Jason Powell - Church IT and Other Musings

I've messed around in the past with trying to enable only certain websites to be allowed on our checkin PC's.  I dorked around in Internet Options and got it to kinda work though not hardened like I wanted.

I have an after-hours client that needs to move their catalog system off CD's and onto the web, but they don't want workers wasting time on the internet (currently their PC's don't have any web access via putting in a bogus proxy).  So back to the drawing board I went tonight to figure out how to really lock down what sites are allowed in IE.

Somehow I missed this Microsoft article last time 'round ... but it goes through the simple steps and one file creation needed to ensure only specific sites are allowed in IE.  I'd used the Content Advisor before, but missed the fact you need to create a new .rat file to really lock it down.

The default Content Advisor in IE is pretty good.  (Control Panel>Internet Settings>Content>Enable Content Advisor)  Once enabled it will scan every website you visit for RSACi ratings on language, nudity, sex, and violence ... the default levels are kid safe.  And if a website doesn't have a rating it's blocked from view.

Just by enabling the Content Advisor you'll immediately block most websites out there because most don't include any rating category ... and thus are blocked.  There is an option under the General Tab where you can create a "supervisor" password that will override blocks as needed on a one time only use or "always allow".  Of course several time robbing websites will get through with the default settings ... aol.com, msn.com to name a few.

So now you move to the "Approved Sites" tab where you can enter specific sites to always "approve" or "disapprove".  This works, but you'll need to do a bunch of testing to block all potential sites you don't want people visiting...that's not likely to happen.  Using wildcards helps some, but still will not block everything...or at least I couldn't get it to.

Surely there's a way to just block everything by default ... and there is.

You have to create a small ratings file in place it in your Windows>System32 folder ... this is the key.  The Microsoft article gives you the code to paste into notepad and save as a .rat file.  Once this file is in place the Content Advisor blocks everything that is not specifically allowed in the Approved Sites list...sweet!

Now you just need to go to the websites you want to allow and try to find places that maybe have different URL's ... and be sure to test both http://site. and http://www.site. and any https:// iterations.  Often you'll only be adding a specific site or two so finding any blocked areas should not take long.

So I'll be adding this to our Checkin PC's shortly... they only need to access GCCwired.com, WiredChurches.com and FellowshipOne.com.  I'll also give Andy the supervisor password so he can override/add anything needed or I've missed.  Oh and you have to have that password to disable/edit any of the Content Advisor settings...as one would assume.

I'm also doing this on my kids laptop ... not the .rat file, just the default Content Advisor settings will be plenty for them and then add in their game sites.  So if you need to lock down what sites people can browse on a PC ... this is a simple, easy solution.

I'm doing a presentation for the Michiana IT Professionals Users Group (MITPUG) Weds evening along with our uber volunteer Dustin.

Dustin will be presenting general VMware and Microsoft Virtual Server comparisons and I'm presenting on the free VMware Server beta.  If you're within driving distance you should come check it out.  I'm covering details on how were using the free version, how it's benefited us, things to avoid, etc ... including nifty graphs of our server utilization and some demo-ing virtual servers live right off my laptop.

This will also give me a chance to create a real powerpoint using the new Powerpoint2007 beta2.  I've not really used the new version yet ... great excuse to kick the tires.

Ed's on vacation this week so he'll miss all the fun ... and free giveaways at the meeting.

When:  Weds July 12 at 5:30pm
Where:  Signal Learning
What:  Learn about VMware ESX and free VMware Server ... maybe walk away with a free copy of some expensive software ;-)

If the Powerpoint turns out good enough for posting I'll dump it here for your perusing.

UPDATE:  Location has changed...

Where: Crowe Chizek, 320 E. Jefferson Blvd, South Bend, IN 46601

When: July 12, 2006

Time:
5:30 PM to 6:00 - Meet and Greet 'n eat pizza
6:00 to 8:00 - Presentation
Speaker(s): Dustin Hannifin and Jason Powell

Topic: Virtualization – Review of VMWare and MS Virtual Server

I posted last August about the Brando USB to IDE cable ... we got to for our bench and they have been extremely useful.  The only problem was what to do if you had SATA drives.

Well, Brando followed up with the USB to SATA/IDE cable ... I bought 3 of 'em in March and like the prior USB to IDE cable, it's a breeze to use (plug-n-play) and now you can hook up both an IDE and SATA drive simultaneously through USB ... brilliant!

I carry one of these cables and a laptop hard drive around with me on side jobs ... never know when you'll need to move a bunch of files around.

This is one of those "must have" tools for every IT geek and it's cheap so there is no excuse to not have one (or more) around :-)

Check out the review on Gadgeteer.

Josh G. suggested I start submitting some of my posts to Digg.com ... a social content website ... so perhaps other church IT folks would find and benefit from this blog.  So I spent a little time today figuring out how to add a Digg link to my blog site and RSS feed.  So far it seems to be working with the feedburner feed but not directly on my blog.

At any rate, if you see any of my posts that you feel would be helpful to a wider audience or are just really kewl ... please click the 'Digg this' link to start a Digg of my post or if it's already been 'Digged' click on the '# diggs' link to add your vote that this particular post is a sweet one.

What the heck is Digg you ask?

Digg is a user driven social content website. Ok, so what the heck does that mean? Well, everything on digg is submitted by the digg user community (that would be you). After you submit content, other digg users read your submission and digg what they like best. If your story rocks and receives enough diggs, it is promoted to the front page for the millions of digg visitors to see.

So for instance, I just submitted my Increase IE's number of downloads post to Digg ... and within 10 minutes 5 people gave it a Digg (vote) ... if you like it as well give it a Digg too :-)

I also added a few other new items to my feed...
- Email this ... one step click and email to a friend function
- Add to del.icio.us ... add a bookmark to your del.icio.us site
You should now see something like this at the bottom of each post in your RSS reader...

So share the love and give a pal some Diggs :-)

Every once in a while I run into IE's limitation on only allowing 2 simultaneous downloads ... when it happens it's very annoying, but I've never spent the time to go hunting for the work around.

Today I stumbled on the solution quite by accident when I discovered the Small Business Computing blog ... which BTW has lots of good info.  Here's the blog post off their site on how to increase your number of simultaneous downloads from 2 to 10 ... or I've snipped just the essential how-to info below.

1. Click on the Start button and select Run.
2. On the Run line type Regedt32.exe and hit Enter. This will launch the Registry Editor
3. Locate the following key in the registry:

   HKEY_CURRENT_USER>Software>Microsoft>Windows>
   CurrentVersion>Internet Settings.

4. Click on the Internet Settings Key. Now go to the Edit menu, point to NEW click DWORD Value
5. Type MaxConnectionsPer1_0Server for the name of this DWORD Value.
6. Double-click on the MaxConnectionsPer1_0Server key you just created and enter the following information:
   • Value data: 10.
   • Base: Decimal.
7. When finished press OK.
8. Repeat steps 4 and 5. This time name the key MaxConnectionsPerServer and assign it the same values as indicated in Steps 6.
9. Close the Registry Editor.

That's all there is to it! If you modified your registry settings correctly, you should now have the capability to download up to 10 files simultaneously.

So I followed the steps ... found a Linux distro site and started downloading 6 huge iso files at the same time ... nice! 

I think we'll push this reg hack out to all our client machines at work ... I'm sure others are occasionally frustrated by this default limitation as well.

Happy downloading! :-)

(PS...don't tell me to use FireFox or some other browser...thanks)

Saw this on TechCrunch ...

Ilija Studen, a developer from Serbia, has released a free clone of the popular project management service Basecamp. Studen’s product is called ActiveCollab and has been down since blowing up on Digg. Though the site is available only intermittently now, that’s not of a lot of consequence because of its service model. ActiveCollab is a PHP/MySQL tool that users download and then install on their own web servers. The end result is a free, open source and web based application.

And from the activeCollab website:

activeCollab is an easy to use, web based, open source collaboration and project management tool. Set up an environment where you, your team and your clients can collaborate on active projects using a set of simple, functional tools. 100% free!

A clone of the ever popular Basecamp that many of us are using?? ... and you host it on your own server???  Hmm, if it lives up to it's claim it's worth checking out as a potential intranet tool.

Anyone tried installing/using activeCollab yet? 

Our friendly UPS man delivered 3 boxes to us today...an EqualLogic PS100E and 2 Cisco 2960G switches.

Tonight at 8:30pm Ed, I and a couple volunteers will hook this bad mamma jamma up ...

I've been buying a bunch of stuff (lots of hard drives) from zipzoomfly.com over the past year.  Typically they have the lowest prices, great selections to choose from, free shipping ... 2 thumbs way up!

Next time you need to purchase some computer gear check them out.  Even big bad CDW often can't match their pricing.