Modify Windows Explorer Command Bar for all folders

In last week’s blog, “Use Special Codes to Add Commands to the Windows Explorer Command Bar,” I told you about special codes that exist in the registry that you can use to add commands to Microsoft Windows Explorer’s context-sensitive Command Bar and showed you where to find them. I then demonstrated how to add those special codes to a set of keys in the Registry for the different Library folders.

I also told you there is a key in the registry called Generic for all the other folders that do not appear in any of the Libraries. I then explained that to add commands to the Windows Explorer Command Bars for all the other folders that do not appear in any of the Libraries, you’ll have to do a bit more work. In short, you’ll have to change the ownership and permissions on the key and then add the TasksItemsSelected and the TasksNoItemsSelected keys manually, before you can add the codes.

In this edition of the Windows Desktop Report, I’ll show you how to modify the Generic registry key to add commands to the Windows Explorer’s Command Bar for all the other folders.

This blog post is also available in PDF format in a TechRepublic download and as a TechRepublic Photo Gallery.

Editing the Registry

It is important to keep in mind that the Windows Registry file is vital to the operating system and changing it can be dangerous if you inadvertently make a mistake. As such, you should take a few moments to back up your system by creating a system image in the Backup and Restore tool. That way if anything goes awry, you can restore your system and get right back to work.

To launch the Registry Editor, click the Start button, type Regedit in the Start Menu’s Search box, and press [Enter]. When the UAC dialog box appears, respond appropriately.

The Command Store

Don’t forget that the CommandStore key in the registry contains the codes that are the source of the commands that appear on Windows Explorer’s context-sensitive Command Bar. From within the Registry Editor, navigate to the following folder:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell

When you select shell, you’ll see all the codes that you can use to customize Windows Explorer’s context-sensitive Command Bar. Keep in mind that while each of these keys contains subkeys and other details, you need be concerned only with the names in the shell key. For example, to add the Delete command, all you need to know is the code Windows.delete.

Stay on top of the latest Microsoft Windows tips and tricks with TechRepublic’s Windows Desktop newsletter, delivered every Monday and Thursday. Automatically sign up today!

Changing the permissions

Once the Registry Editor appears, navigate to the following folder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderTypes\{5c4f28b5-f869-4e84-8e60-f11db97c5cc7}

When you do, you’ll see that while the key is technically named {5c4f28b5-f869-4e84-8e60-f11db97c5cc7}, its CanonicalName is Generic (Figure A), which I’ll use from here on out to refer to it. You’ll also notice that the Generic key does not contain the TasksItemsSelected and the TasksNoItemsSelected keys by default. As I said, you will have to add them manually.

Figure A

The CanonicalName is Generic.

However, before you can do so, you will have to change the permissions of the Generic key. To begin, right-click on the Generic key and select the Permissions command. When you see the Permissions For dialog box, as shown in Figure B, immediately select the Advanced button to bring up the Advance Security Settings dialog box.

Figure B

When you see the Permissions For dialog box, select the Advanced button.

Now, select the Owner tab, choose Administrators from the Current Owner To panel, and click Apply. Once the Current owner is set to Administrators, as shown in Figure C, click OK to continue.

Figure C

You will need to change owner to the Administrators group.

When you return to the Permissions dialog box, choose Administrators in the Group or User Names panel and then select the Full Control check box in the Permissions panel, as shown in Figure D. Click OK to continue.

Figure D

You must set the Permissions for Administrators to Full Control so that you can make changes to the Generic key.

Editing the Generic key

Now that you have full control of the Generic key, you are ready to begin editing. To get started, right-click {5c4f28b5-f869-4e84-8e60-f11db97c5cc7} and select the New | Key command. When the new key appears, name it TasksItemsSelected. Then, choose the New | Key command again and create the TasksNoItemsSelected key. At this point, your Generic key should look like the one shown in Figure E.

Figure E

Once you finish this step, you should see both the TasksItemsSelected and the TasksNoItemsSelected keys inside the Generic key.

At this point, I’ll reuse the list of codes that I chose for last week’s article:

• Windows.delete


• Windows.navpane


• Windows.previewpane


• Windows.menubar

Since the Windows.delete code requires an item to be selected, it will be added to the TasksItemsSelected key. The Windows.navpane, Windows.previewpane, and Windows.menubar codes do not require an item to be selected, so they will go in the TasksNoItemsSelected key.

As you can see, the TasksItemsSelected key contains only the String Value titled Default, which is where we’ll put the Windows.delete code. Double-click the Default icon to access the Edit String dialog box. Then type the Windows.delete code in the text box, as shown in Figure F.

Figure F

Just type the Windows.delete code in the text box.

Now, access the TasksNoItemsSelected key, double-click the Default icon, and add the Windows.navpane, Windows.previewpane, and Windows.menubar codes in the text box, as shown in Figure G. Be sure to use semicolons to separate each command.

Figure G

Be sure to use semicolons to separate each command.

At this point, close the Registry Editor and launch Windows Explorer. When you do, you’ll see the new commands on the Command Bar in Windows Explorer when you access any folder, as shown in Figure H.

Figure H

Your new commands now appear on the Command Bar in Windows Explorer for folders that do not appear in any of the Libraries.

Ref link: http://www.techrepublic.com/blog/window-on-windows/modify-windows-explorer-command-bar-for-all-folders/3811?tag=nl.e064

Upgrade security on Secure Shell with a few easy steps

Secure Shell is nearly always put in place as a secure replacement for telnet. It’s default behavior for any administrator. But the problem is, out of the box, Secure Shell isn’t as secure as it can be. There are plenty of ways to take this security measure to much higher levels, but which are the quickest to implement that will gain you the most security? Let’s dig in and find out.

SSH key authentication

No matter how you slice it, if you’re using a password to log in, that password can be cracked. That is a security hole in the waiting. You can get around this by using SSH key authentication. To do this you simply need to generate a key and then copy the key to the correct machines. Here are the steps for this (NOTE: These steps will be illustrated on an Ubuntu client and server):

On the local machine

Open up a terminal window and issue the command ssh-keygen -t dsa. That command will generate a public key that is then copied to your server with the command ssh-copy-id -i ~/.ssh/id_dsa.pub username@destination where username is the actual user name on the remote machine and destination is the actual address of the remote machine.

Now, when you attempt to log in to the remote machine you will be asked for the passphrase of the CERTIFICATE and not the user.

If you are using the graphic desktop you could also click on System | Preferences | Passwords and Encryptions Keys. From this GUI (see Figure A) select the My Personal Keys tab, click File | New | Secure Shell Key, and walk through the creation wizard.

Figure A

From this tool you can manage all of your passwords and your personal keys.

Once the key is created, right-click the key and select Configure Key for Secure Shell. From the new window you will need to add a computer name (the remote machine) and a login name. NOTE: You must already have the login name on the remote machine.

If you are using Windows to log into the SSH-enabled server, you can use the PuTTYgen utility. Download PuTTYgen, start it up, click the Generate button, move your mouse around (during the creation phase), save the public key, and copy the public key to the SSH server.

NOTE: As a precaution you should always enforce password-protected keys. If you allow the key authentication method, you might find some users create password-less keys (for ease of use). This is not safe.

Block root access

This one is critical and should be done on ALL machines that allow secure shell access. Open up the file /etc/ssh/sshd_config and look for the line:

PermitRootLogin

Make sure the above line is set to no. The correct line should read:

PermitRootLogin no

Once you have the file corrected and saved, issue the command:

sudo /etc/init.d/ssh restart

If you attempt to log on to the server using ssh as the root user you will be denied access.

Change the port number

I understand that security by obfuscation is not really security. But in the case of secure shell, the more the merrier. So I am a big advocate of changing secure shell from the default port 22 to a non-standard port. To do this, open up the /etc/ssh/sshd_config file and look for the line (near the top):

Port 22

Change this port number to reflect a non-standard port not in use. You will need to make sure all users that connect to this machine are made aware of this change in port number. You will also want to restart the SSH daemon after you make the change.

To connect to a non-standard port from the command line, you would use SSH like so:

ssh -p PORT_NUMBER -v -l USERNAME IPADDRESS

Where PORT_NUMBER is the non-standard port, USERNAME is the username to connect with, and IPADDRESS is the address of the remote machine.

Final thoughts

Out of the box, secure shell is a fairly secure means to connect to a remote machine. But when you can easily take the default a few steps further into the realm of very secure…the little time you will spend doing so will pay off. As a best practice standard, you should always, at a bare minimum, disable root login…everything beyond that is just icing on the proverbial cake.

The 10 most useful Windows 7 keyboard shortcuts

Along with Windows 7’s new features comes a set of new keyboard shortcuts. This little cheat sheet will help you work more efficiently with the latest version of Windows.

Note: This list is part of Greg Shultz’s comprehensive collection of Windows keyboard shortcuts, available as a PDF download.

The shortcuts

Photo Magician 大量圖檔批次轉檔、改大小工具

Photo Magician是個功能相當簡單的圖檔轉檔工具，主要就是用來批次修改大量圖檔的尺寸、檔案大小與檔案格式。透過內建的「Profile」選單，我們可以快速選擇常見的圖檔尺寸或各種行動裝置如iPhone、PSP、Microsoft Zune或HDTV..等裝置適用的大小。當然也可自行選擇、設定尺寸與縮放比例。

在轉檔之前，也可透過尺寸或檔案大小來過濾要處理或不處理的檔案，另外也提供了一個快速轉檔用的桌面小工具，只要把圖檔拉到視窗中即可快速執行事先選定的轉檔任務，把圖檔輸出到指定資料夾。

 

 

▇ 軟體小檔案 ▇     (錯誤、版本更新回報)

軟體名稱：Photo Magician

軟體版本：1.5.0.0

軟體語言：英文，提供多國語系介面，尚無中文

軟體性質：免費軟體

檔案大小：1.61MB

系統支援：Windows 98/2000/XP/2003/Vista/Win7

官方網站：http://www.sheldonsolutions.co.uk/photomagician/

軟體下載：按這裡

使用方法：

第1步  安裝好並啟動Photo Magician軟體之後，先在「Input Folder」與「Output Folder」欄位中設定好輸入與輸出圖檔的資料夾。

  

 

第2步  接著我們可以從「Select a Profile」選單中點選一個你要的尺寸或規格，也可點選「Custom Width & Height」自行設定轉檔細節。

  

 

第3步  「Conversion Settings」選單中可以設定是否處理次目錄裡的其他圖檔，或者透過圖檔尺寸、圖檔大小來篩選要處理的圖檔。

  

 

第4步  「Options」選單則可設定軟體語言介面與一些圖檔格式的設定。全部設定好之後，直接按一下視窗最下方的「Process xx Image(s)」按鈕即可開始轉檔。

  

 

第5步  轉檔時會有個預覽介面，結束後關閉視窗即可。

  

 

第6步  如果想啟動快速轉檔工具的話，可以先設定好「Output Folder」與「Profile」等轉檔細節，然後再按一下視窗左上角的「Quick Convert Mode」按鈕，桌面上便會出現一個快速轉檔用的小視窗。

以後只要將圖檔拉到視窗中，便可自動透過預先設定過的轉檔方式將圖檔輸出到指定資料夾中。

Backdoor ways to reboot a Windows server

When you need to reboot a Windows server, you’ll occasionally encounter obstacles to making that happen. For instance, if remote desktop services aren’t working, how can you reboot the server? Here is a list of tricks I’ve collected over the years for rebooting or shutting down a system when I can’t simply go to the Start Menu in Windows.

• The shutdown.exe command: This gem will send a remote (or local) shutdown command to a system. Entering shutdown /r /m \\servername /f /t 10 will send a remote reboot to a system. Shutdown.exe is current on all modern Windows systems; in older versions, it was located on the Resource Kit. For more details, read this Microsoft KB article on the shutdown.exe command.



• PowerShell Restart-Computer: The equivalent of the command above in PowerShell is:
  
  Start-Sleep 10
  
  Restart-Computer -Force -ComputerName SERVERNAME


• Hardware management device: If a device such as an HP iLO or Dell DRAC is in use, there is a virtual power button and remote screen console tool to show the system’s state regardless of the state of the operating system. If these devices are not configured with new servers, it’s a good idea to have them configured in case the mechanisms within the operating system are not available.


• Virtual machine power button: If the system in question is a virtual machine, all hypervisors have a virtual power button to reset the system. In VMware vSphere, be sure to select the option to Shut Down The Guest Operating System instead of the Power Off; this will make the call to VMware Tools to make it a clean shutdown. If that fails, the Power Off button will be the next logical step.



• Console walkthrough: In the situation where the server administrator does not have physical access to the system, walking someone through the process may be effective. For security reasons, basically a single user (domain or locally) can be created with the sole permission of rebooting the server. That person could log on as this temporary user, and then it is immediately destroyed after the local shutdown command is issued. Further, that temporary user could be created with a profile to run the reboot script on their logon to not have any interaction by the person assisting the server administrator.


• Configure a scheduled task through Group Policy: If you can’t access the system in any other mainstream way — perhaps the Windows Firewall is turned on and you can’t get in to turn it off — set a GPO to reconfigure the firewall state and slip in a reboot command in the form of the shutdown.exe command executing locally (removing the /m parameter from above). The hard part will be getting the GPO to deploy quickly.


• Enterprise system management packages: Packages such as Symantec’s Altiris and Microsoft System Center agents communicate to the management server and can receive a command to reboot the server.



• Pull the plug: This is definitely not an ideal approach, but it is effective. For physical servers, if a managed power strip with port control is available, a single system can have its power removed and restored.

What other backdoor ways have you used to reboot a Windows server? Share your comments in the discussion.

Ref: http://blogs.techrepublic.com.com/datacenter/?p=3562&tag=nl.e071

10 Sysinternals tools you shouldn't be without

Sysinternals has been around for quite some time and was acquired by Microsoft in 2006. These are great little tools for getting some heavy-hitting Windows things done and sometimes done better than when using the built-in tools for a task. The entire suite of products is available for download. While this is the easiest way to get the tools because they are bundled together, there are some tools that I find myself using far more than others. Here’s a look at my favorite tools in the Sysinternals collection (or the ones that I use the most).

Note: This article is also available as a TechRepublic photo gallery.

1: PsList and PsKill

I listed these together because I typically use them in this order. The goal here is to see processes on a machine — with PsList, I find the process ID, and then use PsKill to terminate the process.

There are quite a few ways to return information with PsList, and the best part is that it works on local and remote machines. PsKill works similarly to PsList except it is used to terminate processes by process ID.

2: Process Explorer

Process Explorer is a great tool for digging into open files or resources. Trying to open a file, but getting a notification that it’s already open? Process Explorer can help determine which application or process has the file open. It is a GUI-based utility and can be used as a Task Manager replacement. The utility has two panes of information. The top pane shows currently active processes on your system and includes information about the name, the account that owns the process, and the CPU usage of the process.

The bottom pane has two modes of operation, handle mode and DLL mode. When handle mode is enabled, selecting a process in the top portion of the window will show you the handles that the process has open. In DLL mode, the pane displays the DLLs and memory-mapped files loaded by the selected process.

3: ZoomIt

ZoomIt is a utility for the public speaker in all of us. When presenting information, sometimes it is helpful to show a certain area of the screen, magnified to call attention to a dialog box or other item. This is what ZoomIt does. When configured, it will integrate with PowerPoint to allow macro keys to trigger functions during a presentation.

4: PsLoggedOn

PsLoggedOn uses a registry scan to look through the HKEY_USERS key to see which profiles are loaded. Looking at the keys with a user ID SID, PsLoggedOn looks up the username of the SID and displays it. This shows you who is logged on in any session to a PC. When querying remote systems, your userid will be found as a connected user session as well. The remote and local users are returned separately to help distinguish logon types.

5: Autoruns

You know how malware likes to invade the startup folder and other locations on infected systems? Seems that these are the hardest things to find and get rid of when trying to clean up spyware/malware/ infections. Autoruns can help with that. It looks through all possible locations where applications can be listed to automatically launch when Windows starts. Then, it displays them in a tabbed, easy-to-follow GUI. You can hide Microsoft-signed entries to eliminate the good items from the list of things that start up on your system.

6: Contig

Some files have trouble with disk defragmenting applications and for one reason or another, can’t be corrected. This is where you might use Contig. It is a single file defrag utility, which can be helpful if you use a file often and suspect it might be suffering from performance issues due to fragmentation.

7: Disk2vhd

Disk2vhd creates a virtual hard disk file from a physical system for use with Hyper-V or even with Windows 7 or Server 2008 R2. Disk2vhd supports Windows XP SP2 and Windows Server 2003 SP1 and higher, including 64-bit versions of these systems.

A great use of this utility might be to create a snapshot of an entire disk for backup purposes. There are also options that allow Disk2vhd to be run at the command line. You can use these options to script vhd creation. Using the utility in this way would allow you to use Task Scheduler and Disk2vhd to create a snapshot of your PC at scheduled intervals with no user intervention. One caveat: When creating vhds, be sure not to attach them to the same system you created them from if you are going to boot from the vhd.

8: MoveFile

As we all know, there are times when files need to be moved or deleted to help get things cleaned off a PC (malware/bots/viruses). Sometimes, this can’t be done because files are in use, which prevents actions on the files until they are closed or the computer is rebooted. MoveFile provides an API that marks files for move/rename/delete at the next restart of the Windows system. Doing this allows the file to be acted on before it is referenced by the system.

9: PSFile

The PStools utilities are all popular and useful, but one that I recently discovered is PSFile. This utility shows files on a system that are open by remote systems by default but that can be passed parameters to return information about remote systems as well. This tool is a good way to check for open files on file servers when users might report read-only issues or have problems getting files to open properly.

10: Sync

This utility was created to mirror a UNIX utility that will allow you to flush cached file system data to disk. Doing this can help prevent problems with lost system information in the event of a system failure and helps to ensure live system information is getting written to disk.

The way I see this being useful depends on how stable your system is. If your computer tends to crash more than you would like (or if you are testing some scenarios), you might create a scheduled task to ensure that the system info is flushed back to disk once per hour or some other predefined timeframe. Another cool thing about this sync utility is that USB or ZIP drives or other removable drives can be flushed. You will need administrative privileges to use Sync.

Install Firesheep on Ubuntu 10.04 or 10.10

This morning I had a little bit of free time so I thought I’d (finally) check out the Firefox extension Firesheep. The main website mentions that it isn’t supported for Linux, but the source code is available and as it turns out very easy to compile. Below are instructions for downloading, compiling and installing the Firesheep security plugin for Firefox.

Get the Source

You’ll need to download the source code from github, which can be done using the following two commands:

git clone https://github.com/codebutler/firesheep.git
cd firesheep
git submodule update --init

These two commands will download the code required to compile Firesheep, putting the source into a new directory called “firesheep”.

Build Tools

To compile Firesheep on Ubuntu 10.04 or 10.10 you’ll need the following development packages installed. Simply copy-paste the following list of packages into your terminal:

sudo apt-get install autoconf libtool libpcap-dev libboost-all-dev libhal-dev xulrunner-1.9.2-dev

On my machine this installed quite a few packages, and while the main Firesheep website lists 10.10 specifically, I had no problems on my 10.04 installation.

Build Firesheep

You’re now ready to compile Firesheep. Run the following command and hopefully you’ll be able to build it without error:

./autogen.sh && make

Install the Plugin

If all is well you should find a new file called ‘firesheep.xpi’ in a subdirectory called build (ie; firesheep/build/). Simply drag-and-drop that file into your Addons dialog box, restart Firefox and you should be set.

I’ve been having some issues in actually capturing data on my Dell D630 with an Intel Pro/Wireless 3945ABG card. It looks like this tool is often hardware specific, so your mileage may vary. I’d be interested in anyone offering suggestions on getting it to capture properly on OS X 10.6 (macbook) or Ubuntu 10.04+.