Post in evidenza

Recovery - Access, Excel, Word, Office and Photo recovery tools and other blog procedures

During these years I had necessity to recover various files (.doc, mdb, .xls, photos...)  I utilized various free tools (here is an exampl...

Powershell - PSScriptAnalyzer Microsoft tool to verify code meets best practises

PSScriptAnalyzer is a PowerShell module created by Microsoft to be used as a litmus test to figure out if PowerShell code meets certain best practices. It contains various rules that have been created by Microsoft and the open source community as an attempt to ensure all code meets a certain defined standard. If you're wondering how "good" your PowerShell code is, PSScriptAnalyzer is a great tool to use.

PSScriptAnalyzer can be downloaded from the PowerShell Gallery by using the Install-Module command


Install-Module -Name PSScriptAnalyzer

It has only two commands:

Get-ScriptAnalyzerRule 
Invoke-ScriptAnalyzer

Invoke-ScriptAnalyzer -Path C:script_name.ps1



If you have more than a single script to test, Invoke-ScriptAnalyzer can also be pointed at entire folders and can recursively check each script inside.

If you want to go deeper on this tool usage you can review this Microsoft article too:

https://blogs.technet.microsoft.com/heyscriptingguy/2017/01/31/psscriptanalyzer-deep-dive-part-1-of-4/

Download:

https://www.powershellgallery.com/packages/PSScriptAnalyzer/1.11.1

Antivirus - WannaCry Free Decriptor tool

If you got your PC infected, your data have been encrypted and PC is not rebooted yet you can use following tool to help you on decript files.

This tool is able to find encrypting key that virus maintained in PC memory.

https://github.com/gentilkiwi/wanakiwi/releases

More details about Wannycry can be found reviewing following article:

http://www.alessandromazzanti.com/2017/05/hacker-emergency-patch-kb4012598.html

Tips - Incompatibility between Windows 8 roaming user profiles and roaming profiles in other versions of Windows

Symptons:

Roaming user profiles on Windows 8-based or Windows Server 2012-based computers are incompatible with roaming user profiles in other versions of Windows. 

Profiles are compatible only between the following client and server operating system pairs: 
  • Windows 8.1 and Windows Server 2012 R2
  • Windows 8 and Windows Server 2012 
  • Windows 7 and Windows Server 2008 R2
  • Windows Vista and Windows Server 2008  
Note In this article, when the client operating system is referenced, the same issue applies to its corollary server operating system. 

For example, if you try to deploy Windows 8 in an environment that uses roaming, mandatory, super-mandatory, or domain default profiles in Windows 7, you experience the following:
  • After you use a user account that has an existing Windows 7 profile to log on to a Windows 8-based computer for the first time, the components from Windows 8 read and modify the profile state.
  • Certain Windows 8.1 features may not work as expected because the expected profile state is not present.
  • When you try to use the same user account to log on to a Windows 7-based computer, the user profile modification that was performed in Windows 8 may not work as expected in Windows 7.
The issues occur because the profile will contain values that are used differently between the versions of Windows. The user profile will be missing default profile configuration information that is expected by the operating system, and could contain unexpected values that are set by a different operating system version. Therefore, the operating system will not behave as expected. Additionally, profile corruption may occur.

Hotfix download:

https://support.microsoft.com/en-us/help/2887239/incompatibility-between-windows-8-roaming-user-profiles-and-roaming-profiles-in-other-versions-of-windows

Monitor - Veeam One free edition 9.5

In blog monitor section you can find several monitor tools/way.

http://www.alessandromazzanti.com/search/label/Monitoring

Other than that today I would like highlight again Veeam One free edition tool (obviously paid version is better but just to start) useful to monitor entirely Vmware/HyperV infrastructure is really a good beginning.

https://www.veeam.com/virtual-server-management-one-free.html

Product Overview Veeam ONE: Free vs Paid What's New in 9.5 (ONE) 
DOWNLOAD FREE
Free forever – unlimited VMs


Following you can review some screen shots, consider that this product has several features, most important and straights are real time dashboard, statistician and report capability (for historian purpose and view top VM/hosts/ram/disk massive usage), real time alerting..
it can monitor Veeam Backup&Replication infrastructure with single backup job monitoring in conjunction with any other related issue.


Gain Your business actual status overview:







Building custom reports

Antivirus - Check files/Website/email in real time on all Antivirus vendors

During these years I often had necessity to check files/emails/Url to understand if they had any sort of infection that was not yet discovered from latter antivirus definitions.

To get this result often I connect through this website that query all major AV versions and relative latter definitions.

Decisively useful.

https://www.virustotal.com/it/

VirusTotal

Backup - Veeam Direct Restore to Microsoft Azure

Here it is interesting Veeam article:

https://www.veeam.com/cloud-direct-restore-azure.html



Direct Restore to Microsoft Azure, included in NEW Veeam Availability Suite 9.5, delivers cloud restore for Veeam backups to Microsoft Azure cloud. Veeam’s Direct Restore to Microsoft Azure enables admins to restore or migrate physical (P2V) or virtual (V2V) workloads to Azure 

The Azure Virtual Machine Agent is installed automatically (on Windows-based VMs only), and sequential, parallel disk and VM-restore options are available.

Now se can easily execute planned workload migrations of VMware and Hyper-V VMs or remaining legacy physical servers to the cloud.

Azure can be very used as a test environment. Since it is created from your backups, it mirrors your production environment, and you can safely test patches and critical updates before rolling them out to production.

REMARK: Veeam recommends installation of a gateway server (optional), running on an Azure VM, for improved performance.

Meanwhile I would like to highlight this Veeam product too:

Veeam FastSCP for Microsoft Azure

Veeam FastSCP™ for Microsoft Azure delivers easy-to-use, reliable and fast file copy for Azure VMs. This free standalone utility provides secure file copy over HTTPS with built-in encryption (no VPN needed), scheduled file copy jobs and a wizard-driven UI to transfer files in just a few clicks — with no scripting knowledge required.

Tools - EventLogChannelsView Nirsoft tool to view all event channels in your pc/server

EventLogChannelsView is a simple tool for Windows 10/8/7/Vista that shows the list of all event log channels on your system, including the channel name, event log filename, enabled/disabled status, current number of events in the channel, and more... 
It also allows you to easily make some actions on multiple channels at once: enable/disable channels, set their maximum file size, and clear all events stored in the channels.

http://www.nirsoft.net/utils/event_log_channels_view.html

Backup - Veeam Backup for free v.2.0 for Client/Laptop

Veeam - 57 restore scenarioVeeam Agent for  Windows easily back up  PC to an external hard drive, NAS (network-attached storage) share or a Veeam Backup & Replicatio repository, here they are more details:

https://www.veeam.com/windows-endpoint-server-backup-free.html

Product Overview Free Product Overview Editions Comparison User Guide Veeam Agent Configurator | FAQ


Download Link

Windows servers and workstations can be saved in this way too:


Major v.2 features:

  • Direct Restore to Microsoft Azure: Restore or migrate on-premises, Windows-based physical server and endpoint backups directly into Microsoft Azure
  • Synthetic full backups: Eliminate the need for periodic full backups by creating forever-incremental backups that save time and storage
  • Windows 10 & Windows 2016 Server full support
  • CryptoLocker protection for USB Storage: Protect USB-based storage targets from potential CryptoLocker threats by automatically ejecting them after a successful job run
  • Recovery options: Bare-metal restore: Restore your entire system to the same or different hardware
  • Volume-level restore: Restore a failed hard drive or corrupted partition.
  • File-level restore: Restore individual files from ANY backup type few minutes.





Bootable recovery media:


  • Reset password: Reset the password for the built-in administrator account.
  • Startup repair: Fix system problems that might prevent Windows from starting (e.g., missing or damaged system files, corrupted boot sector, etc.) Learn more
  • Memory diagnostics: Check the system memory of your computer and detect potential problems after the next system reboot. Learn more
  • Command prompt: Start the Microsoft Windows command prompt (cmd.exe)




Integration with Veeam Backup & Replication

  • If you’re using Veeam Backup & Replication in your VMware vSphere or Microsoft Hyper-V virtual environment, you’ll be able to take full advantage of Veeam backup repositories as target locations for your Veeam Agent for Microsoft Windows jobs.
  • In this way you could get endpoint backups off site to disk, tape or even the cloud with Backup Copy and Backup to Tape jobs




Here they are more Veeam blog articles:

Backup - Veeam free e-book: Conversational Ransomware Defense and Survival

Veeam - Incremental vs. differential methods compare

Veeam Explorer for Active Directory and Group policy Object Restore procedure

Microsoft - Azure and Veeam Connect

Veeam - Backing up Domain Controller: Best practices for AD protection (Part 1,2,3 and 4)

Monitoring - VirtualWin with Autoswitcher plugin

Server - how to expose QNAP iscsi storage to Vmware based system

720check