All the new bad trojans and other nasty infections on your Windows computer like to hang out in the system restore files. That’s right even after cleaning a spyware riddled machine the unknowing subject can unwillingly wind up re-infecting their computers by launching system restore. Stop that before it happens. Disable system restore and then re-enable it to knock them out the box.
Long ago I fell in love with troubleshooting html code in a little free program called Notepad++. It has an awesome feature that allows you to compare and highlight changes in code or even text files. That’s right you can feed it two text documents and highlight all the differences between the files. This is great for spotting the code changes in a production file and a backup file. It also did the trick nicely to show me the differences in two csv files.
Notepad++ FTW! You can grab the installation files here. Notepad++ is a free notepad replacement application. It numbers lines and has plug-ins that extend its capabilities. All in all this is an awesome application!
My broadband USB card stopped working! I called Verizon and got a new card from their store ASAP – and it was still giving me the same error. So now I know it has to be my computer. I try the card on another system and it works!
Then I take a look at my system. What is new… I installed Conectify to share out my connection with my co-workers. It worked while I was using it but now when I am trying to use my broadband card on the fly it is not working.
I uninstalled conectify and I still had the same error!! I ran a system restore – returning me to a period right before I installed this application. As soon as the system restarted, I was back up and running.
I learned a good lesson today! Never trust your users – even if the user is yourself. Everyone knows that users lie!!
You wouldn’t want to setup RRAS on a domain controller, especially if you are multihoming the machine. Multihomed DCs are not recommended due to the numerous errors generated with DNS and the multiple names registered. Causes issues with AD.
You can do it without AD. It’s NOT required. Install it on a member server! Do not install RRAS on your DC – ESPECIALLY if you have multiple nics!
If you are using it for VPN, you can use the local machine’s user accounts to authenticate users, or if using for NAT, no problem. Even if you have AD, you would still want to put RRAS on a member server.
We recently read a wonderful write-up on speeding up your Windows 7 box and they included other tips and hints as well. Definitely check this out before you jump on the Windows 7 Bandwagon. Check it out here.
Here is a quick snippet:
Choose Windows 7 32-bit if you have:
- 3GB or less system memory
- Dual core or single core processor
- Built in graphic card
- 250GB or less hard drive
Choose Windows 7 64-bit if you have:
- 4GB or more system memory
- i7, Dual core or Quad Core processor
- Dedicated PCI express graphic cards such as Nvidia or ATI
- 250GB or larger hard drive
Now that that’s out of the way – on we go to the good stuff…
1.0 Disable Unwanted Services
Windows 7 enables services that aren’t necessarily required by default. You can relieve a huge amount of system resources by disabling these services or setting them to “Manual mode”. Configuring a service to this setting means, it doesn’t start automatically, but rather only when it is required.
After the fiasco a short while back users are scared of storing data on dropbox. Don’t be! Just follow DropBox’s recommendation to ENCRYPT! Check out the snippet below or this link:
This note is intended mainly for users of a laptop computer to protect their data from the action of thieves.
Privacy is the ability to protect your data from being read without your authorization.
A good way to prevent a thief or other nosey parties from reading your data is creating an encrypted volume in your Dropbox folder with FreeOTFE or TrueCrypt, and storing there the data you want to keep secret. See their website for instructions on creating and mounting an encrypted volume.
If you use FreeOTFE or TrueCrypt, you must unmount the volume before it can be uploaded by Dropbox. You will need to remount (and supply the password again) to view any files in the volume. You should also avoid making changes to the volume on more than one computer at the same time, since Dropbox would be creating a conflicted copy of the entire volume, rather than one single file, if multiple conflicting changes are made at the same time. The security of this approach depends almost entirely on the strength of your passphrase!
On Mac OS X you can also create an encrypted Disk Image (.dmg) using Disk Utility (normally found in /Applications/Utilities). Alternatively, you may encrypt your entire home directory using FileVault (System Preferences -> Security -> FileVault).
Did you know that Microsoft has made major changes in Windows Server 2008 R2 over regular old plain Jane Windows Server 2008. Well they did and you can read about the changes right from the horses mouth below. Just click on each of the links to hit the Microsoft documents for any of the updated topics below:
The Windows Server® 2008 R2 operating system includes changes to Windows Server® 2008 features and technologies that help improve the security of computers running Windows Server 2008 R2, increase productivity, and reduce administrative overhead. The following topics describe some of these features and technologies.
For a downloadable version of this document, see Changes in Functionality in Windows Server 2008 R2 in the Microsoft Download Center.
- What’s New in Active Directory Certificate Services
- What’s New in Active Directory Domain Services
- What’s New in Device Management and Installation
- What’s New in Distributed File System
- What’s New in DNS
- What’s New in Failover Clusters
- What’s New in File Server Resource Manager in Windows Server 2008 R2
- What’s New in Group Policy
- What’s New in Hyper-V in Windows Server 2008 R2
- What’s New in Microsoft iSCSI Initiator
- What’s New in Microsoft Multipath I/O
- What’s New in Network Access Protection
- What’s New in Network Policy Server (NPS)
- What’s New in Networking
- What’s New in NTFS
- What’s New in Offline Files
- What’s New in Performance and Reliability Monitoring
- What’s New in Print and Document Services
- What’s New in Remote Desktop Services
- What’s New in Security in Windows Server 2008 R2
- What’s New in the Server Core Installation Option
- What’s New in Server Manager
- What’s New in Services for NFS in Windows Server 2008 R2
- What’s New in SMB
- What’s New in the Web Server (IIS) Role (IIS 7)
- What’s New in Windows Deployment
- What’s New in Windows Deployment Services
- What’s New in Windows PowerShell
- What’s New in Windows PowerShell Cmdlets for Roles and Features
- What’s New in Windows Search, Browse, and Organization
- What’s New in Windows Server Backup
- Other Changes in Windows Server 2008 R2
It took a while to get out of the habit of using Manage from right clicking on My Computer to manage my server. After all it has been embedded in my head over the last several years. Now with Windows 2008 we have a new application or console called Server Manager.
Now you can use Server Manager to manage and control your server. Check out what you can do with Server manager:
The Server Manager console in Windows Server 2008 R2 eases the task of managing and securing multiple server roles in an enterprise. Server Manager guides administrators through the process of installing, configuring, and managing server roles and features that are part of Windows Server 2008 R2. In Windows Server 2008 R2, a server role describes the primary function of the server. Many of the management consoles used to manage Windows Server 2008 R2 have been updated or completely redesigned to help reduce your administrative effort.
Server Manager replaces several features provided in previous versions of Windows Server, including Manage Your Server, Configure Your Server, and Add or Remove Windows Components. Server Manager also eliminates the requirement that administrators run the Security Configuration Wizard before deploying servers—server roles are configured with recommended security settings by default and are ready to deploy as soon as they are installed and properly configured.
There are many ways to tell what a NIC’s MAC address is. But here is a quick DOS command to add to your tool belt:
How can you forget that one?!?
I was working with a junior admin the other day. He was playing with DHCP in the lab and he was having issues with comprehending how DHCP actually works. After setting up the DHCP server, authorizing and setting the scope up I asked him to explain the process a client goes through when requesting a automatic IP address from DHCP. He could not. So that brought me back to the old days and the acronym DORA. DORA stands for Discover, Offer, Request and Accept. If anyone ever asks you about the DHCP process simply say Discover, Offer, Request and Accept (not DORA!)
Do you have any admin words of wisdom for new admins recently getting into the business?