The above title is from Google Translate, a translation of "明年喝澳洲牛奶" from Chinese into English. Obviously, the proper translation should be "To drink Australian milk next year".
From: Bing Bao
Sent: Thursday, December 18, 2008 4:55 PM
To: Workgroup
Subject: Chinese people next year to drink Australian milk
Hi Folks,
It is reported that the third batch of Australian cows has arrived in Sichuan, China. Some Chinese people will be drinking Australian milk from next year.
I tried to use Google Language Tools to translate the related Chinese news into English, but found the title has been translated to "Australia next year to drink milk". :-))
The first paragraph of its translation was:
"China Morning Post (Reporter Yanqing) yesterday (17) morning, with the third batch from Australia by air from the 483 Holstein cows into the four-Chuan Hongya County dairy import quarantine field, Sichuan Province, the first large-scale introduction of foreign The work of the official end of the cow. At this point, Mengniu Group's 1500 imports of cattle imported species have been arrived at. It is understood that the post-disaster reconstruction in our province as the focus of one of these dairy imports formal entry will further increase the income of dairy farmers."
Cheers,
Bing
Thursday, December 18, 2008
Experience what MS is missing on 64-bit
For a better 64-bit experience, yesterday I installed Internet Explorer 8 Beta x64 version on a pure 64-bit VM, a Hyper-V virtual machine running Windows 2003 R2 Standard x64 (guest) on Windows Server 2008 x64 Enterprise (host). Using this IE8, I visited ISA 2006 website to see if there was any 64-bit update or upgrade for this 32-bit only firewall product introduced in 2006. After that, the story began.
As shown above (of course, not including the lines and words I added in red), at the Home of ISA Server website, there was a big image prompting you to install Silverlight 2.0 in turn to "experience what you're missing on this site". Sure, I loved to do that. I clicked the image to install Silverlight 2.0.
Then the following screen appeared.
That's why I modified the title image above, because what I experienced was what Microsoft was missing on 64-bit.
As you know, Silverlight can be installed from Microsoft Update. So, with the same IE8 window, I chose menu Tools | Windows Update to try another way to install the Microsoft's Flash-Killer.
Wow, still not compatible! This time, it was Windows Update. I was asked to open a 32-bit IE8 window. An unknown error followed, as shown below.
At that moment, Windows Update was prompting me for an automatic update: a 64-bit update to set the kill bits for a few third-party software.
Actually, this kind of task (to set ActiveX Killbits in registry) can be done by any code (32-bit binary code, or even a plain script), but Microsoft officially released a 64-bit patch to do that..., though the patch loader (the ActiveX control of Microsoft Update) is still only available in 32-bit...
For Microsoft, a pure 64-bit world still has a long way to go.
Monday, December 15, 2008
Trunk Monkey Ads
Got three Trunk Monkey video clips from a workmate today, and found the full set at YouTube from Laughing Squid. Really funny. LOL!
Source: Trunk Monkey Ads by Suburban Auto Group
Source: Trunk Monkey Ads by Suburban Auto Group
Thursday, December 04, 2008
FILESTREAM is just for SharePoint
As a new generation of database engine, Microsoft SQL Server 2008 is architecturally enhanced to provide a trusted, productive, and intelligent data platform for most demanding mission-critical applications.
A lot of cool features have been revealed, one of them is FILESTREAM, which can be used to provide better support for SharePoint Document Libraries. Therefore, large files can be efficiently managed by SharePoint, but no longer need to be physically stored in the SQL database.
According to MSDN, FILESTREAM "allows structured data to be stored in the database and associated unstructured (i.e., BLOB) data to be stored directly in the NTFS file system. You can then access the BLOB data through the high-performance Win32 streaming APIs, rather than having to pay the performance penalty of accessing BLOB data through SQL Server."
Unfortunately, MOSS 2007 currently does not provide any official support on this feature of SQL Server 2008.
However, the good point is: "Instead of being a completely new data type, FILESTREAM is a storage attribute of the existing varbinary (max) data type. FILESTREAM preserves the majority of the existing behavior of the varbinary (max) data type. It alters how the BLOB data is stored – in the file system rather than in the SQL Server data files."
"Because FILESTREAM is implemented as a varbinary (max) column and integrated directly into the database engine, most SQL Server management tools and functions work without modification for FILESTREAM data." Thus, it is technically possible to use FILESTREAM with current version of SharePoint.
Actually, a .NET Architect in Rome, Vincenzo Tenisci, just posted his solution for this last week.
BLOG: SQL 2008 FILESTREAM and SharePoint Document Libraries
It is worth giving a try.
For more information about managing unstructured data with SQL Server, download the white paper from here.
A lot of cool features have been revealed, one of them is FILESTREAM, which can be used to provide better support for SharePoint Document Libraries. Therefore, large files can be efficiently managed by SharePoint, but no longer need to be physically stored in the SQL database.
According to MSDN, FILESTREAM "allows structured data to be stored in the database and associated unstructured (i.e., BLOB) data to be stored directly in the NTFS file system. You can then access the BLOB data through the high-performance Win32 streaming APIs, rather than having to pay the performance penalty of accessing BLOB data through SQL Server."
Unfortunately, MOSS 2007 currently does not provide any official support on this feature of SQL Server 2008.
However, the good point is: "Instead of being a completely new data type, FILESTREAM is a storage attribute of the existing varbinary (max) data type. FILESTREAM preserves the majority of the existing behavior of the varbinary (max) data type. It alters how the BLOB data is stored – in the file system rather than in the SQL Server data files."
"Because FILESTREAM is implemented as a varbinary (max) column and integrated directly into the database engine, most SQL Server management tools and functions work without modification for FILESTREAM data." Thus, it is technically possible to use FILESTREAM with current version of SharePoint.
Actually, a .NET Architect in Rome, Vincenzo Tenisci, just posted his solution for this last week.
BLOG: SQL 2008 FILESTREAM and SharePoint Document Libraries
It is worth giving a try.
For more information about managing unstructured data with SQL Server, download the white paper from here.
Wednesday, December 03, 2008
SQL Server 2008 Editions
Microsoft SQL Server 2008 has been released for a couple of months. There are more editions available for this 2008 version, sometimes users could be confused on choosing the right edition for their particular business, as well as the related licensing and pricing issues. I am here listing all the links I found when I researched on the above issues.
- Microsoft: Choose the Right Edition for Your Needs
- Microsoft: Features Supported by the Editions of SQL Server 2008
- Microsoft: Editions and Components of SQL Server 2008
- Microsoft: Maximum Capacity Specifications for SQL Server
- Microsoft: Maximum Number of Processors Supported by the Editions of SQL Server
- Microsoft: Memory Supported by the Editions of SQL Server
- Microsoft: Hardware and Software Requirements for Installing SQL Server 2008
- Microsoft: Compare Editions–Enterprise and Standard (the detailed comparison)
- Microsoft: Compare Editions–Compact and Express (the detailed comparison)
- Microsoft: Version and Edition Upgrades
- Microsoft: SQL Server 2008 Pricing
- Microsoft: SQL Server 2008 Volume Licensing
- Microsoft: SQL Server 2008 Licensing Frequently Asked Questions
Tuesday, December 02, 2008
Nokia 6131 in water
I eventually found my Nokia 6131 yesterday, from the washing machine, at the bottom of the drum, after I collected all the clothes washed. :-((
Now, the mobile has gone back into the water again. In the next few days, the water will be its home. :-)) Like its little brother, my bluetooth headset, a bowl of clean water is the place to go after having a shower in the washing machine. :-))
My bluetooth headset experienced the same kind of incident six months ago, but it works quite well now. I am not sure if this Nokia can be back again. Just give it a try.
To see the photos taken by this Nokia 6131, just click the label below.
Now, the mobile has gone back into the water again. In the next few days, the water will be its home. :-)) Like its little brother, my bluetooth headset, a bowl of clean water is the place to go after having a shower in the washing machine. :-))
My bluetooth headset experienced the same kind of incident six months ago, but it works quite well now. I am not sure if this Nokia can be back again. Just give it a try.
To see the photos taken by this Nokia 6131, just click the label below.
Monday, December 01, 2008
Considerations on building a SharePoint Document Library
Lots of SharePoint deployment today simply move all files on the network drive straight into a SharePoint Document Library keeping the same folder structure and properties, and use the same methods to maintain the library, as what we dealt with a file share.
I don't see it is a right way to utilise SharePoint. This approach is not efficient for searching and re-using past work because only one category can be applied to each document.
Today, a new approach of taxonomy is to use labels. Multiple labels can be applied to a single document. A good example is Gmail, which puts all emails in one logical repository and uses labels to personalise email classification. Another example is blogging systems, most of them are now provide labelling ability for quick search and easy organisation.
To maximize the search ability of SharePoint, you may consider to:
I don't see it is a right way to utilise SharePoint. This approach is not efficient for searching and re-using past work because only one category can be applied to each document.
Today, a new approach of taxonomy is to use labels. Multiple labels can be applied to a single document. A good example is Gmail, which puts all emails in one logical repository and uses labels to personalise email classification. Another example is blogging systems, most of them are now provide labelling ability for quick search and easy organisation.
To maximize the search ability of SharePoint, you may consider to:
- Use labels, as metadata, to category documents in a document library. This can be implemented by using a document property or a custom column.
- Store documents in a single specific folder (not several folders). One document, one physical location, multiple logical views (explained in Point 4.)
- Enable versioning in turn to hide old versions for general access.
- Instead of presenting end-users a friendly interface to browse documents, similarly as they browse file folders, use Customised Views based on the metadata that the system (better automatically) collected from custom list, document properties, and database if applicable.
- Create simple, standard folders for each document library, such as Work, Published, and Temp. This is for easy file maintenance (Backup/Restore/Archive), not for document management from the point of view of business.
- Use label based metadata;
- Use customised views.
Tuesday, November 25, 2008
Top 10 Most Expensive Accidents in History
From: Rogers, Wendy
Sent: Thursday, 20 November 2008 11:31 AM
Subject: FW: Top 10 Most Expensive Accidents in History
Top 10 Most Expensive Accidents in History
Throughout history, humans have always been prone to accidents. Some, such as the exotic car crashes seen on this page, can be very expensive. But that's trivial compared to the truly expensive accidents. An accident is defined as "an undesirable or unfortunate happening that occurs unintentionally and usually results in harm, injury, damage, or loss". Our aim is to list the top 10 most expensive accidents in the history of the world as measured in dollars.
This includes property damage and expenses incurred related to the accident such as cleanup and industry losses. Many of these accidents involve casualties which obviously cannot be measured in dollar terms. Each life lost is priceless and is not factored into the equation. Deliberate actions such as war or terrorism and natural disasters do not qualify as accidents and therefore are not included in this list.
#10. Titanic ($150 Million)
The sinking of the Titanic is possibly the most famous accident in the world. But it barely makes our list of top 10 most expensive. On April 15, 1912, the Titanic sank on its maiden voyage and was considered to be the most luxurious ocean liner ever built. Over 1,500 people lost their lives when the ship ran into an iceberg and sunk in frigid waters. The ship cost $7 million to build ($150 million in today's dollars).
#9. Tanker Truck vs Bridge ($358 Million)
On August 26, 2004, a car collided with a tanker truck containing 32,000 liters of fuel on the Wiehltal Bridge in Germany. The tanker crashed through the guardrail and fell 90 feet off the A4 Autobahn resulting in a huge explosion and fire which destroyed the load-bearing ability of the bridge. Temporary repairs cost $40 million and the cost to replace the bridge is estimated at $318 Million.
#8. MetroLink Crash ($500 Million)
On September 12, 2008, in what was one of the worst train crashes in California history, 25 people were killed when a Metrolink commuter train crashed head-on into a Union Pacific freight train in Los Angeles. It is thought that the Metrolink train may have run through a red signal while the conductor was busy text messaging. Wrongful death lawsuits are expected to cause $500 million in losses for Metrolink.
#7. B-2 Bomber Crash ($1.4 Billion)
Here we have our first billion dollar accident (and we're only #7 on the list). This B-2 stealth bomber crashed shortly after taking off from an air base in Guam on February 23, 2008. Investigators blamed distorted data in the flight control computers caused by moisture in the system. This resulted in the aircraft making a sudden nose-up move which made the B-2 stall and crash. This was 1 of only 21 ever built and was the most expensive aviation accident in history. Both pilots were able to eject to safety.
The crash was captured on video. It shows one B-2 Bomber successfully taking off followed by the B-2 Bomber which crashes. The crash starts at 2:00
#6. Exxon Valdez ($2.5 Billion)
The Exxon Valdez oil spill was not a large one in relation to the world's biggest oil spills, but it was a costly one due to the remote location of Prince William Sound (accessible only by helicopter and boat). On March 24, 1989, 10.8 million gallons of oil was spilled when the ship's master, Joseph Hazelwood, left the controls and the ship crashed into a Reef. The cleanup cost Exxon $2.5 billion.
#5. Piper Alpha Oil Rig ($3.4 Billion)
The world's worst off-shore oil disaster. At one time, it was the world's single largest oil producer, spewing out 317,000 barrels of oil per day.. On July 6, 1988, as part of routine maintenance, technicians removed and checked safety valves which were essential in preventing dangerous build-up of liquid gas. There were 100 identical safety valves which were checked. Unfortunately, the technicians made a mistake and forgot to replace one of them. At 10 PM that same night, a technician pressed a start button for the liquid gas pumps and the world's most expensive oil rig accident was set in motion.
Within 2 hours, the 300 foot platform was engulfed in flames. It eventually collapsed, killing 167 workers and resulting in $3.4 Billion in damages.
#4. Challenger Explosion ($5.5 Billion)
The Space Shuttle Challenger was destroyed 73 seconds after takeoff due on January 28, 1986 due to a faulty O-ring. It failed to seal one of the joints, allowing pressurized gas to reach the outside. This in turn caused the external tank to dump its payload of liquid hydrogen causing a massive explosion. The cost of replacing the Space Shuttle was $2 billion in 1986 ($4.5 billion in today's dollars). The cost of investigation, problem correction, and replacement of lost equipment cost $450 million from 1986-1987 ($1 Billion in today's dollars).
#3. Prestige Oil Spill ($12 Billion)
On November 13, 2002, the Prestige oil tanker was carrying 77,000 tons of heavy fuel oil when one of its twelve tanks burst during a storm off Galicia, Spain. Fearing that the ship would sink, the captain called for help from Spanish rescue workers, expecting them to take the ship into harbour. However, pressure from local authorities forced the captain to steer the ship away from the coast. The captain tried to get help from the French and Portuguese authorities, but they too ordered the ship away from their shores. The storm eventually took its toll on the ship resulting in the tanker splitting in half and releasing 20 million gallons oil into the sea.
According to a report by the Pontevedra Economist Board, the total cleanup cost $12 billion.
#2. Space Shuttle Columbia ($13 Billion)
The Space Shuttle Columbia was the first space worthy shuttle in NASA's orbital fleet. It was destroyed during re-entry over Texas on February 1, 2003 after a hole was punctured in one of the wings during launch 16 days earlier. The original cost of the shuttle was $2 Billion in 1978. That comes out to $6.3 Billion in today's dollars. $500 million was spent on the investigation, making it the costliest aircraft accident investigation in history. The search and recovery of debris cost $300 million.
In the end, the total cost of the accident (not including replacement of the shuttle) came out to $13 Billion according to the American Institute of Aeronautics and Astronautics.
#1. Chernobyl ($200 Billion)
On April 26, 1986, the world witnessed the costliest accident in history. The Chernobyl disaster has been called the biggest socio-economic catastrophe in peacetime history. 50% of the area of Ukraine is in some way contaminated. Over 200,000 people had to be evacuated and resettled while 1.7 million people were directly affected by the disaster. The death toll attributed to Chernobyl, including people who died from cancer years later, is estimated at 125,000. The total costs including cleanup, resettlement, and compensation to victims has been estimated to be roughly $200 Billion. The cost of a new steel shelter for the Chernobyl nuclear plant will cost $2 billion alone. The accident was officially attributed to power plant operators who violated plant procedures and were ignorant of the safety requirements needed.
Sent: Thursday, 20 November 2008 11:31 AM
Subject: FW: Top 10 Most Expensive Accidents in History
Top 10 Most Expensive Accidents in History
Throughout history, humans have always been prone to accidents. Some, such as the exotic car crashes seen on this page, can be very expensive. But that's trivial compared to the truly expensive accidents. An accident is defined as "an undesirable or unfortunate happening that occurs unintentionally and usually results in harm, injury, damage, or loss". Our aim is to list the top 10 most expensive accidents in the history of the world as measured in dollars.
This includes property damage and expenses incurred related to the accident such as cleanup and industry losses. Many of these accidents involve casualties which obviously cannot be measured in dollar terms. Each life lost is priceless and is not factored into the equation. Deliberate actions such as war or terrorism and natural disasters do not qualify as accidents and therefore are not included in this list.
#10. Titanic ($150 Million)
The sinking of the Titanic is possibly the most famous accident in the world. But it barely makes our list of top 10 most expensive. On April 15, 1912, the Titanic sank on its maiden voyage and was considered to be the most luxurious ocean liner ever built. Over 1,500 people lost their lives when the ship ran into an iceberg and sunk in frigid waters. The ship cost $7 million to build ($150 million in today's dollars).
#9. Tanker Truck vs Bridge ($358 Million)
On August 26, 2004, a car collided with a tanker truck containing 32,000 liters of fuel on the Wiehltal Bridge in Germany. The tanker crashed through the guardrail and fell 90 feet off the A4 Autobahn resulting in a huge explosion and fire which destroyed the load-bearing ability of the bridge. Temporary repairs cost $40 million and the cost to replace the bridge is estimated at $318 Million.
#8. MetroLink Crash ($500 Million)
On September 12, 2008, in what was one of the worst train crashes in California history, 25 people were killed when a Metrolink commuter train crashed head-on into a Union Pacific freight train in Los Angeles. It is thought that the Metrolink train may have run through a red signal while the conductor was busy text messaging. Wrongful death lawsuits are expected to cause $500 million in losses for Metrolink.
#7. B-2 Bomber Crash ($1.4 Billion)
Here we have our first billion dollar accident (and we're only #7 on the list). This B-2 stealth bomber crashed shortly after taking off from an air base in Guam on February 23, 2008. Investigators blamed distorted data in the flight control computers caused by moisture in the system. This resulted in the aircraft making a sudden nose-up move which made the B-2 stall and crash. This was 1 of only 21 ever built and was the most expensive aviation accident in history. Both pilots were able to eject to safety.
The crash was captured on video. It shows one B-2 Bomber successfully taking off followed by the B-2 Bomber which crashes. The crash starts at 2:00
#6. Exxon Valdez ($2.5 Billion)
The Exxon Valdez oil spill was not a large one in relation to the world's biggest oil spills, but it was a costly one due to the remote location of Prince William Sound (accessible only by helicopter and boat). On March 24, 1989, 10.8 million gallons of oil was spilled when the ship's master, Joseph Hazelwood, left the controls and the ship crashed into a Reef. The cleanup cost Exxon $2.5 billion.
#5. Piper Alpha Oil Rig ($3.4 Billion)
The world's worst off-shore oil disaster. At one time, it was the world's single largest oil producer, spewing out 317,000 barrels of oil per day.. On July 6, 1988, as part of routine maintenance, technicians removed and checked safety valves which were essential in preventing dangerous build-up of liquid gas. There were 100 identical safety valves which were checked. Unfortunately, the technicians made a mistake and forgot to replace one of them. At 10 PM that same night, a technician pressed a start button for the liquid gas pumps and the world's most expensive oil rig accident was set in motion.
Within 2 hours, the 300 foot platform was engulfed in flames. It eventually collapsed, killing 167 workers and resulting in $3.4 Billion in damages.
#4. Challenger Explosion ($5.5 Billion)
The Space Shuttle Challenger was destroyed 73 seconds after takeoff due on January 28, 1986 due to a faulty O-ring. It failed to seal one of the joints, allowing pressurized gas to reach the outside. This in turn caused the external tank to dump its payload of liquid hydrogen causing a massive explosion. The cost of replacing the Space Shuttle was $2 billion in 1986 ($4.5 billion in today's dollars). The cost of investigation, problem correction, and replacement of lost equipment cost $450 million from 1986-1987 ($1 Billion in today's dollars).
#3. Prestige Oil Spill ($12 Billion)
On November 13, 2002, the Prestige oil tanker was carrying 77,000 tons of heavy fuel oil when one of its twelve tanks burst during a storm off Galicia, Spain. Fearing that the ship would sink, the captain called for help from Spanish rescue workers, expecting them to take the ship into harbour. However, pressure from local authorities forced the captain to steer the ship away from the coast. The captain tried to get help from the French and Portuguese authorities, but they too ordered the ship away from their shores. The storm eventually took its toll on the ship resulting in the tanker splitting in half and releasing 20 million gallons oil into the sea.
According to a report by the Pontevedra Economist Board, the total cleanup cost $12 billion.
#2. Space Shuttle Columbia ($13 Billion)
The Space Shuttle Columbia was the first space worthy shuttle in NASA's orbital fleet. It was destroyed during re-entry over Texas on February 1, 2003 after a hole was punctured in one of the wings during launch 16 days earlier. The original cost of the shuttle was $2 Billion in 1978. That comes out to $6.3 Billion in today's dollars. $500 million was spent on the investigation, making it the costliest aircraft accident investigation in history. The search and recovery of debris cost $300 million.
In the end, the total cost of the accident (not including replacement of the shuttle) came out to $13 Billion according to the American Institute of Aeronautics and Astronautics.
#1. Chernobyl ($200 Billion)
On April 26, 1986, the world witnessed the costliest accident in history. The Chernobyl disaster has been called the biggest socio-economic catastrophe in peacetime history. 50% of the area of Ukraine is in some way contaminated. Over 200,000 people had to be evacuated and resettled while 1.7 million people were directly affected by the disaster. The death toll attributed to Chernobyl, including people who died from cancer years later, is estimated at 125,000. The total costs including cleanup, resettlement, and compensation to victims has been estimated to be roughly $200 Billion. The cost of a new steel shelter for the Chernobyl nuclear plant will cost $2 billion alone. The accident was officially attributed to power plant operators who violated plant procedures and were ignorant of the safety requirements needed.
Monday, November 24, 2008
Unlock ISA server from Lockdown mode
Title: NO PING after stopping ISA Firewall Services
Tags: Microsoft, ISA Server, 2006
Zones: MS Forefront-ISA, Windows Networking, Windows Network Security
hi folks
i got a strange problem. i thought i could PING NLB-enabled ISA servers after stopping their FWSRV service, but actually not.
basic system information of the ISA servers:
W2K3R2 Standard in Hyper-V
512MB
4 NICs with 4 dedicated IPs (1 x external facing, 3 x internal facing)
NLB enabled on all NICs on IGMP multicast mode
additional 17 VIPs assigned to the 4 NICs (10 + 1 + 3 + 3)
ISA 2006 Enterprise with SP1 and Supportability Update
Back Firewall template with Block All
outgoing DNS/HTTP/HTTPS/NTP/PING traffic is allowed
NOTE: ISA Integrated NLB is not used as it does not support NLB on all adapters with IGMP multicast, WLBS used instead.
the network connection is OK as i can use ARP -A to see their MAC addresses though i could not PING the IPs
any clues? many thanks for any input.
kind regards,
bbao
Author Comment - Author: bbao Date: 09/09/2008 - 07:13PM EST
just an update:
i just did a test on another stand-alone ISA server and got the same problem. no PING. it seems the stopped ISA server has been locked down.
i also found the following from MS TechNet site:
"2. Put the ISA Server firewall in LOCKDOWN mode, by stopping the Microsoft Firewall service. At a command prompt, type net stop fwsrv."
Troubleshooting networking issues
http://www.microsoft.com/technet/isa/2004/help/CMT_TrblDialup.mspx?mfr=true
the ISA servers are now in LOCKDOWN mode?? if so, how to unlock in turn to allow any incoming and outgoing traffic as before?
regards,
bbao
Assisted Solution - Author: keith_alabaster Date: 09/10/2008 - 08:21AM EST
Its not a problem - it is by design. Stopping the services means exactly that. ISA has a system policy (not firewall policy) that says whether to allow icmp traffic from internal to the localhost (isa box) so if you stop the services you also stop the access. removing ISA would allow the connections OK - stopping the services stops ISA from being operational however the dll's, the configs etc are all expecting ISA to be running.
Keith
Accepted Solution - Author: bbao Date: 09/10/2008 - 10:00AM EST
hi Keith
you are right, it is by design - a very good design.
i have actually already found the way to unlock ISA lockdown mode: NET STOP FWENG /Y.
this command will open the ISA server to all network traffic by stopping the Firewall Engine which runs in kernel mode of W2K3. the engine is a kernel-mode driver (fweng.sys) "which is called whenever network traffic arrives or leaves an ISA server network interface and modifies it if necessary."
this command will automatically stop the upper-layer Firewall Service, so NET STOP FWSRV is not necessary.
i found the above information from a MS white paper "ISA Server 2006 Firewall core", the best MS document i ever read - clear, informative, and accurate.
regards,
bbao
Expert Comment Author: keith_alabaster Date: 09/10/2008 - 12:39PM EST
Nice one :) - I will have a read on that as I don't recall that paper, and I have read quite a few
Regards
Keith :)
Author Comment Author: bbao Date: 09/10/2008 - 05:41PM EST
FYI
ISA Server 2006 Firewall Core
http://www.microsoft.com/isaserver/prodinfo/firewall_corewp.mspx
Expert Comment Author: keith_alabaster Date: 09/10/2008 - 07:53PM EST
Thanks :)
Author Comment Author: bbao Date: 09/10/2008 - 09:08PM EST
hi Keith,
do you mind that i accept my second comment as the answer as i would like to PAQ this question. i believe this would help others who intend to hear the heartbeat after killing the ISA server. :-)
i tried to share points to you by accepting multiple solutions, but EE did not allow me to choose my comment in this way... thanks for your kind help,
regards,
bbao
Expert Comment Author: keith_alabaster Date: 09/11/2008 - 12:26AM EST
No its fine and an accurate reflection anyway. Besides, you likely know my EE email address if you ever want help with ISA Server.
Regards
K :)
Tags: Microsoft, ISA Server, 2006
Zones: MS Forefront-ISA, Windows Networking, Windows Network Security
hi folks
i got a strange problem. i thought i could PING NLB-enabled ISA servers after stopping their FWSRV service, but actually not.
basic system information of the ISA servers:
W2K3R2 Standard in Hyper-V
512MB
4 NICs with 4 dedicated IPs (1 x external facing, 3 x internal facing)
NLB enabled on all NICs on IGMP multicast mode
additional 17 VIPs assigned to the 4 NICs (10 + 1 + 3 + 3)
ISA 2006 Enterprise with SP1 and Supportability Update
Back Firewall template with Block All
outgoing DNS/HTTP/HTTPS/NTP/PING traffic is allowed
NOTE: ISA Integrated NLB is not used as it does not support NLB on all adapters with IGMP multicast, WLBS used instead.
the network connection is OK as i can use ARP -A to see their MAC addresses though i could not PING the IPs
any clues? many thanks for any input.
kind regards,
bbao
Author Comment - Author: bbao Date: 09/09/2008 - 07:13PM EST
just an update:
i just did a test on another stand-alone ISA server and got the same problem. no PING. it seems the stopped ISA server has been locked down.
i also found the following from MS TechNet site:
"2. Put the ISA Server firewall in LOCKDOWN mode, by stopping the Microsoft Firewall service. At a command prompt, type net stop fwsrv."
Troubleshooting networking issues
http://www.microsoft.com/technet/isa/2004/help/CMT_TrblDialup.mspx?mfr=true
the ISA servers are now in LOCKDOWN mode?? if so, how to unlock in turn to allow any incoming and outgoing traffic as before?
regards,
bbao
Assisted Solution - Author: keith_alabaster Date: 09/10/2008 - 08:21AM EST
Its not a problem - it is by design. Stopping the services means exactly that. ISA has a system policy (not firewall policy) that says whether to allow icmp traffic from internal to the localhost (isa box) so if you stop the services you also stop the access. removing ISA would allow the connections OK - stopping the services stops ISA from being operational however the dll's, the configs etc are all expecting ISA to be running.
Keith
Accepted Solution - Author: bbao Date: 09/10/2008 - 10:00AM EST
hi Keith
you are right, it is by design - a very good design.
i have actually already found the way to unlock ISA lockdown mode: NET STOP FWENG /Y.
this command will open the ISA server to all network traffic by stopping the Firewall Engine which runs in kernel mode of W2K3. the engine is a kernel-mode driver (fweng.sys) "which is called whenever network traffic arrives or leaves an ISA server network interface and modifies it if necessary."
this command will automatically stop the upper-layer Firewall Service, so NET STOP FWSRV is not necessary.
i found the above information from a MS white paper "ISA Server 2006 Firewall core", the best MS document i ever read - clear, informative, and accurate.
regards,
bbao
Expert Comment Author: keith_alabaster Date: 09/10/2008 - 12:39PM EST
Nice one :) - I will have a read on that as I don't recall that paper, and I have read quite a few
Regards
Keith :)
Author Comment Author: bbao Date: 09/10/2008 - 05:41PM EST
FYI
ISA Server 2006 Firewall Core
http://www.microsoft.com/isaserver/prodinfo/firewall_corewp.mspx
Expert Comment Author: keith_alabaster Date: 09/10/2008 - 07:53PM EST
Thanks :)
Author Comment Author: bbao Date: 09/10/2008 - 09:08PM EST
hi Keith,
do you mind that i accept my second comment as the answer as i would like to PAQ this question. i believe this would help others who intend to hear the heartbeat after killing the ISA server. :-)
i tried to share points to you by accepting multiple solutions, but EE did not allow me to choose my comment in this way... thanks for your kind help,
regards,
bbao
Expert Comment Author: keith_alabaster Date: 09/11/2008 - 12:26AM EST
No its fine and an accurate reflection anyway. Besides, you likely know my EE email address if you ever want help with ISA Server.
Regards
K :)
Sunday, November 16, 2008
Passport comparison on visa-free entry
It was reported last week that, Gong Li (巩俐), who grew up in my hometown of Jinan (济南) and now is one of the most well-known Chinese movie stars, has been granted Singapore citizenship after 12 years since she married a Singaporean tobacco tycoon, Ooi Hoe Soeng (黄和祥), in 1996. According to what she later explained, this is because she travels a lot and it's convenient to hold a Singapore passport.
Like all passports of developed countries, Singapore Passport is also a well-recognised travel document for international travel freedom, which means that the passport holder may enjoy visa-free access to a majority of countries and territories for short-term tourism visits.
I am hereby listing several coverage maps in regard to visa-free or visa-on-arrival access using passports of several countries and territories. All the maps are from the Wikipedia, and the data is from Henley & Partners, as of 15 Nov 2008.
Australian Passport
Rank 7, Visa-free access to 151 countries and territories
British Passport
Rank 6, Visa-free access to 152 countries and territories
Canadian Passport
Rank 4, Visa-free access to 154 countries and territories
Hong Kong Passport
Rank 13, Visa-free access to 110 countries and territories
Mainland China Passport
Rank 79, Visa-free access to 33 countries and territories
New Zealand Passport
Rank 8, Visa-free access to 150 countries and territories
Singapore Passport
Rank 8, Visa-free access to 150 countries and territories
United States Passport
Rank 3, Visa-free access to 155 countries and territories
Like all passports of developed countries, Singapore Passport is also a well-recognised travel document for international travel freedom, which means that the passport holder may enjoy visa-free access to a majority of countries and territories for short-term tourism visits.
I am hereby listing several coverage maps in regard to visa-free or visa-on-arrival access using passports of several countries and territories. All the maps are from the Wikipedia, and the data is from Henley & Partners, as of 15 Nov 2008.
Australian Passport
Rank 7, Visa-free access to 151 countries and territories
British Passport
Rank 6, Visa-free access to 152 countries and territories
Canadian Passport
Rank 4, Visa-free access to 154 countries and territories
Hong Kong Passport
Rank 13, Visa-free access to 110 countries and territories
Mainland China Passport
Rank 79, Visa-free access to 33 countries and territories
New Zealand Passport
Rank 8, Visa-free access to 150 countries and territories
Singapore Passport
Rank 8, Visa-free access to 150 countries and territories
United States Passport
Rank 3, Visa-free access to 155 countries and territories
Sunday, November 09, 2008
Recent readings in October
Going to return the books borrowed last month from Chatswood Library. It seems to be fined for nearly 30 dollars because the books have been overdue for 10 days. :-((
* 《陈洁如回忆录》,陈洁如著,汪凌石译,台北新新闻文化发行(1992)
* 《陈水扁震撼》,陶五柳著,台北大村文化出版社(1994)
* 《父亲邓小平“文革”十年记》,毛毛著,香港中华儿女出版社(2000)
* 《活出历史 - 希拉蕊回忆录》,希拉蕊等著,钟玉玨等译,台北时报文化出版社(2003)
* 《李敖回忆录》,李敖著,北京中国友谊出版公司(1998)
* 《李光耀回忆录(1923-1965)》,李光耀著,台北世界书局(1998)
* 《任我帆游南半球》,叶子侨著,香港天窗出版社(2006)
* 《少年陈凯歌》,陈凯歌著,台北远流出版公司(1991)
* 《岁月苍苍 - 我与儿子王丹》,王凌云著,香港明报出版社(1999)
* 《我的父亲邓小平》,毛毛著,台北地球出版社(1993)
* Degunking Your Email, Spam, and Viruses, Jeff Duntemann, Paraglyph Press, 2004.
* Implementing Virtual Private Netwroks, Steven Brown, MacGraw-Hill, 1999.
* Mastering Networks, William Buchanan, Macmillan Press, 1999.
* Web Stalkers - Protect yourself from Internet Criminals & Psychopaths, Stephen Andert, Donald K. Burleson, Rampant TechPress, 2004.
* Your Neighbor's Secret Life Online, Stephen Dean, New Horizon Press, 2008.
* 《陈洁如回忆录》,陈洁如著,汪凌石译,台北新新闻文化发行(1992)
* 《陈水扁震撼》,陶五柳著,台北大村文化出版社(1994)
* 《父亲邓小平“文革”十年记》,毛毛著,香港中华儿女出版社(2000)
* 《活出历史 - 希拉蕊回忆录》,希拉蕊等著,钟玉玨等译,台北时报文化出版社(2003)
* 《李敖回忆录》,李敖著,北京中国友谊出版公司(1998)
* 《李光耀回忆录(1923-1965)》,李光耀著,台北世界书局(1998)
* 《任我帆游南半球》,叶子侨著,香港天窗出版社(2006)
* 《少年陈凯歌》,陈凯歌著,台北远流出版公司(1991)
* 《岁月苍苍 - 我与儿子王丹》,王凌云著,香港明报出版社(1999)
* 《我的父亲邓小平》,毛毛著,台北地球出版社(1993)
* Degunking Your Email, Spam, and Viruses, Jeff Duntemann, Paraglyph Press, 2004.
* Implementing Virtual Private Netwroks, Steven Brown, MacGraw-Hill, 1999.
* Mastering Networks, William Buchanan, Macmillan Press, 1999.
* Web Stalkers - Protect yourself from Internet Criminals & Psychopaths, Stephen Andert, Donald K. Burleson, Rampant TechPress, 2004.
* Your Neighbor's Secret Life Online, Stephen Dean, New Horizon Press, 2008.
Friday, October 24, 2008
Little girl photo by Nokia 6131
One more photo by Nokia 6131. The photo was taken in Sydney in Oct 2007, and was edited by Microsoft Photo Editor 3.01 for removing background, cropping, and applying watercolour effect. The cute little girl is a Chinese-Belgian mixed.
Thursday, October 23, 2008
Sydney photos by Nokia 6131
Here are two more photos taken by Nokia 6131 when I was in a building at Blue St, North Sydney in 2007. Nokia 6131 has a built-in 1.3 megapixel camera with 8x digital zoom (1280 x 960 pixel resolution). Click the picture at right to see the large Google Earth image giving where I was when taking the photos.
Monday, October 20, 2008
2008 Australian International Motor Show
Some pictures I took at the 2008 Australian International Motor Show at Darling Harbour, Sydney on 18 Oct 2008. All pictures were taken by Nokia 6131.
Monday, September 29, 2008
李朝旭、祝咏兰到哪里去了?
我目前很关心这二位的下落。
一、李朝旭
李朝旭系“三鹿集团奶粉事业部技术保障部部长、研发总监”,主管三鹿的产品质量,应该直接对三鹿奶粉的质量事故负责。三鹿奶粉内含如此大剂量的三聚氰胺,必然是人为添加所致。不管是谁想下毒,都得过李朝旭这关。就算是董事长田文华授意添加或默许放行,都得由李朝旭具体执行,他能不知道这毒是怎么放进去的??就算是奶农、奶站想添非法牟利,身为“中国食品工业标准化委员会特殊膳食分委员会企业技术委员,从事乳品新技术、新产品的科研开发、乳品生产工厂设计、乳制品安全检测及乳制品技术标准的研究、技术质量管理工作”多年的李朝旭怎能不知道食品市场上有不法分子喜爱的“蛋白精”和如何“加精”的套路??
李朝旭,你是何等了得的“国家级”专家和“新世纪”人才,是你亲自主持研制了成为“三鹿集团支柱产品”的系列毒奶粉,也因此获奖、著述甚丰,还到处显摆以所谓“四个不能、四个为主、四个不放过”为原则的三鹿质量管理体系,还有那“震撼”国人的“1100道工序”。
李朝旭,你敢说你此前不知道奶粉有毒?你现在跑到哪里去了?你不会还逍遥法外吧?!
二、祝咏兰
祝咏兰是“借光”三鹿事件而在几日内就红遍大江南北的“紫人”(红得发紫却没有“户口”的人),据传是“国务院机关老干部活动中心、国务院中央国家机关有机食品特供中心主任”兼“北京国佑万悦有机食品有限公司总经理”。祝咏兰女士实乃不可多得的人才,一篇通俗易懂、言之凿凿的《在中央国家机关特供产品授牌仪式上的讲话》不仅揭示了国内百姓食品的有毒供应链,阐述了有机食品的安全性和营养性,展现了营造健康食品产业的伟大理想,宣传了“质优价优”的特供产品,感染了身在庄严授权现场的诸位领导、专家、老干部和“特供”企业家们,也震撼了中国网民在毒奶粉曝光后极其脆弱和敏感的神经,更吓坏了国务院机关老干部活动中心的某负责人及其所代表的整个被特供集团。
祝咏兰,您的“真知灼见”给中国的食品行业指明了“安全”、“营养”和“功效”的康庄大道,您的“亲身实践”更是证明了只要遵循定点生产、定向供应、定牌认证、定性评价、定头监管和定期抽查等一系列措施,中国人一样可以生产出“返朴归真”、“优质放心”的健康食品。这也是包括本人在内的众多小百姓们强烈推荐您出任国家质检总局局长的“根本原因”。
祝咏兰女士,您现在在哪里?该是您显身的时候了吧?您不会让全国人民失望吧?
一、李朝旭
李朝旭系“三鹿集团奶粉事业部技术保障部部长、研发总监”,主管三鹿的产品质量,应该直接对三鹿奶粉的质量事故负责。三鹿奶粉内含如此大剂量的三聚氰胺,必然是人为添加所致。不管是谁想下毒,都得过李朝旭这关。就算是董事长田文华授意添加或默许放行,都得由李朝旭具体执行,他能不知道这毒是怎么放进去的??就算是奶农、奶站想添非法牟利,身为“中国食品工业标准化委员会特殊膳食分委员会企业技术委员,从事乳品新技术、新产品的科研开发、乳品生产工厂设计、乳制品安全检测及乳制品技术标准的研究、技术质量管理工作”多年的李朝旭怎能不知道食品市场上有不法分子喜爱的“蛋白精”和如何“加精”的套路??
李朝旭,你是何等了得的“国家级”专家和“新世纪”人才,是你亲自主持研制了成为“三鹿集团支柱产品”的系列毒奶粉,也因此获奖、著述甚丰,还到处显摆以所谓“四个不能、四个为主、四个不放过”为原则的三鹿质量管理体系,还有那“震撼”国人的“1100道工序”。
李朝旭,你敢说你此前不知道奶粉有毒?你现在跑到哪里去了?你不会还逍遥法外吧?!
二、祝咏兰
祝咏兰是“借光”三鹿事件而在几日内就红遍大江南北的“紫人”(红得发紫却没有“户口”的人),据传是“国务院机关老干部活动中心、国务院中央国家机关有机食品特供中心主任”兼“北京国佑万悦有机食品有限公司总经理”。祝咏兰女士实乃不可多得的人才,一篇通俗易懂、言之凿凿的《在中央国家机关特供产品授牌仪式上的讲话》不仅揭示了国内百姓食品的有毒供应链,阐述了有机食品的安全性和营养性,展现了营造健康食品产业的伟大理想,宣传了“质优价优”的特供产品,感染了身在庄严授权现场的诸位领导、专家、老干部和“特供”企业家们,也震撼了中国网民在毒奶粉曝光后极其脆弱和敏感的神经,更吓坏了国务院机关老干部活动中心的某负责人及其所代表的整个被特供集团。
祝咏兰,您的“真知灼见”给中国的食品行业指明了“安全”、“营养”和“功效”的康庄大道,您的“亲身实践”更是证明了只要遵循定点生产、定向供应、定牌认证、定性评价、定头监管和定期抽查等一系列措施,中国人一样可以生产出“返朴归真”、“优质放心”的健康食品。这也是包括本人在内的众多小百姓们强烈推荐您出任国家质检总局局长的“根本原因”。
祝咏兰女士,您现在在哪里?该是您显身的时候了吧?您不会让全国人民失望吧?
Tuesday, September 23, 2008
Ups in Google Chrome
Google Chrome has released for three weeks, and I have been using it irregularly in the meantime. I like the ideas and concepts behind this Google product. In this post, I would like to talk about some pretty cool features I found in Chrome.
I don’t hereby mention the stuff that other browsers have done or I ever expected. I only list the cool features that I didn’t see before but just loved in my first ride. Please be aware that so far I haven’t read any help of Google Chrome or any instruction document about it. I just operate it as naturally what I thought it should be.
What I like:
I don’t hereby mention the stuff that other browsers have done or I ever expected. I only list the cool features that I didn’t see before but just loved in my first ride. Please be aware that so far I haven’t read any help of Google Chrome or any instruction document about it. I just operate it as naturally what I thought it should be.
What I like:
- Newly designed user interface: simple, neat, and convenient
- Drag-and-drop tab allows the user to easily organise existing web pages. An existing tab even can be converted into a new or existing window, which is very handy for comparing something on a wide screen, or re-organise relevant tabs into an individual window.
- The traditional File/Edit/View… menus have been completely gone, replaced by a one-click drop-list just next to the Go button, and a simple right-click for the most relevant operations.
- The New Tab button is always next to the last tab, at where the mouse pointer staying in most situations after the user just opened a new tab.
- A new tab is, instead of the old-fashion empty page, a very informative starting dashboard for any new surfing task, which includes most visited pages with logo and thumbnail preview, full browsing history for review or search, and recent/other bookmarks.
- Downloading status, as well as the Downloads link, appears nicely just as you need. All downloading status prompts you in a very proper way (using a lovely animated icon and without interrupting your current operation). The Downloads link directs you to a page to view and even search what you have downloaded.
- Find in Page feature, a common functionality which every browser does, has been upgraded a little: it now shows total number of matches and location number of the currently highlighted one. It even has a preview on the vertical scroll area, so you always know where to see your keywords in the page. Just simply move the scroll bar to the colour marks at the scroll area, that's it. A simple but very useful feature, why didn’t others ever implement that?
- Chrome keeps using most well-known hot-keys defined in Firefox and IE, such as Ctrl+H for History, Ctrl+J for Downloads, and Ctrl+T for New Tab. It is quite handy, and actually necessary as Chrome’s simple interface has no place to put individual buttons for these functions.
- Intelligent search assistant: interactive, fast, and efficient
- Chrome’s URL auto-completion works pretty well by presenting the most closed search items as you type, according to not only the keywords you ever used in your previous searches, but also the literally related items from instant queries to Google Suggest.
- Chrome can even predict the URLs based on where you are. This looks trivial but practically benefits every user. So far, this kind of implementation hasn’t been done on other competitors such as Firefox 3 and Internet Explorer 8 (Beta).
- Chrome also supports Quick Find search, an awesome feature introduced by Opera then Firefox, but in a more convenient way. A right-click on the address bar allows you to edit the search engines directly, without dealing with bookmarks as other browsers do. Moreover, by replacing the Quick Find prefix with the search engine’s name, Chrome shows the keywords plainly; it also lists the options using the prefix word as one of the keywords, just in case.
- Built-in toolkit for IT professionals: amazing, powerful, and decent
- Task Manager, hence its name, is intended to manage the whole Chrome world on your computer (OS). Like Windows Task Manager, Chrome Task Manager shows the information of dynamic memory, CPU, and network activity in a window. All threads belonging to the same process are associated, grouped by lines, and shown in the same colour when selected. As Chrome is based on multiprocessing architecture, Task Manager is an essential tool for the user to monitor Chrome’s activity. Every time you hit Shift-Esc in any Chrome window, the Task Manager will pop up at once.
- Additionally, an option in the Task Manager window called Stats for Nerds may give you more technical information about memory by measuring memory usage in a multi-process browser, including all Chrome processes and the associated threads. Every time you browse "about:memory" link, you get the same page. The page may also tell you how other browsers use system memory.
- Element Inspector is another powerful tool which can’t be overlooked. The tool can visually display all elements of a web page in a well-organised nested structure with coloured tags and the associated style information of CSS. All object properties of a page can be explored hierarchically, if you just want. Object metrics can be even visually illustrated, including margin, border, and padding. It’s almost as much as comprehensive as Web Developer, the well-recognised professional add-on for Firefox. This tool is a must for web developers, as well as those security nerds who are always curious about everything behind a web page. It is recommended to use a large screen when doing this kind of inspection in turn to view both the web page and the inspection results at the same time, as the web page or the inspector window interacts with each other by updating the HTML code, styles, and properties etc in inspector window, or highlighting the corresponding element in the web page.
Subscribe to:
Posts (Atom)