ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Emad R
    3. Best
    • Profile
    • Following 3
    • Followers 3
    • Topics 171
    • Posts 1,332
    • Groups 0

    Posts

    Recent Best Controversial
    • RE: What is the best way to get reloaded Windows 7 up to date?

      Does this help:

      http://www.softpedia.com/get/Antivirus/Security-and-Critical-Releases-ISO-Image.shtml

      https://support.microsoft.com/en-us/help/913086/security-updates-are-available-on-iso-9660-dvd5-image-files-from-the-microsoft-download-center

      Contains security updates as ISO images, This DVD5 ISO image file from Microsoft contains the security updates for Windows this does not contain security updates for other Microsoft products including Microsoft Office. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update in the case that they don't use Windows Update or Windows Server Update Services.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Port from SW - Salt master rsa key issue

      I too, not an expert, more like playing with salt and you seem like you know more about it than me, but this one liner helps me when I feel something is cached in the setting, or command fails cause its already running:

      salt '*' saltutil.kill_all_jobs && salt-run cache.clear_all && salt '*' saltutil.clear_cache && salt '*' saltutil.sync_all
      
      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Remix Mini: as a Thin Client

      @scottalanmiller @bigbear

      Yup ads, and the all the banners you get with android platform displaying marketing stuff.

      posted in IT Discussion
      Emad RE
      Emad R
    • F***kin WannaCry

      Second time get detected in my system.

      I first noticed it cause Windows Firewall kept not saving my options, and keep turning on and off, it was peculiar how every-time I opened Windows my firewall kept asking to allow the same programs I previously granted, like it reset every-time its options.

      Do note I patched my system with KB4012212 long time ago, like 3 or 2 months ago.

      But what I noticed while I was playing around with Salt and testing stuff today, If I go under my Machine Task scheduler, I found the weird tasks again:

      Mysa1
      Mysa2
      ok

      I dont know how they got re-created, I was just in safe mode and doing full system scan and nothing appeared there, but after search I noticed those tasks are related to Wannacry, my system looks okay so it was the first time this happened.

      The first time using mbam latest was able to detect Ransomeware.Wannacry and removed it, then I formatted all USB drives, and scanned with Sophos AV and Anti-Rootkits, and ADWcleaner, and I deleted those tasks...

      Today they appeared again ??? from where I have no idea, I dont open any ports on my machine, except one for speeding up a game, and I do not use CIFS or SMB or Samba on my machine.

      Weirdly the first time this got detected was 1-2 weeks ago, and mbam (malware bytes) removed it , and I checked all my files and nothing got encrypted. it seems the same thing now, I already made backup and tested and nothing got encrypted...

      Weird...

      2_1498584669204_2017-06-27 20_29_02-Task Scheduler.png 1_1498584669198_2017-06-27 20_28_55-Task Scheduler.png 0_1498584669197_2017-06-27 20_29_07-Task Scheduler.png

      Hope those tasks help somebody to identify infected computers.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: F***kin WannaCry

      https://www.cyphort.com/eternalblue-exploit-actively-used-deliver-remote-access-trojans/

      According to this site:

      It creates a job file “Mysa” that would download a file a.exe via FTP from BAD SITE
      
      Then it will execute c.bat and execute another DLL file item.dat:
      
      rundll32.exe c:\windows\debug\item.dat,ServiceMain aaaa
       
      2nd Stage Payload: Item.dat
      
      We were not able to capture item.dat from our own server. This file is saved as C:\Windows\debug\item.dat and the [cmd] command expects it to be there. We believe that this is the second stage payload. 
      

      It appears that the Virus is not reaching the second state, but it advertising my machine, cause the filte item.dat and ok.dat are not found in my:

      C:\Windows\debug

      It seems the UK guy that purchased the domain of Wannacry might saved my ass.

      but this is good info for people that wants to fight this, but I wonder how did those tasks got re-created, I ran :
      schtasks /delete /tn * /f
      Last time...

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Open Source Hypervisors: do we really have them? do we really need them?

      @scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

      @matteo-nunziati said in open source hypervisors: do we really have them? do we really need them?:

      KVM/libvirt is basically a Red Hat show. If Red Hat will drop KVM there will really be someone which will step up and will continue the development?

      It's not owned by or controlled by RH. RH is not likely to drop it, less likely that MS dropping Hyper-V. Knowing that someone else will pick it up and that all they will do is lose control is one of the many benefits of open source to us, the consumers. It keeps RH from dropping things in a way that we don't have protection with for closed source.

      KVM is part of Linux, not RH. It's heavily contributed to by Canonical and Suse but, more importantly, IBM. Even if RH walked away today, KVM is not in the slightest danger. If MS did that to Hyper-V, it would be over - period.

      So yes, the open source nature here provides us the most extreme level of benefits and protection that exist in the industry.

      In world where every good opensource project gets forked at least 2 times... ahm ahm Keepass and KeePassX
      and KeePassXC. Firefox and its other clones. Chromium based browsers.

      Even if the worst scenario happened and all abandoned the KVM train, we would have XKVM and KVM+ and KVMnot in mere days.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Open Source Hypervisors: do we really have them? do we really need them?

      @matteo-nunziati said in open source hypervisors: do we really have them? do we really need them?:

      ok put this simply. I go open source because it has more benefits then freeware. So I pick projects which do not depend on single corporate devel groups. Assume XAPI is not this. at least for the sake of stats I've extracted from git.

      you go on premise with KVM on CentOS OR with Xen on opensuse leap (I would not go on ubuntu or debian - that's another topic).

      Then I have to administer it. all open source because it pays more than freeware. I will use virt-manager with libvirt. This is ok with KVM even live migration is there. but Xen?
      it starts appearing a bit risky IMHO probably XenCenter is the solution here. ok we hit another problem with XenCenter. just skip it.

      What about open source backup for VMs? To my knowledge you can eihter buy super big NASes for a longer retention policy of the OSes OR you backup the app (as I do in my web apps) and you simply try to make the OS backup irrelevant, AKA DevOps style a-la salt/ansible.

      Otherwise you need baremetal-like restore of the OS. Which open source project does this?

      Of course a proper mix of LVM snapshots, mount, rsnapshot (rsync) can do the work, but home made backup solution is probably NOT the way I would go in SMB (I did it with KVM just at LVM level, no dedup with rsnapshot - and retention was poor).

      just link me to a proper quick to setup solution and honestly I will be able to sold benefits of opensource over freeware.
      I miss this now. Then I will be able to sold openness even at hypervisor level not only application/OS level!

      Sadly the main reason why folks choose other than KVM is the above. The time and research and method and custom scripts is what KVM all about if you ask me. Just document your trial and errors and you will eventually have all this.

      What I do, I have 2 KVM hosts running from centos minimal:

      1. Check CPU support for Virtualization:
        grep -E '(vmx|svm)' /proc/cpuinfo

      2. Install KVM:
        yum groupinstall Virtualization "Virtualization Platform" "Virtualization Tools"

      3. Then make proper selinux and firewall configuration.

      4. Then I load Fedora on my work laptop using virtualbox, and use virt-manager to manage the hosts.

      5. Create passwordless SSH login between the hosts and preferably the virt-manager machine.

      6. Alot of scripts and tools and guides to manage KVM and images got created by me due to going this route, for example I like to start the VM images with thin profile and expand over time, instead of allocating full amount of storage/Defalting the qcow2 image after time for backup or archiving (however I dont recommenced archvie cause qcow2 stores everything in 1 file/converting the qcow2 to other formats/ when will new image FVD be ready/ What VIRT IO drivers to install.... etc) The best thing is how simple is its to offline migrate VM images in KVM, and under Fedora there is tool like WinSCP called Gigolo I reckon, and with KVM you just need to copy the image disk and paste to the other Host and BAM, you copied the VM. due to there is no DRM feel or cause the file disk format is OSS everything is clear however with that comes the notion of everything can be setup in 100 diffrent ways.

      If you want to bypass all this just get ESXi licensed, and your set.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: SaltStack Windows Playbooks

      My Favorite Ultra-VNC setup:

      Not all issues can fixed from command line alas, thus this recipe:

      uvnc:
        file.recurse:
          - source: salt://uvnc
          - name: 'c:\salt\uvnc'
          - makedirs: True
        cmd.run:
          - name: 'c:\salt\uvnc\state.cmd'
        module.run:
          - name: firewall.disable
      

      remeber to re-enable the firewall of the client when finished. (salt "client" firewall.enable)
      you will need to create uvnc folder (get it from UltraVNC portable builds) folder in your Salt master, in /srv/salt

      in it :

      • winvnc.exe

      • UltraVNC.ini

      • state.cmd

      • SecureVNCPlugin32.dsm (Optional Encryption plugin)

      • Server_ClientAuth.pubkey (Optional Encryption server SSL handshake check)

      And in the state.cmd put the following:

      taskkill /f /im winvnc.exe
      sc stop uvnc_service
      sc delete uvnc_service
      "c:\salt\uvnc\winvnc.exe" -install
      "c:\salt\uvnc\winvnc.exe" -startservice
      sc config uvnc_service start= demand
      ipconfig | findstr /i "ipv4"
      

      And whenever you want to connect to client, run this in salt master:
      salt '172' state.apply uvnc

      And you will see the IP of the client, you will need to match the IP and if you made any custom setting like port number/encryption plugin with vnc viewer and connect to client.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Is Ubuntu more secure then CentOS out of the box?

      @aaronstuder

      OpenSSH installation is the one thing I always have to do when installation finishes with Ubuntu Servers, so it is always an extra step for me. And I dont like how they are messing with openssh config frequently lately.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: CoreOS vs CentOS for Containers Deployments

      @alyragab

      I used CoreOS abit, but only for learning. And it is made specifically for containers. and nowadays containers are not just containers there are many other topics like fleet management (Kubernetes) and all the advanced stuff if you want this go with container specific OS like Core OS, however if you just want to run a couple of containers like mysql/php/nextcloud and play with things go for Centos (and check if Ubuntu server has an updated build of docker or not , and weight that as well).

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Fedora 26: time to go upgrade

      @fateknollogee

      LXQT SPIN ROCKS

      coming from LXDE Spin, this stuff is amazing:

      1_1499793653427_2017-07-11 20_20_06-Test [Running] - Oracle VM VirtualBox.png 0_1499793653423_2017-07-11 20_17_33-DeadByDaylight.png

      Great new customization options, very easy to use, previous LXDE 25 I had to use bashrc and terminal for customization

      Webkit QubZilla beats Midori

      No screen tearing like in Old LXDE 25 spin due to no compositor.

      Everything is smarter and better

      Thanks to Fedora and LXQT team and also LXDE (I think they are the same).

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Decision on Remote Support Tool- ScreenConnect

      If they are windows client go for my salt stack on centos uvnc script

      https://mangolassi.it/post/315151

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: How Many Windows Server VMs Can You Run on Hyper-V SAMIT Video

      @scottalanmiller

      WOah Hyper-V is for free for real, i just downloaded it (2016) and toyed with it, cause of this video.... I always thought it is not

      And yh downloaded from evaluation site but MS listed as unlimited, amazing video.

      But after using it for the first time, its meh.. it opens cmd window + command line wizard, I wouldnt use it if starting from scatch it likes to be used from AD domain but you can use it without it domain via:

      Step 1

      Enable WinRM on both machines. This can be done trough an elevated command prompt. The command used for enabling WinRM is:
      
      winrm quickconfig
      

      Step 2

      On the Hyper-V Management client open cmd.exe as administrator and add the server as a trusted hosts. Here you can comma separate to add multiple machines.
      
      winrm set winrm/config/client @{TrustedHosts="192.168.1.15"}
      

      Step 3

      On the Hyper-V Management client add credentials to make the connection possible.
      
      cmdkey /add:192.168.1.15 /user:ADMINISTRATOR /pass:**********
      

      Its performance is okay, I managed it using Hyper-V manager in WIndows 10, and it feels very limited.

      I loved that they kept notepad.exe and taskmgr.exe in the HyperV server, I can launch those and avoid Windows command line.

      Notepad.exe --> File --> Open (GREATEST HACK EVER)

      I dont know why GEN 2 cannot be installed from host CD/DVD rom, and GEN 1 can.

      Also it is very difficult to share files or send files, like I am used with WinSCP or SFTP protocol with Linux and KVM, the sharing module is removed in HYPER-V I tried to share but was unable to, kept giving me errors.

      Oh and they provide the hyper v integration as cab file (guest agent):
      windows6.x-hypervintegrationservices-x64.cab

      I cant belive I complained when VIRT IO Tools was repackaged some time ago and they changed some folders in there ISO image, while MS gives you a .cab file and not even an executable.

      Also moving the VMs between 2 HYPERV needs FQDN

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Windows restore from system image (Windows 7 Professional)

      @g-i-jones

      Maybe the system image restored failed due to errors found in the failing HDD.

      Why dont you just backup the data of files in :

      C:\Users
      And the other drives besides C using a light Linux Live OS (Gparted) or WIndows recovery enviroment.
      And take his browser profile, and bookmarks.

      Thats what most users need anyway.

      Installing Windows 7 or any windows from scratch takes 5-10 mins on good machines and 15-20 on slow ones. then restore the data.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: If a business were all linux would they use Office 365

      @dashrender said in If a business were all linux would they use Office 365:

      @stacksofplates said in If a business were all linux would they use Office 365:

      @coliver said in If a business were all linux would they use Office 365:

      @wirestyle22 said in If a business were all linux would they use Office 365:

      @coliver said in If a business were all linux would they use Office 365:

      @wirestyle22 said in If a business were all linux would they use Office 365:

      @coliver said in If a business were all linux would they use Office 365:

      @dashrender said in If a business were all linux would they use Office 365:

      @coliver said in If a business were all linux would they use Office 365:

      @wirestyle22 said in If a business were all linux would they use Office 365:

      @coliver said in If a business were all linux would they use Office 365:

      What prevents them from using O365? It's generally one of the least expensive enterprise email solutions available.

      I think he means with full features

      What features would be missing? Email, calendaring, contacts, OneDrive, Sharepoint, Skype for Business, are all available on Linux in one form or another.

      Well specifically you left off all of the MS Office apps that can be installed locally. But I'm pretty sure it was Scott who said that WINE was originally created because someone wanted to run MS Office on Linux OSes

      What benefit does Microsoft Office provide to a Linux shop that LibreOffice doesn't provide?

      Libreoffice often requires conversion of the more complex office documents. If you can't seamlessly open them and have everything displayed correctly it's not very useful IMO. It's a little different if you're just starting your company and it starts as linux right in the beginning though.

      The topic was about a Linux shop. If we're talking about a mixed shop you have a point, although it's not as big of an issue lately as it has been in the past.

      They are likely to receive some type of office documentation via e-mail here so I'm considering that too

      Any received or sent document shouldn't be in a doc format. They should be sending, and expecting, documents in pdf.

      Bah I responded before I read the whole thread.

      Unbelievably, we get quotes that are in all the time in both xls and doc.

      I tried blocking doc/docx, etc at the spam filter and the world went into a tail spin!

      I once did similar thing and nearly got fired, I blocked email with macros attachment and the financial department went nuts.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Windows restore from system image (Windows 7 Professional)

      @g-i-jones @Dashrender

      Really? When was the last time you install Windows 7? It took over 5 hours to install all the updates.

      In I.T bench world, you can tick the option to install updates automatically, and give the client the machine and it will install updates by itself. No one has to babysit the whole thing (unless you really love that person you are helping).

      Also I love system image modder by the name of murphy78, what he does is incorporates Windows 7 updates in the base installation image, without corrupting anything (and I trust him after following many of his releases).

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Windows restore from system image (Windows 7 Professional)

      @jimmy9008 said in Windows restore from system image (Windows 7 Professional):

      @emad-r said in Windows restore from system image (Windows 7 Professional):

      @g-i-jones @Dashrender

      Really? When was the last time you install Windows 7? It took over 5 hours to install all the updates.

      In I.T bench world, you can tick the option to install updates automatically, and give the client the machine and it will install updates by itself. No one has to babysit the whole thing (unless you really love that person you are helping).

      Also I love system image modder by the name of murphy78, what he does is incorporates Windows 7 updates in the base installation image, without corrupting anything.

      Yeah, can do this but every so often expect the call: "My PC that you repaired yesterday is so slow." - They won't appreciate it's doing a bazillion updates. IMO - should get to them up to date and ready.

      It all depends on the user... is the user good to you ? did he ever provided with sweets or offered food ? if not he gets the Vanilla Windows 7.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: virtualize all the things... ?

      @bj

      The only thing I can think of you may not want to virtualize is VPN server.
      cause if you want to reboot the Host hypervisor for whatever reason (maybe shutdown by disaster and not choice), it is bit tricky to diagnose and running when you cant connect especially if your working from home.

      I reckon the AMD AM1 platform is an excellent platform for VPN server, especially if you get motherboard that gets charged using laptop charger (AM1H-ITX) you are free to experiment and deploy whatever VPN solution you want , or purchase a commercial VPN box.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: virtualize all the things... ?

      @scottalanmiller said in virtualize all the things... ?:

      @emad-r said in virtualize all the things... ?:

      @jimmy9008 said in virtualize all the things... ?:

      @scottalanmiller said in virtualize all the things... ?:

      @emad-r said in virtualize all the things... ?:

      Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

      No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

      Agree. Makes no sense. Move the VPN VM to another host before updating the original.

      What if you only have 1 enterprise grade server in one site ? and you can just purchase another 3000$ server cause you ran out of budget, but you can get the AM1 AMD platform for 300$ and make it VPN server

      I still don't see the logic. What's the connection between virtualization and all that cost? Why are you not virtualizing on the $300 AM1 board?

      Ahh, now I see what you mean. Btw the board costs 50$ and the CPU that goes on top costs like another 50$ the whole AM1 AMD solution box with RAM + PSU + Drive will cost you = 300$

      Umm, cause it will be only used for that role and that role only, no other thing. But I get your point now. If we want to think about virtualization as "hardware abstraction and driver containment" then it makes sense what you are saying.

      posted in IT Discussion
      Emad RE
      Emad R
    • RE: Hyper-V 2016 Server free file server included ?

      @dbeato said in Hyper-V 2016 Server free file server included ?:

      This will answer this:
      https://www.starwindsoftware.com/blog/part-1-smb-3-0-file-server-on-free-microsoft-hyper-v-server-2012-r2

      thanks, very resourceful. Solved then. I thought I found a hidden Easter egg.

      However, this process is a violation of license agreement, so StarWind urges the readers not to repeat it. As to the reason the process is at all possible, the answer is quite simple: SMB3 is a crucial part of the free Microsoft Hyper-V Server R2 and the latter won’t work if the protocol support is cut out. In any case, a fact that you can do something doesn’t mean you should. Violating Microsoft’s user license agreement is some serious business you don’t want to get involved in.

      posted in IT Discussion
      Emad RE
      Emad R
    • 1
    • 2
    • 8
    • 9
    • 10
    • 11
    • 12
    • 17
    • 18
    • 10 / 18