201X - Print Server migration/fault/DR management

If you want manage Windows 200X/201X print server fault and relative DR (without having to reconfigure all clients) you have to proceed in this way:

  1. Create a properly DNS alias (on DC) pointing to old print server 
    for example: PrintersMilan

  2. Configure a new print server. (201X)

  3. Export all printers on old print server.

    2003 migration - How to migrate print server from 2003 server to 2008/2008 R2/2012

  4. Import previous printer queues on new Server:

    2003 migration - How to migrate print server from 2003 server to 2008/2008 R2/2012

  5. To avoid below error trying to add new printers (using DNS Alias):

    \\PrintersMilan\







  6. On old and new server you must add this register key:

    reg add HKLM\SYSTEM\CurrentControlSet\Control\Print /v DnsOnWire /t REG_DWORD /d 1



  7. Restart Print spooler service:


  8. On your PC add new printers and check that is working properly (you still are pointing to old print server)
    \\PrintersMilan\

  9. Change DNS Alias PrintersMilan (on your DC) to point new print server.

  10. If everything is working fine DR and print server fault management was succesfully done

[Original Article]


Tuning - Patch My PC

In previously years I used several tools to check no O.S. software updates.

Unfortunately FileHippo App Manager is no longer working fine as in the past.

So I found that Patch My Pc Updater is working excellently, user interface is not so easy but, after you configured properly it work very fine.

About Enterprise companies easily extend Microsoft Configuration Manager to deploy and patch an extensive list of third-party applications.

About SCCM here they are old blog articles

https://www.alessandromazzanti.com/search/label/SCCM%202012


Here it is lifewire article where are indicated similar software.

11 Best Free Software Updater Programs

https://www.lifewire.com/free-software-updater-programs-2625200

Freeware - ebook Reader - Adobe Digital Editions

If you need to open ebook using computer, Apple and Android devices Adobe Digital Editions is freeware and it work fine.

Here it is relative link

Freeware - Micrsoft Visio Alternative for free

Microsoft Visio is an excellent tool but is quite expensive.

Indeed is free and can work both online and as local installed software.

I hope that this information could be useful for someone:

https://www.draw.io

Application - Kubernetes overview and security concerns

Today I would like to take note on blog about Kubernetes technology, here is original producer link presentation

https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/

Here it is a simple image



And here it is Attack matrix for Kubernetes provided by Microsoft:

https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/

Security - Mobile security concerns and risks

Here is an interesting Microsoft article that highlight on fact that often corporate companies focalize on security relate dto PC/Laptops, antivirus and patching but attention is not the same about Mobile devices.

Mobile devices are often more than 60% of entirely IT devices, 80 % of daily tasks are there performed , here they are some numbers:


  1. During 2019 more than 1K security vulnerability was fixed.
  2. About 50 % of iOS devices werefour versions behind the latest OS version and less than 60 % Android devices were more than two versions behind.
  3. 1 of 4 devices was exposed to device Threats (excluded outdated O.S.)
  4. 1 of 5 devices experiences network-based attacks.
About UEM Microsoft mention Zimperium platformleverages their award-winning machine-learining- based engine (z9) that, to date, has detected 100% of zero-day device exploits withouth requiring an update or suffering frmo the delays and limitations of cloud-based detection


https://www.microsoft.com/security/blog/2020/04/07/mobile-security-60-percent-problem/

Software - Ultra VNC with acknowledgement

During these years I tested and configured Ultra VNC software version (UltraVNC_1_2_09) that permit you to connect to other client prompting for remote access, permissions grants and acknowledgement.

Consider that usually standard VNC installation permit you to connect to remote host with or without password 

End user is not aware that someone is viewing his desktop raising a big privacy issue.

https://www.uvnc.com/downloads/ultravnc.html






Tips/Antivirus - How to uninstall software on windows with problems #Sophos article

Here it is an interesting Sophos article that give you several tips and tools on how to force sophos Antivirus client removal. some of these tools can be used succesfully applied to all other software.

Here it is article:

https://support.home.sophos.com/hc/en-us/articles/115005679923-Unable-to-uninstall-Sophos-Home-Windows

Tips - Remote support to no Administrator users

If you are trying to give Teamviewer remote support to users that are not local administrator you could face that user account would prompted losing remote desktop view.

This behavior would most probably happen every time that you are doing tasks that requires administrative permissions.

To avoid this problem you should follow this article steps.



Be aware that Extra --> Options --> Protection --> Windows access would not be  equal to "Administrators only"



Tips - how to find folder where Outlook email is in

Here it is an interesting tip to find folder where an Outlook email is in.

MODE 1
  1. Double click on email.
  2. Press CTRL + MAISC + F --> Advanced find
  3. You will get menu as below, click on browse and you will see folder location



 MODE 2

  1. Double click on email.
  2. Press ALT + ENTER  --> Email Properties
  3. There is a field named: Path/Location

Security - Pentest-Tools with several online tool dedicate to Security

I am sharing a website that has several tools useful for security and investigation purposes.

One of them is Entry DNS view about any Subdomains related to a Domain.

https://pentest-tools.com/information-gathering/find-subdomains-of-domain#


CD Live - Ghost Alternatives - REDO Backup

During this days I was looking for a Clonezilla alternative to clone PC/Server.

If you are interested here they are relative blog articles:

http://www.alessandromazzanti.com/2012/05/tutorial-creare-immagini-di-pc-con.html

http://www.alessandromazzanti.com/2013/05/live-cd-creare-un-usb-autoavviante-per.html

Anyway I found REDO Backup CD Live that give you ability to easily clone PC/Server.

Here it is download link:

https://sourceforge.net/projects/redobackup/

Here it is procedure to make Backup Clone and Restore:

1. Download REDO Backup.
2. Download UNETBootin to burn iso to USB drive/key.
3. Boot pc to clone with precedent USB key all together connect External HardDrive for Image.
4. Select option Backup or Restore to create or restore image

[update 2020.06.04]

Here it is a specific tutorial:

https://www.ubackup.com/it/windows-10/redo-backup-windows-10.html


Server - RDP tools to manage more RDP server/client connections

During these years I indicated several tools that give you ability to connect RDP to servers & clients other than having several features (http/s connections with password saving, ssh, telnet etc etc)

Today I would like to summarize all this articles with an index article adding other tools that I found lastly.


1.) Remote Desktop Manager


https://remotedesktopmanager.com/home/download

If you want to compare differences you can review this link too:


https://remotedesktopmanager.com/Home/FeaturesGrid



2.) Royal Ts 

It is nice tool (it is not free) to have a single point to connect to servers in RDP without need to open plenty of windows and overriding user and password insert every time that you connect.

Here is it latest free version

Version 1.5.x Downloads (Freeware):

All previsious versions can be found at below link:


Latest version (you need to pay) is:

Royal TS v Version 3.1.4  

http://www.royalapplications.com/ts/win/features


mRemote is free and it works well:

https://mremoteng.org/download

mRemoteNG supports the following protocols:

  • RDP (Remote Desktop/Terminal Server)
  • VNC (Virtual Network Computing)
  • ICA (Citrix Independent Computing Architecture)
  • SSH (Secure Shell)
  • Telnet (TELecommunication NETwork)
  • HTTP/HTTPS (Hypertext Transfer Protocol)
  • rlogin
  • Raw Socket Connections

4)  TERMINALS


5) REMMINA
about linux  (http://remmina.sourceforge.net/)

[update 2020.06.01]

Here it is another remote desktop tool compendium:

https://quaries.com/windows-remote-desktop-connection/

Citrix - Product Matrix & Lifecycle Milestones for Citrix Workspace app & Citrix Receiver

Here they are two links about follow Citrix topics:

Citrix Product Matrix

https://www.citrix.com/support/product-lifecycle/product-matrix.html

Lifecycle Milestones for Citrix Workspace app & Citrix Receiver

https://www.citrix.com/support/product-lifecycle/milestones/receiver.html

Vmware - VMware Compatibility Guide

If you need to know which O.S. version is supported by your Vmware ESXi infrastructure you can reuse below link focusing on below menu choices.
In my case I needed to know if windows 2016 was supported with ESXi 6.5.


https://www.vmware.com/resources/compatibility/search.php?deviceCategory=software&details=1&releases=338&operatingSystems=217&page=1&display_interval=10&sortColumn=Partner&sortOrder=Asc&testConfig=16


Vmware - HP Server HW monitoring

Here it is an easy Vmware document that well explain how to monitor HP  Hardware server health in conjunction with HP System Insight Manager:

Management of VMware ESXi  on HP ProLiant Servers

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/VMware-ESXi-HPProLiantServers-WP-EN.pdf

Freeware - Fastone Capture 5.3 Screen capture

I would like to indicate an excellent freeware software (till 5.3 release version) that has several advanced features to catch desktop screenshots.

Here it is relative download link.

http://www.portablefreeware.com/?id=775

Newer versions, indeed, are shareware:

https://www.faststone.org/download.htm







Vmware - iSCSI Multipathing (MPIO) using vsphere

Here it is a quick blog articles.

Here they are artilces that explains, on old ESX 5, how to configure iSCSI Multipathing.

Mainly used with single SAN and dual controller to manage single controller fault (or Fiber channel problems).


iSCSI Multipathing


"When transferring data between the host server and storage, the SAN uses a technique known as multipathing. With multipathing, your ESXi host can have more than one physical path to a LUN on a storage system.

Generally, a single path from a host to a LUN consists of an iSCSI adapter or NIC, switch ports, connecting cables, and the storage controller port. If any component of the path fails, the host selects another available path for I/O. The process of detecting a failed path and switching to another is called path failover.

For more information on multipathing, see Understanding Multipathing and Failover."

I am adding it to blog toolbox.

How to Configure iSCSI Multipathing (MPIO) in VMware vSphere 5 using ESXCLI

http://www.cosonok.com/2012/01/how-to-configure-iscsi-multipathing.html

How to Configure iSCSI Multipathing (MPIO) in VMware vSphere 5 using ESXCLI (UPDATE)

http://www.cosonok.com/2012/06/how-to-configure-iscsi-multipathing.html

indeed here it is official Vmware documentation:

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-multipathing-configuration-software-iscsi-port-binding-white-paper.pdf

and relative concept explaination:

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.storage.doc/GUID-AE0C1165-521D-4E65-9921-35F9F6EB39AA.html

Tool - Blue screen of death (Nirsoft tool)

If you face blue screen of death on your pc Nirsoft tool could be useful to open mini dump files created and identify root causes.

https://www.nirsoft.net/utils/blue_screen_view.html

Other nirsoft tool and blog mentions are here indicated.




Excel - Conditional Formatting about duplicates cells

There is an easy Excel feature that permit you to color automatically duplicates cells.

About step by step procedure:

  1. Select Entire Column where you want apply this feature.
  2. CTRL + SPACE.
  3. Home --> conditional formatting --> Highligth Cells rules --> Duplicate values...
  4. At windows prompt select "Duplicate" and "Light Red Fill With Dark Red Text".
  5. Here it is visual result:

Here it is a simple video.

Azure - Microsoft Azure Data Box about offline backups

I am taking note about Azure Data Box to Azure Backup that is used for offline initial backup of large datasets using Azure Data Box

Here it is relative article that explain more verbosely concepts.

https://azure.microsoft.com/en-us/blog/azure-offline-backup-with-azure-data-box-now-in-preview/

And here it is an image on how it works:


Hacker - Vulnerability Assessment & Penetration Test concerns

During previously years I published a blog article indicating a single penetration test tool.

Kali Linux - Penetration test e forensic analysis Linux Iso 

https://www.alessandromazzanti.com/2017/11/kali-linux-penetration-test-e-forensic.html 

Today I would like to discuss about some Vulnerabilities Assessments & Penetrations Tests concerns.

Vulnerabilities Assessments
 
They are normally low-risk activities, given that after collecting information they start verifying outdated systems firmware/software versions (both devices and servers located in LAN/DMZ) associating this information with exploits databases.

They work smoothly and they are rarely aggressive and harmful..

In this case you might consider using an appliance located in both DMZ and LAN.
 
Penetration Tests

It is certainly, by its truly nature, more intensives, aggressive and - depending on the client's wishes - articulated on several tests.
Facing problems possibilities or creating disasters are very easy.
Due to these reasons contractual parts and
responsibilities clarifications are very important - but an attacker does not warn you that he is 'hackering' you ... :)


Afterwards I would like to mention this article, coping and past some paragraphs, to highlight some interesting concepts and concerns.

https://www.secureideas.com/knowledge/what-are-the-risks-of-a-penetration-test/


"....Sometimes outages or breakages occur that even the most cautious of penetration testers can't avoid. An application may have software flaws that result in a Denial of Service condition. A network device may be misconfigured such that it handles some types of network traffic poorly. We have all seen these types of issues in our testing.
Unfortunately, there is no surefire way to eliminate this kind of problem. It can be reduced through best practices such as patching, change management, and thorough code reviews. Damage from this type of issue can be minimized by closely monitoring the systems being tested and being prepared to halt automated tools at the first signs of trouble. This can also be improved by ensuring the testers are experienced in how the systems being tested work....."


"....The next significant risk to consider is that of inadvertently exposing confidential information or system access. Your penetration testers are searching for vulnerabilities and running exploits. For example, they may find a vulnerability that allows them to open up a backdoor. If they do so, but fail to protect the backdoor, a real attacker may discover and use it for malicious purposes. Another type of exposure if the tester is accessing data insecurely. For example ,they could transfer PII over an unencrypted channel...." 

Here they are other concerns or attention points:



  • Be Aware to advice SOC or whitelist IP scanner device tool could not intercept real attacks that might occur during assessment time period.
  • System Outages and lost of productivity might occur.
  • False negatives could raise due to penetration tools that do not find security holes that unfortunately exists.
  • Unethical IT professional operating assessment and penetration tests.



Hacker/Security - Kali Linux Penetration test Tool

Today I would like to mention this old blog article that describe Kali Linux thaat is a specific Linux distribution used for penetration tests:

http://www.alessandromazzanti.com/2014/05/kali-linux-penetration-test-e-forensic.html

Kali 2017.3 Release

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.


Kali Linux includes security tools, such as:[13]

More details could be find here:


Finally I would mention that Mr Ghaznavi-Zadeh published a chapter from his book "Kali Linux – A guide to Ethical hacking" and it is available for free here:


Finally here it is Kali Linux video website presentation:




[update 2020.04.23] 

here it is a web app scanner, free and open source.

https://www.zaproxy.org/

Antivirus - Sophos lengthen the Extended Support for XP/2003 until June 30, 2020, previously due date was April 17, 2020

Here it is a fresh information about Sophos AV and extended support for XP and 2003 O.S.

Due to actual situation Sophos lengthen the Extended Support for XP/2003 until June 30, 2020, previously due date was April 17, 2020.

https://community.sophos.com/kb/en-us/125995

Tutorial - code.org Courses and activities are free for students (Open Source Mode)

Volevo segnalare quest'organizzazione no-profit che si adopera perche' la possibilita' di imparare l'informatica sia accessibile ad ogni studente di ogni scuola.

https://code.org/ 

Lavorano in tutti gli ambiti dell'istruzione progettando i loro corsi o collaborando con altri insegnanti e distretti scolastici. 

E' supportata da vari partner tra cui Amazon, Facebook, Google, la Fondazione Infosys, Microsoft e molti altri.

Tutti i piani di studio e le esercitazioni che creano sono sempre gratuite e rilasciate con una licenza Creative Commons, permettendo così ad altri di creare risorse derivate per scopi non commerciali. Se una persona fosse interessata a ricevere l'autorizzazione per l'utilizzo dei loro materiali (a fini commerciali), basta contattarli. I loro corsi sono tradotti per l'utilizzo a livello mondiale o da persone di lingue diverse. A livello tecnologico, il progetto è sviluppato in modalità open source.



<====================>

Today  I would like to share news about this no-profit organization that it works hard to give a chance to learn IT to each student of each school.

https://code.org/ 

They work on each education fields planning courses and collaborating with several schools and teachers.

Code.org® is a nonprofit dedicated to expanding access to computer science in schools and increasing participation by women and underrepresented youth. Their vision is that every student in every school has the opportunity to learn computer science, just like biology, chemistry or algebra. Code.org provides the leading curriculum for K-12 computer science in the largest school districts in the United States and Code.org also organizes the annual Hour of Code campaign which has engaged more than 15% of all students in the world.

Code.org is supported by generous donors including Amazon, Facebook, Google, the Infosys Foundation, Microsoft, and many more.

All curriculum resources and tutorials they author will forever be free to use and openly licensed under a Creative Commons license, allowing others to make derivative education resources for non-commercial purposes. If you are interested in licensing their materials for commercial purposes, contact them. Their courses are translated for worldwide use or by speakers of different languages. Their technology is developed as an open source project.



Veeam - Powered Network (Veeam PN)

I am taking note about this new Veeam product:

https://www.veeam.com/powered-network.html

It is free solution that permits administrators to create, configure and connect both site-to-site and point-to-site VPN tunnels (with simple UI, easily and quickly).

The main component (HUB) is deployable via the Azure or AWS Marketplace, so most of the installation burdens are hidden.


Here they are some advantages:

  1. Simplified Remote Access:
    allows remote offices, home offices and mobile users to achieve connectivity regardless of location. Users can gain and keep access to any system remotely, either in the cloud or on-premises.

  2. Cloud-to-cloud Availability:
    Extend cloud networks to connect multiple disparate clouds together, providing Availability across sites and removing complexity from multi-site configuration.
  3. Recovering Data in a Disaster:
    helps provide recovery in the event of a disaster by eliminating complexity for extending cloud connectivity.

    When used with Veeam Direct Restore to Microsoft Azure, you can restore any on-premises workloads to the cloud, including VMs, servers and laptops, and use Veeam PN to establish connectivity and gain access to the restored data.






Command Line - Control Panel task manager and Settings executed with Administrative rights

If you work on pc using user without administrative righs you could have necessity to execute some menu with administrative rights.

Start --> Cmd.exe with administrative rights:


  1. Control panel (to laungh Control Panel)
  2. start ms-settings: (to launch Settings menu)
    Here it is official documentation and here.
  3. Start-Process "ms-settings:(to launch Settings menu using powershell)
  4. taskmgr.exe (to launch task manager)
  5. control netcpl.cpl (to launch Network Properties)