Vol. 22, #24 - June 12, 2017 - Issue #1135
- Editor's Corner
- Ask Our Readers - Creating a USB HHD rescue disk for Windows (new question)
- Ask Our Readers - Sharing files between Hyper-V host and Windows client (some responses)
- Ask Our Readers - Isolating "training" network from "work" network (two comments and a request)
- From the Mailbag
- Protecting NTP
- OneLogin hacked
- Adblocking superweapon
- VPN interest rises
- Not so smart TVs
- Read those updated privacy policies!
- Silent voicemail
- Color printer fingerprints
- Send us your feedback
- Recommended for Learning
- Microsoft Virtual Academy
- NEW! - IT Pro Fitness Corner
- Factoid of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- This Week's Tips
- Windows 10 S - Run any Win32 apps
- Windows 10 - Free up disk space after installing Creators Update
- Windows Server - Troubleshooting cluster validation
- Events Calendar
- North America
- Add Your Event
- New on TechGenix.com
- Recommended articles from TechGenix.com
- Tech Briefing
- Enterprise IT
- Other Articles of Interest
- Citrix is poised to be more aggressive as rivalry with VMware heats up
- How to pick the right VDI management and monitoring tools
- Apperian eyes mobile application security after Arxan acquisition
- Microsoft, Google vie to be masters of the universal OS
- WServerNews FAVE Links
- Man Rides Drone Like A Hoverboard At Portuguese Cup Final
- Flyboard Air Show By Zapata Racing
- Magician Richard Jones
- Two Cats - One Bowl Of Milk
- WServerNews - Product of the Week
- Free Tool: Permissions Analyzer for Active Directory
- Free Tool: Permissions Analyzer for Active Directory
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to firstname.lastname@example.org if you have any comments or suggestions!
This week's newsletter is all about issues relating to privacy that are of interest to IT professionals and those who manage IT departments. We also have a new Ask Our Readers item we need your help with, plus the second installment of my new IT Pro Fitness Corner with an exercise tip that may help you stay fit. And of course we have other tips, tools, and links to stuff both informative and amusing.
Speaking of fitness, it's almost been seven years since I began my personal journey from "fat IT pro" to "fit IT pro" and I'll share a few details about where I'm at with my journey sometime in the Fall. I originally shared the beginnings of my journey back in March 2013 in Issue #922 of this newsletter and the flood of responses I received, some of which we published afterwards in Issue #926, certainly indicates that fitness (or the lack thereof) is a big concern for many of our readers. So with my own 7-year fitness anniversary approaching in a few months, I decided last week to add the IT Pro Fitness Corner section to each issue where I share some of my own fitness tips, thoughts, and observations (plus any that you readers send to me) to help those of you who are on the same journey towards fitness that I'm on.
After all, we all know from Dilbert that engineers, like IT pros, are generally overweight and underfit. But as this particular Dilbert comic strip indicates, there's hope for all of us:
Ask Our Readers - Creating a USB HHD rescue disk for Windows (new question)
A reader named Wlad from Alabama, USA sent us the following question which we're tossing out to our readers to try and answer:
Would it be possible to pose the following question to ask on our readers forum? I have spent last month researching the issue and I'm more confused than ever. I want to create a "rescue disk" for several systems I use, starting with Windows 7 and ending with Windows 10. What I have in mind is a single USB HDD for each system. The drive would be formatted as a "bootable USB" first (whatever that means, I found a dozen different descriptions) and then further partitioned to include a secondary, non-bootable partition. On that second partition I want to create the computer's HDD clone, but not in the form of the USB HDD being a clone of the computer HDD, but the USB HDD containing a file (or a filesystem) that is an exact clone of the source HDD. Let us call it a "total HDD image". The goal is to have a single USB HDD that, in case of emergency (wannacry ?) I could connect to the computer in distress, boot from, and then restore the entire HDD from the total HDD image backup. The aim is to restore everything, bit for bit (boot bootstrap, system, Windows files, installed programs, user data, EVERYTHING).
Has anybody done this? Could it even be done or am I chasing an impossible dream? Microsoft is not helping with their constant "improvements" of backup and recovery mechanisms and associated mess of confusing terms that have changing meaning over time (like a system backup that may or may not include non-MS applications). Thanks.
If any of you readers have any suggestions for Wlad please email us at email@example.com
Ask Our Readers - Sharing files between Hyper-V host and Windows client (some responses)
Last week we received the following question from a reader named Geoff:
Thanks for your article:
Followed it and it worked -- have a Windows 10 Host and a Windows XP client. But after applying ransomware patch, the shared folders in the Windows 10 Host cannot be seen anymore by the virtual Windows XP, any advice you can give me to make this work again? tried recreating the shared folders but didn't work, Virtual WinXP can ping Windows 10 host, but when opening \\hostname of host\ or \\ip address of host\ , nothing. Would appreciate your advice.
Chuck Timon, a Senior Premier Field Engineer (PFE) at Microsoft, has provided an explanation of what's happening:
Geoff, I read about your issue in the WServerNews.com newsletter that I receive. Microsoft patched an SMBv1 vulnerability in order to combat the ransomware issue. Windows XP uses SMBv1. I am guessing that is why the sharing no longer works in your environment that was patched. Newer versions of SMB do not work in Windows XP:
Ask Our Readers - Isolating "training" network from "work" network (two comments and a request)
A few weeks ago we published some reader response to the following question from Alain:
While Alain has already thanked our readers for their help on this matter, we did receive two more comments this week that we felt we should publish. This first one comes from a reader named David who is a CISSP:
I see in the "closing the loop" comment Alain seems resigned to putting in a separate network, thus impacting the business case. If he would replace his current internet router with a small firewall appliance (Fortinet, Sonicwall, WatchGuard, PFSense, you get the idea) he could create an isolated network for the training users. He could then set up any necessary routes in the appliance to allow access to specific servers or the internet, while denying all other traffic. That seems much more economical than adding a completely separate circuit. Fortinet even offers access points, so he could have a very integrated solution all managed from one interface. Add the necessary SSIDs and put them on separate VLANs. It's not very hard at all, and there are lots of help available via his favorite internet search engine.
The second is from Tony in the UK who also has a request about VLANs we're redirecting to our readers:
I had a thought on this -- even most switches support VLANs these days but I suspect few of us, me included, know how to use them properly and securely. I was prompted to think of this because Alain commented that it would increase the cost by doubling the communications. This also led me on to think about Hyper-V and the fact that virtual machines are easy to have (so long as you have enough memory) and that Hyper-V also supports different LANs and virtual networks.
This led me to think that maybe there is a generic solution possible for anyone who needs to do training, based on VMs and VLANs, which could obviate the need to have dedicated hardware. To be secure you might need to either dual boot to a VM or real training installation. A lot of it also comes down to understanding VLANs and how they can be isolated and made secure. A scheme of doing this would also be great for testing things out.
Maybe we could use the power of your readership and set up a collaboration to develop a solution for all based on this. I don't know enough about VLANs but they have always interested me as to how secure and isolated they potentially are as they would enable network infrastructures to be much more generic and possibly more resilient. At the moment, I run a system similar to those proposed for Alain -- I have an "external network" -- used for guests and devices such as smart TVs and then a firewall separating it from an "internal network". But it would be a lot easier if these could be isolated VLANs on the same network infrastructure. Like probably everyone else, I have not had the time to do enough investigation into VLANs and their security and isolation to be sufficiently confident I can achieve close to the same security as a physical system.
Do any readers want to take a stab at responding to Tony's request? Email us at firstname.lastname@example.org
- Who says outsourcing is the better solution? Accounting
- Who says multi-layered security is not essential? Accounting
- Who says redundant power systems are excessive? Accounting
- Who says we should wait to replace embedded XP POS terminals until the next quarter? Accounting
- Who controls the IT budget? Accounting
- Alitalia cancelled flight -- I had to book onto another airline at higher cost.
- I put in the standard EU denied boarding compensation claim. No response.
- I went to my MEP who I happen to know well pointing out that EU consumer legislation was not much use if it was not enforced. This went to the EU transport Commissioner, who sent it to the UK government. They replied to me that it was an offence with a fine not to pay this.
- Meanwhile, Alitalia filed Chapter 11 and I had to file a claim in Rome in Italian, which I did, but of course got nothing.
- So I claimed on my credit card (under the UK's consumer credit acts). My bank then decided it was a charge card and therefore not covered, despite this card having travel insurance (which doesn't cover this because it is covered by EU compensation) and stated that it provided better protection than the standard credit card. Eventually after months of wrangling, the bank made an ex-gratia payment of the standard EU compensation amount.
- Despite being told by the airline staff subsequently when they took my cabin bag that it remained hand baggage, the legal position is that when they take it from you it becomes checked baggage. Therefore they are not responsible for anything valuable or fragile.
If any other readers want to comment on any of the above you can email us at email@example.com
VPN interest rises
What VPN service do our readers use if any for their business or personal use to ensure privacy? Email your recommendations to us at firstname.lastname@example.org
A post on SolyentNews suggests that 90% of Smart TVs are vulnerable to remote hacking via rogue TV signals:
Not so smart TVs
Better watch what you say in your living room!
Read those updated privacy policies!
Color printer fingerprints
What other commonly used technologies "spy" on you without your general awareness of it occurring? Email us at email@example.com so we can better protect our privacy.
Send us your feedback
Got feedback about anything in this issue of WServerNews? Email us at firstname.lastname@example.org
Recommended for Learning
VIDEO: What's New in Microsoft Internet Information Server 10 with Windows Server 2016
In this episode we will reveal all of the great new features and performance enhancements included so that you can understand how this may affect your deployment decisions with Windows Server 2016. We will review support for HTTP2, Nano Server, containers, management, deployment on premise vs. cloud and open source options.
Microsoft Virtual Academy
Cloud App Security: Understanding
Watch this course for a greater understanding of Microsoft Cloud App Security and its key functionality, benefits and advantages. Our expert instructors explore this comprehensive service and set of data protection features that also provide visibility into files and sharing status across cloud-based applications.
NEW! - IT Pro Fitness Corner
Fitness Tip - Always exercise legs
I always try to exercise my legs every day.
Yes, every day.
Apparently I'm in good company as Jason Statham says he does the same--check out the April issue of Men'sHealthUK magazine for this interview The Stath:
But what about days where I focus on resistance (weight) training instead of doing cardio? Even on strength training days, I'll start off with 10-15 minutes of progressively heavier work on a reclining exercise bike before I start lifting iron. Why? Because I've found that a short but intense leg workout does something morning caffeine just won't do for me: get my body warmed up and ready to lift weights. If I skip my bike time and go straight to weights I often find I don't have much drive or enthusiasm for pumping iron, and my workout usually suffers as a result of my slower metabolism and reduced motivation. But if I pump my body up first by exercising the largest muscles in my body (legs) then I usually find I have the energy to do a really good resistance training workout even if it's only a half hour in duration.
Hope that helps!
Disclaimer: I'm not a certified fitness professional or nutritionist so take any suggestions I make "as is" with a grain of salt and a heaping supply of your own judgment. And send me your feedback and any fitness tips of your own you might have by emailing me at email@example.com
Factoid of the Week
Last week's factoid and question was this:
Motorists waste 29 hours every year using sat navs. What was the worst thing that ever happened to you when you relied on GPS to drive to some destination?
We received a number of hilarious stories in response to the above question, here's a short selection:
I’ve had a few mildly adverse experiences. Once when going to a park out in the country the GPS had me take a right (East bound) and travel several miles to the destination. After traveling past the designated point I turned around and went back to the initial turn to discover the park was only a 100 yards West of the intersection! Another time I was going to a hospital to visit an family member. The GPS had me go outside the town for 10 miles to an empty pasture. Turns out the hospital was in the center of the town. One other time on vacation I was going to a condo on a peninsula in Florida. I had to get on a divided highway to cross the bridge to the peninsula. The GPS told me to turn down a specific road which would take me straight to the highway. It did but ended 100 feed short of the road with a six foot fence blocking my path. Turns out the connector had been removed and my GPS map had not been updated. - Tom, Senior Messaging Architect
This didn’t happen to me but I did find it interesting… Georgia homeowner Al Byrd is all too familiar with people having unnatural faith in technology. Byrd's home was demolished by construction crews who had put more faith in GPS coordinates than critical thinking. The house intended to be torn down was located across the street, but it was too late: Byrd's home-the one his father built brick-by-brick, the one containing decades of family heirlooms-was destroyed. --Don
Not the worst, but we had a laugh. When on a road trip, with our first GPS, in Lincoln, Oregon. We had a lusting for a coffee shop. After traipsing up and down some country roads, we were eventually lead to someone’s house. Given the old signs leaning against the garage, we surmised that it was the registered business address, rather than the shop itself. -- Colin, Computer and Communications Systems Manager
Directed me down a road where the bridge washed out over 20 years ago and was never replaced. --John
Now let's move on to this week's factoid which continues with the military theme from two issues ago:
Fact: The phrase "too much queep" means too much paperwork in US Air Force lingo.
Question: Do any readers know or use any similar weird jargon that expresses frustration in the workplace?
Email your answer to us at: firstname.lastname@example.org
Until next week,
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at email@example.com
Join the live webinar and learn how to protect MS Dynamics CRM with Veeam. Pick up the best backup strategies for mission-critical application: Microsoft AD, SQL Server and Dynamics CRM Server 2016.
Netwrix Effective Permissions Reporting Tool delivers actionable insight into who has permissions to what in Active Directory and file shares:
Microsoft's Junk E-mail Reporting Tool lets you easily report misclassified e-mail to Microsoft and its affiliates for analysis to help us improve the effectiveness of our e-mail protection technologies
FrontFace Lockdown Tool is a free tool which enables restricting or locking down any Windows user account:
GOT TIPS you'd like to share with other readers? Email us at firstname.lastname@example.org
Windows 10 S - Run any Win32 apps
This means you can now run any Win32 app on Windows 10 S. Softpedia has news about it here:
Windows 10 - Free up disk space after installing Creators Update
BetaNews has a helpful tip on how you can reclaim over 20 GB of hard drive space on your system after upgrading to Creators Update:
Microsoft Worldwide Partner Conference (WPC) on July 9-13, 2017 in Washington, D.C.
Microsoft Ignite on September 25-29, 2017 in Orlando, Florida
Add Your Event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact email@example.com
Roll your own: What the citizen developer wave means for your enterprise IT security
Your next work-based application may be coded by an end user, not a paid developer. A look at the advantages and pitfalls of the citizen developer wave.
Video: Install Azure CLI and Azure Functions CLI
Adding the Azure CLI and related functions can help you be more productive. This tutorial and video will get you up and running quickly.
Accessing Azure from PowerShell: All you need to know
Microsoft makes it easy to access Azure from PowerShell. Here are some tips, tricks, and useful cmdlets to get you started.
Subtitle vulnerabilities attack allows for mass remote code execution
A subtitle vulnerabilities attack on users of popular streaming services is a viable threat. Here’s how to protect yourself.
Dell EMC, VMware Horizon introduce VDI Complete
Dell EMC and VMware have combined to offer VDI Complete, a product they say can be a solution for all your virtual desktop infrastructure requirements.
Introduction to MySQL & PHP on Azure App Services (WIMP) (Build on SharePoint)
Exploring the preconfigured browser-based Linux Cloud Shell built into the Azure Portal (Scott Hanselman)
StorSimple - the Answer I thought I'd never give (Aidan Finn)
Creating an Active Directory domain with PowerShell DSC (4sysops)
Hyper-V Container and Nested Virtualization in Microsoft Azure Virtual Machines (Thomas Maurer)
Editing a .VMCX file (Ben Armstrong)
The PowerShell WhatIf parameter (4sysops)
Using PowerShell to disable or remove SMB1 (Jan Egil Ring)
Citrix is poised to be more aggressive as rivalry with VMware heats up
For the past few years, VMware has garnered most of the buzz in the Citrix/VMware rivalry. We may see a more aggressive Citrix and an increased rivalry heading into conference season this year. Find out more here.
How to pick the right VDI management and monitoring tools
VDI management and monitoring tools can solve different problems for different teams. Buyers must know what problems they need the product to address. When evaluating different tools, it is important to look for solid troubleshooting, load testing and capacity planning features to choose the most fitting tool for your organization.
Apperian eyes mobile application security after Arxan acquisition
MAM provider Apperian looks to take advantage of a larger support staff and new mobile application security technology following its acquisition by Arxan. What should Apperian customers expect from the acquisition? Learn more inside.
Microsoft, Google vie to be masters of the universal OS
Developers and IT admins have to manage and build apps for a multitude of different operating systems and device types. Windows 10 and Google's universal OS could change that. Universal operating systems could make it easier to develop and manage enterprise applications across multiple form factors.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at firstname.lastname@example.org
Man Rides Drone Like A Hoverboard At Portuguese Cup Final
Flyboard Air Show By Zapata Racing
The 'fastest, safest and most maneuverable personal aviation system' demonstrated by its inventor Franky Zapata:
Magician Richard Jones
Magician Richard Jones, the grand price winner of Britain’s Got Talent 2016, makes a spectacular return as he amazes the judges and audience:
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7www.mtit.com.Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.