[AzTechNotes] Web Hosting FTP virus warning - GUMBLAR

Attn: Aztech Hosting Clients and AztechNotes Subscribers,
Firstly, apologies if you receive this email twice because you are on both lists but I thought it worth making sure everyone receives this virus warning.
It has been quite some time since we have seen a security alert that is worth passing on, however there is a growing concern in the security fields regarding a virus commonly known as "Gumblar".  The virus is named after the original Chinese domain name (gumblar .cn) that hosted the malicous code, but this site has since been closed and an alternative domain has been established.

How to Reset Watchguard Firebox Edge to Factory Default

If you cannot correct a configuration problem and must “start over,” you can restore the factory default settings. For example, if you do not know the administrator account passphrase or a power interruption causes damage to the Firebox X Edge appliance software, you can restore the Edge to the factory default settings and build your configuration again.

To set the Firebox X Edge e-Series to the factory default settings:

Watchguard Firebox Edge Factory Default Configuration

 The term factory default settings refers to the configuration on the Firebox X Edge when you first receive it before you make any changes. The default network and configuration properties for the Edge are:

Trusted network

The default IP address for the trusted network is The subnet mask for the trusted network is

The Firebox X Edge is configured to give IP addresses to computers on the trusted network through DHCP. By default, the IP addresses given can be from to

External network

The Firebox is configured to get an IP address with DHCP.

Optional network

The optional network is disabled.

Firewall settings

All incoming policies are denied. The outgoing policy allows all outgoing traffic. Ping requests received on the external network are denied.

Cisco Router Password Recovery Procedure


This document describes how to recover the enable password and the enable secret passwords. These passwords protect access to privileged EXEC and configuration modes. The enable password password can be recovered, but the enable secret password is encrypted and must be replaced with a new password. Use the procedure described in this document in order to replace the enable secret password.


There are no specific requirements for this document.

Components Used

The information in this document is based on these hardware versions:

  • Cisco 2600 Series Router

  • Cisco 2800 Series Router

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

McAfee Groupshield 7.0.1 Anti-Spam Rules Updater service not updating

If you notice your Anti-SPAM rules in McAfee Groupshield 7.0.1 for Exchange are not updating and probably reflecting a date in November 2008, then the McAfee knowledgebase article below may resolve your issue and restarting the streaming updater service.

After the completion of the steps below, your Anti-SPAM rules should be updated to the current date / time to reflect the correct operation.


Seagate Disk Wizard for Hard Disc Migration and Backup

If you have a Seagate hard disk, you are eligible to use Seagate's free DiskWizard which is an excellent tool. It can be found here:

If you haveyour new disc and want to make it a copy of your old one, then you have a few options:

1. Connect the new HDD as well as the old one to your computer. Then do a direct disk to disk clone. This method is simple and more reliable, especially if you have access to the Seagate tool above.

2. Save a compressed image file onto another HDD or DVDs. Then restore from that image onto the new HDD. This is more complicated and there is more to go wrong.  But may be your only option if you can't get both drives connected at the same time.

You can do a direct disk to disk clone with many non-Microsoft programs.

How to publish a Windows Application as a service

In order to publish a Windows Application as a service, Microsoft has provided two utilities as part of the Windows Resoruce Kit.

  • Instrsrv.exe - installs and removes system services from Windows NT
  • Srvany.exe - allows any Windows NT application to run as a service.

To create a Windows NT user-defined service, perform the following steps:

1. At a MS-DOS command prompt(running CMD.EXE), type the following command:

Windows Terminal Services changes in Vista SP1, XP SP3 and Windows 2008

In Vista SP1, Windows XP SP3 and Windows Server 2008, you can no longer connect to the console terminal services session using the /console switch or the "Remote Desktops" tool which is part for the Admin Tools.

To connect to the console session you will need to use the /admin switch as below:

mstsc.exe /admin

According to Microsoft Blog, the switch is "no longer required" so has been deprecated. Unfortunately, there is no warning that you have NOT connected to the console session in the new RDP 6.1 version so you won't be even aware that you are on a non-console session.  This obviously is a concern as something may still be happening on the console that you are un-aware of.

Lesson learned is always check before you do something dangerous to the servers.....


MS Blog Article:

SMF to Drupal Conversion

In order to migrate an existing SMF Forum to Drupal you need to first migrate to phpBB as there is no direct migrate tool at present.

To migrate see this support forum entry:


Here are the direct links to each tool required to make the migration:

1. converting your SMF forum to PHPBB ( )