Monday, December 3, 2012

VAST Linux Security Distro

VAST is a Linux-based security distribution specifically designed for pentesting VoIP and UC networks.  It enables security professionals and UC administrators to rapidly perform VoIP security assessments and enumerate vulnerabilities in IP Phones or IP PBX servers in a lab environment.

http://vipervast.sourceforge.net/

Sunday, December 2, 2012

JBlitz

JBlitz is a Java-based web site load testing utility.

http://www.cartesian.net.nz/jblitz/

Gbridge

Gbridge is a free software that lets you remotely control PCs, sync folders, share files, and chat securely and easily. An extension of Google's gtalk service, Gbridge automatically forms a collaborative, encrypted VPN (Virtual Private Network) that connects your computers and your friends' computers directly and securely with patented technology.

http://www.gbridge.com/

Windows Firewall Notifier

Windows Firewall Notifier (WFN) extends the default Windows embedded firewall behavior, allowing to handle outgoing connections, and displaying (almost) real-time information about the current connections.

http://wokhan.online.fr/progs.php?sec=WFN

Saturday, December 1, 2012

How to use the refresh option with Windows 8

Windows 8 has a refresh option available.  Instead of reinstalling the operating systems and all data files, the refresh process has the following features:

1.  Your data files as well as personal settings will be retained.

2.  The PC Settings will be returned to the defaults.

3.  All application not installed via the Windows Store will be removed; those installed via the Store will remain.

In this example, we have installed Notepad++ and created a shortcut on the desktop.

windows8_refresh_1

We have one Windows Store application and a few test files within the Documents folder.

windows8_refresh_2

windows8_refresh_3

To start the refresh process, access the PC Settings area.  Click on General section.  The user account in question must have local administrative authority.

windows8_refresh_4

With the proper authority, the wizard should display.

windows8_refresh_5

The original media may be required.

windows8_refresh_6

Once the media is available, click on the Refresh button.

windows8_refresh_7

The boot screen should display information on the process after the required restart.

windows8_refresh_8

When logged back in, the Notepad++ application was not to be found but the two test files under the Documents folder were still present.  Also present was the Windows Store application.

windows8_refresh_9

AlternativeTo

AlternativeTo is a web site that offers alternatives to established software applications for different platforms.

http://alternativeto.net/

Sunday, November 4, 2012

List of “whitelisted” sites for Flash within Internet Explorer version 10

Internet Explorer version 10 includes a Flash plug-in by default.  But only certain web site URL’s are “whitelisted” and can use Flash by default.  To view the list of “approved” sites, access the iecompatdata.xml file under an account’s profile.

ie10_metro_flash_1

Open the file in a text editor and search for the string <Flash>.  A list of URL’s should be present underneath.

ie10_metro_flash_2

PowerShell Plus

Idera recently released the company’s PowerShell Plus application for free.  The program includes a script editor as well as a debugger.

powershell_plus

https://www.idera.com/Free-Tools/PowerShell-Plus/

Cookie Cadger

Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests.  Cookie Cadger is a graphical utility which harnesses the power of the Wireshark suite and Java to provide a fully cross-platform, entirely open-source utility which can monitor wired Ethernet, insecure Wi-Fi, or load a packet capture file for offline analysis.

https://www.cookiecadger.com/

Saturday, November 3, 2012

Update help files within PowerShell version 3

PowerShell version 3 has an option to update the local help files.  Launch a PowerShell session with local administrative authority and use the command:

Update-Help –Force –Verbose

powershell3_update_help

WiNToBootic

WinToBootic is a free tool that allows you to create a bootable USB flash drive for installing Windows 7 or Windows 8.  The application supports an ISO file, a DVD, or a folder as the boot disk source.  It’s a standalone tool that doesn’t require installation.

http://www.wintobootic.com/

How to increase the font size with iOS

To increase the font size within iOS with certain applications such as Contacts, Calendar, Mail, etc., access Settings –> General –> Accessibility –> Large Text.

ios_large_text

How to determine file system alignment within Windows

File system alignments are important in a virtual environment.  If a partition within a virtual machine is not aligned correctly, additional load can be placed on the storage array.  Windows 2008 R2 by default should use the correct alignment parameters, but older Windows versions may not.  To check the alignment, launch a command prompt with administrative credentials and use:

wmic partition get BlockSize, StartingOffset, Name, Index

Divide the StartingOffset by the BlockSize.  In the example below, the value would be 63.  This would be an example of a misaligned partition.  The offset value of 32,256 is a common value for a misaligned file system.

misaligned_partitions_1

The value for the next example would be 2048 for the first partition.  This partition has correct alignment.

misaligned_partitions_2

More information concerning this command can be found at http://support.microsoft.com/kb/929491

Sunday, October 7, 2012

Password issue with the initial configuration of a VMware VMA appliance

VMware has a pre-built appliance named VMA (VMware Management Assistant) that offers an alternative to the VCLI offering.  During the initial configuration of version 5.1 of VMA, a password must be set.  But regardless of the complexity of the value, an error would be returned stating the password was too simple.  The following value was accepted as the initial password during setup:

Qazx123!#

To disable the complex password requirement, use the following procedure.

1.  Log in as vi-admin and use the sudo –s command.

2.  Use the command pam-config –d –cracklib.

3.  Use the exit command.

4.  Use the passwd command to enter a new value.

vma_password_parameter

Thursday, October 4, 2012

Reset TCP/IP with recent versions of Windows

TCP/IP cannot be uninstalled with recent versions of Windows.  To “reset” TCP/IP for troubleshooting purposes, launch a command prompt with administrative privileges and use the following command:

netsh int ip reset c:\logname.txt

Another command to use if an issue persists would be:

netsh winsock reset

netsh_reset_tcpip 

A Fix-IT option is available at http://support.microsoft.com/kb/299357 for resetting TCP/IP.

Limit Ad Tracking option within iOS version 6

Version 6 of iOS includes an option to limit ad tracking.  Access Settings –> General –> About -> Advertising and flip the switch to On.

ios6_ad_tracking

Network Stuff

Network Stuff is a portable collection of essential networking tools that include a TCP/UDP/CGI port scanner, Whois lookup, DNS resolve, TCP/IP statistics, IP to MAC address conversion (ARP), Wake On LAN and an ICMP ping tool.  In addition, the program also includes a RAW packet sniffer, a transparent proxy server and generic client/server modules that allow you to test TCP and UDP communications.

http://jacquelin.potier.free.fr/networkstuff/

PoSHStats for Hyper-V

PoSHStats is the first free and open source reporting tool of Hyper-V Resource Metering. PoSHStats runs on your Hyper-V server to get detailed statistics like CPU, Memory, Disk and Bandwidth usage of your virtual machines. It's possible to get daily, weekly, monthly usage statistics of Virtual Machines. Also PoSHStats gets hourly performance data of your Hyper-V host to monitor your virtualization environment.

http://www.poshstats.net/

Monday, October 1, 2012

Fingerbank

Fingerbank is a web site that has a database of DHCP fingerprint.  A DHCP fingerprint is an almost unique identifier for a specific operating system or device type. Due to the broadcast and pervasive nature of DHCP, DHCP fingerprinting is a very low-cost low-effort way to do passive system identification and inventory.

www.fingerbank.org

List of VPN Service Providers

Below are some sites that offer VPN services.

BolehVPN

Astrill VPN

Private Internet Access

Witopia

BoxVPN

AirVPN

How to change the product key for Windows 8 and Server 2012

To change the product key for Windows 8 and Server 2012, launch an elevated command prompt and use the following command:

slmgr.vbs /ipk license key

slmgr_vbs

Saturday, September 8, 2012

Windows 8 and the start screen tiles with a keyboard and mouse

Within Windows 8, tiles can be removed from the start screen by performing a right-click on the entry in question.  A menu bar should appear at the bottom of the page with an option to “unpin” the tile.  A selected tile will have a check-mark in the top right-hand corner of the box.

windows8_tiles_1

Large tiles can be made smaller and vise versa by selecting the tile and using the menu bar.

windows8_tiles_7

windows8_tiles_8

To name a group of tiles, click on the minus icon near the bottom right corner of the screen.

windows8_tiles_2

This action should “zoom out” the start screen.

windows8_tiles_3

Right-click on a group of tiles, which should display a Name group option.

windows8_tiles_4

Click on the Name group icon and enter a value for the group.

windows8_tiles_5

When returning to the start screen, the name should appear above the group.

windows8_tiles_6

To create a new group, select a tile and drag it to the left or right until a grey bar appears.

windows8_tiles_9

Monday, September 3, 2012

Start8

Start8 is an free utility for Windows 8 that restores the traditional Start Menu to the desktop, and allows the operating system to be booted directly into the desktop mode.

http://www.stardock.com/products/start8/

Sunday, September 2, 2012

FreeFileSync

FreeFileSync is an open-source folder comparison and synchronization tool.

http://freefilesync.sourceforge.net/

Bro Network Security Monitor IDS

While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well.  It is a IDS application for Unix-based systems.

http://www.bro-ids.org/

Microsoft PerfView

PerfView is a performance analysis tool focusing on ETW information (ETL files) as well as CLR memory information (heap dumps). It can collect and view ETL files as well as XPERF CSV files. Powerful grouping operators allow you to understand performance profiles in ways other tools can't.

http://www.microsoft.com/download/en/details.aspx?id=28567&WT.mc_id=rss_alldownloads_all

Saturday, September 1, 2012

Cameyo

Cameyo is a desktop virtualization product similar to VMware’s ThinApp application.  The process is close to ThinApp in that a “snapshot” is taken before the installation of an application.

http://www.cameyo.com/

cameyo_1

cameyo_2

cameyo_3

cameyo_4

cameyo_5

cameyo_6

Sudo command with Ubuntu

Sudo runs a single command with root privileges.  By default, Ubuntu remembers the password for 15 minutes.  To get a full root shell, use the sudo with the lowercase i.

linux_sudo_1

To enable the root user account, use sudo passwd root command.

linux_sudo_2

Permissions can be assigned to a user to use sudo via the visudo command.

linux_sudo_3

Measurement Labs

Measurement Labs offers a collection of various tools from different sources to test your internet connection and perform diagnostics.

http://www.measurementlab.net/measurement-lab-tools

Thursday, August 9, 2012

NearlyFreeSpeech

NearlyFreeSpeech.Net is a pay-for-what-you-use web hosting provider. 

https://www.nearlyfreespeech.net/

Wednesday, August 8, 2012

Xperf123

Xperf is an utility to obtain performance details within Windows.  Xperf123 is a GUI interface for Xperf.  The Xperf executable is not included with this tool and must be downloaded separately.

http://xperf123.codeplex.com/

Tuesday, August 7, 2012

OSFMount

OSFMount allows you to mount local disk image files (bit-for-bit copies of a disk partition) in Windows with a drive letter.  This application supports .ISO as well as VMWare’s Image format of .VMDK.

http://osforensics.com/tools/mount-disk-images.html

Monday, August 6, 2012

Hundred Zeros.com

Hundred Zeros.com lists the currently available free ebooks from Amazon for the Kindle service.

http://hundredzeros.com/

Friday, August 3, 2012

Metasploitable

Metasploitable is an intentionally vulnerable Linux virtual machine.  This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques.

http://sourceforge.net/projects/metasploitable/

Wednesday, August 1, 2012

Find files and folders within Linux via terminal session

Several options are available within Linux to find files or folders.  The locate command is different than the find command in that it uses a previously built database.  The database is updated periodically via a cron job, but it can be updated manually by the sudo updatedb command.

linux_find_1

linux_find_2

The –b option allows search criteria to be specified.

linux_find_3

The which command returns the absolute path of the executable that is called when a command is issued.  The default only displays the first matching executable; the –a option all matching entries.

linux_find_4

The whereis command returns where the binary, source, and man page files for a command are located.

linux_find_5

https://www.networkworld.com/article/3657592/using-whereis-whatis-and-which-to-find-out-about-commands-on-linux.html

Wednesday, July 11, 2012

How to enable or disable the GUI interface with Windows Server 2012

One disadvantage of Server Core with versions prior to Windows Server 2012 was an option was not available to switch back and forth; once a server was configured to use Server Core, it had to be re-installed to restore the GUI.  Windows Server 2012 introduces the option to enable or disable the GUI with a reboot.  A few different methods are available, but below are the PowerShell commands to accomplish the task.

Either line below will remove the GUI from a non-Core installation of Windows Server 2012.  A reboot will be required.

Remove-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra

Uninstall-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra

powershell_2012_gui_1

powershell_2012_gui_2

Either line below will restore the GUI with a Core configuration.  A reboot again will be required.

Add-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra

Install-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra

powershell_2012_gui_3

powershell_2012_gui_4

NAS4Free

NAS4Free is an embedded Open Source Storage NAS (Network-Attached Storage) distribution based on FreeBSD. This project is a continuation of FreeNAS 7 series project. FreeNAS 8 is based on nanoBSD where as NAS4Free is based on FreeBSD 9.x, hence the name change.

NAS4Free supports sharing across Windows, Apple, and UNIX-like systems. It includes ZFS v28, Software RAID (0,1,5), disk encryption, S.M.A.R.T / email reports etc. with the following protocols: CIFS (samba), FTP, NFS, TFTP, AFP, RSYNC, Unison, iSCSI (initiator and target), UPnP, and Bittorent which is all highly configurable by its web interface. NAS4Free can be installed on Compact Flash/USB/SSD key, Hard disk or booted from a LiveCD with a small USB key for configuration storage.

www.nas4free.org

wiki.nas4free.org

Tuesday, July 10, 2012

Microsoft .NET Framework Repair Tool

This tool detects and tries to fix some frequently occurring issues with the setup of or with updates to the Microsoft .NET Framework.

http://www.microsoft.com/en-us/download/details.aspx?id=30135&WT.mc_id=rss_alldownloads_all

Calibre

Calibre is a free and open source e-book library management application developed by users of e-books for users of e-books.  It has the option of converting from different file formats as well as syncing with some e-readers.

http://calibre-ebook.com/

Monday, July 9, 2012

Active Directory Replication Status Tool

The Active Directory Replication Status Tool (ADREPLSTATUS) analyzes the replication status for domain controllers in an Active Directory domain or forest. ADREPLSTATUS displays data in a format that is similar to REPADMIN /SHOWREPL * /CSV imported into Excel but with significant enhancements.

http://www.microsoft.com/en-us/download/details.aspx?id=30005&WT.mc_id=rss_alldownloads_all

Sunday, June 10, 2012

Resolve-DNSname PowerShell cmdlet

PowerShell version 3 that is included by default with Windows 8 and Windows Server 2012 offers a new DNS lookup cmdlet.  The Resolve-DNSname can resolve DNS information, and offers options such as DNS record type and which server to use for the query.

resolve_dnsname_1

resolve_dnsname_2

AES Crypt

AES Crypt is an open source file encryption software product available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files.  For the Windows platform, separate versions are available for GUI or command-line.

aescrypt

http://www.aescrypt.com/