Want a fast and safer browser? Try Brave

Brave browser is an excellent browser for speed and safety.

Speed and Safety

• Blocks trackers and intrusive ads
• Prevents the 60% page load time latency by blocking ads
• Prevents the 20% load time latency from underlying code or scripts try to learn about you
• Redirects to HTTPS
• Blocks Tracking Pixels and Tracking Cookies
• Blocks harmful advertising

Find rogue APs with Xirrus Wi-Fi Inspector using signal strength and sound

Xirrus Wi-Fi inspector is a free tool you can use to gather information about wi-fi around you.  You can also use this tool to locate APs via sound very similar to using radar and sound.   Have an AP you need to zero in on?  Right Click and locate the AP by using your laptop’s sound.  To stop the sound, right click and end the session.

How to get OpenWRT on a Rosewill RNX-N150RT Router? Flash it to DD-WRT then flash to a TP-Link TL-WR741N. Finish with OpenWRT or Gargoyle and out perform may AC routers.

With a Rosewill RNX-N150RT router, you can flash this simple home router to OpenWRT.   While there are a few hoops to jump through, the process is easy.

1. First flash the Rosewill to DD-WRT by downloading the firmware here.
2. Next flash the DD-WRT firmware with TP-Link firmware tl-wr741nd_v1_v2-webrevert.bin  – Here’s the Google search to find the .bin file.
3. Finally flash the TP-Link firmware to OpenWRT .  You should flash OpenWRT version 12.09-rc1 or later.   You can download the firmware here.   Note:  I had to rename the firmware to factory.bin

Additional note:  You can also load Gargoyle.  See the notes here.

OpenWRT

Gargoyle

SSH using PuttyGen to generate key and then using Putty to access the router

What about performance?  Amazingly this little $14 router wirelessly has been outperforming our AC router.  The wi-fi signal stays strong and steady.

SSL not showing green lock? Here’s some things to try.

Recently we did a certificate request with an IIS server and loaded the received certificates under Enterprise Trust and imported the certificate into IIS.

When we visited the website, we noticed that the newly loaded server did not present a green lock but instead loaded a

• Visit Why No Padlock? https://www.whynopadlock.com/index.html
• Visit Comodo’s SSL Analyzer
• Double check your code of your website to make sure that images and links have https
• Use relative links and not absolute
  • Example – Don’t use Use
• Use IISCrypto.exe from Nartac Software to disable vulnerable encryption methods that may show up on the above websites

Here’s something that will help you – We followed all of the advice above and still received the  favicon and not the green lock  we wanted.

Although the site is encrypted, the green lock missing creates a feeling of not being secure.

Seeking more information, we found that if you hit Ctrl-Shift-j in Chrome, you could see what was not secure.   We found that our customized 404 error was pointing to our IP and using http.

To fix this, we opened IIS and changed the unsecured reference to our 404 error to https and the FQDN (web address).

Running Ctrl-Shift-j again after visiting the site, it then showed no errors.

Be sure to read A Cipher Best Practice: Configure IIS for SSL/TLS Protocol over at Petri and take a look at SChannel information at Microsoft

HDD drive slow? It could be your network card…

Another example of what we thought was a failing HDD, turned out to be a corrupt… Winsock?  A non-profit organization called us today and after running diagnostics on the HDD, turns out the computer lock ups and  experienced freezing along with poor performance.  The problem was the…. network card.

After doing a netsh winsock reset catalog at a command prompt (as administrator), disabling the unused cards on the server after a reboot – the computer acted like a new computer.

Why did this happen?   Being a server, the computer was being accessed remotely and locally.    The network card caused write latency to the HDD by not delivering packets of data or was ‘hanging’ on a request.

See our other post on when your HDD slows down.

Slow performance on your HDD? It may be failing and SMART isn’t detecting the impending drive failure.

If you have enabled caching on your HDD in the device manager and defragged your HDD, you may need to try to clone the drive.  Look at Macrum Reflect for home or Clonezilla in order to clone the drive.  Taking this action may help/save you before the drive fails.

Of course you will optimize your drive, load drivers including chipset drivers or RST for Intel if it applies. You should look at programs along with malware/viruses that may be slowing your drive down.  If everything is clean and drivers are loaded, this poor performance may indicate a failing HDD.

We recently had a server slowing down.   Drivers were loaded correctly, no malware, drive cache was enabled, startup programs were minimal and the transfer rate was below 50 mbps with HDDTune (free).

After trying to clone with software and using a Kanguru to try to clone the drive, these solutions failed- This is RARE.  So what should you be ready to do?  Create backups of your programs and files (including your profile) and get ready to install Windows and your programs on a new HDD.

Remember, if your HDD is rated at 7200 rpm or more and has good cache on board, you may have a drive that is failing even though SMART in the BIOS is enabled.

See our other article on how it could be your network card and not your HDD.

Can’t delete your printer? Try some of these tips.

Printers either install and work flawlessly or they don’t install or give constant problems.  Try these tips.

Start fresh by removing the printer and following the steps below – remember, these tips are NOT just for deleting the printer but for troubleshooting.  Often it is best to run through all of these steps and starting over.

• Can’t delete the printer?  Open the printer icon in the system tray if you have tried to print and it fails to print.
  1. Once you open the icon, cancel the print jobs that may be pending – try deleting the printer now
  2. Open services.msc by using the run line (right click the menu) or click the orb or Windows start icon and type services.msc (Figure 1)
     1. Navigate to Print Spooler and stop the service.  Once the service has stopped, start the service.
  3. Remove any software under Programs and Features that is related to the printer
  4. Still can’t delete the printer?  Open the printer management under the Control Panel and Administrative tools (Figure 2) and delete the printer and associated drives (Make sure you download the latest driver)  Printer Management is found in Pro and Above
     1. Not there?  You are probably running home – Run this command –printui /s /t2 at the command line and delete the printer from the print server screen (Figure 3) – You may have to use this in home editions

Normally removing the printer may stall if their are queued print jobs.   Removing the printer by using the above steps and rebooting will normally remove the printer.

Figure 1

Figure 2 (Pro and above) – Using Print Management under Administrative Tools in the Control Panel

Figure 3 (Home Edition) – Running printui /s /t2 from the run line

RRAS unable to start service (Windows 10)

1. Search for “regedit” using Cortana, then run the regedit command in search results to launch Registry Editor.
2. Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan
   1. Create a new DWORD (Edit > New > DWORD)
   2. Name the new DWORD SvcHostSplitDisable
   3. Open the new DWORD, set the value to = 1, then click OK
3. Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess
   1. Create a new DWORD (Edit > New > DWORD)
   2. Name the new DWORD SvcHostSplitDisable
   3. Open the new DWORD, set the value to = 1, then click OK
4. Restart your PC (Start > Power > Restart)

Stop! Don’t throw that USB away

You may be able to save your USB drive if it stops functioning.   Recently I had a USB drive I use to push firmware on DVRs that did not show its full capacity.   The USB drive could not be formatted and the Disk Management Utility was of no use.

Warning – IF YOU SELECT THE WRONG PARTITION OR DRIVE LETTER, YOU MAY DELETE DATA.  REMEMBER, YOU WILL ERASE WHAT IS ON THE USB DRIVE, BUT  IT SHOULD BECOME FUNCTIONAL.

Open a command prompt as an Administrator and type what is in the bold, CHANGING the partition information and drive letter as necessary.

Follow the steps below to fully ERASE and reset the drive –

Microsoft Windows [Version 10.0.15063]

(c) 2017 Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>diskpart
Microsoft DiskPart version 10.0.15063.0
Copyright (C) Microsoft Corporation.
On computer: SERVER

DISKPART> list disk

Disk ###  Status         Size     Free     Dyn  Gpt

——–  ————-  ——-  ——-  —  —

Disk 0    Online          465 GB  1024 KB

Disk 1    Online         3750 MB  1026 MB

DISKPART> select disk 1

Disk 1 is now the selected disk.

DISKPART> list partition

Partition ###  Type              Size     Offset

————-  —————-  ——-  ——-

Partition 1    Primary           2722 MB    32 KB

Partition 2    Primary            704 KB  2722 MB

DISKPART> select partition 1

Partition 1 is now the selected partition.

DISKPART> delete partition

DiskPart successfully deleted the selected partition.

DISKPART> select partition 2

Partition 2 is now the selected partition.

DISKPART> delete partition

DiskPart successfully deleted the selected partition.

DISKPART> exit

Leaving DiskPart…

C:\WINDOWS\system32>format /FS:fat32 g:
Insert new disk for drive G:
and press ENTER when ready…
The type of the file system is RAW.
The new file system is FAT32.

Verifying 3.7 GB
2%

Notes:  You may have to use the delete partition override if the partition won’t delete

Networking and Internet problems? Try this

Are you having problems with networking or using the internet?  Open a command prompt as an administrator.  Run the following commands (or copy and paste into the cmd prompt) –

route -f
ipconfig /release
ipconfig /renew
arp -d
nbtstat -R
nbtstat -RR
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset catalog
netsh int reset all
netsh int ipv4 reset
netsh int ipv6 reset

Restart your computer

Note:  All advice on this site -should be used at your own risk

What the commands do

route -f    Flushes route
ipconfig /release   Releases IP address
ipconfig /renew     Renews IP address
arp -d                        Flushes ARP cache (association of IP to MAC addresses)
nbtstat -R                Purges and preloads of the NBT Remote Cache Name Table.
nbtstat -RR              Refreshes NetBIOs names
ipconfig /flushdns   Flushes local DNS information
ipconfig /registerdns  Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.
netsh winsock reset catalog  Resets TCP/IP stack

other commands reset registry settings for TCP/IP to defaults

Windows Repair Toolkit

One of the best tools that is currently freeware, Windows Repair Toolkit truly lives up to its name.   I discovered the Toolkit over at What’s On My PC and have been testing it over the past several weeks.   Deliberately trying to break my computer, infect it and use the Toolkit to ‘fix’ the self-inflicted problems on a test computer.

Always backup your computer and run the software at YOUR OWN RISK.

 “Features:
– Download and run “on-the-fly” the best free portable software when it comes to diagnose and solve several kinds of Windows problems. The tools are categorized by their function, and the program will automatically download the correct version for the Windows edition in which you’re working. When you finish, simply uninstall the tool, and all downloaded software it’s also removed. Or you can choose the portable version of Windows Repair Toolbox, and just run it from a pen drive.

– Ability to select several tools to run successively in unattended mode, in order to perform malware removal, system cleaning and repair, and disk defragmentation. A email letting you know that the automatic repair is complete, and containing the logs, can be sent to you.

– Displays relevant information about the computer to be repaired: CPU temperature, name and % of use; amount of RAM installed on the system and % of use; Disk model, capacity, rotation, SATA version, basic health check; amount of free space left in the system partition; Windows edition and install date; System boot time; boot environment.

– Allows you to add your own favorite tools to the program;

– Allows you change the program icon and title bar text;

– Allows you to perform quality assurance tests after the repair is complete;

– Allows you to save notes about the repair process”

– Provides 1-click access to some useful Windows tools.

This slideshow requires JavaScript.

Traveling the internet by Obfuscation

Did you know that DNS converts your friendly name that you type into your url into an IP address?  Did you know ultimately that you can travel the internet using the decimal equivalent?

In other words, you can ping the website that your are going to and use the IP address to navigate the internet to that website.  And it can be further broken down to the decimal equivalent to navigate to a website.

CSG Network has a convertor that converts the IP address to a decimal equivalent.

The Decimal number to a website ….

Converts to IP address…

Website is presented to end user…

More information on the step by step process 

From and old post

 Obfuscation – There’s more to the internet than you know

Obfuscation = bewilderment, confusion

So how is obfuscation used?   Obfuscation is primarily used today by spammers and hackers and even people who code legitimately.  You see, if you type a simple web address’s friendly name into an address line on a browser, that friendly name understood by humans runs out to your ISPs DNS server.   A DNS server is a server that can change your friendly name into an IP address.

In other words, if we went to WordPress.com the scenario above happens.  When you hit the enter key on your keyboard after entering it into your webbrowser, your request would go to your DNS server; change to an IP address based on records in the server and take you to WordPress.com.

If you ping wordpress, you’ll see one of the IP addresses is  76.74.254.126.  So basically your DNS server will use this number to navigate through the routers on the web and ultimately land on the wordpress servers and return their free blogging site’s homepage to you.

IT personnel use these numbers to program routers and any type of node on a network or on the world wide web.

People don’t realize that the internet is just a little more complex than this simple explanation.  The internet also can use hexadecimals, octal, dotless (or less dot) or other formats.  You have to remember that ultimately computers work off of binary and they can go to websites using these formats because it is how these marvelous electronic devices work.

So what if we wanted to go to WordPress?

Friendly name-

http://www.wordpress.com

IP address-

http://76.74.254.126

How about a little hexadecimal in your diet?

http://%77%6F%72%64%70%72%65%73%73%2E%63%6F%6D

DWord anyone?

http://1279983230

How about that hex address?

http://0x4c.0x4a.0xfe.0x7e

Octal work for ya?

http://0114.0112.0376.0176

So how do you convert to these type of addresses?  Here’s a great link with a web convertor that will do it for you.  I also can’t forget this great tutorial on exactly how it works.

It’s a good thing to understand how this works.  Never click on links that are obfuscated or shortened unless you find out what the links are and where they go.  Don’t be fooled by obfuscation….or should I say don’t be bewildered?

IronWASP – Open Source Advanced Web Security Testing Platform

Do you monitor webservers or other servers that are online and want to test their security?

IronWASP is an open-source system that test web application vulnerabilities.  IronWASP is free and GUI based and allows even novice users to use this powerful scanning engine.   Once the scans take place, it can produce HTML or RTF reports.

The scan engine comes bundled with modules such as CSRF PoF Generator, HAWAS, OWASP, SSL Security Checker, WiHawk (checks Wi-Fi router vulnerabilities), XMLChor, IronSAP and more.

IronWASP runs on Windows, Linux and Apple (Mac).

IronWASP also offers a learning center (Youtube videos).  Sample below of WiHawk.  Go over and check out the learning center.

WiHawk – Wi-Fi Router Vulnerability Scanner.

Sample Scan showing some vulnerabilities –

             

Microsoft Attack Surface Analyzer -test your system’s security

Microsoft’s Attack Surface Analyzer will take a quick snapshot of your computer’s state before and after the installation of software.   IT Professionals can asses their organization’s applications.  Other IT personnel can use this to look at the risk of software installed.  Be sure to read Microsoft’s overview of this software.

Scanning (baseline)

Once this scan is ran, a new scan can be ran to compare the newly installed product changes to your computer.

The Report

Why Do You Subnet?

Why? The Golden Question

All over the internet you will find information on ‘How to Subnet’.   Suddenly you are thrown into a world of bits and binary and given charts of ‘How to Subnet’.   But why do you subnet?

Subnets are created to separate areas of your network for security and/or to hold down broadcasts.  Computers constantly ‘talk’ to each other.   If you have a network of 10 computers, the talking (opening files or programs) or broadcasting packets that are sent out during networking is not much traffic at all.   However if you have 10,000 computers talking and passing data, you will have thousands of computers passing data and your network will slow down from all of the information.   If you still don’t understand, invite 10 friends over for a get together.  It’ll get noisy but you can still hear every conversation.    Now, go to a rock concert with 10,000 screaming fans.   Get the picture.

Subnetting allows you to divide areas of your network out to prevent this.   So here comes the golden question.  How can you get them to ‘talk’ when you need to?   With the installation of a Layer 3 Switch or a router, these subnets can talk.

And for all of the folks who know a ton of details on the subject, this is just an example for people who are searching why to subnet.

Other Ways to Divide Your Network

Are there other ways to divide your network?  You can use VLANs.  Devices such as switches allow virtual lans to be set up.    By purchasing managed switches, you can separate different areas of your network thus separating areas for security and holding down traffic.

So now I know why – but how and don’t give me binary and all the fuzzy stuff!

The best explaination I have found is at this link.   A simple chart with examples!

Here’s my example –

Subnetting allows your network to become more efficient and allows you to separate your network by subnets.

Let’s say your network is on a 192.168.1.x numbering scheme.

How do you know what your network is?  Open a command prompt and type ipconfig.   See the gateway?  That is your starting number for your network.   The network allows 254 computers to be in the broadcast domain.

So if you do an ipconfig and see this-

192.168.1.125      – your ip address
255.255.255.0    – your current subnet
192.168.1.1           – your gateway (This is your router or firewall – the point leading to the internet)

Now let’s say you have 20 devices in your network.   How can you effectively hold down broadcast and prevent your router from building tables for each device?  How can you make it more effective and hold down traffic?   Actually without understanding binary, you can do this.   Remember this is basics and should help you understand.

You see under the current network, you can have 254 devices in your network.  Printers, routers, computers, tablets, netbooks, notebooks, etc.    The last set of numbers called an octet only goes from 1-254.   But lets narrow this down.

You can use a CIDR calculator online to determine how to tweak your network.   A good site is Subnet Calculator.   Go there and enter your router’s number in the ip field.   Now go down and enter a number close to the number of devices you have on your network.  In this example, enter 30.

Did you see where the subnet changed to 255.255.255.224?    (Did you notice that 224 + 30 is 254?)

Ok, now open your adapter settings by clicking the network icon at the bottom right corner and selecting Open Network and Sharing Center.

Now click on the adapter settings.

Right click and select properties on your adapter that is active.

Now select Internet Protocol v4

Enter an ip address statically (manually put it in).  Put in your new subnet and your gateway.   You must also put in your DNS or a public DNS server.  You should keep a list of each devices number to avoid any problems.  All ip addresses must be different on each device.

The only valid numbers in this broadcast domain now is – 192.168.1.1, 192.168.1.2, 192.168.1.3 continuing until you get to 192.168.1.30 (remember you chose to have up to 30 devices on your network.)  If you enter any number above this, you will get an error.

Error screen showing an ip address above what you selected.

If you get the above error screen, you have entered an invalid number.

After you select a number between 192.168.1.1 and 192.168.1.30, click OK and exit all screens by clicking OK.

If you do an ipconfig now, you will see this-

When you change subnets as the above example shows, you have to remember that you may lose connectivity to devices such as routers or network printers.   You will need to set devices such as servers and these devices on the same subnet so that whoever is assigned this subnet can communicate with them.

This by no means is a thorough subnetting lesson.   It can become much more complex by introducing multiple routers into your network, DHCP servers or other devices.   This is a simple how-to that shows you how broadcast domains can be more efficient.

Now one more thing.  Want to know how to subnet?  You can use the magic number method.

Patch for Server 2003 and XP for WannaCry

A download link from Microsoft for outdated operating Systems such as Windows XP, Server 2003 and Windows 8.

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

Microsoft Edge Not Working?

Is Edge closing out as soon as you open it?  Is it opening and crashes often?

Here’s how to re-install Edge.

• Open folder options and go to View
• Check show hidden files
• Make sure Edge is closed
• Navigate to c:\users\yourusername\appdata\local\packages
  • Delete the MicrosoftEdge folder
    • You may have to navigate and delete each folder or some files independently

• Type the following at in PowerShell (Run as an Administrator)
• Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml” -Verbose}

 

How to fix ‘Slow Right Click’ anywhere in Windows 10/8/8.1

Does the Right Click menu takes too long to open? Menus open too slowly? Here’s a simple fix to fix all this issues without any software. Fix Windows 10!

Source: How to fix ‘Slow Right Click’ anywhere in Windows 10/8/8.1

Thanks Aaron!

Rockwell Directory Configuration Wizard Unknown Error 0x80005000

Have the above error?  Copy and paste this in a command prompt as administrator.   This will work a majority of the time.   This configuration error re-registers the dlls that may have issues during or after an upgrade.

cd\
cd\windows\system32
For /F %s in (‘dir /b *.dll’) do regsvr32 /s %s
cd\
cd\Program Files (x86)\Common Files\Rockwell
For /F %s in (‘dir /b *.dll’) do regsvr32 /s %s

pause

Note:  You may have to replace the ‘ symbol with the apostrophe.  Also this often corrects other programs that display this error.

 

Speed up your network by disabling the HomeGroup

While we’ve discussed speeding up SQL connections by disabling LLMNR, there’s another way to speed up your network.

If you are not using the HomeGroup feature, a quick way to speed up your network is to disable the services for HomeGroup.  You can either disable both by using Services.msc or go to a command prompt as an administrator and type the following-

sc config HomeGroupProvider start= disabled
sc stop HomeGroupProvider
sc config HomeGroupListener start= disabled
sc stop HomeGroupListener
pause

Results 

29.6% Increase in Writing
14.6% Increase in Reading

Results with Updated Drivers

46.6% Increase in Writing
54.2% Increase in Reading

Food for thought:

• Network speed IS DEPENDENT on hard drive speeds
• Network card optimization (drivers/offloading/type)
• Bus Speeds
• Memory Speeds
• Access Point/Router
• Other

Before

After disabling services (above)

Updated Drivers