Post in evidenza

Recovery - Access, Excel, Word, Office and Photo recovery tools and other blog procedures

During these years I had necessity to recover various files (.doc, mdb, .xls, photos...)  I utilized various free tools (here is an exampl...

Tips - Skype verify session on and how to remote logoff

If we utilize same Skype account on different PC/Devices it could happen that someone see you on line but you are not connected.

There are two useful commands that you could utilize to verify on which device you are logged on and to force relative logoff.

New Chat windows:

/showplaces

  {5469ba7e-6ec9-2c18-6277-229fb59de12c} ‘PCFurio' (Linux Skype)
  {83b12da8-f95f-85f6-dcec-46958ba9ca14} 'localhost' (Ipad Skype)

/remotelogout


  {5469ba7e-6ec9-2c18-6277-229fb59de12c} ‘PCFurio' (Linux Skype)

Exchange 2010 - How to count mailbox number and other information

I take note about this command that give immediately result about users number for each Exchange DB:

(get-mailboxdatabase) | foreach-object {write-host $_.name (get-mailbox -database $_.name).count}

Database size and last backup:

(get-mailboxdatabase -status) | foreach-object {write-host $_.lastfullbackup $_.databasesize}

Tips - Error opening Help in Windows-based programs: "Feature not included" or "Help not supported"

If you got this error:

"Error opening Help in Windows-based programs: "Feature not included" or "Help not supported"

It means that:

The Help for this program was created in Windows Help format, which was used in previous versions of Windows and it is not supported in Windows Vista.

The Help for this program was created in Windows Help format, which depends on a feature that isn’t included in this version of Windows. However, you can download a program that will allow you to view Help created in the Windows Help format.

The Help for this program was created in Windows Help format, which depends on a feature that isn't included in this version of Windows. For more information, go to the Microsoft Help and Support website.

So here you can download relative .exe file to automatically fix error:

https://support.microsoft.com/en-us/kb/917607

Tips - High Contrast plugin


Google Chrome, recently became the most used browser in the world, allows you to turn your computer into a night vision thanks to the free plugin: High Contrast.

https://chrome.google.com/webstore/detail/djcfdncoelnlbldjfhinnjlhdjlikmph

This plugin will transform the white pages of your browser grayscale, leaving the images as only part unchanged, so it does not look like the film negatives.

The nice thing is that you can choose which site set for night vision. Just press CTRL + SHIFT + F11 to transform the site you are visiting in black and white.


Google Chrome, diventato da poco il Browser più usato del mondo, permette di trasformare il proprio computer in un visore notturno grazie al plugin gratuito: High Contrast.

https://chrome.google.com/webstore/detail/djcfdncoelnlbldjfhinnjlhdjlikmph

Questo plugin trasformerà le pagine bianche del vostro Browser in scala di grigi, lasciando le immagini come unica parte invariata, in modo che non assomiglino ai negativi delle pellicole.

La cosa bella è che si potrà scegliere quale sito impostare per la visione notturna. Basta premere CTRL + SHIFT + F11 per trasformare il sito che state visitando in bianco e nero.


Hacker - How to view RDP activities done on any Server/client




Remote Desktop Client has excellent functionality to improve performances: when Cache option is enabled program saves on your computer screenshots about your RDP activities. 

The problem is that cache is not automatically deleted at the end of the session.

To view these images you can utilize BMC Viewer.

https://turbolab.it/scarica/9

You can find RDP images on following path:

C:\Users\\AppData\Local\Microsoft\Terminal Server Client\Cache

if images does not see clearly, you have to ensure that the selected value in the drop down menu BPP is equal to the number of colors used originally for the connection. Generally they are 32 but you just do some test (by pressing the Load at every change) to guess the correct one.

These cache files are complete and do not depend on the operating system: consequently, professionals investigation looking for evidences can copy them and analyze  on any computer.

To avoid any privacy problem there are 2 options:
  1. The safest is to disable the persistent bitmap cache before logging in Remote Desktop from a second computer that could then be analyzed. By default is enabled, sigh... :-( 
  2. Delete cache files C:\Users\\AppData\Local\Microsoft\Terminal Server Client\Cache and utilize ccleaner Free space Wipe feature to overwrite free space n times to avoid any recovery. 



Scripting - How send an email through telnet command

With mail servers could happen that you need to send test email with telnet command.


Here are relative sequentially commands.

helo Test
mail from: user1@mail1
rcpt to: user1@mail1

data
Subject:Test email

"End data with ."

.

quit

Outlook 201X - Error adding .pst outlook 2013 0x80070003

During these days I had very strange error adding .pst on outlook 201X 0x80070003

outlook error

Utilizing some Outlook 2010/2013 and trying to add new .PST file I got precedent error:

I tried to reinstall Office without solve.

Searching on Microsoft website I found this article:


 Finally I resolved issue creating a registry setting similar to:

"HKCU\Software\Microsoft\Office\1X.0\Outlook\ForcePSTPath"

forcing PST to be created  in a standard folder (I utilized c:\temp)

and problem disappeared. Great!

ForcePSTPath Registry value

Key: HKEY_CURRENT_USER\Software\Microsoft\Office\\Outlook 
Value name:
 ForcePSTPath 
Value type:
 REG_EXPAND_SZ 
Value:
 path to your storage folder

As the Value you give the path to the folder where you want to keep your pst-files. You do not need to use quotes for this path, even if it contains spaces. 
Example; D:\My Documents\Outlook

Software - Macrium Reflect Free

Macrium Reflect Free has following features (home Edition and Professional edition)

http://www.macrium.com/pages/features.aspx

here they are

Virtual Image Boot
Coming with v6.1 of Macrium Reflect will be the ability to directly convert a Macrium System Image file into a running VM. Provides instant boot of failed systems for business continuity.
Disk imaging
Create images of whole disks or selected partitions allowing you to restore operating systems or data volumes without the need to reinstall.
Reorder & resize partitions
Change the order and size of partitions as they are restored.
AES Encryption
Use industry Advanced Encryption Standard to encrypt backups, choose between 128, 192 and 256 bit strength for increasing levels of encryption.
Direct disk cloning
Directly copy one hard disk to another without creating an image file first. Partitions can be ordered and resized during this process.
Browse backups
Mount images in Windows Explorer so that you browse the contents of the backup as if you were looking at a normal drive in Windows.
ReDeploy
Restore your Windows operating systems to new hardware using ReDeploy which features a clean, simple and intuitive user interface.
Backup destination rotation
Easily rotate backup destinations by specifying a list of alternate backup locations.

you can download Free edition (or home edition if you do not need to utilize it at work)

Download Free Edition



Linux - How To avoid any DoS on SSH listening services

If you have linux server where you published externally SSH port you could get some DoS attack or dictionary based attacks and brute force attacks

In these case you can create e public/private certificate following this old blog article.


In case you do not have relative certificate you would not able to start ssh logging (it is always a good idea disable SSH root login utilizing a different user)

Otherwise you can utilize this took that help you to be aware about dictionary based attacks and brute force attacks.

The main concept is that, this script autocreate an IP blacklist of intruders to block them to continue brute Force attack

Here are more details:


DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
If you've ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc...) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system?

- Parses /var/log/secure to find all login attempts and filters failed and successful attempts.
- Synchronization mode (new in 2.0) allows DenyHosts daemons the ability to share data via a centralized server to proactively thwart attacks.
- Can be run from the command line, cron or as a daemon (new in 0.9)
- Records all failed login attempts for the user and offending host
- For each host that exceeds a threshold count, records the evil host
- Keeps track of each non-existent user (eg. sdadasd) when a login attempt failed.
- Keeps track of each existing user (eg. root) when a login attempt failed.
- Keeps track of each offending host (with 0.8+ these hosts can be purged if the associated entry in /etc/hosts.deny is expired)
- Keeps track of suspicious logins (that is, logins that were successful for a host that had many login failures)
- Keeps track of the file offset, so that you can reparse the same file (/var/log/secure) continuously (until it is rotated).
- When the log file is rotated, the script will detect it and parse from the beginning.
- Appends /etc/hosts.deny and adds the newly banned hosts
- Optionally sends an email of newly banned hosts and suspicious logins.
- Keeps a history of all user, host, user/host combo and suspicious logins encountered which includes the data and number of corresponding failed login attempts.
- Maintains failed valid and invalid user login attempts in separate files, such that it is easy to see which valid user is under attack (which would give you the opportunity to remove the account, change the password or change it's default shell to something like /sbin/nologin
- Upon each run, the script will load the previously saved data and re-use it to append new failures.
- Resolves IP addresses to hostnames, if available (new in v0.6.0).
- /etc/hosts.deny entries can be expired (purge) at a user specified time (new in 0.8)


Hacker - How you can crypt data before to store them in the cloud


Home
When you utilize any Cloud storage any data that you will have remotely would not be encrypted.
So, to avoid any privacy problem, I suggest to utilize BoxCryptor that locally crypt data before to send them to any storage cloud purchased.

https://www.boxcryptor.com/en/overview
Here are some features:

  • Master Key:  If enabled, the Master Key gives you the power to decrypt every file which is accessible by users of your company or organization - without having to know your users passwords. With this Master Key, you are protected against the loss of access to you property (your files) even in complicated situations (e.g. when a user forgets his password or leaves the company). Learn more
  • Password Reset: Due to Boxcryptor's zero-knowledge nature, a user loses access to his files if the password is lost or forgotten. Without the password, it is not possible to decrypt the user's private key and thus it's not possible to decrypt the files. However, if a company has enabled the Master Key feature, the company can also use the password reset feature. The Master Key gives the administrator of the company the power to decrypt the private keys of all the users that belong to the company. Read more
  • Active Directory Support: Sync your Boxcryptor users with the users in your directory and reduce management overhead.
  • Policies: With this feature a company has the possibility to define its policies and comply with its security guidelines. These policies include the option to define a minimum password length, IP login restrictions, enforcing filename encryption, and more.
  • Reduce HIPAA Liability: Boxcryptor allows you to track your users activities, increase your data security and therefore helps you to be HIPAA compliant.
  • Centralized Management and Invoicing: All the users and the settings defined by the company can be managed by your company's administrator in a centralized manner.

720check