Tuesday, December 02, 2014

Update on MS14-066

Last week, I wrote on the arrival of Microsoft’s security bulletin MS14-066, containing a security update addressing several vulnerabilities in the Secure Channel. Yesterday, Microsoft issued an updated version of the update.

Source : The things that are better left unspoken | Update on MS14-066
References : It’s time to update your Secure Channel (MS14-066, CVE-2014-6321)

Monday, December 01, 2014

LAN Speed Test Lite

LAN Speed Test Lite is a very simple network performance test utility that doesn’t have to be installed. You can simply launch it from your USB stick and then measure the upload and download speed for a network share of your choice. After you click Start Test, you can configure the size of the file you want to use for the test.

Source : FREE: Network performance test – LAN Speed Test Lite - 4sysops

A JSON primer for administrators

JavaScript Object Notation (JSON) is quickly becoming the most used data-interchange format. XML enjoyed the top spot for a long time but slowly people have been moving towards JSON. JSON is a first-class citizen in Windows PowerShell. With many automation frameworks and software products adopting JSON, it is important for system administrators to understand what is JSON and how to use it. This article is a JSON primer to give you an overview of this data-interchange format and how to use it.

Source : PowerShell Magazine » A JSON primer for administrators

Monday, November 24, 2014

Update for RDCMan

Anyone who is familiar with RDCMan will be thrilled to hear that there is an updated version available! For those of you who are new to RDCMan – it is a tool that allows you to easily manage multiple remote desktop sessions:

Source : Update for RDCMan - Ben Armstrong - Site Home - MSDN Blogs

Monday, November 17, 2014

Onetastic for OneNote

Onetastic is a free multi-purpose addin for Microsoft OneNote 2010 and 2013.
Includes OneCalendar

Source : Onetastic for OneNote

Thursday, November 13, 2014

FREE: ABC-Update – Install Windows updates at the command prompt

ABC-Update is a free command-line tool that allows you to install Windows updates. It is easy to use and gives you the flexibility of deploying only specific updates in your scripts.

Source : FREE: ABC-Update – Install Windows updates at the command prompt - 4sysops

Wednesday, November 12, 2014

Microsoft takes .NET open source and cross-platform !

NEW YORK — Nov. 12, 2014 — On Wednesday, Microsoft Corp. reinforced its commitment to cross-platform developer experiences by open sourcing the full server-side .NET stack and expanding .NET to run on the Linux and Mac OS platforms. Microsoft also released Visual Studio Community 2013, a new free edition of Visual Studio that provides easy access to the Visual Studio core toolset. The announcements kicked off Microsoft’s Connect (); event, where the company released Visual Studio 2015 Preview and .NET 2015 Preview.

Source : Microsoft takes .NET open source and cross-platform, adds new development capabilities with Visual Studio 2015, .NET 2015 and Visual Studio Online | News Center

Thursday, October 30, 2014

The Wonderful World of CMS strikes again

I think that I will start this Diary with the following statement: If you use an open source CMS, and you do not update it frequently, there is a very high chance that your website if not only compromised but also part of a botnet.
"You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement"

Source : InfoSec Handlers Diary Blog - The Wonderful World of CMS strikes again

Friday, October 03, 2014

Using the WebDAV Redirector with OneDrive

If you have read some of my previous blog posts and IIS.NET articles about WebDAV, you will see that I often use the WebDAV Redirector that is built-in to Windows in order to connect to various WebDAV websites. This allows me to access my files via a mapped drive letter, which also enables me to use WebDAV with applications that do not have native WebDAV support. (Like Visual Studio.) I'm also a big fan of OneDrive, but sometimes I'm on a legacy system where I don't have OneDrive installed. With that in mind, I thought that I would put together a quick blog series to show you how to map a drive letter to your OneDrive files.
Source : http://blogs.iis.net/

Thursday, September 04, 2014

Solving SQL Server High CPU with IIS Request Filtering

The other day I was troubleshooting 100%  CPU utilization on a SQL Server 2008 database server. The server had 100 or so databases of varying sizes however none were larger than a few hundred MB and each database had a corresponding web site on a separate web server.  Since the server hosted quite a few databases the high CPU needed to be resolved quickly because it was causing issues for everyone.  High CPU on a database server can often be symptomatic of a issues occurring outside the server. In this case the real issue was in fact being caused by a SQL Injection attack on a web server.

Source : Solving SQL Server High CPU with IIS Request Filtering | Peter Viola

Preventing Automated Attacks with IIS Dynamic IP Restrictions

Another one of the great built-in features of IIS 8 is Dynamic IP Restrictions (DIPR). With a few simple configuration steps you can quickly set limits for blocking IP addresses based on the number of concurrent requests or frequency of requests over a period time. With these parameters in place IIS will take over blocking requests unattended thereby making your server more secure.

Source : Preventing Automated Attacks with IIS Dynamic IP Restrictions | Peter Viola

Friday, August 15, 2014

Security baselines for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11 - FINAL

Microsoft is pleased to announce the final release of security baseline settings for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11. Some of the highlights of the new security baselines (many of which we intend to backport to older versions of Windows and IE):
  • Use of new and existing settings to help block some Pass the Hash attack vectors;
  • Recommendations to control the storage of plaintext-equivalent passphrases;
  • Blocking the use of web browsers on domain controllers;
  • Incorporation of the Enhanced Mitigation Experience Toolkit (EMET) into the standard baselines;
  • Removal of the recommendation to enable "FIPS mode" (this is discussed in greater detail in this blog post: Why We’re Not Recommending “FIPS Mode” Anymore);
  • Removal of almost all service startup settings, and all server role baselines that contain only service startup settings.

Source : Microsoft Security Guidance

Changes in the Security Guidance for Windows 8.1, Server 2012 R2 and IE11 since the beta

We have made a small number of changes in the baseline security guidance for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11 since we released the beta version of our guidance last April. This blog post discusses those changes and the reasons for them.

Source : blogs.technet.com/b/secguide

Sysmon – New Sysinternals tool logs system activity in Event Log

Microsoft released the new Sysinternals tools, Sysmon, which allows you to monitor Windows process creations, file creation time changes, and network connections in the Windows Event Log.

Source : 4sysops.com

Friday, August 08, 2014

Generating a self-signed certificate

Many online articles suggests using the MakeCert.exe tool available in the Windows SDK for creating a self-signed certificate, but now there is an easier approach available.
New-SelfSignedCertificate-DnsNametest.powershellmagazine.com-CertStoreLocationcert:\LocalMachine\My

Source : PowerShell Magazine » #PSTip Generating a self-signed certificate

Wednesday, July 30, 2014

Kansa: A PowerShell-based incident response framework

Kansa, a free, open source, PowerShell-based incident response framework hosted at https://github.com/davehull/Kansa.

Kansa is modular. It features a core script, dozens of collector modules and analysis scripts to help make sense of the data collected. Kansa takes advantage of Windows Remote Management and PowerShell remoting. It uses PowerShell’s default non-delegated Kerberos network logons, not CredSSP and therefore does not expose credentials to harvesting.

Source : PowerShell Magazine

Tuesday, July 29, 2014

Largest collection of FREE Microsoft eBooks ever

FREE Microsoft eBooks! Who doesn’t love FREE Microsoft eBooks? Well, for the past few years, I’ve provided posts containing almost 150 FREE Microsoft eBooks and my readers, new and existing, have loved these posts so much that they downloaded over 3.5 Million free eBooks as of last June, including over 1,000,000 in a single week last year (and many, many more since then).

Source : Eric Ligman, Microsoft Senior Sales Excellence Manager, Blog 

Monday, June 30, 2014

Microsoft Details Sleep Study Tool for Windows

Microsoft this week detailed an obscure command line tool for Connected Standby (now InstantGo)-based PCs and devices that will help identify which applications are causing battery drain while the machine is sleeping. Dubbed Sleep Study, the tool is part of the powercfg.exe utility in Windows 8.1/RT 8.1 and will tell you how well the system slept and how much activity it experienced during that time.

Source : Paul Thurrott's SuperSite for Windows

Friday, June 27, 2014

Passwords in IE11 - IEBlog - Site Home - MSDN Blogs

With Internet Explorer 11, we’ve done work to make signing into sites faster and more reliable as well as give users more control when saving credentials. In addition, IE11 will now roam credentials to IE11 on Windows Phone 8.1!
We are giving control back to the user when deciding to save passwords on a given site.  IE11 will now prompt the user to save passwords even if the autocomplete=off attribute is set on login forms.

Source : IEBlog

Outlook 2013: Create an “Inbox All” button to view ALL of your inboxes at once

Excellent post with a step-by-step procedure to create a an inbox for all your accounts in Outlook 2013.

Ref : TinkerTry

The End is Nigh (for FRS)

We are removing FRS from Windows Server Today I’ll talk about what this means and how to get ready. We want this to be as easy as possible and I welcome any conversations that help you move forward with migrating to DFSR for SYSVOL replication.

Source : The Storage Team at Microsoft

Friday, June 20, 2014

InstantGo: a better way to sleep

You may have heard about InstantGo in Windows 8.1 (known as Connected Standby in Windows 8 and Windows RT), and how it has replaced the traditional sleep or standby function in many Windows 8.1 and Windows RT 8.1 systems. What you might not know is how fundamentally different—and better—it is, and why.

Source : InstantGo: a better way to sleep

Tuesday, June 17, 2014

Announcing Internet Explorer Developer Channel

Today we’re excited to announce the release of the Internet Explorer Developer Channel, a fully functioning browser designed to give Web developers and early adopters a sneak peek at the Web platform features we’re working on. The Developer Channel is available for download today for both Windows 8.1 and Windows 7 SP1 customers running Internet Explorer 11.
IE Developer Channel can run alongside and independently of IE11, and has all of the browser features that you love in IE11, as well as the latest platform features we’re working on. As you test drive these features, make sure to give us feedback through @IEDevChat or Connect.
Source : IEBlog

Thursday, June 12, 2014

Install Android on VirtualBox


Installing Android on VirtualBox is a bit more complicated than with Windows. I’ll give you a few tips on how to install and configure a virtual machine for your Android lab.

Source : 4sysops

Friday, May 23, 2014

FREE: Bulk Password Control – Automate Active Directory user object changes

The name of the free tool Bulk Password Control is perhaps a bit misleading because the free tool enables you to automate all kinds of bulk modifications on Active Directory user objects with a fast to use GUI.

You know this popular picture of the GUI admin who clicks all day to reset user passwords after a security breach. Bulk Password Control is a nice example that proves that such tasks can be quickly done with a GUI tool without much click-click.

Source : 4sysops.com, www.wisesoft.co.uk

Tuesday, April 22, 2014

A World of Scripts at your Fingertips – Introducing Script Browser

To reuse script samples on the Internet, the following steps seem quite familiar to IT Pros: wandering through different script galleries, forums and blogs, switching back and forth between webpages and scripting environment, and countless download, copy and paste operations. But all of these will drive one as dizzy as a goose. Need a simpler way of searching and reusing scripts? Try out the new Script Browser add-in for PowerShell ISE!

Source : Windows powershell Blog

Wednesday, April 09, 2014

Windows 8.1 Update (KB 2919355) prevents interaction with WSUS 3.2 over SSL

 There is a known issue which causes some PCs updated with the Windows 8.1 Update (KB 2919355) to stop scanning against Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2 or WSUS 3.2) servers which are configured to use SSL and have not enabled TLS 1.2.
Microsoft plans to issue an update as soon as possible that will correct the issue and restore the proper behavior for Windows 8.1 Update KB 2919355 scanning against all supported WSUS configurations. Until that time, we are temporarily suspending the distribution of the Windows 8.1 Update KB 2919355 to WSUS servers.

Source : blogs.technet.com/b/wsus/

Thursday, April 03, 2014

Stay up to date with Enterprise Mode for Internet Explorer 11

Microsoft is taking an important step towards helping businesses stay up to date with the latest software, services, and devices. Enterprise Mode for Internet Explorer 11, announced today as an update for Windows 7 and Windows 8.1, provides better compatibility for older versions of Internet Explorer and tools to manage which Web apps use it.

Source  : IEBlog

Tuesday, April 01, 2014

FREE: Microsoft Security Compliance Manager 3.0

Security Compliance Manager (SCM) is a great free tool for helping with deployments and environment hardening. This article explains what’s new in version 3.0 and describes how you can use SCM in your deployment process to secure builds.

Source : 4sysops.com

Virtualization-safe(r) Active Directory in VMware environments, Part 1

So, let me kick off this series in which I’ll be sharing what it feels like to virtualize and clone Active Directory Domain Controllers safely on both platforms, with a blogpost on finding out whether your virtual Domain Controllers may benefit from the VM-GenerationID on the VMware-based hypervisors and, thus, may be safely virtualized and cloned.

Source : The things that are better left unspoken

Monday, March 17, 2014

It's Official: OneNote is Now Free for Everyone

The rumors are true: Microsoft confirmed today that it is making a version of OneNote available for free on every major desktop and mobile computing platform, including even the Mac. Additionally, the firm has announced some new OneNote tools, OneNote Clipper and Office Lens, as well as new partner services and a new extensibility model that will make it possible for any cloud service to integrate with this amazing note-taking and thought organization solution.
You can download OneNote 2013 for Windows from OneNote.com

Tuesday, March 11, 2014

Monitor a site’s downtime…for free!

Check out UptimeRobot. This is a free external monitoring tool that will check your site every five minutes and send you an email, text message, twitter notification, and more. What’s even better is that it will allow you to specify up to 50 monitors in total.

Source : life as a sysadmin

Wednesday, March 05, 2014

Malicious Proxy Auto-Config redirection

Good reading from Microsoft Malware Protection Center : Malicious Proxy Auto-Config redirection

Introducing Reading View in IE 11

Reading view is a new feature in Internet Explorer 11 for Windows 8.1 that helps you focus on the main content of the Web page you want to read. Reading view is a way to experience just the article or blog post you want to read, without the distractions of related (or unrelated) content surrounding the story. Find an article you want to read, switch to reading view, and settle into a great reading experience. When you’re done, just exit reading view to continue browsing on the site.

Source : IEBlog

Tuesday, March 04, 2014

IE : Can’t display IIS Failed Request Logs or http://127.0.0.1

Have you ever heard about IE Enhanced Protected Mode or Mark-of-the-Web (MOTW) ?

Well, if you encounter one of those problems you should :

  • Opening IIS Failed Request Logs files (XML+XSL) from you local machine with IE result in a text page without formatting.
  • Trying to access your local web server with the 127.0.0.1 ip (not localhost) or the real local ip of your computer with IE results in an error page.

You have to blame the IE Enhanced Protected Mode for those ‘problems’. Here’s two solutions :

1) Disable the Enhanced Protected Mode
  • Open Internet Options
  • click on the Advanced tab
  • Unselect ‘Enable Enhanced Protected Mode’ in the Security Section
  • Restart IE
2) Add you site to the Intranet Zone
  • Open Internet Option
  • Click on the Security tab
  • Select the Intranet zone
  • Click on the Sites button
  • Click on the Advanced button
  • Add the following address :
http://127.0.0.1 To allow access to your local web site
about:internet To allow access to file with a MOTW (ex: IIS Failed Request Logs)

Personally I prefer option 2.

References :

Thursday, February 27, 2014

Experience Android KitKat in VMware Workstation

KitKat is the latest Android release from Google with a lot of attractive changes both inside and outside. Before it hits every Android phone out there, you certainly have a new way to experience it with a very simple set up in VMware Workstation 10.

Source : VMware Workstation Zealot

Work Folders interoperability with other file server technologies

A couple of weeks ago, I delivered a presentation on Work Folders deployments, and there was a slide on how Work Folders interoperates with other file server technologies. It occurred to me that it is worth writing a blog post about it.
  • File classification infrastructure (FCI)
  • RMS encryption
  • Quotas and File screen
  • DFS Replication
  • Failover Clustering
  • SMB
  • Dynamic Access Control (DAC)

Source : The Storage Team at Microsoft - File Cabinet Blog

10 amazingly stupid things the 'experts' will try to tell you about Microsoft

In Silicon Valley (and in media satellites that take the NoCal mindset to New York and beyond), everyone has an iPhone, a MacBook Pro, and a Gmail account. Microsoft products and services might as well be from Mars. So be skeptical when you read analyses or predictions of what's coming next from Redmond.

  • “The Nokia acquisition is a colossal mistake”
  • “Microsoft hates Open Source”
  • “Everyone hates Microsoft Office”
  • “Internet Explorer is a buggy, incompatible mess”
  • “Bing is a money-losing flop”
  • “Windows is fundamentally insecure and unreliable”
  • “Xbox should be spun off into a separate business”
  • “The ‘One Microsoft’ reorg is just rearranging deck chairs on the Titanic”
  • “Windows Phone is a failed experiment”
  • “Windows RT is dead”

Read the full article at The Ed Bott Report

Wednesday, February 19, 2014

What's New in Defrag for Windows Server 2012/2012R2

Hello everyone, I am Palash Acharyya, Support Escalation Engineer with the Microsoft Platforms Core team. In the past decade, we have come a long way from Windows Server 2003 to all the way to Windows Server 2012R2. There has been a sea-change in the overall Operating System as a whole, and we have added/modified a lot of features. One of these is Disk Defragmentation and I am going to talk about it today.

Source : blogs.technet.com/b/askcore

What’s New in Windows Servicing: Part 1

Must read article about WinSXS folder and what’s new in Windows 8.1/2012 R2

  • Component Store Analysis Tool
  • Component Store Cleanup

Ref : blogs.technet.com/b/askcore

Monday, February 03, 2014

After 30 years, why did the Mac never break into big business?

Apple's solidly built PCs have developed a cult following over the years, but they never made a dent in the enterprise. Why did the Mac fail to crack the enterprise code? I've found six reasons.

Source : The Ed Boot Report

Wednesday, January 08, 2014

3 Great Tips for Real-World MSI Packaging

No matter the application, I’ve always had three issues with MSIs. First,editing the MSI is a pain. Orca makes this a little less painful but the tool is starting to show some age. Second, distributing drivers with the original MSI is nearly impossible! Most of the time, the solution is using a mixture of DEVCON/PNPUTIL or a deployment share. Finally, custom actions (such as activations or follow-up procedures) have to be manually ran or deployed with Group Policy. There isn’t a simple way to embed these into an MSI.
There is one easy free solution to all of these issues. Today, we are going to use Scalable’s Smart Packager to make your MSI maintenance simple.

Source : DeployHappiness