more than a few pennies.

Since I used to be close to the computer hardware business, this margin isn't so bad for a commodity.  

It was real interesting that the local news didn't mention anything about stations running out of gas tonight.  I wonder when the real crisis will hit?

Blogger Details and Download - Internet Explorer Gallery

Blogger Details and Download - Internet Explorer Gallery

OK, I might be behind the times, but I'm playing w/ IE8 looking at their accelorators. Just trying this one out to see if it might help me blog more of the places I go.

So what's this look like, will it be a useful feature for IE? I havent looked yet, does anyone know if there's an equivalent for Firefox or Safari?

We dragged our feet getting Eric's room cleaned out and painted, but its done!  Katie's been dying to move in and has started to but still has a bunch of stuff in her old room w/ her sister.

Eric, if this is too bright, a bucket of paint is cheap.

Nighmares

Oh the nighmares of little ones. Last night my youngest had a bad dream and came in to wake us up. Apparently there was a witch party and they were doing all sorts of scarry things. This was a little more reasonable than the last nightmare she had. Appareantly she was dreaming about waffle day, we ran out of syrup and she didn't get any. What a nightmare!

It would be nice to go back and have that as my biggest issue of the day.

Swimming in NC's Triad

It's been a long time, and many pounds ago, but I used to be a swimmer.  I'm finally trying to get active again, I'm serious this time.  Anyway, I've been biking, walking, running and lifting weights.  So, I decided to look into swimming again. 

This area make getting into shape hard.  There are very few public facilities offering anything for adults, other than pickup basketball.  I live in Guilford county and work in Forsyth  county, there are 2 public indoor swimming pools between the two!  they are both at high schools in Greensboro.  Public lap swim is either 5pm-9pm or 7pm-9pm depending on the pool.  No mornings, noon... No open family swim time...   I went to the pool tonight for 1 hour and I was the only one there!

This is very weird, I grew up in FL and there was always times to go to the pool and always people in it.  I moved to Oregon, lap swim starting at 5am and the pool stay open with programs all day until 9 or 10 pm.  I've traveled all over the country and found public pools in Chicago and Milwaukee full on winter evening...  Even other areas of NC the pools are at least used some.

Swimming is very inaccessible here.  The YMCA's have the best facilities and many swim teams rent space from them or have their own private pools.  There are summer pools for recreational swimming, but again most are private.  Outdoor public pools get great attendance, but plans for new indoor pools are driven by local swim teams competing for space. 

These designs meet their needs for lap swimming but ignore providing recreational facilities that draw large crowds in the summers - slides, tubes, fountains, shallow areas for little ones....  I've been in the upper mid-west and the public pools include all of this while having lap swimming and competitive swimming space - and they are packed all winter long.

I would be nice if the area could get together and build many smaller pools where the community would feel welcome to use them in many ways all year long... hopefully its not a pipe dream.

Eric's off to Turkey

Eric left for Turkey yesterday morning. A big day for the family. We will all miss him, except Katie who plans to move into his room while he's gone.

Follow Eric's adventures at http://fridturky.blogspot.com/

Windows 2003 & NoLMHash

Windows 2003 NoLMHash

 

 

Testing the NoLMHash on Windows 20003 to check on the following from MS to add the NoLMHash dword value for 2003/XP:

 

To add this DWORD value by using Registry Editor, follow these steps:

1.	Click Start, click Run, type regedit, and then click OK.
2.	Locate and then click the following key in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3.	On the Edit menu, point to New, and then click DWORD Value.
4.	Type NoLMHash, and then press ENTER.
5.	On the Edit menu, click Modify.
6.	Type 1, and then click OK.
7.	Restart your computer, and then change your password.

 

Notes

•

This registry change must be made on all Windows Server 2003 domain controllers to disable the storage of LM hashes of users' passwords in a Windows 2003 Active Directory environment. If you are a domain administrator, you can use Active Directory Users and Computers Microsoft Management Console (MMC) to deploy this policy to all domain controllers or all computers on the domain as described in Method 1 (Implement the NoLMHash Policy by Using Group Policy).

•

This DWORD value prevents new LM hashes from being created on Windows XP-based computers and Windows Server 2003-based computers. The history of all previous LM hashes is cleared when you complete these steps.

 

Pasted from <http://support.microsoft.com/kb/299656>

 

Of interest to me is the second note (and if it really needs a reboot, since the article describes using Group Policy, which shouldn't need a reboot.

 

So again using PWDump v6 and a 2003 R2 SP2 server I set off.

 

1.       First I made sure it is configured to store LM Hash values.  I also configured the password history for 6 passwords.  I created a test user and set an initial password (no secrets here - I used MS' old standby of P@ssw0rd).  I'll add a sequential number at the end for each step in the process.

 

LMHash:1016:921988BA001DC8E138F10713B629B565:AE974876D974ABD805A989EBEAD86846:::

 

2.        To get some data, I'll increment the password (2) before configuring the data.

 

LMHash:1016:921988BA001DC8E1F96F275E1115B16F:C9AB9D08CC7DA5A55D8A82D869E01EA8:::

LMHash_history_0:1016:921988BA001DC8E138F10713B629B565:AE974876D974ABD805A989EBEAD86846:::

 

3.       Configure registry value \hkey_lm\system\currentcontrolset\control\lsa\nolmhash = 1.  No reboot.  And, just because I want to know, I havent changed the password yet.

 

LMHash:1016:921988BA001DC8E1F96F275E1115B16F:C9AB9D08CC7DA5A55D8A82D869E01EA8:::

LMHash_history_0:1016:921988BA001DC8E138F10713B629B565:AE974876D974ABD805A989EBEAD86846:::

 

Cool, same result as expected.  As advertised (and noted in my W2k testing) the hash doesn't get removed until the next password change.

 

4.       So, I'll increment the password (3), still no reboot since enabling Nolmhash.

 

LMHash:1016:NO PASSWORD*********************:6BE408F1E80386822F4B2052F1F84B4E:::

LMHash_history_0:1016:7D9641FA8D37296E7D5BDDB1587689AA:C9AB9D08CC7DA5A55D8A82D869E01EA8:::

LMHash_history_1:1016:E051521C5D74C519A270B65CEDEC4F90:AE974876D974ABD805A989EBEAD86846:::

 

Hey,  the hash is not being stored even without a reboot.!

 

How about the part that after a reboot all LMHash history is cleared?

 

5.       Rebooting my test server and dumping the hash.

 

LMHash:1016:NO PASSWORD*********************:6BE408F1E80386822F4B2052F1F84B4E:::

LMHash_history_0:1016:7D9641FA8D37296E7D5BDDB1587689AA:C9AB9D08CC7DA5A55D8A82D869E01EA8:::

LMHash_history_1:1016:E051521C5D74C519A270B65CEDEC4F90:AE974876D974ABD805A989EBEAD86846:::

 

6.       So it looks like the hash is still there?  I'll increment my password again (4).

 

LMHash:1016:NO PASSWORD*********************:766B62D3DB023F90443469D86393CA66:::

LMHash_history_0:1016:E70E280FA98E2E78009CAFFCA733E4D7:6BE408F1E80386822F4B2052F1F84B4E:::

LMHash_history_1:1016:399D9D8A8FF1594979E19C1ED80068C4:C9AB9D08CC7DA5A55D8A82D869E01EA8:::

LMHash_history_2:1016:23E25AEA44552753FEC0A9C59960B2C0:AE974876D974ABD805A989EBEAD86846:::

 

Very strange? The LMHash_history_0:1016: now has a LM hash history?

 

7.       Lets try that again (5)

 

LMHash:1016:NO PASSWORD*********************:5E5C04A4181FCFFA0BF8C1034C5E30A6:::

LMHash_history_0:1016:703308D2B49F8CF59EB8B94EB12FBA04:766B62D3DB023F90443469D86393CA66:::

LMHash_history_1:1016:1A0EE7421E727FF3BE1C0F07B2C68D2B:6BE408F1E80386822F4B2052F1F84B4E:::

LMHash_history_2:1016:BCB0164EC204C101F1FE1BF9C1F1ADA3:C9AB9D08CC7DA5A55D8A82D869E01EA8:::

LMHash_history_3:1016:6DDD93A604AC5E1075ACFDB263333D11:AE974876D974ABD805A989EBEAD86846:::

 

 

Weird…  We'll have to crack these to see what it reveals - could the last tow really be valid LM hash values?   Since I have more history  I've reset the password again a few times using the original password in step 1.

 

LMHash:1016:NO PASSWORD*********************:AE974876D974ABD805A989EBEAD86846:::

LMHash_history_0:1016:F2F1C88E528B6BDBE7D81BE1954B5F3A:AE974876D974ABD805A989EBEAD86846:::

LMHash_history_1:1016:5F032D3561978BA198A2F00236616269:AE974876D974ABD805A989EBEAD86846:::

LMHash_history_2:1016:B27C478CE8BCC5D182FB6DF05CE5BF8D:5E5C04A4181FCFFA0BF8C1034C5E30A6:::

LMHash_history_3:1016:7C94EFC91201576D73E913B413A1F1DD:766B62D3DB023F90443469D86393CA66:::

LMHash_history_4:1016:BBB47337AE975957F430D86E2D7C5EDE:6BE408F1E80386822F4B2052F1F84B4E:::

 

I'll be back to reveal these shortly.

 

 

Document1

NoLMHash Continued

 

 

Ok, due to earlier conflicts I went into my lab and tested a few things.

 

First, for Windows 2000, NoLMHash is configured by adding a Key under LSA in the registry.  Values are ignored in Windows 2000.

 

Using Group Policy to manage the values for Windows 2003 and XP does work, but does not take effect until a reboot is performed.  Further, group policy applies and manages values (instead of keys) on Windows 2000 systems.  As mentioned earlier, this has no effect on Windows 2000 and should be a bug.  I talked to several people at MS and because 2000 is fairly old, this will not be fixed.  It really shouldn't try to write the values to 2000 system at all through group policy.  The only way to prevent this is to create a group with all your 2000 systems and deny it from applying the policy that manages NoLMHash.

 

I also mentioned to MS that settings managed with Group Policy should not require a reboot before the take effect.  My contact is investigating, but I'm doubtful that this will get resolved either.  Support told me that they didn't know you could set this with Group Policy until I sent  them their own KB.

 

More testing to be done to make sure everything gets applied correctly. 

 

Too many servers, too little time for crappy code.

 

 

NoLMHash

NoLMHash

 

 

Wow, I've been digging into the LAN Manager settings and how things are used in recent versions of Windows (2000, 2003, XP & 2008).  There's a lot of bad information out there!

 

I'll pick today on the NoLMHash settings since I've been looking at Windows 2000 today.

 

First, if I just google "nolmhash" I get the following links in the top 3:

 

How to prevent Windows from storing a LAN manager hash of your ...

- 4 visits - 9:56am

Method 2: Implement the NoLMHash Policy by Editing the Registry ... Important The NoLMHash registry key and its functionality were not tested or documented ...

support.microsoft.com/kb/299656 - Similar pages - Note this

NoLMHash

NoLMHash. HKLM\SYSTEM\CurrentControlSet\Control\Lsa. Data type, Range, Default value. REG_DWORD. 0 | 1. 0. Description. Determines whether Security Accounts ...

www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/96415.mspx - 7k - Cached - Similar pages - Note this

NoLMHash

NoLMHash. Updated: March 28, 2003. NoLMHash. HKLM\SYSTEM\CurrentControlSet\Control\Lsa. Data type, Range, Default value. REG_DWORD. 0 | 1. 0. Description ...

technet2.microsoft.com/windowsserver/en/library/008f982b-a1b0-4a73-a781-d46a49f8498a1033.mspx - 8k - Cached - Similar pages - Note this

 

Pasted from <http://www.google.com/search?q=nolmhash&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a>

 

The last two are resource kit references for Windows Server 2000 and 2003 respectively.  Both show the same information, specifically that NoLMHash is a dword value.

 

NoLMHash

HKLM\SYSTEM\CurrentControlSet\Control\Lsa

Data type	Range	Default value
REG_DWORD	0 | 1	0

Description

Determines whether Security Accounts Manager (SAM) stores the LAN Manager (LM) hash of the user's password. The LM hash of the user's password is necessary to authenticate downlevel clients that cannot use NTLM or NTLMv2 authentication.

Value	Meaning
0	SAM stores the message digest of the user's password.
1	SAM does not store the message digest of the user's password.

 

Pasted from <http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/96415.mspx>

 

 

Great you say…. But, if you look at the first referenced returned by google, you get the following information for configuring the NoLMHash Policy on Windows 2000.

 

Step 3.  On the Edit menu, click Add Key, type NoLMHash, and then press ENTER.

 

Pasted from <http://support.microsoft.com/kb/299656>

 

Hey it’s a Key!!!!  There is an note that says its ok for the Key and Value to exist in the same policy template.

 

So for Windows 2003 & XP it’s a dword value…. On Windows 2000 it might be a key!

 

This week I'll be testing the following to see MS actually does with these values.

 

1.       Windows 2000 - NoLMHash Key verses value

2.       Windows 2000 - Does an upgrade convert the Key to a value.

3.       Windows 2003/XP - Does implementing using group policy take immediate effect without requiring a reboot (KB299656 seems to indicate that).

4.       Impact on LM Hash History - KB299656 says that Windows 2000 the history will be removed as you change passwords.  For Windows 2003 & XP the history is cleared when you complete the steps for editing the registry.  No indication is giving of the impact on the LM Hash history when using Group Policy.

 

 

 

Playing in the lab

Today I've been setting up the lab for some product testing at work next
week. Installing SQL 2000 w/ Reporting Services on Windows 2003. Gotta
love the instructions from the vendor.

Our server image is built from 2003 R2 with SP slip streamed. They
require .Net 1.1, 2.0 & 3.0. My first problem was that our build told me
it didn't need .Net 1.1 becayse the service pack version is newer... go
figure.

Pressing on, they have me install SQL 2000, but then mention later to
configure it for mixed authentication... could have told me that in the
first place...

Or I guess I should have read the directions. But if I did, the next
step is to check that SQL is installed by right clicking on the server
to see if stop, pause, restart are there.... this is after I just right
clicked on the server to check properties for authentication mode!

Now I'm downloading SP4 & SQL XML to get things ready.

Unfortunately the vendor couldn't use the SQL/Reporting Services server
I already have in the lab for MOM.

I just wanted their product on a separate server... but no. I'll
re-arrange that after they leave.

Getting Started

I've had fits & starts for creating blogs in the past. I think this one will stick. I was an IT professional before there was http. I've worked mostly around Windows systems the last 10 years, but have been picking up Linux the last few years and most recently OSX.

I'm running this from my laptop running ubuntu ... finally, because I played with too many wireless tools and wacked it. its running again so I should be able to stick with it.

The other thing I did recently was get an iMac for the family and will post on the transition from XP to OSX.... I was getting push back from my wife & kids on Vista... they wanted to stay with XP go figure, they'd never even seen it!

Professionally, I'm working in the MS Security Engineering department for a large company. Being the old salt, I'm getting to look at several things people have passed on over the years.

I'll plan to post about my experiences learning things in Windows, Linux and OSX. Lets see who shots me first.