If it has a plug, it's IT stuff


June 26, 2008  1:07 PM

[TLBAT] Keep patches and updates under control with WSUS

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

In my previous articles I’ve described the process to allow several services and servers to be installed for free or at low cost in your network; this post continues with “I want it but I have no budget” philosophy and enables you to have an update and patching system for your network where you can control who, what, when is updated/upgraded.

In order to have a server/infrastructure of servers for the updates in your network, you will need to install the Microsoft Windows Update Services Server 3.0 (a.k.a. WSUS).

Basically with WSUS you can create a local update server where you can control all the updating process for your client’s network. You may choose to download the updates and patches from the Microsoft Update site and store a copy of the files locally in order to save bandwidth; you may only choose to control the approval/denial of the updates and have the clients connect to Microsoft to download the files; you may also create a tier based WSUS structure where a child server receives updates and approvals from the above server and so on.

Once you have designed, planned and installed your WSUS structure you can then use Group Policies, or any other method (e.g. VBScript) to have your clients connect to the WSUS servers in your structure.

First start by downloading this document that describes the process for deploying the WSUS; then you may consider having a look at this site that explains how to implement GPO for the use of WSUS or consider using either VBScript or this Visual Basic 6.0 tool I released some years ago.

This time we have to thank Microsoft for providing another money-saver tool that won’t impact your low budget!!!

Keep on reading my blog and in the end you will have saved lots of buck$ that you may consider to send me via PayPal!! ASD

June 22, 2008  1:40 PM

[TLBAT] Messaging, collaboration, IM …. an opensource alternative to Microsoft Exchange

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

Another post to present a free tool, another post to save your low budget!

When building an IT infrastructure, one of the features you HAVE to consider is to provide messaging and collaboration tools to your customers (normally your employer…alsways remeber: the users are your customers!); considering to buy Microsoft Exchange is always the first choice but as you know this will cost you money that, with some little sacrifices, can be saved.

Once again I’ll focus on a VMWare appliance (ok, it’s clear that I do love VMWare appliances!) that you can download, burn or mount as an ISO image and then start the VMWare machine and have an almost ready tool for the production evironment.

This time the VMWare appliance consists of a Linux based machine (rPath linux) and the preinstalled Zimbra Collaboration Suite 4.5. On this link you can download the ISO image that you can mount on your VMWare Server/Player (more instruction in this previous post) and once you have powered on your VMachine you can have a free, opensource, reliable messaging and collaboration server.

Hereafter some screenshots:

Inbox

contacts

Calendar


June 15, 2008  4:35 AM

[TLBAT] Honey, honey…HoneyPot!

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

In a previous post I suggested you to build a proxy and content filtering solution based on a VMWare virtual machine, in this post I’ll redo the same thing: propose another VMWare appliance that you can mount on your VMWare server, configure and have a ready-to-go tool for your IT environment.

The tool we are going to describe today is a low interaction HoneyPot that will be a central point for your network and avoid spreading of malware and provide you useful information about attacks. This virtual machine, once configured, will act as a computer without patches, antivirus software and that holds sensitive information; this way of acting will attract attackers and malware, it will download a the binary files and study their behavior and provide useful information about the type of the attack, the entry point and so on.

First start downloading the appliance from this site and then read some interesting documentation on the Security Focus website; in this post I won’t provide all needed information about how to configure the virtual machine because this depends on how you want to configure the HoneyPot, in this blog post you can read how to mount the appliance you just downloaded and have it running in minutes.

Whe you have finished the mount of the virtual machine you can access it by using the following credentials:

Username = root Password = pass2cng

[LINKS]

Nepenthes homepage

HoneyBow sensor


June 11, 2008  5:39 PM

ROBOCOPY \\127.0.0.1 \\NEW_LOCATION /E /S *.*

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

Hi folks I’m in a busy period because I’m performing a big change in my life…I’m moving back to north Italy for job purposes and this time I’m bringing my family with me (my wife and our15 month old daughter)!!

Starting next week I’ll be in the Varese’s province (north Italy) for a new job as EMEA Level2 Technical Support Engineer and I’m actually busy with packing, moving the boxes to my parent’s house for later housegoods transportation and so on so I’m not sure when the new posts will be published but I’ll do all my best to accomplish to this.

The new job will be more focused as the previous ones but this won’t change the spirit of this blog that will still aim at providing solutions, possibly for free or at the lowest cost possible, and tips for getting your IT environment the most stable, clean and professional you can.

Up to today I wrote about SQLExpress backup automation, Network Inventory and HelpDesk frontline, a USB swiss-knife, a proxy plus content filtering and a computer imaging solution. The next blog entries will aim at security, CRM and groupware so keep on visiting my blog if you are interested in this matters.

If you are interested in this kind of posts, want to comment or post questions feel free to contact me and I’ll be glad to answer to your questions.

Have fun and wish me all the best for this big change!!


June 5, 2008  7:44 AM

[TLBAT] Proxy server and content filtering

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

In this article I’ll explain how you can have your proxy server and content filtering for your network absolutelly for free allowing you to save at least 1600 USD (Microsoft ISA 2006 Standard Edition)!!

We will use the free VMWare Server and the Squid Proxy + DANS Guardian appliance. The appliances are precompiled and configured virtual machines for the VMWare Server/player that you can download from the VMWare site and that you can “mount” and, with little effort, use in your environment. In addition to the proxy/content filtering machine you may like to add a report generator so you can always have nice reports showing blocked sites/users/ip addresses and more, this good tool is called SARG
The scope of this article is to have a solid proxy server and a content filtering for internet browsing so you can both masquerade your network clients and provide a caching solution that can ease the clients’ surfing experience. In addition you can have a content filtering where you can block/allow access to sites and contents soyou can have a complete control on where/when/what your client computers can do on the Internet.

First download the VMWare Server (about 146Mb) and apply for a free product key; meanwhile I suggest you downloading the VMWare appliance because this will take longer (about 712Mb).

Install the VMWare Server and place the file of the appliance that you just downloaded in a directory that you prefer (normally it is C:\Virtual Machines) . Open the VMWare Server Console and choose File/Open, browse your computer where you saved your file before; this will add the virtual machine to the inventory.

VMWare Server console

Start the machine and follow all the steps requested during the startup process.

Once that the vm has started login with user=root and password=proxy2006 then change password by issuing the passwd command:

Passwd command

 

At this point you can configure your IP address (first you have to configure the VMWare Virtual Networks). To do so you have to:

  1. Login to the VMachine
  2. Issue the ifconfig eth0 command
  3. Read the inet addr value and use it in your internet broswer (Example https://192.168.0.100:10000)

At this point in your internet browser you will have the web interface (Webmin) to the system where you can manage every single setting, from the network configuration, to the startup levels and so on.

I suggest you using the Webmin interface if you are not really familiar with Linux commands or Putty if you want to access the system via SSH console.

At the beginning the content filtering could be really restrictive, I suggest you testing the sites you want to be listed/banned and check/configure the groups (Ex. /etc/dansguardian/bannedsitelist).

After you have configured all the VM settings, the DANS Guardian and so on you are ready to test and implement your solution…we spent about 1/2 hours but saved lots of bucks!!


May 28, 2008  7:51 AM

[TLBAT] The IT swiss-knife

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

In my previous article I wrote about removable media used to access dead/dying computers and I mentioned a bootable USB drive that you can always have with you. Personally I have the USB pendrive always with me because it is tied to my car keyholder.
Let’s describe my USB swiss-knife: it has a bootable WindowsXP that has been built as described here and also features the PortableApps suite loaded with the WireShark utility, the InfraRecorder and all the standard applications that may save you some time on almost every x386 computer.

In addition I added a Tools folder filled with:

BGinfo: This tool adds some useful information on the desktop background and is highly configurable.

Double Driver: Useful for saving all installed drivers that can be used for driver reinstallation after a format.

KeyFinder: It finds the Microsoft Windows XP /Office product key.

Microsoft Key Update Tool: It can change the WIndows XP product key.

HijackThis: Really helpful tool that helps discovering BHO, Hijacks and spywares.

AntiVir : Free antivirus software.

So adding these tools to the PortableApps Suite made my swiss-knife for easy problem solving on most computers.


May 26, 2008  7:20 AM

[TLBAT] Accessing dead/dying computers

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

On my previous article I had a comment about someone trying to access a dying computer where because of wrong drivers, tons of software and other reasons the system couldn’t boot anymore; this article explains my preferred methods of booting a dead/dying computer with an extenal media such as USB or a livecd and perform data recovery, password changes and so on.

:: Booting from USB Drive ::..
This is the slower method but is the more usable seen that not all the times you have your CD case with you so having the USB stick that is bootable and loaded with basic tools is always a good thing; I personally have my USB drive with the car keyholder ;)
My choice goes to PEBuilder that is the most used and reliable technology to build bootable CD/DVDs; this article explains the entire process that enables you to create a WindowsXP bootable USB drive that can be used to access a dying/dead computer and many other useful things (E.g. change the lost local Administrator password!)

:: Booting from CD Drive ::..
Here my choice goes directly to the great UBCD4WIN (Ultimate Boot CD For Windows) that, with its list of preinstaleld tools, enables you to do many useful things directly from a WindowsXP livecd. This saved me a lot of times!!


May 25, 2008  10:30 AM

[TLBAT] Ghosting computers without Symantec’s Ghost

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta
Network management software

At the moment whenever you talk to the IT you may hear “You have to ghost your computer” meaning that you have to create a snapshot image of your computer partitions and store it somewhere. But why people says that you have to ghost it? Because Norton (actually Symantec) Ghost is the leader in this technology but it has a small problem: it costs bucks and you have to spend some money in order to have a business like repository of computer images.

There are many reasons you may need to image computers: it may be for a huge rollout, for backup purposes or for any other reasons that leads you to have a centralized storage for images of the computers in your network.

Seen the spirit of this TLBAT (The Low Budget Admin Tools) section, I alwas prefer to apply opensource/freeware solutions, in this case I suggest you using the PING project (Partimage Is Not Ghost) that says it all: partition imaging is not strictly Ghost! This great tool can be either a bootable cd or a RIS (Remote Installation Services) tool that enables computers in your network to boot from cd/network and save or load an image of their computer to a centralized point.

Once again a great tool, for free and completelly integrable with your Windows environment, I hope someone is enjoying this TLBAT section, if please let me know your impressions through the comments on this blog area.


May 20, 2008  4:47 PM

[HowTo] Have the Windows Explorer shell as a different user

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta
Network management software

You know that you can RUNAS almost everything in a Windows machine…indeed “almost” means that not all the programs, utilities and tools can be RUNASed, especially the Windows Explorer that is really useful when changing file/folder ACL, opening the control panel with admin privileges and other tasks where you obvioulsy need it.

Normally you should logoff the user, logon with admin account and perform your task, but there’s a trick to have the Windows Explorer open with admin privileges.

  1. At the command prompt type your RUNAS command (e.g. RUNAS /USER:DOMAIN\UBERADMIN CMD) and provide your password
  2. Once the new command is open with the admin account, move to the C:\PROGRAM FILES\INTERNET EXPLORER folder (it may be in a different directory depending on your locale settings or installation) and launch IEXPLORE C:\

Et voilà, this will open Internet Explorer but on local drives (it is always the same shell) with your admin privileges activated.


May 19, 2008  8:43 AM

[TLBAT] Network inventory made easy… and free!!

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta
Network management software

Do you want to have a network inventory of computer and devices, do you need an out-of-the-box solution for IT HelpDesk? Here it is…for free!!!

I tested SpiceWorks for a couple of months and I really appreciated this product that comes with a really easy setup process and gives you good results in terms of inventory, reporting and so on.

I suggest you to have a look at this free product that can save time and money for everyone.

P.S. This is not an AD but simply a suggestion!!


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: