OS Fingerprint

Ping:
By default,
if TTL <= 128, the os is windows.
if TTL <= 64, the os is lunix.

Active detection
nmap:
nmap -O 192.168.1.1
T1: TCP SYN -> 21
T2: TCP NULL -> 21
T3: TCP SYN|FIN|URG|PSH -> 21
T4: TCP ACK -> 21
T5: TCP SYN -> 23
T6: TCP ACK -> 23
T7: TCP FIN|PSH|URG -> 23
PU: UDP -> 1
T1-T4: TCP OPEN T5-T7:TCP CLOSE PU: UDP CLOSE
According to nmap reply and use the result to compare with the nmap database, the os will be revealed.

Passive detection
p0f: running in a server to monitor incoming/outgoing (TCP/UDP/ICMP) packets, establishing the differential database. p0f will help to know what the source OS is.

Network sniffing
Plain text transfer protocol: TELENT, HTTP, FTP, POP3
Linux tools: Sniffit, Tcpdump, Ettercap, Ethereal.
Windows tools: Cain & Abel, Ethereal.

Automate the installation of Active Directory tools with PowerShell

Import-Module Servermanager
Get-WindowsFeature
Add-WindowsFeature RSAT-DNS-Server -restartAdd-WindowsFeature RSAT-ADDS-Tools -restart
Add-WindowsFeature RSAT-AD-AdminCenter -restart
Add-WindowsFeature RSAT-SNIS -restart

Note: These features require Windows to be restarted, so be advised that Windows may restart without prompting when passing the command to add these features in through PowerShell.

SQL 2008 database Backup and Restore process

Method:
1.Full
2.Differential
3.Transaction Log
4.File and File group backup

Data critical situation level is high. We could use the backup pattern below:
Sun Mon Tue Web Thu Fri Sat
F D D D D D D
T T T T T T
F: weekly Sunday
D: daily Mon, Tue, Web, Thu, Fri, Sat
T: per office hour

Create a backup device
w/ management studio
Server object -> New backup device -> File -> input the name and the location of the backup file

w/ store procedure
use master
exec sp_addumpdevice 'disk', 'MYDATA', 'c:\backup\mydata.bak' //create
exec sp_dropdevice 'disk', 'c:\backup\mydata.bak' //delete
go

Create a backup task
w/ management studio
Server object -> backup database

Setting schedule backup
1.start the sql server agent
start -> all programs -> microsoft sql server 2008 -> configuration tools -> sql server configuration manager -> find 'sql server agent' service
-> start
-> properties -> start method -> automatic

2.start agent xps option
sp_configure 'show advanced options',

go
reconfigure
go
sp_configure 'Agent XPs', 1
go
reconfigure
go

3. create schedule task for automatic backup
w/ management studio
Manage -> Maintenance plan -> maintenance plan wizard -> next -> name 'weekly full', schedule 'change' -> setup the date you need to do the full backup -> choose backup method 'full' -> next -> choose the database you need to backup, check verify backup integrity -> finish.

w/ T-sql
backup database AdventureWorks
to mybackup
with stats = 20

with options
blocksize = if you need to burn the file on a CD, set to 2048, use with format
name = backup set name
description = set backup description
differential: do the differential only, if not set this parameter, full as default
format | no format: set if overwrite the existing backup
compression | no_compression: if need to compress the backup or not, not set as system default value
nounload | unload: set when backup is finished, need to unload the tape or not
restart: if there is a power failure when doing backup, set this option to restart the backup job
stats: sql server is 10% by default, view the backup process percentage frequency

讓 Windows 7、Vista 登入畫面不顯示帳號名稱

「HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System」 中的 「DontDisplayLastName」，將它由「0」改為「1」即可。

Basic Windows PowerShell commands you should already know

1: Get-Help

The first PowerShell cmdlet every administrator should learn is Get-Help. You can use this command to get help with any other command. For example, if you want to know how the Get-Process command works, you can type:

Get-Help -Name Get-Process

and Windows will display the full-command syntax.

You can also use Get-Help with individual nouns and verbs. For example, to find out all the commands you can use with the Get verb, type:

Get-Help -Name Get-*

2: Set-ExecutionPolicy

Although you can create and execute PowerShell scripts, Microsoft has disabled scripting by default in an effort to prevent malicious code from executing in a PowerShell environment. You can use the Set-ExecutionPolicy command to control the level of security surrounding PowerShell scripts. Four levels of security are available to you:

• Restricted — Restricted is the default execution policy and locks PowerShell down so that commands can be entered only interactively. PowerShell scripts are not allowed to run.


• All Signed — If the execution policy is set to All Signed then scripts will be allowed to run, but only if they are signed by a trusted publisher.


• Remote Signed — If the execution policy is set to Remote Signed, any PowerShell scripts that have been locally created will be allowed to run. Scripts created remotely are allowed to run only if they are signed by a trusted publisher.



• Unrestricted — As the name implies, Unrestricted removes all restrictions from the execution policy.

You can set an execution policy by entering the Set-ExecutionPolicy command followed by the name of the policy. For example, if you wanted to allow scripts to run in an unrestricted manner you could type:

Set-ExecutionPolicy Unrestricted

3: Get-ExecutionPolicy

If you’re working on an unfamiliar server, you’ll need to know what execution policy is in use before you attempt to run a script. You can find out by using the Get-ExecutionPolicy command.

4: Get-Service

The Get-Service command provides a list of all the services that are installed on the system. If you are interested in a specific service, you can append the -Name switch and the name of the service (wildcards are permitted). When you do, Windows will show you the service’s state.

5: ConvertTo-HTML

PowerShell can provide a wealth of information about the system, but sometimes you need to do more than just view the information onscreen. Sometimes, it’s helpful to create a report you can send to someone. One way of accomplishing this is by using the ConvertTo-HTML command.

Vendor HotSpot

The Future of Mobile Printing

Print from a Smartphone, from a Tablet, from anywhere!

Learn More »

To use this command, simply pipe the output from another command into the ConvertTo-HTML command. You will have to use the -Property switch to control which output properties are included in the HTML file and you will have to provide a filename.

To see how this command might be used, think back to the previous section, where we typed Get-Service to create a list of every service that’s installed on the system. Now imagine that you want to create an HTML report that lists the name of each service along with its status (regardless of whether the service is running). To do so, you could use the following command:

Get-Service | ConvertTo-HTML -Property Name, Status > C:\services.htm

6: Export-CSV

Just as you can create an HTML report based on PowerShell data, you can also export data from PowerShell into a CSV file that you can open using Microsoft Excel. The syntax is similar to that of converting a command’s output to HTML. At a minimum, you must provide an output filename. For example, to export the list of system services to a CSV file, you could use the following command:

Get-Service | Export-CSV c:\service.csv

7: Select-Object

If you tried using the command above, you know that there were numerous properties included in the CSV file. It’s often helpful to narrow things down by including only the properties you are really interested in. This is where the Select-Object command comes into play. The Select-Object command allows you to specify specific properties for inclusion. For example, to create a CSV file containing the name of each system service and its status, you could use the following command:

Get-Service | Select-Object Name, Status | Export-CSV c:\service.csv

8: Get-EventLog

You can actually use PowerShell to parse your computer’s event logs. There are several parameters available, but you can try out the command by simply providing the -Log switch followed by the name of the log file. For example, to see the Application log, you could use the following command:

Get-EventLog -Log "Application"

Of course, you would rarely use this command in the real world. You’re more likely to use other commands to filter the output and dump it to a CSV or an HTML file.

9: Get-Process

Just as you can use the Get-Service command to display a list of all the system services, you can use the Get-Process command to display a list of all the processes that are currently running on the system.

10: Stop-Process

Sometimes, a process will freeze up. When this happens, you can use the Get-Process command to get the name or the process ID for the process that has stopped responding. You can then terminate the process by using the Stop-Process command. You can terminate a process based on its name or on its process ID. For example, you could terminate Notepad by using one of the following commands:

Stop-Process -Name notepad

Stop-Process -ID 2668

Keep in mind that the process ID may change from session to session.

Transfer Outlook Express email to Windows 7

A few days back a not-so-tech-savvy friend of mine asked for my help. He had purchased a new laptop and wanted to know how to transfer all the old Outlook Express email messages to Windows 7. He promised a fresh Cuban cigar if I could come down to his office and help move the email messages. The thought of sipping excellent Cognac with a Cuban was enough to drag me out on that cold winter night.

In a few minutes I was in front of a brand new Windows 7 machine ready to transfer Outlook Express email to Windows 7. Now there are two ways to do this. The first is simpler and involves importing the messages from a backup of Outlook Express into Windows Live Mail, the Windows 7 email program. But we were really disappointed when this failed. Probably the backup process wasn't done properly, I thought. Or maybe the email folders were faulty (because my friend used to complain frequently of Outlook Express crashes). There was no option but to take the second, more complex route.

Instructions on how to transfer Outlook Express email to Windows 7 - Windows Live Mail

Since I knew Windows Live Mail could import messages from an existing installation of Outlook Express, Windows Mail and Windows Live Mail, the convoluted path I followed was this.

Get Windows Live Mail (WLM) program on the old Windows XP computer which already had Outlook Express. The newly installed email program will automatically import account settings as well as the messages from Outlook Express. Now export the email from Windows Live Mail on XP and move them to the new Windows 7 computer.

• Download Windows Live Mail on the Windows XP computer and install it.


• When Windows Live Mail installs on your XP computer it will detect Outlook Express and copy the email account settings as well as the messages. If it doesn't, read how to copy email accounts from Outlook Express to Windows 7 and then transfer the email messages.



• When all the messages have been moved from Outlook Express to Windows Live Mail on XP, use the Export function of the latter to save a back up of the email to a folder of choice. Copy this entire folder on a flash drive or a DVD. Important: Remember to also move the Outlook Express address book and the email accounts data along with the messages. Shutdown the Windows XP computer because it's work is over.


• Transfer the address book, email account information and exported Windows Live Mail messages (which were originally of Outlook Express) to the Windows 7 computer and dump them in a temporary directory.


• On the Windows 7 computer, open the Windows Live Mail program - it should be factory installed. If not, refer the instructions on how to install the Windows Live Mail.


• But before you transfer the Outlook Express email, import the email account data to avoid configuring Windows Live Mail manually. This will save you time as well as a lot of trouble if you had multiple accounts set up in Outlook Express and / or you don't remember the settings for the account (especially the password and the incoming and outgoing email server details).



• Now with the "File" -> "Export" -> "Messages" functionality, move all the email messages to Windows Live Mail on Windows 7.

As I mentioned at the start, I took this convoluted approach to transfer Outlook Express email to Windows Live Mail on Windows 7 because the O.E. backup failed (for me)... it might just work for you. So try that first - it's easier; read how to copy email from Outlook Express to Windows Live Mail for step by step instructions and screenshots.

Modify Windows Explorer Command Bar for all folders

In last week’s blog, “Use Special Codes to Add Commands to the Windows Explorer Command Bar,” I told you about special codes that exist in the registry that you can use to add commands to Microsoft Windows Explorer’s context-sensitive Command Bar and showed you where to find them. I then demonstrated how to add those special codes to a set of keys in the Registry for the different Library folders.

I also told you there is a key in the registry called Generic for all the other folders that do not appear in any of the Libraries. I then explained that to add commands to the Windows Explorer Command Bars for all the other folders that do not appear in any of the Libraries, you’ll have to do a bit more work. In short, you’ll have to change the ownership and permissions on the key and then add the TasksItemsSelected and the TasksNoItemsSelected keys manually, before you can add the codes.

In this edition of the Windows Desktop Report, I’ll show you how to modify the Generic registry key to add commands to the Windows Explorer’s Command Bar for all the other folders.

This blog post is also available in PDF format in a TechRepublic download and as a TechRepublic Photo Gallery.

Editing the Registry

It is important to keep in mind that the Windows Registry file is vital to the operating system and changing it can be dangerous if you inadvertently make a mistake. As such, you should take a few moments to back up your system by creating a system image in the Backup and Restore tool. That way if anything goes awry, you can restore your system and get right back to work.

To launch the Registry Editor, click the Start button, type Regedit in the Start Menu’s Search box, and press [Enter]. When the UAC dialog box appears, respond appropriately.

The Command Store

Don’t forget that the CommandStore key in the registry contains the codes that are the source of the commands that appear on Windows Explorer’s context-sensitive Command Bar. From within the Registry Editor, navigate to the following folder:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell

When you select shell, you’ll see all the codes that you can use to customize Windows Explorer’s context-sensitive Command Bar. Keep in mind that while each of these keys contains subkeys and other details, you need be concerned only with the names in the shell key. For example, to add the Delete command, all you need to know is the code Windows.delete.

Stay on top of the latest Microsoft Windows tips and tricks with TechRepublic’s Windows Desktop newsletter, delivered every Monday and Thursday. Automatically sign up today!

Changing the permissions

Once the Registry Editor appears, navigate to the following folder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderTypes\{5c4f28b5-f869-4e84-8e60-f11db97c5cc7}

When you do, you’ll see that while the key is technically named {5c4f28b5-f869-4e84-8e60-f11db97c5cc7}, its CanonicalName is Generic (Figure A), which I’ll use from here on out to refer to it. You’ll also notice that the Generic key does not contain the TasksItemsSelected and the TasksNoItemsSelected keys by default. As I said, you will have to add them manually.

Figure A

The CanonicalName is Generic.

However, before you can do so, you will have to change the permissions of the Generic key. To begin, right-click on the Generic key and select the Permissions command. When you see the Permissions For dialog box, as shown in Figure B, immediately select the Advanced button to bring up the Advance Security Settings dialog box.

Figure B

When you see the Permissions For dialog box, select the Advanced button.

Now, select the Owner tab, choose Administrators from the Current Owner To panel, and click Apply. Once the Current owner is set to Administrators, as shown in Figure C, click OK to continue.

Figure C

You will need to change owner to the Administrators group.

When you return to the Permissions dialog box, choose Administrators in the Group or User Names panel and then select the Full Control check box in the Permissions panel, as shown in Figure D. Click OK to continue.

Figure D

You must set the Permissions for Administrators to Full Control so that you can make changes to the Generic key.

Editing the Generic key

Now that you have full control of the Generic key, you are ready to begin editing. To get started, right-click {5c4f28b5-f869-4e84-8e60-f11db97c5cc7} and select the New | Key command. When the new key appears, name it TasksItemsSelected. Then, choose the New | Key command again and create the TasksNoItemsSelected key. At this point, your Generic key should look like the one shown in Figure E.

Figure E

Once you finish this step, you should see both the TasksItemsSelected and the TasksNoItemsSelected keys inside the Generic key.

At this point, I’ll reuse the list of codes that I chose for last week’s article:

• Windows.delete


• Windows.navpane


• Windows.previewpane


• Windows.menubar

Since the Windows.delete code requires an item to be selected, it will be added to the TasksItemsSelected key. The Windows.navpane, Windows.previewpane, and Windows.menubar codes do not require an item to be selected, so they will go in the TasksNoItemsSelected key.

As you can see, the TasksItemsSelected key contains only the String Value titled Default, which is where we’ll put the Windows.delete code. Double-click the Default icon to access the Edit String dialog box. Then type the Windows.delete code in the text box, as shown in Figure F.

Figure F

Just type the Windows.delete code in the text box.

Now, access the TasksNoItemsSelected key, double-click the Default icon, and add the Windows.navpane, Windows.previewpane, and Windows.menubar codes in the text box, as shown in Figure G. Be sure to use semicolons to separate each command.

Figure G

Be sure to use semicolons to separate each command.

At this point, close the Registry Editor and launch Windows Explorer. When you do, you’ll see the new commands on the Command Bar in Windows Explorer when you access any folder, as shown in Figure H.

Figure H

Your new commands now appear on the Command Bar in Windows Explorer for folders that do not appear in any of the Libraries.

Ref link: http://www.techrepublic.com/blog/window-on-windows/modify-windows-explorer-command-bar-for-all-folders/3811?tag=nl.e064

Upgrade security on Secure Shell with a few easy steps

Secure Shell is nearly always put in place as a secure replacement for telnet. It’s default behavior for any administrator. But the problem is, out of the box, Secure Shell isn’t as secure as it can be. There are plenty of ways to take this security measure to much higher levels, but which are the quickest to implement that will gain you the most security? Let’s dig in and find out.

SSH key authentication

No matter how you slice it, if you’re using a password to log in, that password can be cracked. That is a security hole in the waiting. You can get around this by using SSH key authentication. To do this you simply need to generate a key and then copy the key to the correct machines. Here are the steps for this (NOTE: These steps will be illustrated on an Ubuntu client and server):

On the local machine

Open up a terminal window and issue the command ssh-keygen -t dsa. That command will generate a public key that is then copied to your server with the command ssh-copy-id -i ~/.ssh/id_dsa.pub username@destination where username is the actual user name on the remote machine and destination is the actual address of the remote machine.

Now, when you attempt to log in to the remote machine you will be asked for the passphrase of the CERTIFICATE and not the user.

If you are using the graphic desktop you could also click on System | Preferences | Passwords and Encryptions Keys. From this GUI (see Figure A) select the My Personal Keys tab, click File | New | Secure Shell Key, and walk through the creation wizard.

Figure A

From this tool you can manage all of your passwords and your personal keys.

Once the key is created, right-click the key and select Configure Key for Secure Shell. From the new window you will need to add a computer name (the remote machine) and a login name. NOTE: You must already have the login name on the remote machine.

If you are using Windows to log into the SSH-enabled server, you can use the PuTTYgen utility. Download PuTTYgen, start it up, click the Generate button, move your mouse around (during the creation phase), save the public key, and copy the public key to the SSH server.

NOTE: As a precaution you should always enforce password-protected keys. If you allow the key authentication method, you might find some users create password-less keys (for ease of use). This is not safe.

Block root access

This one is critical and should be done on ALL machines that allow secure shell access. Open up the file /etc/ssh/sshd_config and look for the line:

PermitRootLogin

Make sure the above line is set to no. The correct line should read:

PermitRootLogin no

Once you have the file corrected and saved, issue the command:

sudo /etc/init.d/ssh restart

If you attempt to log on to the server using ssh as the root user you will be denied access.

Change the port number

I understand that security by obfuscation is not really security. But in the case of secure shell, the more the merrier. So I am a big advocate of changing secure shell from the default port 22 to a non-standard port. To do this, open up the /etc/ssh/sshd_config file and look for the line (near the top):

Port 22

Change this port number to reflect a non-standard port not in use. You will need to make sure all users that connect to this machine are made aware of this change in port number. You will also want to restart the SSH daemon after you make the change.

To connect to a non-standard port from the command line, you would use SSH like so:

ssh -p PORT_NUMBER -v -l USERNAME IPADDRESS

Where PORT_NUMBER is the non-standard port, USERNAME is the username to connect with, and IPADDRESS is the address of the remote machine.

Final thoughts

Out of the box, secure shell is a fairly secure means to connect to a remote machine. But when you can easily take the default a few steps further into the realm of very secure…the little time you will spend doing so will pay off. As a best practice standard, you should always, at a bare minimum, disable root login…everything beyond that is just icing on the proverbial cake.

The 10 most useful Windows 7 keyboard shortcuts

Along with Windows 7’s new features comes a set of new keyboard shortcuts. This little cheat sheet will help you work more efficiently with the latest version of Windows.

Note: This list is part of Greg Shultz’s comprehensive collection of Windows keyboard shortcuts, available as a PDF download.

The shortcuts

Photo Magician 大量圖檔批次轉檔、改大小工具

Photo Magician是個功能相當簡單的圖檔轉檔工具，主要就是用來批次修改大量圖檔的尺寸、檔案大小與檔案格式。透過內建的「Profile」選單，我們可以快速選擇常見的圖檔尺寸或各種行動裝置如iPhone、PSP、Microsoft Zune或HDTV..等裝置適用的大小。當然也可自行選擇、設定尺寸與縮放比例。

在轉檔之前，也可透過尺寸或檔案大小來過濾要處理或不處理的檔案，另外也提供了一個快速轉檔用的桌面小工具，只要把圖檔拉到視窗中即可快速執行事先選定的轉檔任務，把圖檔輸出到指定資料夾。

 

 

▇ 軟體小檔案 ▇     (錯誤、版本更新回報)

軟體名稱：Photo Magician

軟體版本：1.5.0.0

軟體語言：英文，提供多國語系介面，尚無中文

軟體性質：免費軟體

檔案大小：1.61MB

系統支援：Windows 98/2000/XP/2003/Vista/Win7

官方網站：http://www.sheldonsolutions.co.uk/photomagician/

軟體下載：按這裡

使用方法：

第1步  安裝好並啟動Photo Magician軟體之後，先在「Input Folder」與「Output Folder」欄位中設定好輸入與輸出圖檔的資料夾。

  

 

第2步  接著我們可以從「Select a Profile」選單中點選一個你要的尺寸或規格，也可點選「Custom Width & Height」自行設定轉檔細節。

  

 

第3步  「Conversion Settings」選單中可以設定是否處理次目錄裡的其他圖檔，或者透過圖檔尺寸、圖檔大小來篩選要處理的圖檔。

  

 

第4步  「Options」選單則可設定軟體語言介面與一些圖檔格式的設定。全部設定好之後，直接按一下視窗最下方的「Process xx Image(s)」按鈕即可開始轉檔。

  

 

第5步  轉檔時會有個預覽介面，結束後關閉視窗即可。

  

 

第6步  如果想啟動快速轉檔工具的話，可以先設定好「Output Folder」與「Profile」等轉檔細節，然後再按一下視窗左上角的「Quick Convert Mode」按鈕，桌面上便會出現一個快速轉檔用的小視窗。

以後只要將圖檔拉到視窗中，便可自動透過預先設定過的轉檔方式將圖檔輸出到指定資料夾中。