Vol. 22, #21 - May 22, 2017 - Issue #1132


Cat 1 Mouse 0

 

Free Tool: Permissions Analyzer for Active Directory 

Image

SolarWinds® Permissions Analyzer for Active Directory™ gives you instant visibility into user and group permissions and a complete hierarchical view of the effective permissions and access rights for a specific NTFS file folder or share drive – all from a user friendly desktop dashboard.  Browse permissions by group or individual user, and analyze user permissions based on group membership combined with specific permissions.  Unravel a tangled mess of file permissions: network share, folder, Active Directory, inherent, explicit, calculated and more.

Download the Free Permissions Analyzer Tool Today. 


Editor's Corner


IT security is pretty much a cat-and-mouse game, and in this week's newsletter we start off with what's obviously grabbed the attention of the world at large this last week, namely the WannaCry ransomware and its widespread impact. We then share some interesting news about a keylogger that seems to be hidden in numerous versions of HP systems. Then I demo a snafu I experienced after upgrading one of our Windows 10 systems to Creators Update. All this and more in your favorite weekly IT pro newsletter!

Any kind of extortion attempt that involves making you pay a ransom to ensure your safety or the continuing success of your business can obviously create a high degree of stress for the employees involved -- as this Dilbert comic strip so aptly illustrates:

http://www.wservernews.com/go/yingjjgu/


Ask Our Readers - Isolating "training" network from "work" network

A reader named Alain sent us some details of a wireless networking scenario he is trying to achieve:

Hi Mitch, thanks for continuing the very good WServerNews newsletter -- it always provides good tips. Can I ask you some advice on network setup? I want to extend my current small business network setup which works perfectly for my purposes to have a second "training" network setup so that trainees are not able to access my work network, but still have access to an application on the internet. Here's my scenario:

First Router:

Wireless is setup to have secure WIFI (for our staff to access servers / files /printer etc) as well as Guest access (for visitors in meetings, who can't access our servers etc). Guests cannot access the network. All working perfectly.

New TRAINING Network requirements:

WIFI to be set up with a separate SSID: "Training" with different passcode (to allow access to separate printer on that network), as well as a Separate Guest network which allows internet, but no access to network resources)

Would the settings I have suggested above work out? I need to ensure that there is absolutely no access to our main network connected to the first Router, from anything connected to the second router.

Can any readers provide Alain with feedback and/or recommendations concerning his planned solution? Email us at wsn@mtit.com


Ask Our Readers - CMOS wire broken

A reader named Duff sent use the following question which stumped us (and which I've edited for clarity):

My name is Duff and I am always tinkering with computers. I have an IBM X Series 232 loaded with 4 SCSI 18g drives. My problem is that the CMOS battery holder is snapped at the contact flat wire. Me solder?? No can do. When I boot up the server I get an error msg "NO VIDEO". This server is a true workhouse and I do really enjoy tinkering with it, all 4 drives have WXP sp2, 4 gb of memory and 2 Intel chips running at 1.2 gbps I think, so the Cmos problem prevents the system to run. Can I get someone to tell me how to repair the Cmos holder?

Can any hardware geeky readers offer suggestions for Duff? Email us at wsn@mtit.com

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at wsn@mtit.com

 

WannaCry? Probably!

News about WannaCry is everywhere, so I'm sure our newsletter readers have already become aware of the danger. Derek Kortepeter has published a summary of the situation on our own Techgenix.com website here:

http://www.wservernews.com/go/cm23niw1/


Obviously an important preventative step organizations should take immediately is to make sure all of their Windows machines are fully patched. And for anyone who is still running Windows XP on any of their computers (I personally know several local businesses that are still using XP for their PoS systems) you should immediately download and install the patch Microsoft has specifically created for this out-of-lifecycle operating system -- you can find more info in this bulletin from the Microsoft Security Resource Center (MSRC):

http://www.wservernews.com/go/nq3e764w/

 
Apart from patching systems you should make sure you are backing up all your data regularly, and be sure also to check the integrity of your latest backup to ensure you'll be able to restore from it if necessary. Also remind all your users about organizational policies regarding opening attachments from unknown users.

Have any of our readers' businesses or employers been hit by this infection? What steps have been taken in your organization to mitigate and stop the spread of this malware? And if you haven't been hit yet, what other preventative steps are you taking to protect your organization against it? Share your expertise with our 100k readers by emailing us at wsn@mtit.com


Keylogger found in audio driver package


Modzero, a Swiss IT security firm, reports that they've found what is basically a keylogger in an audio driver package that is included by default on many Windows computers from Hewlett-Packard:

http://www.wservernews.com/go/18qkdqfu/


While the original intention of this keylogging functionality was probably for debugging purposes, its very presence and the fact that it logs all keystrokes made on your machine and then saves these keystrokes to a local file (!) indicates a potentially serious privacy issue should an attacker somehow gain control of your machine. Full technical details of this "exploit" can be found here for those interested:

http://www.wservernews.com/go/qlyv9nc3/

To find out whether your own HP system may be affected, you can review the list of HP products listed near the end of this article from ThreatPost:

http://www.wservernews.com/go/3xj06x1g/


Win10 Creators Update snafu

Speaking of HP machines…so I decided to take the plunge yesterday and update one of the HP Envy laptops in our offices to the latest Win10 version called Creators Update. The update process went smoothly (though it took a long time) but after it was finished and I logged on, the following error dialog popped open:

Image

Oh rats. So I checked the Event logs for anything interesting and found a ton of errors under Administrative Events that occurred during first boot after the update:

Image

An icon in the notification area indicated there was an Action Centre message that needed my attention, so I opened the Action Center pane and was informed I needed to restart my computer to finish setting up the device. There was also some indication in the Action pane that my problem might be associated with an incompatible piece of HP software on my machine:

Image

So I rebooted the machine but unfortunately the error dialog box still opens up at logon. Checking the System log shows that Windows has duly logged an event concerning this:

Image

One other event in the System log suggests to me that this problem is HP-related:

Image

I used the preinstalled HP diagnostic software to see if there were any BIOS updates or other updates for HP applications that might resolve the issue, but this came up empty. So I posted a description of the problem to an HP Support forum and at this time though my post has been read over a hundred times there's been no official response from HP on how to fix.

So I guess we'll hold off updating our remaining Windows 10 HP systems to Creators Update until I can confirm that this particular problem has been resolved.

Have any other readers experienced problems after updating their Win10 computers to Creators Update? Share your stories and any solutions you have found by emailing us at wsn@mtit.com


Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at wsn@mtit.com

Recommended for Learning

Stuck In Traffic -- Why we can't patch WannaCry (Channel 9)

When the flash ransom hit on May 12, 2017, many said "just patch." But we have old equipment. "Just upgrade," they said. Sure. Maybe. But have you seen the IT that powers our manufacturing floors? We won't be able to just upgrade and just patch.

http://www.wservernews.com/go/spus5x1e/

 

Microsoft Virtual Academy

Certification Exam Overview: 70-534: Architecting Microsoft Azure Solutions

Here’s a practical on-demand course for IT Pros looking both to validate their skills at Azure solution design, and preparing for Microsoft Certification Exam 70-534 (part of the Azure Certification series).  Microsoft Certified Trainer Mark Grimes reviews exam concepts – focusing especially on recent updates – and provides exam tips and tricks, plus additional resources. Watch here.

http://www.wservernews.com/go/dm0aygna/


  

Factoid of the Week

Last week's factoid and question was this:

French has no word for "shallow."

Complete the following sentence: "English has no word for _______."

I thought this would be difficult, but readers like Allan from Australia quickly pointed out some examples:

This week's factoid is easy:

 

Unless you consider that purloining German words that have no English translation and calling them English words makes them English, which might not be too far from the truth given that we've been doing that for over a 1000 years now!

Tony from the UK shared an even more well-known example:

English has now word for schadenfreude -- so now we use schadenfreude in English. This is one reason why English has a much bigger vocabulary -- whenever we are missing a word we take from a language that does have it.

John who is also from the UK suggested schadenfreude as well, plus this additional word:

hygge -- a deep sense of place & well-being; a feeling of friendship, warmth, contentment and peace

I actually think there is in fact an English word that corresponds to hygge and it's mmmmm ;-)

Tom who works in Engineering Computer Services at a university in Texas, USA reflected at length on the abundance of German words that have no simple English equivalent:

German is such an odd language with lots of long, narrowly specific words that you could find loads of them. Here are a few:

Some German words have just simply been incorporated into English as is - Ohrwurm (ear worm), Wanderlust, and Schadenfreude are three common ones that come to mind. Zugzwang is used in chess when you're forced to make a move that puts you at a disadvantage.

Love your newsletter!

David from Florida, USA also mentioned Schadenfreude plus a Hebrew/Yiddish word:

Good day (and keep up the good work).

A long-time reader and first time respondent, I have two for you:

Don suggested the following Swedish word as having no English equivalent:

Lagom is a Swedish word meaning enough, but not too much, exactly the right amount but without pretensions of being perfect.

The closest English equivalent I can think of to that one might be "thanks" (?)

Jon says English has no word for saudade and he points to the following New York Times article as confirmation of this:


http://www.wservernews.com/go/nxk49jiu/


Finally, Stephen refers us to this Mental Floss article which lists 15 words that have no English equivalent:

http://www.wservernews.com/go/r8mh53hs/


Several other readers offered additional suggestions but let's leave it here and more on now to this week's factoid:


Fact: In the intro to this week's newsletter I reported that I had experienced a "snafu" updating a Win10 machine to Creators' Update. Not immediately remembering the origin of this word "snafu" I tried searching for a Dilbert comic strip that used it but my search came up empty. So I googled the word and of course I remembered then its military origin.

Source: http://www.wservernews.com/go/aiq2g1r7/

Question: Do you know any more, er…interesting acronym of military origin?
Nothing too raunchy please ;-)

Email your answer to us at: wsn@mtit.com

Until next week, 

Mitch Tulloch

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at wsn@mtit.com

NxFilter is a powerful Java-based web filter which controls access to web sites based on their domain names:

http://www.wservernews.com/go/hn7vnu17/

Block unwanted email on a Mac when you're using Microsoft Outlook:

http://www.wservernews.com/go/007odk12/

AES Crypt is a file encryption software available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files:

http://www.wservernews.com/go/e5ysdfl3/

 

This Week's Tips

GOT TIPS you'd like to share with other readers? Email us at wsn@mtit.com

Office 365 - Backup software

Tony Gore of Aspen Enterprises in the UK shared this tip for our readers:

SyncBack from the Australian outfit 2BrightSparks is an interesting backup program as it can backup to most types of services including an Office 365 SharePoint. I use it to backup different lots of data to different destinations and on different schedules to minimize the possibility of my backups also being hit by ransomware (i.e. if it hit my wife's PC on our home office network whilst I was away and also managed to lock the networked files that she has access to).

You can purchase SyncBack or download SyncBackFree from 2BrightSparks:

http://www.wservernews.com/go/g4a0pwdt/


Office 365 - Picture sync with PowerShell

Rajeev Buggaveeti has a post on his blog showing how you can use PowerShell to enable picture sync between AD and Office365 to ensure that you have the same picture across the workloads:

http://www.wservernews.com/go/b7a4g1ch/


PowerShell - Disable guest OS firewall in Azure VM

Micah McKittrick explains how you can create a PowerShell script to disable the guest OS firewall for an Azure Virtual Machine (ARM):

http://www.wservernews.com/go/qqs0663d/



Events Calendar


Microsoft Worldwide Partner Conference (WPC) on July 9-13, 2017 in Washington, D.C.

http://www.wservernews.com/go/rumh37uq/

Microsoft Ignite on September 25-29, 2017 in Orlando, Florida

http://www.wservernews.com/go/rw1hxlnp/

Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact info@techgenix.com

New on TechGenix.com

WannaCry: The implications of the largest ever ransomware Attack

We tried to warn you, now we must pick up the pieces, analyze the data, and prevent an attack like this from occurring in the future.

http://www.wservernews.com/go/63pqeq0f/

GPU cloud computing: what CIOs need to know

Understand how GPUs in the cloud are enabling the future of computing

http://www.wservernews.com/go/pvoc94jq/


Game of Servers: Tower Servers vs. Rack Servers vs. Blade Servers

Towers, Blades, and the Racks are three different types of servers meant to perform similar tasks of providing services to the clients and applications.

http://www.wservernews.com/go/vznk7wja/


Sign of the times: Microsoft account sign-in process undergoes changes

For those who hate passwords, the new Microsoft account sign-in procedure will come as a relief. For IT pros, the change may make your job a little easier.

http://www.wservernews.com/go/azobos2m/


Top 5 cloud backup solutions for enterprises

Cloud-based backup solutions give peace of mind to businesses that their data and software are accessible in the case of any exigencies. Here are the top 5 cloud backup solutions enterprises should consider.

http://www.wservernews.com/go/oi9914nd/

 

Tech Briefing

Azure

The Scalability of Azure SQL Data Warehouse (TechNet UK Blog)

http://www.wservernews.com/go/b5dj2i73/


Speed up Service Fabric development with the new Refresh Application debug mode (Azure Service Fabric Team Blog)

http://www.wservernews.com/go/oedbiti6/

Cloud computing

StorSimple in CSP (Hybrid Cloud Best Practices)

http://www.wservernews.com/go/nkjpolm2/

Journey to the cloud (Microsoft Partner Network UK Blog)

http://www.wservernews.com/go/kupgiopc/

Small business IT

Preserving server hardware (Part 4) (WindowsNetworking.com)

http://www.wservernews.com/go/rre3hxjn/

Get the "Lowdown" on Windows Server 2016 Essentials and the “Essentials Experience” Role (Keith <ayer)

http://www.wservernews.com/go/id9cfdw1/

System Center

How to Insert a Report Description into a ConfigMgr Report (myITforum)

http://www.wservernews.com/go/x0cwd5bg/

Orphaned Objects in Resource Groups -- Lessons Learned (AdinErmie.com)

http://www.wservernews.com/go/4k9ulfqq/

Windows 10

System Center Configuration Manager and Windows 10: Better Together? (TechNet UK Blog)

http://www.wservernews.com/go/s08y10rj/

First Podcast with Adaptiva: Microsoft’s Upgrade Readiness for Windows 10 (AdinErmie.com)

http://www.wservernews.com/go/3u5bam5r/



Other Articles of Interest

What is the role of the message bus in VMware NSX?

A message bus guarantees the delivery of messages to a host, even if that host is unavailable or you’re unable to establish a connection. Here’s how to use it in NSX.

http://www.wservernews.com/go/stwvbwdg/

Self-healing software stacks guard against outages, downtime

If an IT professional breaks down, a doctor must set him right. If IT software breaks, self-healing measures let it repair itself – if the break isn’t prevented altogether.

http://www.wservernews.com/go/p3gwydtm/

Words to go: Containers in cloud computing

It’s hard to talk about cloud today without mentioning containers. Whether you’re new to the technology or a seasoned pro, know these key terms related to containers in the cloud.

http://www.wservernews.com/go/mv2t7w23/


How do we establish a Microsoft AD connection with Amazon Workspace?

We want to ensure a good desktop experience for DaaS users. How can we connect Amazon WorkSpaces and local resources to do this?

http://www.wservernews.com/go/rzegpja2/

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com

Magician Arthur Trace Stops Time

Arthur Trace stops time with his amazing performance at the British-American television show 'Penn & Teller Fool Us.'

http://www.wservernews.com/go/hm22oxe1/


Piano Juggler Wally Eastwood

Comedy juggler, magician and entertainer Wally Eastwood plays Beethoven with 3 tennis balls.

http://www.wservernews.com/go/hbih7mdm/


How Is This Even Possible?

Chinese firefighters show their amazing jump rope skills.  Now you may decide to give jump rope training a try:

http://www.wservernews.com/go/c6uc0tv3/


Demonstration Of The Russian Jet Flying Boat BE-200

The amazing Beriev BE-40 Albatros Jet Flying Boat impresses on land, on water and in the air:

http://www.wservernews.com/go/zllj2fmx/

 

WServerNews - Product of the Week

Free Tool: Permissions Analyzer for Active Directory 

Image

SolarWinds® Permissions Analyzer for Active Directory™ gives you instant visibility into user and group permissions and a complete hierarchical view of the effective permissions and access rights for a specific NTFS file folder or share drive – all from a user friendly desktop dashboard.  Browse permissions by group or individual user, and analyze user permissions based on group membership combined with specific permissions.  Unravel a tangled mess of file permissions: network share, folder, Active Directory, inherent, explicit, calculated and more.

Download the Free Permissions Analyzer Tool Today. 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.