Cloud - Azure Exam 70-533 and 30 days trial link

Considering that companies are moving slightly to hybrid cloud I would like to mention this Microsoft that permit to gain following certification:

https://www.microsoft.com/en-us/learning/exam-70-533.aspx

At precedent link several resources link and exam information are available.

About precedent exam it would be useful evaluate Azure 30 Days trial period account creation.

https://azure.microsoft.com/en-us/offers/ms-azr-0044p/

We offer eligible customers $200 in Azure credits (“Credits”) to be used within the first 30 days of sign-up and 12 months of select free services (services subject to change)

Here they are some old blog articles related to cloud:

Microsoft - Azure and Veeam Connect

HyperV 2012 - Free Download Ebook

Video Audio - Online free converter

I would like to mention this website that permit online convertion about these Audiovideo formats:

https://www.apowersoft.it/convertitore-video-gratuito

MP4, MOV, AVI, WMV, MKV, SWF, ASF, FLV, VOB, RM, 3GP, WEBM, MPG, DV, M4A, M4R, MP3, WAV, FLAC, WMA, AC3, AAC, OGG e RA

4K, 3D, HD, AVCHD, HEVC


Program - Brute Force Wordpress Plugin

About Wordpress I would like to mention this Wordpress plugin that work with .htaccess file.

Brute Force Login Protection  can be found/downloaded here:

https://wordpress.org/plugins/brute-force-login-protection/

Here they are major features:


  1. Limit the number of allowed login attempts using normal login form/Auth Cookies
  2. Manually block/unblock/(whitelist trusted)  IP addresses
  3. Delay execution after a failed login attempt (to slow down brute force attack)
  4. Option to inform user about remaining attempts on login page
  5. Option to email administrator when an IP has been blocked
  6. Custom message to show to blocked users

about plugin installation it is decisevely straight:


1. Install the plugin either via the WordPress.org plugin directory, or by uploading the files to your wp-content/plugin directory.
2. Activate the plugin through the WordPress admin panel.
3. Customize the settings on the settings page.

Hacker - WPA2 password crack

We are all aware about security weakness that Wi-Fi it has, that does not dipend from protocol used.

Infact Wifi it has allways some risks that could never become equal to 0.

Vulnerability found it is related to Wi-fi Protected Access 2 (WPA2). It does not permit to acquire WPA2 password but man in the middle


The idea it is that each person that is near to Wi-Fi could implement  Key Reinstallation AttaCK (KRACK) and read trassferred data between PCs and router/access point (man in the middle attack with password, email, sensitive date reading...).

this kind of attack is really efficace against Android/Linux that use wpa_supplican during wi-fi connection process  (but it could be applied to all O.S./devices as well)

You can take a look to this article that better explain an example on how to get this result.


These results could be reached using these tools:

Kali Linux, la suite per gli attacchi WiFi Aircrack-ng, il software per eliminare la protezione HTTPS denominato SSLstrip e WireShark.

Summarizing attack procedure steps:

  1. Using vulnerability it create a Wifi fake with same SSID but on different channel.
  2. It switch remote device to connect to new fake Wifi and decript all traffick that became in clear mode.
To solve issue you should:

1. Upgrade Router/access point firmware 
2. pcs/mobile devices o.s. (more urgently)

It is available this Python Script to understand if your devices is vulnerable:

Hacker/Security - Kali Linux Penetration test Tool

Today I would like to mention this old blog article that describe Kali Linux thaat is a specific Linux distribution used for penetration tests:

http://www.alessandromazzanti.com/2014/05/kali-linux-penetration-test-e-forensic.html

Kali 2017.3 Release

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.


Kali Linux includes security tools, such as:[13]

More details could be find here:


Finally I would mention that Mr Ghaznavi-Zadeh published a chapter from his book "Kali Linux – A guide to Ethical hacking" and it is available for free here:


Finally here it is Kali Linux video website presentation:

Cloud - Multicloud collector

I adding this applicative mention:

https://www.multcloud.com/

I did not find time to test it but it seems useful.

It is Web based app that allows multiple cloud users to access all their online files from a single interface. Organizing, transferring, synchronizing or even manage sharing files between cloud storage services like Dropbox, Google Drive, Copy, OneDrive, FTP, WebDav, MEGA and other cloud supported vendors.

It is a free application.

There is a premium plan too:

https://www.multcloud.com/price

About security concerns consider that:

  1.  Website connect and data transfer using 256-bit AES encryption for SSL.
  2.  Does not save or cache your data and files on our servers.
  3.  Access cloud drives with OAuth authorization and does not save your password.


Vackup - Veeam Alternative Vembu BDR Suite

Today I would like to mention this Veeam Backup Alternative.

https://www.vembu.com/

I did not have time to try it yet but here some charactheristic that make it interesting:


  1. Backups could be saved on-site, off-site and on cloud.
  2. Item Level Backup for Exchange, Sharepoint, SQL, My SQL, Office 365 available.
  3. Two licensing types:
    1. Unlimited functionalities only for 3 VMs.
    2. Unlimited VMs but functionalities limited.
  4. 30 days trial full feature download possible.
  5. If you are interested to view full compare between license type you could review this .pdf:
    https://www.vembu.com/pdf/datasheet/vembu-bdr-suite-free-vs-paid-edition.pdf
  6. HyperV (2008 R2 up to 2016),  Vmware (4.x up to 6.x) , workstation and physical server are supported.
  7. Full and granular restore supported.
  8. CRC, encryption (backup) and compression are supported.
  9. No agent software is installed on VMs.
  10. Storage pools aggregations are supported like on Veeam.
  11. Direct SAN feature permits backup tool to communicate directly to SAN (exposing with iScsi) without necessity to pass through to Vmware/HyperV hypervisors.
  12. Cross Platform Migration tool support (v2v) between different hyper-visor.
  13. VSS - Application-aware image backup compatibility.
  14. Log Truncation.
  15. Backup data could be downloaded from user in different file formats (vmdk, vhdx, image ....)
  16. Backup encryption (AES 256 bit)
  17. About exchange (2003, 2007, 2010, 2013 and 2016) Vembu Explorer for Microsoft Exchange Instantly restores Exchange user mailboxes, emails, contacts and etc., from backed up VMware VMs without restoring entire Exchange server.
  18. Vembu Explorer for Microsoft Active Directory: Instantly restores Active Directory objects and GPOs and etc., without restoring entire MS Active Directory VM.Supports Active Directory Server 2008 R2 STD, 2012 DC, 2012 R2 DC.
  19. Vembu Explorer for Microsoft SQL Server: Instantly restores SQL database and tables without restoring entire SQL VM. Supports MS SQL Server 2005, 2008, 2008 R2, 2012, 2014, 2016.
  20. Vembu Explorer for Microsoft Sharepoint: Instantly restores SharePoint site collections, documents and etc. without restoring entire SharePoint VM. Supports Microsoft SharePoint Portal Server 2003,2007,2010,2013.
  21. Bare-metal Recorery it is supported restoring to same hardware or new RAW hardware using Vembu Recovery CD.
    Supported O.S.: 
    (2016, 2012 R2, 2012, 2008 R2, 2008,2003 R2 SP2, 2003 SP2, Windows 10 , Windows 8, Windows 7,Windows Vista,  Windows XP SP2)
Here they are useful documentation to aim to view all features/capabilities:




Indeed about Veeam Backup tool you could review this link with all related blog articles:

http://www.alessandromazzanti.com/search/label/Veeam


Tips - First WWW web page 1990, 20th December

I would like to indicate here the first web page that was published in WWW.

It is a curiosity useful to remember that the www beginning only 27 years far, in temporal sense, from today.

It was infact 1990, 20th of December

The first drop of water of our IT "sea"

http://info.cern.ch/hypertext/WWW/TheProject.html

Server - How to Execute RSAT snapins with different users without server/client logon necessity

If you need to launch some mmc snapins with different AD account (without logging on server/pc with that credentials) you could follow these steps:


  1. Execute command prompt start --> cmd.exe
  2. Copy and paste this command text:
    C:\Windows\System32\runas.exe /netonly /user:aduser@domain.suffix "mmc %SystemRoot%\system32\xxxx_command.msc
  3. where command.msc is any command with .msc.
    Usually any .msc command that is included in your RSAT tool (win 7, Win 10)  installed on your pc 

You can review these blog articles too:


Scripting - Tutti i comandi .cpl, .msc ed altri dal menu start --> Esegui


2012 Server – RSAT anche in 2008 R2 SP1 e 2008 SP2


Scripting - Lista di comandi di start --> Esegui di Microsoft Windows

Scripting - Silent install SQL Studio Management Console Studio 17.2

If you need to silent install SQL Studio Management Console Studio 17.2 you can do that through command line and using properly command switches.

I took note on this quickly post about this settings for future purposes.


Install Program – “SSMS-Setup-ENU.exe” /install /quiet /norestart

Uninstall Program – “%programfiles(x86)%\Microsoft SQL Server\140\tools\binn\managementstudio\ssms.exe” /uninstall /quiet

Download SQL Server Management Studio (SSMS)

https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms

direct Links:

2016 Server - Windows Server 2016 Security Guide free download

Today I would like to share information that Windows Server 2016 Security Guide can be downloaded for Free from Miscrosoft web site:

http://download.microsoft.com/download/6/7/3/673E651E-C5B3-4C93-A69A-94042EB6DE22/Windows_Server_2016_Security_Better_protection_begins_at_the_OS_Whitepaper_EN_US.pdf

Precedent .pdf ncludes general guidance for helping secure servers in your environment and how you can utilize new security features in Windows Server 2016.

About other windows 2016 articles you can review this link:

http://www.alessandromazzanti.com/search/label/Windows%202016%20Server

SCCM - How to disable local Administrator Account

If you need to disable local Administrator account, change/set password or create new local Admin/user you can review previously article about GPO approach.

GPO - How to create local Administrator account using Group policies
http://www.alessandromazzanti.com/2017/04/gpo-how-to-create-local-administrator.html

Otherwise you can do that using SCCM.

Summarizing you would need to create a simple CI checking on specific collection verifyng thereshold relatively devices that have local Administrator account enabled, apply remediation (account disabling) and finally have available reports/alerts.

Here it is more verbosely article:

https://4sysops.com/archives/disable-the-local-administrator-account-with-sccm/

Windows 10 - Pro Workstation announcement about new release

Microsoft is going to release, during next months, following win 10 version:

https://blogs.windows.com/business/2017/08/10/microsoft-announces-windows-10-pro-workstations/

This announcement due to fact actually Windows 10 has this hardware limitation and often for particular activities on Workstation Microsoft server edition are installed as welle: 

  •  2 CPU, 256 cores and up to 2TB. RAM.
Windows 10 pro for Workstation is going to have these features:


  • ReFS (Resilient file system) support. (new Microsoft file system)
    ReFS provides cloud-grade resiliency for data on fault-tolerant storage spaces and manages very large volumes with ease. ReFS is designed to be resilient to data corruption, optimized for handling large data volumes, auto-correcting and more. It protects your data with integrity streams on your mirrored storage spaces. Using its integrity streams, ReFS detects when data becomes corrupt on one of the mirrored drives and uses a healthy copy of your data on the other drive to correct and protect your precious data.
  • Persistent memory support: 
    Windows 10 Pro for Workstations provides the most demanding apps and data with the performance they require with non-volatile memory modules (NVDIMM-N) hardware. NVDIMM-N enables you to read and write your files with the fastest speed possible, the speed of the computer’s main memory. Because NVDIMM-N is non-volatile memory, your files will still be there, even when you switch your workstation off.
  • SMB Direct support and lan card based on Remote Direct Memory Access (RDMA)
  • CPU Intel Xeon and AMD Opteron support till 4 CPU and  6 TB RAM.
Actually Windows 10 versions are going to become 12 (from 10):

  1. Windows 10 Home
  2. Windows 10 Pro
  3. Windows 10 Enterprise
  4. Windows 10 Education
  5. Windows 10 Pro Education
  6. Windows 10 Enterprise LTSB
  7. Windows 10 Mobile Enterprise
  8. Windows 10 Mobile
  9. Windows 10 IoT
  10. Windows 10 S
  11. Windows 10 Team
  12. Windows 10 Pro for Workstations

Here it is relative recap:

GPO - Wifi pcs and policy applying problems

Company laptop that connect to domain via WiFi could not apply correctly policies due to WiFi connection unavailability.

There are two alternatives to solve issue customizing properly GPO:

You can do this with Group Policy, using the Always wait for the network at computer startup and logon policy setting.  

https://technet.microsoft.com/en-us/library/gg486839.aspx

gplogon.jpg

Alternatively adding a delay during policy appling this policy:

Policy Location: Computer Configuration > Policies > Admin Templates > System > Group Policy
Setting Name: Startup policy processing wait time
Registry Key: HKLM\Software\Policies\Microsoft\Windows\System!GpNetworkStartTimeoutPolicyValue

https://support.microsoft.com/it-it/help/2421599/windows-7-clients-intermittently-fail-to-apply-group-policy-at-startup

Tips - Fix network connection issues in Windows 10

Here it is an interesting Microsoft article that well explain several easy workaround useful to reset windows 10 network issues.

you can use this command line syntax executing command prompt with Administrative rights:

ipconfig /flushdns
netsh winsock reset

netsh winsock reset proxy

https://support.microsoft.com/en-us/help/10741/windows-10-fix-network-connection-issues


<------------>
Using network reset should be the last step you try. Consider using it if the steps above don’t help to get you connected.
This can help solve connection problems you might have after upgrading from a previous version of Windows to Windows 10, as well as fix problems where you can connect to the Internet but not to shared network drives. It removes any network adapters you have installed and the settings for them. After your PC restarts, any network adapters are reinstalled, and the settings for them are set to the defaults.
  1. Select the Start  button, then select Settings  > Network & Internet  > Status > Network reset.
  2. On the Network reset screen, select Reset now > Yes to confirm.
    Wait for your PC to restart and see if that fixes the problem.


wnr_2

Freeware - Teracopy and RichCopy two GUI tools for coping files

I would like to highlight two software that should be allways in your IT tool collection.

Here they are characteristic and explanations.

TeraCopy 3.1

It is a compact program designed to copy and move files at the maximum possible speed, providing the user a lot of features:

  • It uses dynamically adjusted buffers to reduce seek times. Asynchronous copy speeds up file transfer between two physical hard drives.
  • Pause and resume file transfers. 
  • Error recovery. In case of copy error, it will try several times and in the worse case just skips the file, not terminating the entire transfer.
  • Interactive file list. It shows failed file transfers and lets you fix the problem and recopy only problem files.
  • Shell integration. TeraCopy can completely replace Explorer copy and move functions, allowing you work with files as usual.
  • Full Unicode support.

Spotlight RichCopy


offers a number of granular controls that allow you to tailor file copying to your needs


Freeware - UninstallView from NirSoft

Today I would like to highlight UninstallView is a new tool for Windows that collects information about all programs installed on your system and displays the details of the installed programs in one table. 
You can use it to get installed programs information for your local system, for remote computer on your network, and for external hard-drive plugged to your computer. It also allows you to easily uninstall a software on your local computer and remote computer (Including quiet uninstall if the installer supports it).

Disaster Recovery - Ex-Admin Deletes All Customer Data and Wipes Servers of Dutch Hosting Provider

Today I would like to mention this incredible history about an ex-Administrator proceeded to delete and wipe all customers servers.

You can review following image that well explain what happened:

Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, suffered a catastrophic outage after a former administrator deleted all customer data and wiped most of the company's servers.



more details can be found here:

https://www.bleepingcomputer.com/news/security/ex-admin-deletes-all-customer-data-and-wipes-servers-of-dutch-hosting-provider/

Windows 10 - How to: Move from BIOS to UEFI with the new Windows 10 Creators Update

Microsoft Mechanics delivers a comprehensive yet concise explanation of how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning.

Windows Program Manager, Desmond Lee, demonstrates the new MBR2GPT disk conversion tool that’s part of Windows 10 Creators Update. 
This is a comprehensive yet concise overview that explains how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning; and how you can automate the conversion as part of your in-place upgrade process from Windows 7 to Windows 10. 

Importantly, unlike wipe and load methods, all of this can be achieved without having to move your data off the disk.
To learn more please also check out: http://aka.ms/mbr2gpt


Scripting - Nslookup and debugging mode

About Nslookup command you can review old blog articles.

Nslookup

I would like to highlight this interesting Microsoft article and debug switch to have more debug capability when nslookup is launched and there are some unknown DNS query problems.

Scripting - Il comando NSLOOKUP parte 2 (piu' DIG)

Scripting - comando nslookup

Server - How to verify that your mail server work properly

<-------->


Nslookup's debug mode is a useful troubleshooting feature; you can set the local computer into this mode by typing set debug , or for even greater detail, set d2 . In debug mode, Nslookup lists the steps being taken to complete its commands, as shown in this example:

C:\>nslookup
(null) testpc1.reskit.com
Address: 172.16.8.190
> set d2
> rain-city
(null) testpc1.reskit.com
Address: 172.16.8.190
------------
SendRequest(), len 49
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
rain-city.reskit.com, type = A, class = IN
------------
------------
Got answer (108 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 0, additional = 0
QUESTIONS:
rain-city.reskit.com, type = A, class = IN
ANSWERS:
-> rain-city.reskit.com
type = CNAME, class = IN, dlen = 31
canonical name = seattle.reskit.com
ttl = 86400 (1 day)
-> seattle.reskit.com
type = A, class = IN, dlen = 4
internet address = 172.16.2.3
ttl = 86400 (1 day)
------------
(null) seattle.reskit.com
Address: 172.16.2.3
Aliases: rain-city.reskit.com

SCOM - Backup - Veeam Management Pack for System Center v8

Today I would like to mention this Veeam Management Pack for System Center v8 that provides complete app-to-metal visibility for both your virtual and physical environments, creating the “big-picture” view of your entire virtualized infrastructure – and all from within the native System Center Management console.
This kind of monitor will include insights into Veeam Backup & Replication services.

https://www.veeam.com/system-center-management-pack-vmware-hyperv.html

What’s New in v8 Product Overview Editions Comparison Microsoft Solution Brief Veeam MP Differentiators




Tips - How to add Developer Tab in Excel 200X/201X

Excel 2007


Office Button --> Excel Option button at the bottom
Excel Option window --> Popular button at the left;
Under Top Option for Working with Excel, check the Show Developer tab in the Ribbon option.


Excel 2010 and 2013 Ribbon

File tab --> Options at the left --> Excel Option window;
Click Customize Ribbon at the left -->  Main Tabs  --> Check the Developer item --> Ok


720check