Sunday, January 30, 2011

Software: Ultimate Windows Tweaker

A web site called The Windows Club has created a tool they called Ultimate Windows Tweaker which in summary is a "TweakUI for Windows 7 & Vista". It basically is a GUI tool for modifying the operating system and internet explorer user interface settings

Originally TweakUI was an unsupported utility created byMicrosoft which was part a set of tools called PowerToys that allow you to modify to Windows XP system user interface settings, but was never updated.

Ultimate Windows Tweaker is a portable application (e.g. doesn't require installation), and supports the 32 and 64-bit versions of the OS.

Software: Microsoft Mathematics (Free)

Tackle math and science problems quickly and easily, using Microsoft Mathematics from Microsoft Education Product Center. Here is an excerpt from their site about the product: "From basic math to precalculus, Microsoft Mathematics 4.0 can help you visualize and see mathematical concepts as you’ve never seen them before. This free downloadable tool includes step-by-step instructions and explains fundamental concepts. The wide range of tools to help students with complex mathematics includes a full-featured graphing calculator that’s designed to work just like a hand-held calculator and ink handwriting support to recognize hand-written problems."

Wednesday, January 26, 2011

Software: Attack Surface Analyzer BETA

Microsoft releases new security tool for IT security professional: "Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft's internal product groups to catalogue changes made to operating system attack surface by the installation of new software.

Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface.

This allows:
- Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform
- IT Professionals to assess the aggregate Attack Surface change by the installation of an organization's line of business applications
- IT Security Auditors evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
- IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)"

Tuesday, January 25, 2011

GFI Malware Minute

Malware Minutes are short videos (1-2 minutes) that provide a weekly roundup of top stories from the GFI-Labs Blog, the GFI- Rogue Blog and anything else they think might be of interest.

Friday, January 14, 2011

Amazing and unusual places in Google Earth

To download links to all the places in the video, you need the following .KML file. To download it, right-click, select Save Link As..., save it to your desktop, then double-click the file to open it with Google Earth.

Teach Parents Tech

Google is offering a new service called "Teach Parents Tech" that allows you to send training videos to your less-tech-savvy family members. All you do is fill-out the form and select the training video you want to send them. There are several different videos available. When you choose send, the recipient will receive a link in an email to the content you selected for them.

Tuesday, January 11, 2011

Networking: Enabling/Disabling Network Protocols

To view the available network protocols installed and active on the various network adapters installed on your computer, follow the instructions below:
  • Click the Start button, right-click Network, and then select Properties.
  • In the left pane click Change adapter settings link. This will display a list of all the network devices installed on the local computer.
  • Right-click any of the devices and select Properties.
This will bring up a list of the network protocols installed and active on an adapter. The protocols that are installed but are inactive are indicated by the absence of a check in the box next to them.   To enable or disable a network protocol, check or uncheck the checkbox next to it.

The list below includes names of the default Windows networking protocols and a brief description of what they're used for:

  • Client for Microsoft Networks: Allows access to shared network resources (such as, file and printer sharing that utilize this Microsoft protocol) on the local LAN.
  • QOS Packet Scheduler: Provides network traffic management on the network for applications and devices that support this service.
  • File and Printer Sharing for Microsoft Networks: Used for sharing printers and files attached to the local computer with other systems on the local network.
  • Internet Protocol Version 6 (TCP/IPv6): Next generation TCP/IP network communication protocol for communicating on LANs, WANs or the Internet.
  • Internet Protocol Version 4 (TCP/IPv4): Primary network communication protocol for communicating on LANs, WANs or the Internet.
  • Link Layer Topology Discovery Mapper I/O Driver: Used to discover computers connected to the local network.
  • Link Layer Topology Responder: Used to identify computers connected to the local network.

Web Site: Groupon

Groupon is a deal-of-the-day website that is localized for major geographic markets around the world. The deals generally range from 50 to 90 percent off on dining, events, attractions, and more.

The way the site works is it offers one "Groupon" per day in each of the markets it serves. If a certain number of people sign up for the offer, then the deal becomes available to all.

For more information check out their web site.

Friday, January 07, 2011

Troubleshooting: Account Lock Out Issues

If an account keeps getting locked out whether its on a local computer or a domain controller (depending on the type of network the machine is on).  There are some basic steps you can follow to try to troubleshoot the lockout issue. 

One of the first places to start is to search the event logs on the local computer or a domain controller for account lockout problems. 

Below is a list of common problems that can cause an account to get locked out: 
  • Is the account logged onto more than one machine?
  • Check the following area for processes that could be running under invalid cached credentials:
    • Mapped drives
    • Task Scheduler tasks 
    • System services 
    • Proxy or firewall authentication 
  • Run a malware scan on the local computer.

Note: This problems can also be caused by badly configured security policies on a large network.
Microsoft also offers the Account Lockout and Management Tools that can be used to help troubleshoot these types of problems.  Check out a tool called EVENTCOMBMT.EXE.

Monday, January 03, 2011

Command Line: Display File Attribute with WMIC

If you do any command line scripting occasionally you need to get some extended file attributes, such as version information from an .EXE file. The WMIC command line utility allows you to extract this information and whole lot more.  Over the next few weeks I hope to highlight some of it's power.

I have included some examples of how to use this command below.

Displays All Attributes of the NOTEPAD.EXE
(This command generates a space delimited table of values)
wmic datafile where name='c:\\windows\\system32\\notepad.exe'
- OR -
wmic datafile where name='c:\\windows\\system32\\notepad.exe' > output.txt

Displays Select Attributes of the NOTEPAD.EXE (e.g.: Version Info) 
wmic datafile where name='c:\\windows\\system32\\notepad.exe' get version 

Displays the help information
wmic datafile get /?