Windows

Windows 8 Preview, Officially Released

Release Preview (release candidate) build of Windows 8 has finally been released by Microsoft.

The build number is 8400 and is sized at 2.5GB for 32bit and 3.3GB for 64-bit. It is available for download via ISO or web installer, much like the Consumer Preview.

System Specifications:
Processor: 1 gigahertz (GHz) or faster
RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)
Hard disk space: 16 GB (32-bit) or 20 GB (64-bit)
Graphics card: Microsoft DirectX 9 graphics device with WDDM driver

Download your copy now:  windows 8 release candidate

SkyDrive for Windows and Mac

SkyDrive is back, and full integration in Windows and Mac

SkyDrive for Windows is the easiest way to access your SkyDrive from your PC. When you install SkyDrive, a SkyDrive folder is created on your PC. Everything you put in this folder is automatically kept in sync between your computers (PC or Mac) and SkyDrive.com, so you can get to your latest files from virtually anywhere. Whenever you add, change, or delete files in one location, all the other locations will be updated.

If you forgot to put something in your SkyDrive folder, you can still get back to your PC to access all its files and folders from SkyDrive.com

Links:
https://apps.live.com/skydrive

 

Windows Server 8 named Windows Server 2012

A few days ago Microsoft has announced that the Windows Server 8 will be named Windows Server 2012.

This was made known at MMS (Microsoft Management Summit) on April 17, 2012.  I just found out about it myself.  Not a big shocker for me.  I just wanted to share the news and keep the cycle of informaiton flowing

Link: http://www.microsoft.com/en-us/server-cloud/readynow/

 

My thoughts on how to keep your data safe

I think that data security should be one of the top concerns for computer users. If your computer is stolen, often the impact of confidential or proprietary data being lost or compromised can be much higher than the cost of replacing computer itself.

There are many easy ways of keeping your data out of the wrong hands

Login Passwords

A login password consisting of a username and password to login to ones computer is the most basic security methods used today to gain access to a computer. But what about a shared computer systems others may have access to your data, especially anyone with an administrator account on the system

A login password does not protect data.  Your hard drive cans still be accessed and its as simple and pulling the drive out and hooking it up to a USB cable on another system.  And with advancement in tech. The thief can boot your system from a Live CD or USB thumb drive and get full access to your data.   It’s that simple.

Okay, so I will now enable a BIOS password.

BIOS Passwords

A BIOS system password prevents the system from booting ANY device without the correct password. It protects the physical system from being used, and goes a step beyond the login password above, by preventing the system from booting any attached drive (including removable ones). However, it’s still easy to defeat on desktop systems — a motherboard jumper can clear the password. Again, a BIOS password doesn’t protect the physical data on the hard drive — the drive can be put in a different machine and accessed.

What about hard drive passwords?  This is the next step, but not the last on my list of what to do

Hard Drive Passwords

A hard drive password or “hard drive lock” will cause the drive to not work until the correct password is entered. This follows the drive even if it’s removed from the system, and provides a level of security against a good number of would-be data thieves.

The drive can’t be used or reformatted. However, its not encryption — it’s read/write protection, and tools exist to remove it.  tools can be found here and my best set of all around tools here

I have had an hard time hard disk passwords in my day.  Especially when I set a hard drive down for a long period of time and can no longer remember the password.  This is why I choose encryption of data on disk.

Software Encryption

Encrypting the underlying data itself is one of the best ways to protect your data against compromise. AES encryption is almost unbreakable due to the theoretical limits pf an Brute-force attack. When it comes at a hit to system performance. TrueCrypt and Windows BitLocker are both great implementations of full-disk encryption software.

Closing Statement

There are many ways to protect your data and all of the above are good methods; some protection is better than none at all.  I advise you to “do the needful” and secure your system as best you can.

 

How to get your Dell Service Tag

There are those times you need the service tag from a system such as a noteboot, server, or pc and just can’t get to it.  Or… taking the “I’m not getting up for this method”.

Using the Windows Management Instrumentation Command-line (WMIC) you can pull this information right from the command prompt. Simply type the following:

wmic bios get serialnumber

You can also do something similar in Linux..  In my case I use Ubuntu and type:

dmidecode -s system-serial-number

Please note that in both systems you may need to elevate your rights to issues these commands.

Test your anti-virus product

I was thinking tonight about anti-virus programs used today.  And with the many malware attacks that aim to cripple your anti-virus solution, how can one test if its working or not.

To get past that fale sense of security; because what we don’t know will hurt us.  That said I suggest using a test virus (known virus saved on a CD or USB, or using the EICAR anti-virus test file

The EICAR Standard Anti-Virus Test File is a non-destructive test file that was developed for this purpose: To safely test anti-virus programs for proper operation, without having to actually expose the system to a destructive program. All anti-virus programs should detect to, and respond to, EICAR as a virus. However, is it not malicious.

You can download the EICAR test file directly from EICAR here and run it. Your anti-virus should immediately react.

You can also just create a new txt file with the following EICAR test string:

X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Here is a screen cap of my test results:

ClamAV Ubuntu:

virus-test.txt: Eicar-Test-Signature FOUND

———– SCAN SUMMARY ———–
Known viruses: 1190795
Engine version: 0.97.3
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 13.777 sec (0 m 13 s)

Dynamic IP Restrictions in IIS7

The Dynamic IP Restrictions Extension for IIS provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking of passwords through brute-force by temporarily blocking Internet Protocol (IP) addresses of HTTP clients who follow a pattern that could be conducive to one of such attacks. This module can be configured such that the analysis and blocking could be done at the Web Server or the Web Site level. The module includes the following features:

  • Seamless integration into IIS 7.0 Manager.
  • Dynamically blocking of requests from IP address based on either of the following criteria:
    • The number of concurrent requests.
    • The number of requests over a period of time.
  • Blocking of requests can be configured at either site or server level.
  • Configurable deny actions allows IT Administrators to specify what response would be returned to the client. The module support return status codes 401, 403, 404 or blocking the requests entirely.
  • Support for IPv6 addresses.
  • Support for web servers behind a proxy or firewall.

(x86) – http://www.microsoft.com/download/en/details.aspx?id=29272&WT.mc_id=rss_alldownloads_all

(x64) – http://www.microsoft.com/download/en/details.aspx?id=29274&WT.mc_id=rss_alldownloads_all

 

2 Skype’s 1 Computer

For those of you who understand the topic reference.
Shame on you.

Doing some digging on how this would work i came across the following help document from our friends over at Skype (now, Microsoft) on how to run multiple Skype clients on a single desktop session. The procedure was shockingly simple to do.

From the Windows taskbar, click Start > Run

In the Run window, enter the following command (include quotes) and press OK

“C:Program Files (x86)SkypePhoneSkype.exe” /username:jermsmit /password:myspassword /secondary

As you notice you can add this to a batch file and give it the Skype icon and in a single click run to at once, or even just run each as needed.

Batch file would look something like this:

start /D “%ProgramFiles(x86)%SkypePhone” Skype.exe /username:jermsmit /password:mypassword /secondary
exit

 

Note: Please adjust your environment variables for your OS type

32 Bit:  %ProgramFiles%

64 bit: %ProgramFiles(x86)%

 

Enjoy running both your personal Skype along side the one you use at work.

Configure applications as “Run as an Administrator”

User Account Control kicks in when you try to run some applications (Administrative tools for example), you have to click UAC window. Or some times you simple want to run an application with high privileges and your lazy you don’t want to right click and select “Run as an Administrator” option. Here is the easy way.

1. On the Start menu, locate the program that you want to always run as an administrator.
2. Right-click the application’s shortcut, and then click Properties.
3. In the Properties dialog box, click the Compatibility tab.
4. Do one of the following:

  • To apply the setting to the currently logged-on user, select the Run This Program As An Administrator check box, and then click OK.
  • To apply the setting to all users on the computer and regardless of which shortcut is used to start the application, click Change Setting For All Users to display the Properties dialog box for the application’s .exe file, select the Run This Program As An Administrator check box, and then click OK twice.

Microsoft releases critical update for Remote Desktop

Microsoft has released a critical update that addresses a Remote Desktop flaw that affects all versions of Windows. On top of that, the company anticipates an exploit to be developed by hackers.

From Microsoft:  “We urge you to promptly apply this security update. We also encourage you to consider how you might harden your environment against unauthenticated, attacker-initiated RDP connections

Microsoft is strongly encouraging everyone to make “special priority of applying this particular update” due to its threat. Even though the remote desktop protocol is disabled by default, Microsoft expects hackers to create an exploit for code execution within the next month.
Remote Desktop Protocol is disabled by default, so a majority of workstations are unaffected by this issue. However, we highly encourage you to apply the update right away on any systems where you have enabled it.

 

Download Link:  Microsoft Security Bulletin MS12-020 – Critical