Cisco - How to backup Cisco switches using TFTP

There are several ways on how backup Cisco switches (or other vendors name) can be done.

One of them is downloading TFTP client server

https://tftp.en.uptodown.com/windows

Launching it and deciding where saving configuration files.

Be aware taking note about client IP.

Later you need to connect to switches using any SSH clients (I warmly suggest using these clients:

1. Solar-PuTTY Connect to any server or device in your network with Solar-PuTTY for Windows. This is an interesting Putty or PuttyCM alternative.

https://www.alessandromazzanti.com/2018/11/freeware-solarwinds-software-free-tools.html

and execute below commands on switches:

Router#copy tftp: running-config

Address or name of remote host []? 64.104.207.171

Source filename []? backup_cfg_for_my_router

Destination filename [running-config]?

Accessing tftp://10.66.64.10/backup_cfg_for_my_router...

Loading backup_cfg_for_router from 64.104.207.171 (via FastEthernet0/0): !

[OK - 1030 bytes]

1030 bytes copied in 9.612 secs (107 bytes/sec)

CE_2#

Where:

• 64.104.207.171 must be substituted by your client ip address where tftp is under execution.
  
  
• backup_cfg_for_my_router is backup file name that will be created on client where tftp is under execution.

You can configure automatic backups, you simple need to read all article below indicated.

[original article]

https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-122-mainline/46741-backup-config.html 

 

Tips - English video and audios subtitles (on Chrome)

There is a new native chrome option that permit to view videos or audios adding, in real time, subtitles (that are quite precise).

Here it is procedure to enable this option on chrome italian version.

Settings --> click advanced --> accessibility --> Real time subtitles 

[Original article]

https://www.hwupgrade.it/news/web/chrome-arrivano-i-sottotitoli-in-tempo-reale-per-qualsiasi-contenuto-sul-web_96356.html

Tips - How to run application with Administrative rights

If you need to execute single application with administrative rights (without giving Administrative end users permissions) you can proceed in this way:

C:\Windows\System32\runas.exe /user:computername\Administrator /savecred "X:\path\filename.exe" 

Be aware that changing previously syntax, with other executable program file, you will be able to execute it with administrative rights (creating a small security hole)

Windows 10 - Macro - "Robotic Process Automation" (RPA)

There is an interesting Microsoft tool that permits, on Windows 10, having Macros applied to O.S. Windows 10 ("Robotic process automation" (RPA) )

https://flow.microsoft.com/en-us/desktop/?cdn=disable

www.microsoft.com/rpa

Introduction Microsoft article:

https://www.microsoft.com/en-us/videoplayer/embed/RE4I00v?masklevel=0

[Original Article]

https://www.hwupgrade.it/news/software-business/power-automate-desktop-gratis-su-windows-10-basta-perdite-di-tempo_96032.html

Windows 10 - HyperV installation for free

There is an interesting feature available on Windows 10.

HyperV capability permit you to easily create VM on your Windows 10 Laptop/PC/Workstation. Obviously same feature is available on Microsoft Windows server editions.

On Windows Server and Windows 10 your hardware must support virtualization.

You should decide if start using VM generation 1 or 2:

https://docs.microsoft.com/it-it/windows-server/virtualization/hyper-v/plan/should-i-create-a-generation-1-or-2-virtual-machine-in-hyper-v

https://www.windowserver.it/2014/03/hyper-v-vm-generation-2-deep-dive/

About ram there is dynamic memory feature.

Veeam 11 - CDP (RPO= 0) and immutable storage backup against ransomware

 Veeam 11 released new features, here they are two that, imo, are very interesting:

1. Continuous Data Protection (CDP) with RPO equal to zero:
   
   https://community.veeam.com/blogs-and-podcasts-57/veeam-v11-continuous-data-protection-cdp-configuration-265
   
   Using vSphere APIs for IO Filtering (VAIO)
   
   
2. Immutable primary backup storage with a hardware-agnostic touch: enables you to store your short-term retention backups locally onsite for fast recovery with the protection of immutability. In addition, you can now tier those backups into an immutable object storage offering offsite, giving you additional protection against unforeseen malicious activity or accidental deletion. (protecting you against ransomware and malicious acts)
   
   The new hardened repositories are compliant with the SEC 17a-4(f), FINRA 4511(c), and CFTC 1.31(c)-(d) regulations. They can effectively prevent ransomware encryption or accidental/malicious deletions. The great thing about the new feature is it is based on "bring your own" Linux, so there is no vendor hardware lock-in.
   
   The new hardened Linux-based repositories with immutable backups will take ransomware protection to the next level for on-premises backup storage. Businesses can ensure business-critical backups are protected for the time specified for the immutable backup repository.
   
   https://www.veeam.com/blog/v11-immutable-backup-storage.html
   
   https://helpcenter.veeam.com/docs/backup/vsphere/hardened_repository.html?ver=110
   
   
   
   
   

Other articles:

https://nolabnoparty.com/veeam-v11-continuous-data-protection-cdp/

https://4sysops.com/archives/veeam-backup-replication-v11-now-includes-continuous-data-protection-and-ransomware-protection/

https://www.veeam.com/blog/v11-stregthen-digital-resilience.htm

Tips - Network Configuration Operators Group

If you have normal user permissions and you need to change network adapters TCP/IP configuration you can do that without having administrative rights. 

Infact you need to simple add your user to below local group

Network Configuration Operators

For your reference: https://technet.microsoft.com/en-us/library/cc754921(v=ws.10).aspx

A Description of the Network Configuration Operators Group:

https://support.microsoft.com/en-us/help/297938/a-description-of-the-network-configuration-operators-group

Description of Group Policy Restricted Groups:

https://support.microsoft.com/en-us/help/279301/description-of-group-policy-restricted-groups

Software - FastStone Capture #Screenshots tool

There is an interesting tool that works fine taking desktop screenshots (a.e. using keyboard combinations)

https://www.faststone.org/FSCaptureDetail.htm

Normally I utilize 5.3 version picking up only .exe file (taken after a software fresh installation).

Furthermore I am coping, previously .exe file, on any other pcs where screenshots are necessary to be taken.

FastStone Capture 5.3

http://www.oldversion.com/windows/faststone-capture-5-3

Here they are older versions links:

http://www.oldversion.com/windows/faststone-capture/

P.S. I knew this tool during my pharmaceutical working experiences and it was a nice discovery, indispensable for GMP Validations and any other importants IT activities

DNS - Security

Some services can also block access to phishing or infected sites, and a few offer content filtering to keep your kids away from the worst of the web.

OpenDNS

https://www.opendns.com/

Primary, secondary DNS servers: 208.67.222.222 and 208.67.220.220

With filtering or pre-configured protection, you can safeguard your family against adult content and more. It’s the easiest way to add parental and content filtering controls to every device in your home.

Cloudflare

https://www.cloudflare.com/plans/

Primary, secondary DNS servers: 1.1.1.1 and 1.0.0.1

Privacy is another major highlight. Cloudflare doesn't just promise that it won't use your browsing data to serve ads; it commits that it will never write the querying IP address (yours) to disk. Any logs that do exist will be deleted within 24 hours. And these claims aren't just reassuring words on a website. Cloudflare has retained KPMG to audit its practices annually and produce a public report to confirm the company is delivering on its promises

Google Public DNS

Primary, secondary DNS servers: 8.8.8.8 and 8.8.4.4

https://developers.google.com/speed/public-dns/

Quad9

https://www.quad9.net/

Publicdns (old Verisign DNS https://www.verisign.com/en_US/security-services/public-dns/index.xhtml)

https://www.publicdns.neustar/

<======================>

DNS Jumper is a portable freeware tool which tests multiple public DNS services to find out which delivers the best performance for you.

The program has a lot of options, but isn't difficult to use. Launch it, click Fastest DNS > Start DNS Test, and within a few seconds you'll be looking at a list of DNS services sorted by speed.

DNSPerf tests multiple DNS services every minute from 200+ locations around the world and makes the results freely available on its own website

[original Article]

https://www.techradar.com/news/best-dns-server 

Windows 10 - Activation overview

Here it is an interesting Microsoft article that give an overview about windows 10 activation approaches.

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-volume-activation-in-the-era-of-working-from-home/ba-p/1954768?ocid=AID3017125&MC=Windows&MC=EntMobile&MC=SecSys&MC=SysMagSof