Scripting - How to copy ACL from one folder to another

You could have necessity to clone ACL that are in place to a single folder to another one.

Here it command syntax that you should use for that:

Get-Acl -Path “Source Path Folder” | Set-Acl -Path “Destination Path Folder”

Windows 10 - Microsoft links about top 10 support solutions and configure tips

I would like to mentions two microsoft links, related to windows 10, that indicates top 10 solutions related to windows 10 (and patch status/list as well) and other configure windows 10 solutions that could be useful for your normal windows 10, here they are:




Have a nice reading.

Tips - Remote connect to PC turned off or with no O.S. using Intel AMT Active Management Technology

Intel AMT (Active Management Technology) is a remote control technology integrated into PC Intel vPro platform hardware based component. 

Most of latest laptops has Intel vPro enabled. 


You could use this technology to give remote support, consider that Intel AMT allows you to control a remote computer that has no OS or even power on if its off.

First step that you should do on your pc/laptop it is to enable AMT.

You could utilize these articles:

  1. Intel 
  2. blog

After that you need to download meshcommander tool  (otr other similar tools) to connect to pcs.


Linux - SQL installation MVA tutorial

As mentioned in earlier blog post SQL could be installed on Linux server as Well.

Microsoft released, last year, SQL binaries for Linux too.

Linux - How to install MS SQL and .NET on several Linux distributions
http://www.alessandromazzanti.com/2017/03/linux-how-to-install-sql-server-on.html

Due to this fact I would like to mention this MVA Microsoft video tutorial that go deeper on this topic:

https://mva.microsoft.com/en-US/training-courses/installing-configuring-and-managing-microsoft-sql-server-on-linux-18305?l=Z4MuSOc2E_2113214697


Windows 10 - Enable diagnostic command prompt with 1703 or later versions

During Windows 10 upgrade process and pressing SHIFT + F10 you  would have possibility to launch and use diagnostic command prompt to verify upgrade status, log viewing and other tasks.

Due to Microsoft security aspect attention this feature was disabled with 1703 version and later.

Using SCCM or this O.S. upgrade process you need to:


  • Add a Set Task Sequence Variable step before the Upgrade Operating system step in the Upgrade Task Sequence, like so.
    Task Sequence Variable: Set OSDSetupAdditionalUpgradeOptions
    Value: /DiagnosticPrompt enable
If you launch from command line Windows 10 O.S. upgrade phases you need to launch setup.exe as below:

/DiagnosticPrompt {enable | disable}Specifies that the Command Prompt is available during Windows Setup.

Enable: The Command Prompt can be accessed by pressing Shift+F10 during Windows setup.

Disable: The Command Prompt is not available during Windows setup. The Command Prompt wil not be available while offline and OOBE phases are running. This is the default setting.
Example:

setup /DiagnosticPrompt enable

This setting is new for Windows 10, Version 1703.





Server - MAP Toolkit 9.8



Today I would like to mention the new MAP Toolkit version 9.8 availability.

This is a tool that helps organization:

  • Assess their environment.
  • To have software reporting status to generate usage report
  • Track usage (O.S. & Sw) and preparing a migration to Windows Azure virtual machines.
  • It helps increase the agility and cost effectiveness of deploying the latest Microsoft technologies
Here they are sw/o.s. that apply it:


  1. Exchange Server 2016.
  2. SharePoint Server 2016. 
  3. Windows 10 and previous versions
  4. Windows Server 2016 and previous versions.
  5. Office 2016, Office 365 and previous versions.
  6. It track usage of Windows Server 2012, SharePoint Server 2013, and Exchange Server 2013, 

Download and more details could be find here.

Here they are some screenshots:


Microsoft - Windows client Lifecycle

Today I would like to mention this Microsoft article that point to Microsoft Clients O.S. Lifecycles:

https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet

Windows 10

Windows 10 version historyDate of availabilityEnd of service 
Windows 10, version 1709October 17, 2017April 9, 2019** 
Windows 10, version 1703April 5, 2017October 9, 2018**  
Windows 10, version 1607August 2, 2016April 10, 2018** 
Windows 10, version 1511November 10, 2015October 10, 2017** 
Windows 10, released July 2015 (version 1507)July 29, 2015May 9, 2017 
* Home edition does not support the deferral of feature updates and will therefore typically receive a new version of Windows 10 prior to the end-of-service date shown.
** Enterprise and Education editions for versions 1511, 1607, 1703 and 1709 will receive an additional 6 months of servicing after the end of service date.
Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. 
Enterprise LTSB editions 

Windows 10 version historyDate of availabilityMainstream support end dateExtended support end date
Windows 10 Enterprise 2016 LTSB
Windows 10 IoT Enterprise 2016 LTSB
August 2, 2016October 12, 2021October 13, 2026
Windows 10 Enterprise 2015 LTSB
Windows 10 IoT Enterprise 2015 LTSB
July 29, 2015October 13, 2020October 14, 2025
Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. 
Windows 8.1 and 7

Client operating systemsEnd of mainstream supportEnd of extended support
Windows 7, service pack 1*January 13, 2015January 14, 2020 
Windows 8.1January 9, 2018January 10, 2023
* Support for Windows 7 RTM without service packs ended on April 9, 2013. Be sure to install Windows 7 Service Pack 1 to continue to receive support and updates.

Extra IT - Lorenzo International Real Estate

Today I would like to mention several websites related to a California Broker, CIPS realtor, specializing in Italian Real Estate.


Linkedin profile: www.linkedin.com/in/pierolorenzo
Company Web Sites: www.pierolorenzorealtor.com &  www.pierolorenzo.kw.com
&  www.lorenzorealestate.us
Facebookwww.facebook.com/lorenzorealestate.us

Few years ago we had opportunity to rent an apartment thanks to his intermediation, with satisfaction, in Florence.

Consider that after 13 years as a Real Estate Broker with his own agency, Prince Immobiliare (Florence) he moved, with his wife, to hometown of Santa Cruz, California, in February of 2015.

His mission is to give professionalism support to sellers and buyers thanks his real estate intermediation

It is important to remark that he have italian Real Estate License and a Californian Real Estate Broker License too.

Afterward, if you are going to sell your home, consider that he has a global real estate, he is  GPS (Global Propery Specialist) member and a CIPS (Certified International Property Specialist) designee helped by an huge network of colleagues all over the world to help find buyers.

Finally you should consider that his personal real estate history was mentioned on this important Italian newspaper. This article was discussing about fact that several Italian talent s guys left their country to find more job opportunities and to have their talents recognized and rewarded as well.

https://www.ilfattoquotidiano.it/2016/11/24/riparto-da-zero-in-california-come-agente-immobiliare-e-rischioso-ma-in-italia-non-ce-entusiasmo/3212443/#disqus_thread

You could review presentation video at following web link

http://videos.weebly.com/uploads/7/8/4/8/78480480/lorenzo_international_real_estate_955.mp4




Automation - Domotics for home purpose with Arduino & Android devices & Souliss (open-source SmartHome framework)

In precedent blog posts we mentioned possibility to apply domotic in any home using Arduino & Blink server.

With this new blog articles we would like to mention Souliss product that it is an open-source SmartHome framework to empower your Arduino and Android devices.

This solution does not require any Server (as mentioned in this old blog article) but only an Android device with SoulisApp installed that interface directely with Arduino microcontroller connected through LAN ( Lan card or Wifi)

Arduino it is a C++ programmable micro-controller that could be used in conjunction with Souliss product.

Souliss is an IOS/android application that dialog with Arduino for remote command purpose.


Latter step would be to intregrate it with openHab  to have historical trends and for more complexes automation requirements.

Following images will help you on better focalize about advantages and infrastructure:

souliss

souliss

I am mentioning old blog article that refer to friend's company

It is in italian language but it could be useful to have an overview about opportunities given from domotics/home automation:
APPENDIX:

Domotics/Home automation is growing day by day as a new market technology field applied to constructions/home apartments.

"It involves the control and automation of lighting, heating (such as smart thermostats), ventilation, air conditioning (HVAC), and security, as well as home appliances such as washer/dryers, ovens or refrigerators/freezers. Wi-Fi is often used for remote monitoring and control. Home devices, when remotely monitored and controlled via the Internet, are an important constituent of the Internet of Things. Modern systems generally consist of switches and sensors connected to a central hub sometimes called a "gateway" from which the system is controlled with a user interface that is interacted either with a wall-mounted terminal, mobile phone software, tablet computer or a web interface, often but not always via Internet cloud services.

While there are many competing vendors, there are very few worldwide accepted industry standards and the smart home space is heavily fragmented.Manufacturers often prevent independent implementations by withholding documentation and by litigation.

The home automation market was worth US$5.77 billion in 2013, predicted to reach a market value of US$12.81 billion by the year 2020." Read more here

Graphics - DesignEvo online logo maker

Today I would like to mention DesignEvo, an easy-to-use online logo maker useful to create professional logos

This software has:
  1. 3000+ fully customizable logo templates.

  2. Over one million icons available.

  3. Various editing tools.


If you like you could take a tour viewing this youtube Video.


Recovery - Stellar Phoenix Windows data recovery – Home 7.0

Today I would like to mention this tool "Stellar Phoenix Windows data recovery – Home 7.0"

This is a recovery software that permit to:

  1. Find lost or deleted documents from Inaccessible Hard Drives.
  2. Perform Office Documents, Presentation & Archive Files recover.
  3. Recovers Lost Data from Corrupt, Formatted & Virus Infected Drives.
  4. Quick & Deep Scan.
  5. Mobile Phone Recovery.
  6. Recover lost partitions.
Software requirements:

Windows 10, 8.1, 8, 7, Vista & XP, 1 Gb. free ram, 50 MB. Free disk space

Official download and purchase link:


If you are interested you could review more blog recovery articles here:







Security - Cloud Hacker considerations

I would like to focalize on Trojan aspect applied to Cloud services and relative user accounts.

Trojan could be easily installed on any pc/devices (For example visiting an unknown hackered website)

The concept it is simple: If you have a Trojan that intercept your Cloud user credential you are going to be in a very critical situation. (risk would increase if double authentication would not active on your cloud account)

Credentials could be used to stole your critical data/access to your company servers and be sold from criminals.

A very useful mitigation actions could be start using  next generation antivirus providers that utilizes machine learning indeed than standard AV (this method use  signatures as the primary detection mechanism)

Full interview and details could be found reading this article:

https://www.techrepublic.com/article/how-trojans-steal-credentials-and-attack-cloud-services/



If you are interested you could review these old blog articles/sections:

Cloud

http://www.alessandromazzanti.com/search/label/Cloud

Microsoft Azure

http://www.alessandromazzanti.com/search/label/Windows%20Azure


Tools - OCR On line converter

Today I would like to mention an interesting website that permit you to extract text from PDF and images (JPG, BMP, TIFF, GIF) and convert into editable  Word, Excel and Text output formats.

More verbosely:

Source Formats:


  • PDF (All types of PDF files including multi-page PDFs)
  • TIF/TIFF (Multipage TIFFs supported)
  • JPEG/JPG
  • BMP
  • PCX
  • PNG
  • GIF
  • ZIP files containing the above types of files can also be uploaded.

Image quality is one of the most important factors that improve quality of recognition. A resolution of 200-400 DPI for input images is best for recognition.

Maximum input file size : 200 MB

Destination Formats:

  • Adobe PDF document
  • Microsoft Word document
  • Microsoft Excel document
  • RTF document
  • Text Plain
https://www.onlineocr.net/

Security - CPU Spectre and Meltdown Bug



During previously months it was revealed CPU bugs that are affecting near all produced CPU.

Security it is one of the most warm argument that is growing, correctly, day by day importance (First of all due to global internet devices interconnection).

At actual stage several vendors and O.S. providers released O.S. patches.
Some of these fixes was deployed to mitigate risks.

Consider that one of these bug (Spectre ) need devices firmware upgrade.
In other cases antivirus software upgrade it is necessary before patch/firmware installation.

So I am going to create a blog article with info collected reading several technical documents/articles (indicated at end of article for easily reading)

My idea it is to release minor revisions article updates, during next months, adding fresher information.

  1. Intel CPU produced during these last 10 years are affected from security critical issues.
  2. On these CPUs Intel left an open channel between kernel protected memory and normal user processes.
  3. This design error could permit, to access this memory area, to programs executed at user level permissions, (Java scripts browser app too), permitting sensible data read/stolen (including login and passwords).
  4. It seems that Intel was already aware about this problem but did not notify this information to major O.S. players to strictly work to fix it.
  5. ServerWorkstationPCTabletSmartphone and Smart Devices are impacted. 
    1. Affected chips include those manufactured by IntelAMD, and ARM, which means all devices running Windows operating systems are potentially vulnerable (e.g., desktops, laptops, cloud servers, and smartphones).
    2. Devices running other operating systems such as AndroidChromeiOS, and MacOS are also affected.
  6. CLOUD is impacted too. 
    1. Meltdown could be particularly dangerous on unpatched cloud platforms, due to the possibility of malicious code inside a virtual machine being able to read data from the memory of the underlying host computer, with the threat that one cloud customer could steal data from another.
    2. CPU performances decrease would be between 5% up to 30%. (these performances problems would be a big issue for cloud providers like Azure, Amazon....)
  7. REMARK: 
    1. Hotfix need to have kernel code partially rewritten:
      1. Furthermore kernel and end user memory process separation (Kernel Page Table Isolation (KPTI)) would deeply impact on performances too.
    2. Some old CPUs could not be upgradable.
    3. Patches released are working so deep at kernel level that some AV are not compatible (a.e. Microsoft if informing customers that before begin patching process, you should verify that your antivirus (AV) software is up to date and compatible (check your antivirus software manufacturer's website for their latest compatibility information).

MICROSOFT :
Starting in January 2018, Microsoft released updates for Windows operating systems, Internet Explorer and Edge browsers to help mitigate these vulnerabilities and help to protect customers. They also released updates to secure their cloud services.
Here they are  Microsoft Articles:
Protect your Windows devices against Spectre and Meltdown
https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
Update to disable mitigation against Spectre, Variant 2
https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2

From Microsoft January 2018 Security Updates

Operative SystemUpdate KB
Windows Server, version 1709 (Server Core Installation)4056892
Windows Server 20164056890
Windows Server 2012 R24056898
Windows Server 2012not yet available
Windows Server 2008 R24056897
Windows Server 2008not yet available
Windows 104058702
Windows 8.14056898
Windows 74056897

NOTES

Patches released are working so deep at kernel level that some AV are not compatible (a.e. Microsoft if informing customers that before begin patching process, you should verify that your antivirus (AV) software is up to date and compatible (check your antivirus software manufacturer's website for their latest compatibility information)
LINUX has released patches.

APPLE Has indicated that all iPhones, iPads and modern Mac devices are affected by Meltdown. Bullettin link.

ANDROID/GOOGLE bullettin link.
TECHNICAL PART:
  1. This bug has two variant types:
    1. Meltdown (32/64 bit - It permit to read private kernel memory):
    2. It impact all Intel CPUs produced from 1995 to 2013 -Haswell Xeon series included.
    3. CPU ARM Cortex A15, A57 A72 e A75 impacted
    4. REMARK:Patches was released to fix Meltdown and Spectre 1 variant bugs for o.s. and virtual machine vendors.
    5. You can learn more about these vulnerabilities at Google Project Zero
  2. Spectre (32/64 bit - It permit to user-mode applications to estract processess information) 
    1.  It impact all Intel CPUs produced till now.
    2.  It impact some ARM CPUs Cortex A15, A17, A57 A72, A73, A75, R7, R8, A7, A8.
    3.  It impact some AMD CPUs Ryzel, FX ed Pro.
    4. REMARK: Fixes about bug Spectre variant 2 require computer firmware update.These updates are being issued by chip manufacturers and designers such as Intel and Arm. Sometimes  it may require also operating system kernel update.
    5. REMARK 2: Because of the difficulty in addressing Spectre, patches generally mitigate risks from attacks, rather than blocking them completely.
    6. You can learn more about these vulnerabilities at Google Project Zero.

  3. Modern processors accelerate the rate at which they execute instructions by loading data into the processor's on-board cache memory ahead of when it's needed. Data can be retrieved from this on-board cache far more rapidly than from the computer's main memory.

  4. If a processor is executing a set of instructions that branches depending on the input, then processors will try to guess which branch of instructions is most likely to be executed and load the necessary data into the processor's cache. These processes, called Branch Prediction and Speculative Execution, are what can be exploited by Spectre attacks.
  5. Meltdown works slightly differently, taking advantage of a privilege escalation flaw that allows any user able to execute code on the system to access protected memory. 

[original articles]

https://www.achab.it//achab.cfm/it/blog/achablog/meltdown-e-spectre-cosa-deve-sapere-e-fare-un-msp


http://www.lastampa.it/2018/01/09/tecnologia/news/lultima-patch-di-sicurezza-windows-non-fa-pi-avviare-i-computer-amd-microsoft-sospende-gli-aggiornamenti-44j9a7tUG3GsQ1m1T6vxjO/pagina.html


https://www.techrepublic.com/article/spectre-and-meltdown-cheat-sheet/


https://meltdownattack.com/#faq-advisoryhttps://meltdownattack.com/#faq-advisory


https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown


Protect your Windows devices against Spectre and Meltdown

https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
    Update to disable mitigation against Spectre, Variant 2
    https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2


    You can learn more about these vulnerabilities at Google Project Zero.


    [update 2018.02.17]

    Oracle is impacted too, I forgot to mention previously

    Oracle Linux (ELSA Security Advisory):

    [update 2018.02.19 ]

    Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

    https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/

    [update 2018.03.04]

    Microsoft has published guidance for IT Pros that outlines the steps Microsoft has taken as well as steps you can take to take advantage of all available protections.

    One action that you can take immediately is to ensure that your computers are able to reach the following endpoint:

    http://adl.windows.com



    This may involve adding this URL to your company’s whitelist which may require approval from your security group.  This endpoint is used to communicate updates to Microsoft’s compatibility information with client computers.  By ensuring your computers can reach this endpoint, you can help them get the most up-to-date information Microsoft has available about supported antivirus solutions and versions, security update statuses, etc.

    more details here

    Automation - Domotics for home purpose with Arduino & Blynk server

    Domotics/Home automation is growing day by day as a new market technology field applied to constructions/home apartments.

    "It involves the control and automation of lighting, heating (such as smart thermostats), ventilation, air conditioning (HVAC), and security, as well as home appliances such as washer/dryers, ovens or refrigerators/freezers. Wi-Fi is often used for remote monitoring and control. Home devices, when remotely monitored and controlled via the Internet, are an important constituent of the Internet of Things. Modern systems generally consist of switches and sensors connected to a central hub sometimes called a "gateway" from which the system is controlled with a user interface that is interacted either with a wall-mounted terminal, mobile phone software, tablet computer or a web interface, often but not always via Internet cloud services.

    While there are many competing vendors, there are very few worldwide accepted industry standards and the smart home space is heavily fragmented.Manufacturers often prevent independent implementations by withholding documentation and by litigation.

    The home automation market was worth US$5.77 billion in 2013, predicted to reach a market value of US$12.81 billion by the year 2020." Read more here


    Today I would like to mention, for home domotics application, Arduino solution that it is a C++ programmable micro-controller in conjunction with Blynk that it is an IOS/android application for remote command purpose that interface with Arduino.

    More precisely Blynk is a platform with iOS and Android apps to control Arduino, ESP8266, Raspberry Pi and the likes over the Internet.
    You can easily build graphic interfaces for all your projects by simply dragging and dropping widgets. 

    Documentation could be found here

    Here it is a graphic that better explain if and how it work:



    Usually Blynk utilize propritary cloud server but often, this solution could create some connection/delays issue.

    Installation could be done locally, to avoid internet connection problems, and to improve speed.

    Blynk Server is an Open-Source Netty based Java server, responsible for forwarding messages between Blynk mobile application and various microcontroller boards and SBCs (i.e. Arduino, Raspberry Pi. etc).


    • Java 8/9 required (OpenJDK, Oracle)
    • Any OS that can run java
    • At least 30 MB of RAM (could be less with tuning)
    • Open ports 8443 (for app), 8442 (for hardware without ssl), 8441 (for hardware with ssl)


    More detailed information could be found at this link or this one


    I am mentioning old blog article that refer to friend's company

    It is in italian language but it could be useful to have an overview about opportunities given from domotics/home automation: