TTC Shelbyville – Technical Blog

The HD Doctor Blog has dozens of Freeware utilities for hard drive information and maintenance. Go check it out.

Scanning Bill Mullins blog, I can’t help but share with my students an awesome program called Mouse without Borders which appeared in his news section.

Mouse without Borders

Information and Download

Two U.S. satellites have been tampered with by hackers – possibly Chinese ones – in 2007 and 2008, claims a soon-to-be released report by the the U.S.-China Economic and Security Review Commission. (Shared by AddThis)Hackers attacked U.S. government satellites.

When networking shared resources, you should audit the individual folders you are sharing out.  This allows you to ‘see’ who is using the folders and how files are being manipulated.

How to Audit User Access of Files, Folders, and Printers

The audit log appears in the Security log in Event Viewer. To enable logging:

1. Click Start, go to the Control Panel, click on Performance and Maintenance, and  click Administrative Tools.
2. Open the Local Security Policy.
3. In the left pane, double-click Local Policies.
4. Click Audit Policy to display the individual policy settings.
5. Click Audit object access.
6. Select the Success check box on items you would like to monitor.
7. Select the Failure check box on items you would like to monitor.
8. You can select both check boxes to audit Success and Failures.
9. Click OK.

How to Specify Files, Folders, and Printers to Audit

Once you enable auditing, you can specify the files, folders, or printers that you want audited. :

1. Locate the file or folder you want to audit. To audit a printer, locate it by clicking Start, and  clicking Printers and Faxes.
2. Right-click the file, folder, or printer you want to monitor (audit) , click Properties.
3. Click on the Security tab, and  click the advanced button.
4. Click on the Auditing tab, and  click on add.
5. Clicking Advanced, and  click Find Now -navigate to the person or group you would like to audit.
6. Click OK.
7. Select the Successful or Failed check boxes (select the ones you want)click OK.
8. Click OK,  click OK.

Iaza offers dozens of ways to convert, animate and manipulate images. Iaza

 Infrastructure has always been a key pillar of American economic success, with telephone and other infrastructure connecting consumers and businesses, facilitating commerce, and unleashing innovation. Broadband is the indispensible infrastructure of our 21st century economy.  Read more

Anitvirus and security suites often bind to your network card and can often leave files behind along with registry entries. I discovered  AV Uninstall tools over at What’s on My PC.   Be sure to visit his website for up-to-date news along with hardware and software information.

Go to a Command prompt, type the following commands Enter after each one.

Netcfg -u MS_L2TP
Netcfg -u MS_PPTP
Netcfg -l %windir%\inf\netrast.inf -c p -i MS_PPTP
Netcfg -l %windir%\inf\netrast.inf -c p -i MS_L2TP

Another solution -

Another possible solution-
Under the properties of the VPN connection – go to the security tab and change the protocol to CHAP from MS-Chap v2. Set no encryption Allowed in order to change that to Chap.

We have also seen the IKE service stopped under services…restart the service.

or

Set the protocol to PPTP and have both MS-Chaps checked

How is your network card and computer routing?

Use the following command to see the routing table – from the command prompt type -

netsh interface  ipv4 show route

Publish  Type      Met  Prefix                    Idx  Gateway/Interface Name
-------  --------  ---  ------------------------  ---  ------------------------
No       Manual    0    0.0.0.0/0                  11  192.168.2.1
No       Manual    256  127.0.0.0/8                 1  Loopback Pseudo-Interface 1
No       Manual    256  127.0.0.1/32                1  Loopback Pseudo-Interface 1
No       Manual    256  127.255.255.255/32          1  Loopback Pseudo-Interface 1
No       Manual    256  192.168.2.0/24             11  Wireless Network Connection
No       Manual    256  192.168.2.77/32            11  Wireless Network Connection
No       Manual    256  192.168.2.255/32           11  Wireless Network Connection
No       Manual    256  224.0.0.0/4                 1  Loopback Pseudo-Interface 1
No       Manual    256  224.0.0.0/4                11  Wireless Network Connection
No       Manual    256  255.255.255.255/32          1  Loopback Pseudo-Interface 1
No       Manual    256  255.255.255.255/32         11  Wireless Network Connection


If you want to see your specific routes per interface you can do that using type the 
following at a command prompt=

netsh interface ipv4 show route verbose

Destination Prefix:     0.0.0.0/0
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: 192.168.2.1
Publish:                No
Type:                   Manual
Metric:                 0
SitePrefixLength        0
ValidLifeTime           584415
PreferredLifeTime       584415


Destination Prefix:     127.0.0.0/8
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     127.0.0.1/32
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     127.255.255.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     192.168.2.0/24
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     192.168.2.77/32
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     192.168.2.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     224.0.0.0/4
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     224.0.0.0/4
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     255.255.255.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     255.255.255.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite

With workers bringing their own smartphones and tablets into the company, IT security needs to focus on creating a more secure environment, not on securing each device -Pocket Guide To Securing Mobile Devices – Dark Reading.

Damballa report shows seven new botnets among the top 10 largest; off-the-shelf construction kits dominate list. via DarkReading share- New Botnets Gaining Traction Across The Web, Study Says – Dark Reading.

Researchers say that the rootkit used in the TDL4 botnet has been partially rewritten in what appears to be an attempt by the creators to make it even harder to eradicate. via DarkReading Share -TDL4 Botnet Now Even Harder To Kill – Dark Reading.

Notes

UPDATE – See note at the end of this article.

(This first option of repair the MBR can fix the Win32/Popureb.E virus)

Option 1

Try Malwarebytes, Super AntiSpyware portable in Safe Mode First

Option 2

You must boot the PC into repair mode, hitting F8 before windows starts and select:

Repair my Computer

Select the Command Prompt

The virus may have caused damage to your Master Boot Record (MBR) and Boot Configuration Data (BCD). :

The cool thing I like about my students is listening to them and getting involved with their lives as they move forward with their careers.  With students all over the world, it is great hearing from them.  I tell students how stressful IT can be as they move up the IT ladder. I have my own way to relax by flying real planes and RC planes, shopping for antiques, reading and researching.   Jared Ledlow plays music with friends and has just recently went to work in IT.  Visit his youtube channel and take time to listen to something he composed.   And if you are in IT, find a way to relax.

Running out of hard drive space on your virtual OS?  Here’s how you can increase the size.

(VirtualBox Version 4+)

From the command line, you will need to navigate to the VirtualBox folder under program files. and type the following-

“VBoxManage.exe modifyhd “your.vdi” –resize 25000(new size in mb)       Note: your.vdi may be Windows.vdi substitute the word your with the name of your vdi.

Example :-

C:\Program Files\Oracle\VirtualBox>VBoxManage.exe modifyhd “C:\VM\Windows 7\Windows 7 .vdi”  - -resize 25000

You should see a progress line-

0%…10%…20%…30%…40%…50%…60%…70%…80%…90%…100%

This will increase your hard drive by the size that you specify.

Want to run VirtualBox on a webserver for training or need to run VirtualBox remotely on a webserver?  Need VirtualOSs in the cloud?

Download PHPVirtualBox.  Unzip the files into a folder in your webserver.  Give permissions for web users.  In IIS, right click the folder and give Network Services and the Users permission.  You will also have to give your temp folder permissions.   Rename the config.php-examp to config.php.

If you are running php on your webserver, you can enable the soap.dll in the php.ini file by removing the ; .   Stop and Restart the webserver.

Make sure VirtualBox is installed and an operating system is installed.  Open VirtualBox.

Open notepad and copy and paste the following into a blank workspace.   Save the notepad file as virtualboxweb.bat on your desktop.

cd\
cd\Program Files\Oracle\VirtualBox\
VBoxManage setproperty websrvauthlibrary null
vboxwebsrv.exe >null
pause

Run the batch file.

On a client computer, navigate to http://yourwebaddress/yourfolder/index.htm

Login using admin as the username and password.   Click on file.  Change the login password.    Click on file, log out and now re-log back in to test the password.

You can now run an OS in the cloud.  PHPVirtualBox is an excellent program – information from their website follows-

An open source, AJAX implementation of the VirtualBox user interface written in PHP. As a modern web interface, it allows you to access and control remote VirtualBox instances. Much of its verbage and some of its code is based on the (inactive) vboxweb project. phpVirtualBox was designed to allow users to administer VirtualBox in a headless environment – mirroring the VirtualBox GUI through its web interface.

-phpVirtualBox:

• is designed to be a web interface replacement of the VirtualBox GUI program
• is not designed to run in a “hosting” environment where the concept of VM ownership is required – when you are logged in to phpVirtualBox, you have full control over all VMs in the VirtualBox installation
• aims to perform all VirtualBox administration actions through vboxwebsrv (a SOAP server distributed with VirtualBox)
• does not directly interact with any files on the VirtualBox host
• does not have automatic VM start / stop functionality on system boot / shutdown – this functionality is not provided by the VirtualBox API

A new trend for hacking youtube… last week the Sesame Street Channel and this week ..Microsoft.  Who’s next?

 

Piledriver features an improved core design to bring about performance improvements of 10% over Bulldozer. It features two new instruction sets: FMA3 (Fast Memory Access 3) and Converged BMI (Branch if MInus). It will feature an improved IOMMU (memory mapping unit), referred to as IOMMU v2. Apart from these, Piledriver will fit into the existing ecosystem of AMD FX Processors, consisting of socket AM3+ and AMD 9-series chipsets. AMD is currently referring to the platform Piledriver-based processors will form around themselves as “FX Next”. There is no reason for you to skip Bulldozer for this, our sources told us that Piledriver CPUs can be expected only by mid-thru-late 2012. AMD FX Bulldozer processors are on course for a mid-October launch. via AMD Piledriver to Boost Performance by 10%, Feature New Instruction Set.

“iPads pose the worst risk as far as data leakage in concerned since they are mainly used for consumption of enterprise information in various form of documents,” says Guy Levy-Yurista, vice president of products and development for AirPatrol. “This sensitive info is not properly encrypted, and is rarely confined to the device; it can be easily forwarded to a private account and out of the control of the enterprise.”
via The Three Most Frequently Attacked Mobile Devices – Dark Reading.

ITX is here and these tiny motherboards are less than $100 with CPU.  Now you won’t have a ton of processing power; but imagine the projects!

These atom boards are going to make a huge difference in the way we live.

http://www.itxdepot.com/xcart/home.php

Which anti-malware should you use when removing a virus or malware?  Here’s a list if removal is tough.   These programs can be used for system maintenance.  You should use cleaners such as Glary or CCleaner to clean your computer first.   So boot into safe mode and uncheck all startup items (NOT process) by typing msconfig in the run line.  Then run these programs when removing a virus / malware.

• EndItAll2
• Glary Utilities
• CCleaner
• SmitFraudFix
• Combo Fix
• Anti-Malware Toolkit
• SuperAntiSpyware
• Hitman Pro 
• Trojan Remover 
• The Avenger
• MalwareBytes
•  Vundofix
• Norman Malware Cleaner
• Spybot Search & Destroy
• Roguefix
• Gmer 
• AVG- Antivirus
• Microsoft Safety Scanner
• Microsoft bootable malware remover (system sweeper)
• Microsoft Security Essentials
• Spyware Guard 
• Avira Antivirus
• Advanced System Care
• Dial-a-fix 
• A-Squared Free
• Run Scanner
• MV-Regclean
• Eusing Registry Cleaner
• Spyware Blaster
• HijackThis
• DR Web Live CD
• ClamWin Portable AntiVirus 
• BlackLight
• EasyClean
• DRWeb Cureit
• Mcafee’s Stinger 
•  F-secure Rescue CD
• Kaspersky’s Virus Removal Tools 
• CWShredder
• MSN Cleaner 
• FreeFixer
• Panda Anti-Rootkit
• Sophos Anti-Rootkit
• Old Timers