Security - WhatsApp how to enable two-step verification settings

Security, IT side, often is underestimate.

Due to this reason and, considering that whatsApp is very used chatting app I am taking note, on blog, about procedure, necessary, to enable two-step verification settings

Meanwhile you can review review your linked devices in WhatsApp and unlink any device that you do not recognize.

SQL - Antivirus Exclusions

I am taking note about SQL required Antivirus Exclusions:

Process exclusions

%ProgramFiles%\Microsoft SQL Server\<Instance_ID>.<nome istanza>\MSSQL\Binn\SQLServr.exe

%ProgramFiles%\Microsoft SQL Server\<Instance_ID>.<nome istanza>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe

%ProgramFiles%\Microsoft SQL Server\<Instance_ID>.<nome istanza>\OLAP\Bin\MSMDSrv.exe

%ProgramFiles%\Microsoft SQL Server\1xx\Shared\SQLDumper.exe


Directory (and sub-directories):

D:\Program Files\Microsoft SQL Server


File extentions:

SQL Server data files:





SQL Server backup files



Server - SSH Server on line for free

There is a website that, after registration, you might have SSH credentials, for free.

This service is up and running since 1987

Outlook - OWA .EML download procedure

If you utilize Outlook through OWA you might need to download .EML email format file.

To enable this feature you must follow these steps 

  • Settings --> Customize actions --> Download

Cisco - ISE password recovery/Reset

I am taking note, on blog, about Cisco ISE procedure that is necessary, to be followed, in case admin password expired/do not work properly

Consider that you should, proceed to https Ise Admin password account reset too.

Application reset-passwd ise admin

After Cisco ISE Server reboot, through vmware/HyperVisore console, you should check that all services are up and running, using this command

Show application status ise

Finally, after password reset, you should save Cisco ISE running config.

Copy running-config startup-config

Sophos - Sophos Central APIs interaction

There is possibility, on Sophos Central, to create API user for task automating, remote tools interacting, like ticket creation, end point enumeration and so on.

Mainly you will be able to call Sophos Central APIs, here it is relative link:

Cloud - Ireland Datacenter expansions problems due to climate changes and power consumption

Ireland Datacenter expansions problems due to climate changes and power consumption, here it is an interesting italian article that well explain Ireland problems faced (but these problems should impact any other country as well)

Automation - Wifi Tapo Lightings

I discovered, surfing on web, these lights (that work using WiFi connection) in conjunction with Tapo App (iOS and Android) that permit to control, lightness, brightness and colors (with 16,000,000 hues to choose from)

It has scheduled timers (useful when you are out of home - Away Mode – Automatically simulate someone being at home to frighten away, unwanted visitors)

Voice Control (works with Amazon Alexa and Google Assistante)

Other than product appeal, my security concerns (see Hacker/Security blog sections) remains the same.

SAN - SC3020 Dell #Certificate renew procedure

On EMC SC3020 Dell San Storage you might receive below alert

"Alert created on controller 'XXX' for object [internal ref: 'SSLCertificateExpiring'] - [SSLCertificateExpiring]: SSL Certificate expires in 14 days"

Solution Summary

1. Click Edit Settings from the DSM Summary tab.

2. Select the General tab in the left pane, then click Import or Generate a new SSL Certificate at the bottom of the screen.

3. Check Generate a new Storage Center self-signed certificate.

4. Click OK.

5. Confirm that the alert is gone.

 Operation Image 

1. Click Edit Settings from the DSM Summary tab.

Select the General tab in the left pane, then click Import or Generate a new SSL Certificate at the bottom of the screen.

Check Generate a new Storage Center self-signed certificate. 

2. Click OK.

Finally you will receive below advice:

Alert normalized on controller 'xxxxx' for object [internal ref: 'SSLCertificateExpiring'] - [SSLCertificateExpiring]: SSL Certificate expires in 14 days

Hacker/Security - UPnP security concerns

About UPnP there are several security concerns that people majority are not aware.

Here it is an article that well explain concepts and security problems that you might face:

Antivirus - Sophos Audit Logs 90 days retention and SIEM integration

Sophos has 90 days Administrative Audit logs retention limit.

This limit could be overrided configuring  SIEM Tool.

Here they are relative articles

Antivirus - Sophos Ideas

I am taking note, on blog, about link where you might request new Sophos Features to be implemented

Security - Wipe Tools

On blog was already published, some articles, mentioning several wipe tools:

Programma - HardWipe bonificare un Hard disk e cancellare i propri dati

USB Live - Creare una USB autoavviante per fare il WIPE di un Hard Disk 

Privacy - Two tools to completely wipe data and create USB/CD Live 

An alternative wipe tool could be using ABAN 

(ABAN’s name is inspired by Darik’s Boot and Nuke, an older (and unfortunately no longer maintained) program that does something very similar. But but other than that, it's completely unrelated.)

You can burn it using RUFUS

Here it is an old blog article (that mentioned RUFUS too):

Monitor - Syslog using PRTG or Kiwi Syslog Server

On old blog article I already mentioned several monitoring/security tools

I am highlighting Kiwi Syslog Server that permit to:

  1. Centrally manage syslog messages, snmp traps and windows Event logs.
  2. Store and archive logs, receive promptly alerts based on critical events.
  3. Respornd to syslog messages
  4. Email alerting
  5. Diagnose network issues

Freeware - SolarWinds All Free Network/System/Security/DB/clients monitoring tools


About configuring Kiwi Syslog on Cisco devices, here it is a small guide/tutorial

Kiwi Syslog Server Getting Started Guide

About configuring Syslog, on Cisco ASA, you can review this guide:

ASA Syslog Configuration Example


At the same time I would like to mention that PRTG (free up to 100 sensors) has possibility to use sensor acting as syslog server

Here they are old PRTG blog articles

Server - PRTG Network Monitor Tool

Monitoring - PRTG monitors freeware version until 100 sensors

Security - Radius Server

 Here it is a basic article related to Radius protocol, I am taking note, on blog, for future purposes and, in case, it would be useful for seomeone

Antivirus - Sophos Message Relay/Cache Manager #FIREWALL PORTS

Sophos Central endpoints has possibility, to update themselves, or send messages status, to a LAN server (that operate as Sophos Update Cache and Message Relay)

Alternatively Endpoints updates, themselves, to internet.

Here they are ports that are necessary to be opened (to permit previously behaviors)

Tips - Webex Cache cleaning procedure

There is an easy and quick procedure necessary , to be done, to clear Cisco Webex Cache. 

It is really easy, but, in any case, I take note, about it, on blog.

Be aware that, on Citrix Environment, you should add, this path, to Exclusions list - folders that you should not syncronize (using Roaming profiles) (avoiding, in this case, to waste time during login and wasting disk space as well)

Windows 10 - Autologon

On previous article we explained how to configure XP/Windows 7 autologon (without user and password request)

Using Windows 10 situation is slightly different:

Related Articles:

Teams - How to disable message reading acknowledgement

On teams, there is possibility, like on WhatsApp, to disable message reading acknowledgement/read receipt, here it is relative setting:

More details:

Tips - All Web Site history

If you want to review single website content, in any other time/date in the past,  Web Site Archive is the correct website that you need to visit/use:

Automation - Constellation Brands Nava Brewery

I share this video that show how much huge, and automated, can be a brewery plant.

It is really impressive!!!

Tips - Windows Shortcuts

Here they are shortcuts lists (that, IMO, are quite useful) (yellow highlighted commands that I did not know or I found particularly useful)

  1. Tap the Windows key to open and close the Start Menu. Windows+opens File Explorer. 

  2. Windows+L immediately locks the screen.

  3. Ctrl+to copy; Ctrl+V to paste; Ctrl+Z to undo.

  4. Ctrl + Y Redo an action.

  5. Windows key + V Open Clipboard bin.

  6. Windows+E: Opens File Explorer.

  7. Windows+I: Opens Settings.

  8. Windows+Spacebar: Cycle through your language and keyboard options.

  9. Windows+D: This hides all of the open apps and takes you directly to the Windows 10 desktop. Using this command a second time will display all of your open apps again.

  10. Windows+M: Minimizes all open apps and windows.

  11. Windows+Left arrow: Snaps an app or window to the left side of the screen.

  12. Windows+Right arrow: Snaps an app or window to the right side of the screen.

  13. Windows+Up arrow: Maximizes all open apps and windows that have been minimized.

  14. Windows+Down arrow: Minimizes all apps and windows.

  15. Ctrl+Shift+Esc: Opens Task Manager. This is used to show you all apps that are currently running and how much processing power they're using.

  16. Alt+Tab: Displays all open apps and lets you switch between them quickly.

  17. Ctrl+Alt+Tab: Shows all open apps.

  18. Windows+0 (zero): Opens the Windows 10 Sticky Notes app.

  19. Window+. or (semicolon): Brings up the emoji box. This is incredibly useful when typing in an app that has no built-in emoji or emoticon options.
    1. Tips - Windows 10 /Outlook Emoticons shortcuts
  20. Alt + D Select address bar.
  21. Windows key + PrtScn Capture a full screenshot in the "Screenshots" folder.
  22. Windows key + Shift + S Capture part of the screen with Snip & Sketch.

Tips - Win 10 e virtual desktops

  • Windows key + Ctrl + D Create a virtual desktop.
  • Windows Key + Tab switch between different virtual desktops (graphically)
  • Windows key + Ctrl + F4 Close active virtual desktop.
  • Windows key + Ctrl + Right arrow Switch to the virtual desktop on the right.
  • Windows key + Ctrl + Left arrow Switch to the virtual desktop on the left.
  • Windows key + Ctrl + Shift + B Wake up the device when black or a blank screen.

[original articles]

Firewall/Security - IPS ( Intrusion Prevention Systems ) overview

I am taking note on blog about article related to IPS (Intrusion Prevention Systems) overview and relative comperazation to IDS:

"Unlike its predecessor the intrusion detection system (IDS) – which is a passive system that scans traffic and reports back on threats – the IPS is placed inline, directly in the flow of network traffic between the source and destination. Usually sitting right behind the firewall, the solution is actively analyzing and taking automated actions on all traffic flows that enter the network. These actions can include:

  • Sending an alarm to the administrator (as would be seen in an IDS)
  • Dropping the malicious packets
  • Blocking traffic from the source address
  • Resetting the connection
  • Configuring firewalls to prevent future attacks"

[Original Articles]

Hacker - Banking trojans

Zimperium recently published report about 10 most diffused home banking trojans, on Android OS, affecting more than 600 home banking apps.

This trojans are injected through harmless apps available on google store.

After that these apps are installed on mobile phones, and succesfully infected mobile devices, they show, to end users, similar home banking websites and work to intercept, user, password and one time passwords.

Here they are original articles

REMARK This is why I still use hardware home banking token :)


About other Security/Hacker articles please review below blog sections:

Windows 10 - Windows 10 logs

 STEP 1:

  1. Starting with Windows 10 build 9926, Windows Update logs are no longer saved to "%windir%\Windowsupdate.log".
  2. Windows Update client now uses Event Tracing for Windows (ETW) to generate diagnostic logs saved as .etl files in the "%windir%\Logs\WindowsUpdate" folder. This method improves performance and reduces disk space usage. However, the logs are not immediately readable as written.
  3. After Windows 10 build 9926 logs are here located but no longer readable.
  4. Click Windows key + R to open Run and type Evntvwr.msc -->  Applications and Service Logs\Microsoft\Windows\WindowsUpdateClient


  1. Click Windows key + R to open Run and excute PowerShell with administrative rights and press Enter.
  2. Enter Get-WindowsUpdateLog into the elevated PowerShell, and press Enter.
  3. When finished running, this will create a WindowsUpdate.log file on your desktop. It will take a moment to finish.


  1. Click Windows key + R to open Run and type cmd with administrative rights and press Enter.
  2. Type regedit.exe and press Enter.
  3. Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

  4. Change the key UseWUServer from 1 to 0
  5. Inside cmd with administrative rights execute below commands:
    1. net stop wuauserv
    2. net start wuauserv
  6. Open windows update:
    1. Run updates and select the option to get updates online.


  1. Click Windows key + R to open Run and type cmd with administrative rights and press Enter.
  2. Type rsop.msc and press Enter.
  3. Check domain policies applied and verify Windows update section as well.


Here they are some screenshots on how we could proceed, working on GPOs, changing bandwitch usage

Windows Server - AD cleanup/Removal DC procedure

On AD Microsoft server infrastructure it might happen that a DC death suddenly and there is any possibility to recover it (other than format/delete/wipe it)

In this specific case furthermore, you should cleanup AD metadata (to delete any referring that specific DC).

I am taking note, on blog, procedure (saving some articles that I used, in the past, to find workflow):

Metadata Cleanup Using NTDSUTIL in Windows Server 2008 R2
Clean Up Server Metadata

[Update 2022-08.02]

Security - Shodan

Major person does not have exactly perception about how much could be invasive technology, what it mean internet (World Wide LAN that interconnect all devices through internet) and how much security perception is lower than how much is dangerous.

Other than this aspect I am taking note about Shodan, that is a search engine, for internet-connected devices.

Here it is a presentation. There are other aspects, for which this website can be used but, due to security aspects/concerns, I would prefer to omit them. (to indicate them on blog)


About other Security/Hacker articles please review below blog sections:

Extra IT - Family mediator mention/Mediatrice Familiare menzione #FRANCESCA #FABBRI

Mediation, as a constructive life approach, means to solve conflicts, finding a fair agreement (acceptable for both parts), having first objective to preserve children (in family mediation case) and focus on their supreme good. 

Afterward, another family mediation objective is focusing on shared parenting.

Parents agrees, and are helped (working on themselves and on their behavior), maintaining good communication, helping each other and good relations. 

Love that does no longer exists between parents, is preserved versus children, and parents work closely to maintain vice versa good behavior/fair, helping each others and having good relations.

Family mediation permit to outcome previous target (stipulating a written agreement too)

Consider that any war or hate attitude, as general concept, is negative versus any person (there are several medicine/philosophical/religious confirms that, in any case, I omit to indicate in this article). 

This is more negative specifically versus ex-wife/ex-husband.

Be aware that, children's face has 50 % similarity to both parents. 

If you hate ex-wife/ex-husband it means that you are hating children's half. (so this is terrible!)

Due to this reasons, achieve separation, through familiy mediatior, it permit to avoid/limit previous risk (if ex-wife/ex-husband declare war, each other, through lawyer, previous risk is decisevely higher) and, in any case, signing a written agreement protects all parts (and children at first)

So, considering 28/7/22 importance date, for me (anniversary date) I would like to share, and strongly endorse, Dott.ssa Francesca Fabbri

Fabbri's professionalism, and correcteness, was the key to sucessfully achieve an excellent result. (in my case)

These are references (in case they would be useful for someone)


La mediazione, come approccio costruttivo alla vita (sia in ambito familiare che in tutti gli altri ambiti), significa risolvere i conflitti, trovando un accordo equo, (quindi accettabile per entrambe le parti). 

Nel caso della mediazione familiare significa avere come primo obiettivo il preservare i figli focalizzando sul loro bene supremo. 

Successivamente, un altro obiettivo, anch'esso importante, della mediazione familiare, è concentrarsi sulla genitorialità condivisa.

I genitori si impegnano e, allo stesso tempo, vengono aiutati, (mettendosi in gioco e lavorando su se stessi) a mantenere buoni rapporti, aiutandosi a vicenda e mantenendo una buona, e rispettosa, comunicazione.

L'amore infatti, che non esiste più tra i genitori, deve essere preservato rispetto ai figli. 

Per questo motivo i genitori lavorano a stretto contatto, con la mediatrice, per mantenere, viceversa (come gia' detto prima), un buona relazione, avere un buon dialogo (rispettoso) ed aiutandosi a vicenda. (ed alla fine stipulando un accordo )

E' giusto rimarcare che, qualsiasi forma di guerra o di odio, come concetto generale, è negativo nei confronti di qualsiasi persona (non sto qui a dare spiegazioni filosofiche/teologiche/mediche che avvalorano il concetto). 

L'odio e' ancora più negativo quando questo coinvolge l'ex moglie/ex marito.

Infatti il viso del figlio ha il 50% di somiglianza del padre e della madre. Se l'ex moglie/ex marito odia l'altro genitore significa che odia la metà del figlio. (e questo può essere altamente pericoloso)

Proprio per questo rischio, che aumenterebbe considerevolmente, se le parti si affidassero ad una guerra reciproca, fatta con avvocati, questo percorso, tramite mediazione familiare, permette di ottenere la separazione limitando fortemente (se non rimuovendo) il precedente rischio. 

E comunque, essendo un accordo scritto, e depositato in tribunale, garantisce tutte le parti, affinché' sia rispettato (figli in primis e per il loro superiore bene)

Quindi, visto che 28/7/2022, era una data di anniversario importante, ci tengo a condividere, e allo stesso tempo raccomandare fortemente, la mediatrice familiare Dott.ssa Francesca Fabbri. (La sua professionalità ha permesso, nel mio caso, di ottenere risultati eccellenti)

Questi sono riferimenti (nel caso potessero essere utili a qualcuno)

Mobile - How to reset lan settings

 Here they are offial apple article that explain on how to reset iphone lan settings

Security - 6 Security Tips

Person majority does not have exactly perception about how much it could be invasive technology, what it really means internet (*) and how much security perception is lower than how much it is dangerous and appliable to normal life activities.

Due to this reasons I am focusing, with this article, on some interesting aspects.

Consider that, in this article, there is a specific topic that explain effects that technology abuse might affects teenagers (italian language)

(*) World Wide WEB means that all devices are interconnected each other, through internet, it implies that all world devices are, theoretically, reachable from any users and from location. Security concerns should easily realized :-)


This website permits to create weblinks containing PrivateText & Passwords (that could be securely shared with remote users).

To strengten security there are furthers settings that we strongly suggest to use.

  • Password could be shown only "one time" (or extended up to 30 days deprecated)
  • You can add email address having real time notification (when weblink was effectively read)
  • You can create master password, about web link, that you should communicate, to end user, using different communication ways (SMS, by phone, by voice etc. etc.)


Here it is an old article that explains how to verify if, your email account, was  affected in any data breach (occurred on any websites where you registered)


During these years I often had necessity to check files/emails/URLs understanding if they had any sort of infection (that was not yet discovered from latter antivirus definitions)

To get this result often I connect through this website that queries all majority AV versions and relative latter definitions.


After virustotal checks if weblink is fine but you suspect that it could be a phishing targeted attack you might open weblink through a specific website (registration is for free for basic settings) and you might verify real contents and requests (withouth any risk on you pc/device):


Here they are some password tools from old blog article


How to view RDP activities done on any Server/client


Here it is an optional article that explain technology abuses that could occur on teenagers and persons (italian language only)


About other Security/Hacker articles please review below blog sections, there are several other aspects that are important to take awareness

[update 2022.01.04]

Privnote alternative

Extra IT - Leave a Legacy

I am sharing a video that I received last year.

I think that message, intrisically contained, should be, by default, included in all our DNA/"Firmware" (for each human person).

The questions are, which memories and legacies you will leave, in any place, with each person with whom you interacted, during all your life?

Live, Love, Learn

Leave a legacy

Life is short





Leave a Legacy


What makes life worth living

What's missing


How do I know..

How do I show love?


Where are the answers?

What do I need to learn? to unlearn?


How will I be remembered?

What do I dream of?

What is my fire within?

To live

To love

To learn

To leave a legacy

Life is short


Extra IT - Horse country Resort

Recently we had opportunity to have holidays at following Village Resort (located in Italy-Sardegna).

Considering quotations, quite cheap compared to similar offers, the services provided was excellents. (and we were satisfied)

Internal restaurant, beach restaurant,  3 bars (one of them beach located), horse riding school, SPA wellness center, internal shop, western-style saloon (with relative country music shows), pizzeria, two swimming pools, services offered on the beach (*), soccer field, tennis court, table tennis, karaoke events etc. etc.

Last, but not least, the animation was one of the keys due to our resort permanence (and satifaction): professional, pleasant and funny (it is completely suitable for this kind of locations).

I must endorse villlage animation manager (Gennaro) that was able to coordinate and create an excellent animation team. Another endorsement must be given to both kids mini club girls (Marika and Giada) that has an unique kids positive approach. Latter mention must be given to one animation persons (Francesco & Georgia)

 I share this information in case it would be useful for someone (and to contradict, partially, "fake news / negative feedbacks" that you might find surfing on web)

 (*) apart sea quality concerns, however well-known and indicated in several web reviews (be aware that, for those who, like us, had a car, it was not absolutely a problem)


Ho avuto modo di soggiornare, recentemente, presso la seguente struttura.

Considerando il prezzo, piu' che ragionevole, i servizi forniti sono ottimi. (rimanendone soddisfatti)

La ristorazione, il ristorante sulla spiaggia, i tre bar ( di cui uno sullo spiaggia)  il maneggio, il centro benessere SPA, il negozio interno, il saloon tipo western (con relativa musica country), pizzeria, le due piscine, il servizio spiaggia (*), campo calcetto/tennis, ping pong, serate karaoke etc. etc.

Ultimo, ma non ultimo, l'animazione, professionale, piacevole e non invadente, sono il giusto completamente (se non la vera ciliegina sulla torta). 

E' doveroso menzionare la bravura e professionalità del capo animazione (Gennaro) che e' stato in grado di coordinare e creare un eccellente team di animazione. Un'altra menzione e' doverosa per entrambe le due ragazze (Marika e Giada) del mini club ( per i piu' piccoli) che hanno un approccio, verso i bambini/e, unico e positivo allo stesso tempo (da segnalare anche la baby dance serale), Ultima segnalazione, positiva, verso un paio di persone dell'animazione (Francesco e Georgia)

Condivido l'informazione nel caso torni utile a qualcuno (e per contraddire, in parte, le "fake news/feedbacks" che girano sulla struttura). E' giusto menzionare anche uno dei vari animatori (Francesco) con cui sono entrato in sintonia

(*) a parte qualche concerns relativi al mare, comunque ben noti ed indicati nelle varie recensioni che girano su internet, per chi, come noi, aveva la macchina, non era assolutamente un problema

Mobile - Iphone how to force brute restart

I am taking note about a very simple topic related on how to hard reboot Iphones devices.

Here it is relative link

Scripting - Enumerate file extension, count them and indicate total size

If you have necessity to analyze single folder (and relatives subfolders), identifying all files extensions, count files numbers and indicate total size this script will assist you on this requirement

$directory = "D:\foo"

#Get all items

Get-ChildItem -Path $directory -Recurse |

#Get only files

Where-Object { !$_.PSIsContainer } |

#Group by extension

Group-Object Extension |

#Get data

Select-Object @{n="Extension";e={$_.Name -replace '^\.'}}, @{n="Size (MB)";e={[math]::Round((($_.Group | Measure-Object Length -Sum).Sum / 1MB), 2)}}, Count

Hardware - mSATA vs SATA vs M.2 SSD

Here it is a quick article that well explain differences between mSATA vs SATA vs M.2 SSD

Security - MFA override

Here it is mentioned, in italian language a way to override MFA when a proper phishing email is sent to user that will redirect him to a similar website page (a.e. web bank)

End user will insert user and password. Immediately crimes will insert user and password on original website (a.e. bank).

User will receive email with temporary code (true), that will be inserted in duplicated page. Crimes will use this latter code on original webpage having full access on user account (a.e. bank)

So attention to phishing emails must be improved.

[Update 2022.06.27]

Security - Edge VPN built-in feature Microsoft implementation on going and Opera Built in VPN free

Today  I would like to mention that Microsoft is working to release new Edge version with VPN integrated, it should be for free for limited traffic amount, an account creation should be necessary. 

In any case is an interesting information (to improve security) and encrypt traffic, for providers too, and to hide you public IP address

Another browser that already have, built in VPN feature, for free, is Opera, have a look to below link: