Tips - Remote support to no Administrator users

If you are trying to give Teamviewer remote support to users that are not local administrator you could face that user account would prompted losing remote desktop view.

This behavior would most probably happen every time that you are doing tasks that requires administrative permissions.

To avoid this problem you should follow this article steps.



Be aware that Extra --> Options --> Protection --> Windows access would not be  equal to "Administrators only"



Tips - how to find folder where Outlook email is in

Here it is an interesting tip to find folder where an Outlook email is in.

MODE 1
  1. Double click on email.
  2. Press CTRL + MAISC + F --> Advanced find
  3. You will get menu as below, click on browse and you will see folder location



 MODE 2

  1. Double click on email.
  2. Press ALT + ENTER  --> Email Properties
  3. There is a field named: Path/Location

Security - Pentest-Tools with several online tool dedicate to Security

I am sharing a website that has several tools useful for security and investigation purposes.

One of them is Entry DNS view about any Subdomains related to a Domain.

https://pentest-tools.com/information-gathering/find-subdomains-of-domain#


CD Live - Ghost Alternatives - REDO Backup

During this days I was looking for a Clonezilla alternative to clone PC/Server.

If you are interested here they are relative blog articles:

http://www.alessandromazzanti.com/2012/05/tutorial-creare-immagini-di-pc-con.html

http://www.alessandromazzanti.com/2013/05/live-cd-creare-un-usb-autoavviante-per.html

Anyway I found REDO Backup CD Live that give you ability to easily clone PC/Server.

Here it is download link:

https://sourceforge.net/projects/redobackup/

Here it is procedure to make Backup Clone and Restore:

1. Download REDO Backup.
2. Download UNETBootin to burn iso to USB drive/key.
3. Boot pc to clone with precedent USB key all together connect External HardDrive for Image.
4. Select option Backup or Restore to create or restore image

[update 2020.06.04]

Here it is a specific tutorial:

https://www.ubackup.com/it/windows-10/redo-backup-windows-10.html


Server - RDP tools to manage more RDP server/client connections

During these years I indicated several tools that give you ability to connect RDP to servers & clients other than having several features (http/s connections with password saving, ssh, telnet etc etc)

Today I would like to summarize all this articles with an index article adding other tools that I found lastly.


1.) Remote Desktop Manager


https://remotedesktopmanager.com/home/download

If you want to compare differences you can review this link too:


https://remotedesktopmanager.com/Home/FeaturesGrid



2.) Royal Ts 

It is nice tool (it is not free) to have a single point to connect to servers in RDP without need to open plenty of windows and overriding user and password insert every time that you connect.

Here is it latest free version

Version 1.5.x Downloads (Freeware):

All previsious versions can be found at below link:


Latest version (you need to pay) is:

Royal TS v Version 3.1.4  

http://www.royalapplications.com/ts/win/features


mRemote is free and it works well:

https://mremoteng.org/download

mRemoteNG supports the following protocols:

  • RDP (Remote Desktop/Terminal Server)
  • VNC (Virtual Network Computing)
  • ICA (Citrix Independent Computing Architecture)
  • SSH (Secure Shell)
  • Telnet (TELecommunication NETwork)
  • HTTP/HTTPS (Hypertext Transfer Protocol)
  • rlogin
  • Raw Socket Connections

4)  TERMINALS


5) REMMINA
about linux  (http://remmina.sourceforge.net/)

[update 2020.06.01]

Here it is another remote desktop tool compendium:

https://quaries.com/windows-remote-desktop-connection/

Citrix - Product Matrix & Lifecycle Milestones for Citrix Workspace app & Citrix Receiver

Here they are two links about follow Citrix topics:

Citrix Product Matrix

https://www.citrix.com/support/product-lifecycle/product-matrix.html

Lifecycle Milestones for Citrix Workspace app & Citrix Receiver

https://www.citrix.com/support/product-lifecycle/milestones/receiver.html

Vmware - VMware Compatibility Guide

If you need to know which O.S. version is supported by your Vmware ESXi infrastructure you can reuse below link focusing on below menu choices.
In my case I needed to know if windows 2016 was supported with ESXi 6.5.


https://www.vmware.com/resources/compatibility/search.php?deviceCategory=software&details=1&releases=338&operatingSystems=217&page=1&display_interval=10&sortColumn=Partner&sortOrder=Asc&testConfig=16


Vmware - HP Server HW monitoring

Here it is an easy Vmware document that well explain how to monitor HP  Hardware server health in conjunction with HP System Insight Manager:

Management of VMware ESXi  on HP ProLiant Servers

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/VMware-ESXi-HPProLiantServers-WP-EN.pdf

Freeware - Fastone Capture 5.3 Screen capture

I would like to indicate an excellent freeware software (till 5.3 release version) that has several advanced features to catch desktop screenshots.

Here it is relative download link.

http://www.portablefreeware.com/?id=775

Newer versions, indeed, are shareware:

https://www.faststone.org/download.htm







Vmware - iSCSI Multipathing (MPIO) using vsphere

Here it is a quick blog articles.

Here they are artilces that explains, on old ESX 5, how to configure iSCSI Multipathing.

Mainly used with single SAN and dual controller to manage single controller fault (or Fiber channel problems).


iSCSI Multipathing


"When transferring data between the host server and storage, the SAN uses a technique known as multipathing. With multipathing, your ESXi host can have more than one physical path to a LUN on a storage system.

Generally, a single path from a host to a LUN consists of an iSCSI adapter or NIC, switch ports, connecting cables, and the storage controller port. If any component of the path fails, the host selects another available path for I/O. The process of detecting a failed path and switching to another is called path failover.

For more information on multipathing, see Understanding Multipathing and Failover."

I am adding it to blog toolbox.

How to Configure iSCSI Multipathing (MPIO) in VMware vSphere 5 using ESXCLI

http://www.cosonok.com/2012/01/how-to-configure-iscsi-multipathing.html

How to Configure iSCSI Multipathing (MPIO) in VMware vSphere 5 using ESXCLI (UPDATE)

http://www.cosonok.com/2012/06/how-to-configure-iscsi-multipathing.html

indeed here it is official Vmware documentation:

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-multipathing-configuration-software-iscsi-port-binding-white-paper.pdf

and relative concept explaination:

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.storage.doc/GUID-AE0C1165-521D-4E65-9921-35F9F6EB39AA.html

Tool - Blue screen of death (Nirsoft tool)

If you face blue screen of death on your pc Nirsoft tool could be useful to open mini dump files created and identify root causes.

https://www.nirsoft.net/utils/blue_screen_view.html

Other nirsoft tool and blog mentions are here indicated.




Excel - Conditional Formatting about duplicates cells

There is an easy Excel feature that permit you to color automatically duplicates cells.

About step by step procedure:

  1. Select Entire Column where you want apply this feature.
  2. CTRL + SPACE.
  3. Home --> conditional formatting --> Highligth Cells rules --> Duplicate values...
  4. At windows prompt select "Duplicate" and "Light Red Fill With Dark Red Text".
  5. Here it is visual result:

Here it is a simple video.

Azure - Microsoft Azure Data Box about offline backups

I am taking note about Azure Data Box to Azure Backup that is used for offline initial backup of large datasets using Azure Data Box

Here it is relative article that explain more verbosely concepts.

https://azure.microsoft.com/en-us/blog/azure-offline-backup-with-azure-data-box-now-in-preview/

And here it is an image on how it works:


Hacker - Vulnerability Assessment & Penetration Test concerns

During previously years I published a blog article indicating a single penetration test tool.

Kali Linux - Penetration test e forensic analysis Linux Iso 

https://www.alessandromazzanti.com/2017/11/kali-linux-penetration-test-e-forensic.html 

Today I would like to discuss about some Vulnerabilities Assessments & Penetrations Tests concerns.

Vulnerabilities Assessments
 
They are normally low-risk activities, given that after collecting information they start verifying outdated systems firmware/software versions (both devices and servers located in LAN/DMZ) associating this information with exploits databases.

They work smoothly and they are rarely aggressive and harmful..

In this case you might consider using an appliance located in both DMZ and LAN.
 
Penetration Tests

It is certainly, by its truly nature, more intensives, aggressive and - depending on the client's wishes - articulated on several tests.
Facing problems possibilities or creating disasters are very easy.
Due to these reasons contractual parts and
responsibilities clarifications are very important - but an attacker does not warn you that he is 'hackering' you ... :)


Afterwards I would like to mention this article, coping and past some paragraphs, to highlight some interesting concepts and concerns.

https://www.secureideas.com/knowledge/what-are-the-risks-of-a-penetration-test/


"....Sometimes outages or breakages occur that even the most cautious of penetration testers can't avoid. An application may have software flaws that result in a Denial of Service condition. A network device may be misconfigured such that it handles some types of network traffic poorly. We have all seen these types of issues in our testing.
Unfortunately, there is no surefire way to eliminate this kind of problem. It can be reduced through best practices such as patching, change management, and thorough code reviews. Damage from this type of issue can be minimized by closely monitoring the systems being tested and being prepared to halt automated tools at the first signs of trouble. This can also be improved by ensuring the testers are experienced in how the systems being tested work....."


"....The next significant risk to consider is that of inadvertently exposing confidential information or system access. Your penetration testers are searching for vulnerabilities and running exploits. For example, they may find a vulnerability that allows them to open up a backdoor. If they do so, but fail to protect the backdoor, a real attacker may discover and use it for malicious purposes. Another type of exposure if the tester is accessing data insecurely. For example ,they could transfer PII over an unencrypted channel...." 

Here they are other concerns or attention points:



  • Be Aware to advice SOC or whitelist IP scanner device tool could not intercept real attacks that might occur during assessment time period.
  • System Outages and lost of productivity might occur.
  • False negatives could raise due to penetration tools that do not find security holes that unfortunately exists.
  • Unethical IT professional operating assessment and penetration tests.



Hacker/Security - Kali Linux Penetration test Tool

Today I would like to mention this old blog article that describe Kali Linux thaat is a specific Linux distribution used for penetration tests:

http://www.alessandromazzanti.com/2014/05/kali-linux-penetration-test-e-forensic.html

Kali 2017.3 Release

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.


Kali Linux includes security tools, such as:[13]

More details could be find here:


Finally I would mention that Mr Ghaznavi-Zadeh published a chapter from his book "Kali Linux – A guide to Ethical hacking" and it is available for free here:


Finally here it is Kali Linux video website presentation:




[update 2020.04.23] 

here it is a web app scanner, free and open source.

https://www.zaproxy.org/

Antivirus - Sophos lengthen the Extended Support for XP/2003 until June 30, 2020, previously due date was April 17, 2020

Here it is a fresh information about Sophos AV and extended support for XP and 2003 O.S.

Due to actual situation Sophos lengthen the Extended Support for XP/2003 until June 30, 2020, previously due date was April 17, 2020.

https://community.sophos.com/kb/en-us/125995

Tutorial - code.org Courses and activities are free for students (Open Source Mode)

Volevo segnalare quest'organizzazione no-profit che si adopera perche' la possibilita' di imparare l'informatica sia accessibile ad ogni studente di ogni scuola.

https://code.org/ 

Lavorano in tutti gli ambiti dell'istruzione progettando i loro corsi o collaborando con altri insegnanti e distretti scolastici. 

E' supportata da vari partner tra cui Amazon, Facebook, Google, la Fondazione Infosys, Microsoft e molti altri.

Tutti i piani di studio e le esercitazioni che creano sono sempre gratuite e rilasciate con una licenza Creative Commons, permettendo così ad altri di creare risorse derivate per scopi non commerciali. Se una persona fosse interessata a ricevere l'autorizzazione per l'utilizzo dei loro materiali (a fini commerciali), basta contattarli. I loro corsi sono tradotti per l'utilizzo a livello mondiale o da persone di lingue diverse. A livello tecnologico, il progetto è sviluppato in modalità open source.



<====================>

Today  I would like to share news about this no-profit organization that it works hard to give a chance to learn IT to each student of each school.

https://code.org/ 

They work on each education fields planning courses and collaborating with several schools and teachers.

Code.org® is a nonprofit dedicated to expanding access to computer science in schools and increasing participation by women and underrepresented youth. Their vision is that every student in every school has the opportunity to learn computer science, just like biology, chemistry or algebra. Code.org provides the leading curriculum for K-12 computer science in the largest school districts in the United States and Code.org also organizes the annual Hour of Code campaign which has engaged more than 15% of all students in the world.

Code.org is supported by generous donors including Amazon, Facebook, Google, the Infosys Foundation, Microsoft, and many more.

All curriculum resources and tutorials they author will forever be free to use and openly licensed under a Creative Commons license, allowing others to make derivative education resources for non-commercial purposes. If you are interested in licensing their materials for commercial purposes, contact them. Their courses are translated for worldwide use or by speakers of different languages. Their technology is developed as an open source project.



Veeam - Powered Network (Veeam PN)

I am taking note about this new Veeam product:

https://www.veeam.com/powered-network.html

It is free solution that permits administrators to create, configure and connect both site-to-site and point-to-site VPN tunnels (with simple UI, easily and quickly).

The main component (HUB) is deployable via the Azure or AWS Marketplace, so most of the installation burdens are hidden.


Here they are some advantages:

  1. Simplified Remote Access:
    allows remote offices, home offices and mobile users to achieve connectivity regardless of location. Users can gain and keep access to any system remotely, either in the cloud or on-premises.

  2. Cloud-to-cloud Availability:
    Extend cloud networks to connect multiple disparate clouds together, providing Availability across sites and removing complexity from multi-site configuration.
  3. Recovering Data in a Disaster:
    helps provide recovery in the event of a disaster by eliminating complexity for extending cloud connectivity.

    When used with Veeam Direct Restore to Microsoft Azure, you can restore any on-premises workloads to the cloud, including VMs, servers and laptops, and use Veeam PN to establish connectivity and gain access to the restored data.






Command Line - Control Panel task manager and Settings executed with Administrative rights

If you work on pc using user without administrative righs you could have necessity to execute some menu with administrative rights.

Start --> Cmd.exe with administrative rights:


  1. Control panel (to laungh Control Panel)
  2. start ms-settings: (to launch Settings menu)
    Here it is official documentation and here.
  3. Start-Process "ms-settings:(to launch Settings menu using powershell)
  4. taskmgr.exe (to launch task manager)
  5. control netcpl.cpl (to launch Network Properties)

Freeware - Microsoft Project Free Alternative

Today I would like to mention this useful software that is similar to Microsoft Project but it is free at all:

https://www.ganttproject.biz/


This software permit to easily create Gant Charts as well

I hope that this information could be useful for someone.






Veeam - How to export VM from ESX 5.X to 6.X/7.X

During these months I faced following necessity:

"Backup VMs on ESXi 5.1 and export them on new ESXi 6.7 U3 managing old server fault and DR plan"

Here they are actions taken:
  • I tried to export turned off VMs, in .OVA format, and import them on new ESX unsuccesfully.



Solution applied was following.
  1. Download Veeam trial version.
  2. Enable Veeam VM Backups.
  3. Enable Veeam VM Backup and Replication from old to new host.
  4. I tested some VM replicated from old server to new one (shutting down them on old Server and starting them on new Server) from Veeam Console and test was succesfully.
Hoping that these information could be useful for someone.

APPENDIX


Below are articles that I used during entirely trouble shooting and Veeam B&R implementation.

OVA\OVF file deployment in ESXi 6.5 | Tutorial Part 3 - YouTube


Easier Fix: Failed to deploy OVF package: The task was canceled by a user.


Where the VM files are stored on VMWare ESXi? [closed]


How to enable SNMP on a VMware ESXi hypervisor


Ensure Proper SNMP Configuration



DR failover testing with Veeam console


Testing Cloud Failover Plan


Step 10. Specify Data Locations


VMware Workstation 5.0 What Files Make Up a Virtual Machine?


Replication Scenarios

Wireless - Best WiFi Extenders #LifeWire

Today I would like to highlight and share this 10 WiFi Extenders article.

https://www.lifewire.com/best-wifi-extenders-4043312

It is an useful article that drive you to choose best product to fix and extend WiFi coverage.

About theoretically concepts consider to review this Wikipedia article too:

https://en.wikipedia.org/wiki/Wireless_repeater


Software - Flash Player & Adobe Reader Redistributable Direct Download Link

Here is Flash Player Redistributable Direct Download Link about Redistributable version:

https://www.adobe.com/products/flashplayer/distribution3.html


[update 2020.04.04]

About Adobe Reader Redistributable Direct Download link here it is:

https://get.adobe.com/reader/enterprise/


Clearos - ClearOS 7 is now available!

During thes years I have installed a lot of ClearOs Server.

I find it very easy and useful for small companies.


So, if I have some free time, I will try to eviscerate this new release.


If you are interested to take a look to all ClearOs blog articles you can follow below link:


http://www.alessandromazzanti.com/search/label/ClearOS


ClearOs 7 Community edition:

https://www.clearos.com/clearfoundation/software/clearos-7-community


Compare editions

https://www.clearos.com/products/clearos-editions/clearos-7-compare-editions

Microsoft - ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability

There is an important/Critical Microsoft Font vulnerability (still un-patched) that is affecting Adobe Type Manager Library.

There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially drafted document or viewing it in the Windows Preview panel with Explorer.


Here it is Microsoft Security Advisory (ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability)

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200006

About Patch release most probably it will be released on Microsoft Update Tuesday (the second Tuesday of each month)

Affected operative systems are below indicated, consider that windows 10, due to mitigations that were put in place with the first version released in 2015 is considered with low risk impact.

Please see the mitigation section for details. Microsoft is not aware of any attacks against the Windows 10 platform. The possibility of remote code execution is negligible and elevation of privilege is not possible. We do not recommend that IT administrators running Windows 10 implement the workarounds described below.

Microsoft recommends upgrading to the Windows 10 family of clients and servers.


Here they are O.S. impacted briefly indicated:


Product 
Impact 
Severity
Windows 10 All versions Remote Code Execution  Important
Windows 7 All versions Remote Code Execution  Critical
Windows 8,1 All versions Remote Code Execution  Critical
Windows RT 8.1 All versions Remote Code Execution  Critical
Windows Server 2008 & R2 All Versions Remote Code Execution  Critical
Windows Server 2012 e R2 All Versions Remote Code Execution  Critical
Windows Server 2016 All Versions Remote Code Execution  Important
Windows Server 2019 All versions Remote Code Execution  Important

Here they are workaround applicable (be Aware that about windows 10 these are deprecated):


Workaround Applicability
Disable the Preview Pane and Details Pane in Windows Explorer Works on all systems but won't mitigate the issue if you open a document with the vulnerable font class
Disable the WebClient service Works on all systems but won't mitigate the issue if you open a document with the vulnerable font class
Rename ATMFD.DLL Only works on older (before Windows 10) but completely mitigates the issue though can introduce usability issues in rare cases

In Microsoft Advisory ADV 200006 It is indicated how to disable wbeclient service to protect you against attack vector through the Web Distributed Authoring and Versioning (WebDAV) client service. 

Impact of workaround.

When the WebClient service is disabled, Web Distributed Authoring and Versioning (WebDAV) requests are not transmitted. In addition, any services that explicitly depend on the WebClient service will not start, and an error message will be logged in the System log. For example, WebDAV shares will be inaccessible from the client computer.


Workaround effects and how to implement it is indicated in Microsoft advisory.

Consider that Windows 7  and Windows 2008 are no longer supported, it is highly probable that patch would not be available except for customers that subscribed extended patch support:

- Extended Security Update Program di Microsoft (ESU) windows 7
Extended Security Updates (ESU) Licensing Preparation Package for Windows 7 SP1 and Windows Server 2008 R2 SP1
- Extended Security Updates (ESU) Windows 2008 and 2008 R2 
Extended Security Updates (ESU) SQL 2008 and 2002 R2


[references articles]

https://www.cwi.it/cio/windows-server-2008-non-e-ancora-morto-ecco-perche_42124905 

https://www.hdblog.it/microsoft/articoli/n518582/windows-10-8-7-hacker-vulnerabilita-critica-patch/ 

https://www.hdblog.it/microsoft/articoli/n515774/windows-7-germania-costi-supporto/ 

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200006 


[Update 2020.04.15]


Microsoft released patches and new workarounds to mitigate problem:



https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020


Be aware about this information:

"Do I need an ESU license to receive the update for Windows 7, Windows Server 2008 and Windows Server 2008 R2 for this vulnerability?
Yes, to receive the security update for this vulnerability for Windows 7, Windows Server 2008, or Windows Server 2008 R2 you must have an ESU license. See 4522133 for more information."