10 billion websites and nothing on?
OpenVAS
-http://www.openvas.org
IISCrypto on windows servers
-https://www.nartac.com/Products/IISCrypto
IISLockdown
-https://support.microsoft.com/en-us/help/325864/how-to-install-and-use-t...
NMap/ZenMap
-https://nmap.org/zenmap/
Reputation Monitor alert:
-https://www.alienvault.com/open-threat-exchange/reputation-monitor
Nikto - web server vuln scanner (linux):
-https://cirt.net/Nikto2
Arrrrggghh on my own PC the SSD (110Gb) is full.
Digging around I can see the Windows/Installer folder is huge. Can we move it to my secondary hard drive?
What is this folder anyway?
- The WIndows installer cache. It keeps a local copy of everything you install so you can later uninstall it.
- It's not used too often so doesn't really need to be on the SSD. But you def want to keep it. Otherwise Add/remove programs will break and become messy.
- Mine was almost 45Gb!
How to fix:
I made a d:\windows folder and copied the C:\windows\installer folder into it
rename the c:\windows\installer to c:\windows\installer_old
Now startup an administrative cmd prompt
Now type
c:
cd \windows
mklink /d installer d:\installer
A nice handy MTR tool for windows has recently been released.
MTR probes routers on the route path by limiting the number of hops individual packets may traverse, and listening to responses of their expiry. It will regularly repeat this process, usually once per second, and keep track of the response times of the hops along the path. Good for trying to figure out network issues along a route.
I've been playing around with encryption techniques recently.
I like this site which makes it easy to share and verify encryption keys
It's basically cloud key database, which also offers a secure messaging and collaboration service.
Here's my profile which verifies several services I use as being in my control. As well as sharing my public pgp key which can be used to send me encrypted messages/ verify my identity.
They also seem to host a cloud file storage with 10Gb in the free tier, which uses your keys to encrypt files at the client side. So this means that the files are always fully encrypted and even if their servers or connections are compromised then your files will be protected.
This article is in the process of being written.
In the meantime here's a list of places where you can get Bitcoin in the UK.
Cex.io exchange
Blockchain.info online wallet and credit card buying One of the easiest places to buy at a decent rate- although you shouldn't keep anything more than the smallest amount in a wallet you don't own for any length of time.
Bittylicious.com - A trustworthy marketplace.
Type the following into a command prompt or terminal:
telnet towel.blinkenlights.nl
Sometimes you'll want to alter the message count limits for sending and receiving in Exchange. Here's the commands you will need:
For organization
Set-TransportConfig -MaxRecipientEnvelopeLimit 1000
Get-transportconfig |fl name,MaxRecipientEnvelopeLimit (=250)
-----
For transport server
Set-TransportServer -Identity "Server01" -PickupDirectoryMaxRecipientsPerMessage 200
Get-TransportServer |FL PickupDirectoryMaxRecipientsPerMessage,name (=100)
----
For recieveconnector
Set-ReceiveConnector -Identity "Contoso Receive Connector" -MaxRecipientsPerMessage 300
Get-receiveconnector |fl name,MaxRecipientsPerMessage
----
For mailbox:
Get-mailbox |fl name, RecipientLimits
(All seem to unlimited)
Note for office365: If you are tracking messages older that 7 days, then you'll have to use the GUI and wait as the job takes a while to access the log archives. (4 days it took to return the results when I last used it!! Useless!)
Here's the command for Office 365:
Get-MessageTrace -SenderAddress john@contoso.com -StartDate 06/13/2015 -EndDate 06/15/2015
Here's the powershell commands you'll need for doing some message tracking in Exchange.
-Get message tracking logs:
get-messagetrackinglog -Sender "
-Get failed emails:
Robocopy can be used to move files from one place to another in a network while doing checks on any failed files, retrying, and most importantly keeping the security descriptors associated with each file folder.
Here's the command I generally use:
robocopy :\ \\\ /mir /R:3 /SEC /W:3 /LOG:robocopy.log
I've just put it here so I don't have to look it up each time.
Sometimes, you'll want to run DropBox as a service rather than as a foreground app. If you want to sync a server share , or if you want the same account to available to multiple users on the same machine, without creating a seperate synced folder copy for each user that logs on. Here's how to set it up:
If you have installed Dropbox onto the computer you will be configuring it for, uninstall it for each user that has it installed!
Step 1. Create an a new Service Account in Windows
Open Control Panel.
Open Add or Remove User Accounts.
Add a new Administrator account called ServiceAccount.
Give the account a password and keep track of it . This is critical. Don’t skip this step.
Log in as the ServiceAccount.
Step 2. Download, Install and Configure Dropbox
Get msi by running install exe but stop before clicking 'install'
Go to %appdata%/localow/oracle/ grab .msi file
Cancel the Java setup.
Open the MSI with ORCA or an MSI Editing tool and create a MST File and change the following settings:
Open the table “CustomAction” and select the row “installexe”. Change the value in the field “Type” to 3074 (or Hex 0x0C02). This will set the NoImpersonate bit.
My additional PROPERTIES in the MST file are the following:
AUTO_UPDATE=0
AUTOUPDATECHECK=0
JU=0
JAVAUPDATE=0
EULA=0
SPONSORS=0
WEB_JAVA_SECURITY_LEVEL=H
WEB_ANALYTICS=0
SAVE the MST File
Unfortunately this is not enough. Now you’ll have another error: “Unable to install Java. Unable to open file C:\ProgramData\Oracle\Java\java.settings.cfg”
For certain versions the easiest way is to use the Installer CD method.
However, if you don't have an installer CD you can do some command-line tricks instead.
Boot up the computer, holding Command+S as you hear the startup chime.
The Mac will boot into single user mode, giving you a command prompt after loading everything up.
If the Mac is running Snow Leopard or below, type the following commands, hitting Enter after each one and waiting for the prompt to come up again before running the next one:
/sbin/fsck -fy
/sbin/mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
dscl . -passwd /Users/
wmic MEMORYCHIP get BankLabel,DeviceLocator,Capacity,Tag
If a certificate has exired (shows exipred in the event logs) then you need the thumbprint. Can find this on the outlook web access->rightclick->properties->certificates->thumbprint.
Open exchange cli:
get-exchangecertificate
-lets you see a list of all the current certificates and their thumbprints.
If the certificate isn't expired, try this:
get-exchangecertificate -thumbprint
XXXXXxxxxxxxxxxxxxxXXXXX | enable-exchangecertificate
-services "IIS,SMTP"
If the certificate HAS expired (as it says it has in the event
description: "The existing certificate for that FQDN has expired"),
and the certificate is "self signed" then you should be able to renew
the cert like this:
Here's how to easily fix an issue where either a remote RDC session is stuck, preventing you from logging onto a server, or you want to log a remote user off of a remote server session for any reason:
First, check the session number with qwinsta:
QWINSTA /server:YOURREMOTECOMPUTERNAMEHERE
Write down the session ID.
Then use the logoff command:
LOGOFF YOURSESSIONIDHERE /server:YOURREMOTECOMPUTERNAMEHERE
