Security #How to encrypt 7zip folders using as repository

If you have necessity to protect some folders using passwords/encryption using as single repository (where copy/modify/delete folders/Files) consider that 7zip has a simple feature that permit to get this result.

An alternative way is using EFS (more secure) or attaching .VHD file and proceeding, furthermore, to apply bitlocker encryption.

Here they are related articles useful to go deeper on this topic.

7zip, EFS

 https://helpdeskgeek.com/windows-10/how-to-password-protect-a-folder-in-windows-10/

Bitlocker e VHD

https://www.tenforums.com/tutorials/138500-create-bitlocker-encrypted-container-file-vhd-vhdx-windows.html

Server - MMC GPO Security Options errors - MMC cannot initialize the snap-in

Using MMC snapin, on windows server (in my case on 2016 version), basically managing GPOs, you might face below errors.

I get the error message stated in the subject line whenever I try to open Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> from GPO.

I found three alternatives to manage this error:

Option 1

1. This was broken with the September 8, 2020—KB4577015 update. currently the only solution is to uninstall it.
   
   https://community.spiceworks.com/topic/2291581-windows-2016-mmc-snap-in-error
   
   
2. Then install KB4571694, reboot and try again or patch KB4580346 (I did not investigate at 100%)
   
   https://community.spiceworks.com/topic/2291581-windows-2016-mmc-snap-in-error
   
   https://learn.microsoft.com/en-us/answers/questions/124913/server-2016-mmc-has-detected-an-error-in-a-snap-in
   

Option 2

1. Export REG key:
   
   reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId" C:\Temp\DontDisplayLockedUserId.reg
   
   
2. Deleting REG key
   
   reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId" /f
   
   
3. Change GPO 
   
   
4. Reimport Register key
   Double clicking here
   C:\Temp\DontDisplayLockedUserId.reg
5. Original article: 
   
   https://learn.microsoft.com/en-us/answers/questions/124913/server-2016-mmc-has-detected-an-error-in-a-snap-in

Option 3

1. On a full patched server or PC install RSAT and solve problem in this way
   https://www.alessandromazzanti.com/2019/05/windows-10-how-to-install-rsat-on.html
   
   
2. Server - How to Execute RSAT snapins with different users without server/client logon necessity
   https://www.alessandromazzanti.com/2017/10/server-how-to-execute-rsat-snapins-with.html
   

REFERENCES

• "The crash can be avoided by deleting the following registry key. Please make sure to export the reg key before deleting anything. Deleting the key will cause the “Interactive logon: Display user information when the session is locked” policy to not appear in the console. (The policy is still effective, but you can’t see it in the UI to edit it). You will need to import the key back later, after the fix has been released.
  
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId"
  
  
• Alternatively follow below article https://learn.microsoft.com/en-us/answers/questions/124913/server-2016-mmc-has-detected-an-error-in-a-snap-in
  
  
• https://community.spiceworks.com/topic/2291581-windows-2016-mmc-snap-in-error
  

Tutorial - PFX to PEM certificate exporting procedure #HOW TO

If you have necessity to transform .PFX certificate to .PEM files you have to follow a specific procedure:

Consider that PFX file is a certificate, in PKCS#12 format, it contains SSL certificate (public keys) and corresponding private keys.
Be aware that a PEM file is a text file, containing one or more items, in Base64 ASCII encoding, each with plain-text headers and footers (e.g. -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)

Here they are steps that you should take place

1. Install OpenSSL
   https://slproweb.com/products/Win32OpenSSL.html
   
   
2. Copy .pfx files in same folder where OpenSSL.exe is located
   
   
3. First case: To convert a PFX file to a PEM file that contains both the certificate and private key:
   
   Launch below commands:
   openssl pkcs12 -in original_certificate.pfx -nocerts -out Exported_certificate_private_key-encrypted.key
   
   (you will be prompted to insert original password and new one)
   
   openssl pkcs12 -in original_certificate.pfx -clcerts -nokeys -out Exported_certificate_private_key-encrypted.crt
   
   
4. Second case: How to convert PFX file to PEM file (that contains both certificate and private key):
   openssl pkcs12 -in original_certificate.pfx -out Exported_certificate.pem -nodes
   
   (you will be prompted to insert original password and new one)

[Original articles]

https://stackoverflow.com/questions/15413646/converting-pfx-to-pem-using-openssl

https://sslhow.com/how-to-convert-pfx-to-pem

https://www.digicert.com/kb/ssl-certificate-installation.htm

Server - Dell how to install idrac license

I am taking note a simple Dell article that, well explain, on how proceed to install idrac Dell license

https://www.dell.com/support/kbdoc/en-uk/000145345/poweredge-how-to-manage-an-idrac-license-via-the-web-interface?lwp=rt

Veeam - Free Guide "Vmware Backup For Dummies"

Veeam give you ability to freely download Vmware Backup dummies edition.

It is simple necessary to insert, on web form, few personal/working information and download link is available.

English version

https://go.veeam.com/wp-vmware-backup-for-dummies

Italian Version

https://www.veeam.com/it/wp-vmware-backup-for-dummies.html

On blog you can review old blog posts at below link:

https://www.alessandromazzanti.com/search/label/Veeam

Teams - New version faster and with less memory usage

Microsoft, released, during these days, a new Teams versions that it should be decisevely faster and with less memory usage.

This is official Microsoft article.

• New Miscrosoft Teams version
• Try the new Microsoft Teams

Here you can find other blog teams related articles:

Teams - How to disable message reading acknowledgement

Citrix - Teams installation & Remote Assistance Request/Offer limitation

Active Directory - FSMO Seizing, DRSM Password Reset and Dc health checks/best practices

As mentioned on old blog posts it is important to know which DCs (in your domain/Forest) are holding five Active directory roles using this command line.

netdom query fsmo

At the same time it is important to test your DCs health.

https://www.alessandromazzanti.com/2015/05/server-commands-to-verify-domain.html.

If you are facing unlike situation that DCs holding all 5 Ad roles (or few of them)  are no longer working you should start planning Seizing roles activity.

Here it is a Microsoft article that well apply to all Microsoft Server versions.

https://support.microsoft.com/en-sg/help/255504/using-ntdsutil-exe-to-transfer-or-seize-fsmo-roles-to-a-domain-control

Here they are other important suggests:

1. Microsoft best practices suggest to have at least a Physical Domain controller indeed to have all them virtualized:
2. I warmly suggest to check all your server and to have local Administrator password (and account enabled).
3. To check, on all your servers/Dcs to have indicated DNS1, DNS2 and DNS3 pointing to active DCs/DNS
4. Have 5 AD roles splitted between at least two domain controllers.
5. About Domain controllers have DRSM Administrator password, if not known proceed to have it resetted.

Firewall - How to backup configuration #PALO ALTO

Here it is official article that well explain on how to backup Palo Alto configuration.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POICCA4&lang=en_US%E2%80%A9

Below you can find relative explicative screenshot.

Firewall - What happens when licenses Expires #PALO ALTO

I am taking note about what happen when Palo Alto licenses expires.

These are weblinks that well explain all details:

https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/license-the-vm-series-firewall/what-happens-when-licenses-expire

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/subscriptions/what-happens-when-licenses-expire

Be Aware that if you get unexpected Firewall/VM reboot only 1200 internet sessions are supported. (and this is a big problem in case license renew process is not yet completed)

Indeed here are located Palo Articles that explains how to proceed with license renewal process

Action Required:

To complete the credit renewal process, you will need to follow the instruction in the following document https://docs.paloaltonetworks.com/vm-series/10-2/vm-series-deployment/license-the-vm-series-firewall/software-ngfw/renew-your-software-ngfw-credit-license

Tech Docs:

• VM-Series: https://docs.paloaltonetworks.com/vm-series/10-0/vm-series-deployment/license-the-vm-series-firewall.html
• CN-Series: https://docs.paloaltonetworks.com/cn-series/10-0/cn-series-deployment/secure-kubernetes-workloads-with-cn-series/register-the-cn-series-auth-code.html

OUTLOOK - HOW TO RESIZE .EDB FILE

 Here it is an interesting article that well explain on how to proceed resizing .EDB file.

https://woshub.com/windows-edb-file-too-big-how-to-reduce-size/

USB/LIVE CD - DLC BOOT and HD Cloning

I am taking note on blog this product that has several integrated features.

DLC Boot permit to create LIVE USB with several tools installed.

Be aware that some Antivirus Detection might occur so be aware, security side, to double check..

You can have a look to youtube video that explain on how to create USB Key and how to simulate its usage.

This are major features:

- Integrated Mini Windows 10 32Bit & 64Bit and similar to Mini Windows XP in Hiren's version BootCD

- Integrated Mini Windows 11 64Bit and similar to Mini Windows XP in Hiren's version BootCD

- Integrated Mini Windows XP extracted from Hiren's BootCD 15.2 and has been built and re-optimized.

Considering SSD/HD cloning necessity here they are steps necessary to reach this goal:

1. Create bootable USB previously indicated.
2. Extract HDD/SSD from old pc/laptop.
3. Connect HDD/SSD to your pc/laptop.
4. Boot from usb and launch Aomei Backupper
5. Select Clone.
6. Select correct Source.
7. Select correct Destination.
8. Check windows activities.

[original articles]

https://www.fcportables.com/dlc-boot/

Monitoring - LibreNMS

Today I would like to mention LibreNMS product

https://www.librenms.org/#features

It has several features like:

1. Automatic Network Discovery using CDP, FDP, LLDP, OSPF, BGP, SNMP and ARP.
2. Alerting Service lie email, irc etc. etc.
3. API access
4. SNMP walink putting devices under monitoring
5. Devices monitoring
6. Graphs and reporting
7. Android and iPhone app

Here they are some screenshots

https://www.librenms.org/#screenshots

Cisco - Mac AnyConnect VPN Client

I am taking note on blog Mac AnyConnect VPN client download link

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5642-install-cisco-anyconnect-secure-mobility-client-on-a-mac-com-rev1.html

Sophos - How to recover a tamper protected system

If you have pc that was deleted on Sophos Central Console Antivirus installation cannot be done unless you do not follow this Sophos procedure:

https://support.sophos.com/support/s/article/KB-000036125?language=en_US

Antivirus - On Line Scanner

I am taking note about several Antivirus that are used to free scan pc remotely (that does not need to be installed)

https://www.f-secure.com/en/home/free-tools/online-scanner

https://www.eset.com/us/home/online-scanner/

https://www.trendmicro.com/en_us/forHome/products/housecall.html