Basic Network security tasks and tools

Clear space on SSD . Windows/Installer folder is huge!

Arrrrggghh on my own PC the SSD (110Gb) is full.
Digging around I can see the Windows/Installer folder is huge. Can we move it to my secondary hard drive?

What is this folder anyway?
- The WIndows installer cache. It keeps a local copy of everything you install so you can later uninstall it.
- It's not used too often so doesn't really need to be on the SSD. But you def want to keep it. Otherwise Add/remove programs will break and become messy.
- Mine was almost 45Gb!

How to fix:
I made a d:\windows folder and copied the C:\windows\installer folder into it
rename the c:\windows\installer to c:\windows\installer_old

Now startup an administrative cmd prompt
Now type
cd \windows
mklink /d installer d:\installer


A nice handy MTR tool for windows has recently been released.

MTR probes routers on the route path by limiting the number of hops individual packets may traverse, and listening to responses of their expiry. It will regularly repeat this process, usually once per second, and keep track of the response times of the hops along the path. Good for trying to figure out network issues along a route.


I've been playing around with encryption techniques recently.
I like this site which makes it easy to share and verify encryption keys

It's basically cloud key database, which also offers a secure messaging and collaboration service.

Here's my profile which verifies several services I use as being in my control. As well as sharing my public pgp key which can be used to send me encrypted messages/ verify my identity.

They also seem to host a cloud file storage with 10Gb in the free tier, which uses your keys to encrypt files at the client side. So this means that the files are always fully encrypted and even if their servers or connections are compromised then your files will be protected.

Bitcoin UK - notes and news

This article is in the process of being written.

In the meantime here's a list of places where you can get Bitcoin in the UK. exchange online wallet and credit card buying One of the easiest places to buy at a decent rate- although you shouldn't keep anything more than the smallest amount in a wallet you don't own for any length of time. - A trustworthy marketplace.

PowerShell Exchange commands message limits

Sometimes you'll want to alter the message count limits for sending and receiving in Exchange. Here's the commands you will need:

For organization

Set-TransportConfig -MaxRecipientEnvelopeLimit 1000

Get-transportconfig |fl name,MaxRecipientEnvelopeLimit (=250)


For transport server

Set-TransportServer -Identity "Server01" -PickupDirectoryMaxRecipientsPerMessage 200

Get-TransportServer |FL PickupDirectoryMaxRecipientsPerMessage,name (=100)


For recieveconnector

Set-ReceiveConnector -Identity "Contoso Receive Connector" -MaxRecipientsPerMessage 300

Get-receiveconnector |fl name,MaxRecipientsPerMessage

For mailbox:

Get-mailbox |fl name, RecipientLimits

(All seem to unlimited)

PowerShell Exchange message tracking commands

Note for office365: If you are tracking messages older that 7 days, then you'll have to use the GUI and wait as the job takes a while to access the log archives. (4 days it took to return the results when I last used it!! Useless!)

Here's the command for Office 365:
Get-MessageTrace -SenderAddress -StartDate 06/13/2015 -EndDate 06/15/2015

Here's the powershell commands you'll need for doing some message tracking in Exchange.

-Get message tracking logs:

get-messagetrackinglog -Sender "" -Start "4/28/2015" -End "4/30/2015" | Select-Object Timestamp,ServerHostname,ClientHostname,Source,EventId,Recipients | Sort-Object -Property Timestamp

-Get failed emails:


Robocopy can be used to move files from one place to another in a network while doing checks on any failed files, retrying, and most importantly keeping the security descriptors associated with each file folder.

Here's the command I generally use:
robocopy :\ \\\ /mir /R:3 /SEC /W:3 /LOG:robocopy.log

I've just put it here so I don't have to look it up each time.

Start DropBox as a shared service on a server (or client PC used by multiple users)

Sometimes, you'll want to run DropBox as a service rather than as a foreground app. If you want to sync a server share , or if you want the same account to available to multiple users on the same machine, without creating a seperate synced folder copy for each user that logs on. Here's how to set it up:

If you have installed Dropbox onto the computer you will be configuring it for, uninstall it for each user that has it installed!

Step 1. Create an a new Service Account in Windows

Open Control Panel.
Open Add or Remove User Accounts.
Add a new Administrator account called ServiceAccount.
Give the account a password and keep track of it . This is critical. Don’t skip this step.
Log in as the ServiceAccount.
Step 2. Download, Install and Configure Dropbox

Install Java msi through group policy

Get msi by running install exe but stop before clicking 'install'
Go to %appdata%/localow/oracle/ grab .msi file

Cancel the Java setup.
Open the MSI with ORCA or an MSI Editing tool and create a MST File and change the following settings:
Open the table “CustomAction” and select the row “installexe”. Change the value in the field “Type” to 3074 (or Hex 0x0C02). This will set the NoImpersonate bit.

My additional PROPERTIES in the MST file are the following:


SAVE the MST File

Unfortunately this is not enough. Now you’ll have another error: “Unable to install Java. Unable to open file C:\ProgramData\Oracle\Java\java.settings.cfg”

How to reset/hack Mac password.

For certain versions the easiest way is to use the Installer CD method.

However, if you don't have an installer CD you can do some command-line tricks instead.
Boot up the computer, holding Command+S as you hear the startup chime.
The Mac will boot into single user mode, giving you a command prompt after loading everything up.

If the Mac is running Snow Leopard or below, type the following commands, hitting Enter after each one and waiting for the prompt to come up again before running the next one:

/sbin/fsck -fy
/sbin/mount -uw /
launchctl load /System/Library/LaunchDaemons/
dscl . -passwd /Users/

Renew a self-signed certificate in Exchange

If a certificate has exired (shows exipred in the event logs) then you need the thumbprint. Can find this on the outlook web access->rightclick->properties->certificates->thumbprint.

Open exchange cli:

-lets you see a list of all the current certificates and their thumbprints.

If the certificate isn't expired, try this:

get-exchangecertificate -thumbprint
XXXXXxxxxxxxxxxxxxxXXXXX | enable-exchangecertificate
-services "IIS,SMTP"

If the certificate HAS expired (as it says it has in the event
description: "The existing certificate for that FQDN has expired"),
and the certificate is "self signed" then you should be able to renew
the cert like this:

Stuck RDC session on remote server, or log off remote RDC user session.

Here's how to easily fix an issue where either a remote RDC session is stuck, preventing you from logging onto a server, or you want to log a remote user off of a remote server session for any reason:

First, check the session number with qwinsta:

Write down the session ID.

Then use the logoff command: