Sunday, September 14, 2014

Tools, News and Linkage for the Sysadmins


I’m nearing the end (finally) of clearing out my “to-be-posted” bookmark piles.

What a journey (and long weekend wedded to my desk).

Here is a final collection of linkage with all kings of bric-a-brac.

The Administrator of Things (AoT) – A Side Effect of Smartification - Security Intelligence Blog at Trend Micro - I really get this. All too often I get calls from family and friends asking for advice on the latest technology gadget and what to do. It’s not just enough to buy it and deploy it. Consider a “simple” home router. Sure, I can give you a recommendation, and even set the thing up initially. But what about the long-term support? Firmware updates? Configuration changes when your home-network needs change? What? Lost the WiFi password and it’s the holiday and your relatives are visiting with their new WiFi devices and want to hook in? What’s the password? What’s the risk?!

In the Valca home proper we have BluRay players that need constant firmware updating to playback the newest disks, two “active” Windows laptops, a network-enabled printer, iPhones (x2), an iPad, a 1st gen Kindle and another Kindle fire eReader device. I’ve also got an older laptop and small-form factor PC that I am trying to decide what to do with for “projects”. Yep. Router, switches, as well all reside here.

I’m a tech-savvy person and if I’m not careful, management and maintenance of these devices alone can take up a full month’s of work; wash-rinse-repeat!

How about the non-tech users out there who may or may not have friends or family to help them with?

These devices may get smarter and easier to manage, or they will just go unsupported/unpatched, or maybe new businesses will spring up to meet the consumer device management needs.

Time will tell. I agree that we may just not have SysAdmins but also specialized AoT’s in the present and future.

Updates: Handle v4.0. Procdump v7.01, Procexp v16.04, Regjump v1.02, Autoruns v12.03 - Sysinternals Site Discussion blog

The Case of the App Install Recorder - Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog - SysAdmins! Stop right now. Drop over to that post. Bookmark it and snag the ZIP file of resources. It’s a super-effective way to capture app install events (and with some imagination other events as well). Older (but helpful) video-demo of it in action at Defrag Tools: #81 via Channel 9.

Case of the 8 Minute Windows 8.1 First Logon - chentiangemalc

Case of the Windows 8.1 Audio Glitches - chentiangemalc

Case of the 30 minute Windows 7 Logon - chentiangemalc

All those posts are awesome diagnostic analysis exercises tracking down buggy Windows behavior. They show skilled use of the Windows Performance Recorder from the Windows 8.1 ADK.  If you are curious, I have some related Windows Performance Analysis Toolkit (WPT) linkage on this GSD post Case of the Unexplained Donut of Death.

Weekend Scripter: The WMI Explorer Tool - Hey, Scripting Guy! Blog - The Scripting Guys point to a very exciting WMI tool WMI Explorer. It seems to really expand WMI information lookups.

Analysis of Chinese MITM on Google - NETRESEC Blog - Amazingly detailed post exploring a MITM attack.

NetAdapter Repair All In One - - Advanced network utility that runs from a single EXE file. Requires Admin rights on Windows systems to do most functions. Spotted via this BetaNews article: Troubleshoot network problems with NetAdapter Repair All in One.

WinAudit - CodePlex project page - Recently got an update in June to version 3.0.8 for the interested.

Malwarebytes Anti-Exploit - Free Zero-Day Exploit Protection - Looks like it got bumped to if this is your thing. I’ve not loaded it up yet on my VM where I am experimenting with it. I’ll post an update to see if it fixes some behavior issues I’ve noticed with IE 12. Nor have I had a chance yet to deploy and test GlassWire just yet.

I seem to have a massive iTunes cover art issue!  While most of my track cover-art is correct, much of it is not and I don’t know what happened!  Albums generally are OK but single tracks often pull cover art from entirely unrelated tracks. Strange!  So I’m eager to see if this tip Batch download and embed album cover art from blog can fix things up; two options are presented.

Aside from apparent safe-browsing changes in Firefox 31/32 releases, there have been other more subtle UI changes as well.  The Firefox Extension Guru has some of these covered!

SigcheckGUI - Skwire Empire - Free GUI extension to the command-line SigCheck tool from Sysinternals. Spotted via

USB Image Tool - alex’s coding playground - This “critical” app (to me) creates/restores images of USB drives. Version 1.67 was released based on .NET 4.0 and added some really nice extras. However something with the .NET 4.0 broke the program operation on XP systems so the latest is Version 1.68 that restores .NET 3.5 use to ensure XP compatibility. I suppose if you aren’t running it on XP systems and want to use the .NET 4.0 supported version you could, but you would have had to download it already when first released as it isn’t offered on the previous version links.

Google Software Removal Tool "Beta" - Google - This was a new find yesterday! What does it do? Well, it seems to be a tool offered by Google that scans a system and removes software that has modified the Google Chrome browser functionality/settings.

To be clear, not only does it do a Chrome browser setting factory “reset”, but it will also remove “programs” installed on the Windows system that could negatively (in Google’s evaluation) impact the Chrome browser operation. 

According to the gHacks link below, this tool does not require installation. Download, run, review the findings, and take action accordingly.

It also doesn’t support Chromium and other Chromium-based browsers, just Chrome browser proper.

More references to Google Software Removal Tool

Might be worth keeping it in the toolbox, just in case.

Unfortunately, a listing of the apps Google considers harmful to their Chrome browser isn’t presently offered for review.


--Claus Valca

No comments: