Personal

CredSSP encryption oracle remediation

If you’re like me, you have encountered this error remoting into one of your servers.

An Authentication error has occurred. The function requested is not supported.
Remote computer: <servername> This could be due to CredSSP encryption oracle remediation

The quick solution is to patch your host from one of the patches here

If you are unable to patch and then issue the mandatory reboot of the remote server then you can apply the following registry fix

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters]
“AllowEncryptionOracle”=dword:00000002

You can even push this out via Group Policy if needed

 

 

 

Blocking Internet Advertisements, and more with Pi-hole

The challenge is to mitigate exposure to the advertisements spammed all over the internet with the same approach as fighting against virus and malware threats.

I recently upgrade my Pi-hole® to take on not only the task of blocking Internet advertisements, but malware, and adult sites.

Here is my list on pastebin: https://pastebin.com/eV3cUnjy

Installing Pi-hole

Pi-hole makes it as easy as possible to download and get running with a one-line script that starts up a menu-based installer. Simply enter: curl -sSL https://install.pi-hole.net | bash

More on setup here

Whitelisting

There was a fair amount of whitelisting that needed to be applied to allow some social media sites to work as desired. You will want to monitor what’s blocked to determine what you are willing to allow.

Mobile Protection

I started using the Pi-hole® to protect my mobile device from these threats by leveraging the same blocking I am using on my home network.  This not only cuts back on the data use but also add layers of privacy and security protection to my device while on untrusted networks.

 

A simple solution to use is OpenVPN. Fore more info on setup please visit: https://openvpn.net/

DNSSEC

But what about my ISP who can see my upstream DNS requests.  Well for that, we could trust them, or trust in a 3rd party who uses DNSSEC technology to protect your privacy. Use Google, Norton, DNS.WATCH or Quad9 DNS servers.

And with that you get some decent statistics about your network.

 

 

 

 

 

 

 

 

 

 

MethylPREDNIsolone DOSEPAK 21S

Methylprednisolone is a steroid that prevents the release of substances in the body that cause inflammation. Methylprednisolone is used to treat many different conditions such as allergic disorders, skin conditions, ulcerative colitis, arthritis, lupus, psoriasis, or breathing disorders.

Friday, March 30, 2018

Today I start my DOSEOAK, sometimes referred to as Medrol (Pak) which was prescribed to me by my doctor to help address possible issues with inflammation in the area of my neck which may be triggering nerve sensations ending in pain starting in my shoulder, down the backside of my arm into my wrist and finally causing numbness in my fingers.

I am logging my treatment here as a reminder to myself and sharing the outcome with you.

  • 7 AM – First 2 pills of the Medrol (Pak)
  • 1 PM – pill number 3 after my lunch

Saturday, March 31, 2018

  • 9:00 AM – First pill of the day. Off to Orthopedic around noon.  I’ll be receiving x-ray of my shoulder and neck.
  • 12:00 PM – Completed neck and shoulder x-rays now waiting for the doctor.
  • 1:00 PM – I am now going to be scheduled for an MRI, also my medication dosage was increased by the Orthopedic because he felt that 4 MG was too low of a dosage considering the evident nerve pain in my fingertips.

Sunday, April 1, 2018

I started my new round of Prednisone Oral 20 MG Tablets

The plan:

  • Take 3 tablets by mouth daily for 2 days
  • Then take 2 tablets daily for 2 days
  • and then take 1 tablet daily for 2 days

Monday, April 2, 2018

Day 2 of my new plan, first dose at 7:00 AM – No side effects although, I do have soreness in my hips which is new…

Few hours after my second dose of the 20 MG Tablets – I felt cold sensations down my left arm (arm that was previously in pain).  Hand also felt cold

Tuesday, April 3, 2018

Today is day way of 2 tablets daily —  Took my dose in the morning 7:00 AM and went to work.

Around 12:00 PM I noticed the cold feeling running up down my arm again and into my hand and fingers.  Typing is difficult as is it feels like I’m poking my fingers with pins…  Reading online about symptoms has me paranoid …  Now reading about: Thoracic outlet syndrome – https://www.mayoclinic.org/diseases-conditions/thoracic-outlet-syndrome/symptoms-causes/syc-20353988

7:30 PM Took my second dose for the day.

In bed by 10 PM, numb feeling in fingers during the night while sleeping

 

Wednesday, April 4, 2018

Day 2 of my 2 tablets — Took my dose in the morning 7:00 AM

Around Noon, my arm felt cold again

 

VMware Guest Customization Specification, Configure Domain Joining

I recently worked to correct an outstanding support issue of VMware Guest Customization Specification not joining guests to Active Directory Domains. I thought I’d share my setup so it might help others facing similar issues.

Log into the vSphere console, navigate to the Home page section

From the Home page click the Customization Specification Manager

Once in the Customization Specification Manager Click on “+” symbol to create VMware Guest Customization Specification.

Select the operating system either Windows or Linux from the drop-down on target VM operating system and Specify the name for the Customization Specification. Enter the description of the customization specification. Click on Next.

Provide your registration information and click Next.

I use the computer name of guest OS as same as the virtual machine name. It simplifies the identification of the virtual machine in the vCenter inventory. Select “Use the virtual machine name” to use the computer name as same as virtual machine name and click Next.

Enter the windows licensing information for this copy of the guest operating system; if you are using a KMS server for activation you don’t have to type a key here.

Specify the administrator password and auto-login option for the administrator account of Windows operating system. Click Next.

Select your time zone and continue.

If you need to run some commands on the first log on, put them here and when your done click Next.

On the Configure Network, you can specify the network settings for the guest operating system. Either you can use DHCP or specify the custom network settings.

To specify the custom network settings, Click on Edit “Pencil Icon”… In this section is where I specify the DNS suffix to add to the Windows operating system. Click on OK.

This allows me to communicate to a specific Active Directory Domain Service (ADDS), and include the domain suffix. Once Network settings are specified in customization specification. Click on Next.

Under Set Workgroup or Domain, choose “Windows Server Domain”, specify FQDN and specify the user account and credentials information that has permission to add a computer to the domain.
The user account is in the format of user@domain.tld
Click on Next.

Select the checkbox “Generate New Security ID (SID)” to generate a new security identity for the windows virtual machine. This option is important to generate the new SID from the source machine. Click Next.

Finally, review all the settings specified in VMware customization specification and click on Finish

Now you can Deploy Templates Using VMware Guest Customization Specification, and join the guest to your Active Directory Domain without issue.

Download a copy of your Facebook data

Recently we have all have been reading about Facebook’s breach of trust. Even Mark Zuckerberg, admitted that Facebook has made mistakes.

The issue: Cambridge Analytica, a U.K.-based political data-analytics firm hired by the 2016 Trump campaign, got its hands on data for 50 million Facebook users — without the users’ knowledge or consent. At this point, it’s unclear whether the uproar over Cambridge Analytica will lead to new legislation or government regulations but in my circles, I have noticed a significant exodus of companies and users.

Before you make the jump to delete your account.  Download a copy of your Facebook data.

The following steps should help:

  • Go to Facebook.com > Settings > General Account Settings
  • Click “Download a copy of your Facebook data.”
  • Click “Download Archive.”
  • It takes a short period of time for Facebook to generate an archive of your data.
    You will be alerted when the archive is ready.
  • Once notified of its completion, click “Download Archive”, and a zip file will download to your computer.
  • Browse through that archive by opening each file inside the folder.

In the archive, you’ll find your entire history on facebook including messages. In doing so, it’s clear how much Facebook knows about you.

 

Examples of what you will find

  • The index also contains information about every Event invite you got, every Poke and Message you’ve sent or received (even if you are not Facebook friends with the person, or if they are no longer on Facebook), any Facebook applications you installed (even if you don’t use them anymore), and any Facebook “Places” (locations) you may have created.
  • Profile section, you will find some basic information about your profile including any profile names you have had in the past, all your contact info, any pages and interests you liked, groups you joined, and any Facebook pages you are a page administrator for.
  • The Contact Info section contains all the contacts on your mobile phone.
  • The Timeline section contains all your status updates and posts from friends on your timeline. The Photos and Videos sections contain photos and videos you posted; the former also contains code about your Facial Recognition info.
  • The Friends section contains a list of all your Facebook friends along with the date you become friends. It also contains a list of friends you unfriended and when, friend requests you declined, a list of friend requests you sent that are pending being accepted, a list of people who “Follow” you by clicking the follow button on your profile, and anyone you are following.
  • There’s also a Security section tracking IP addresses, devices and browsers you logged in from with dates and timestamps.
  • The Ads section contains a list of Ad Topics you are being targeted for based on interests gleaned from Facebook pages you liked. There’s also a list of the recent ads you clicked on and any advertisers that have your contact information. You can find (and remove) additional ads and ad topics you are being targeted for by visiting: https://www.facebook.com/ads/preferences/.