Monday, March 7, 2016

SWMO Tech Geeks March Madness tournament pool

Welcome to the second annual SWMO Tech Geeks March Madness tournament pool. There are some great prizes available this year. Stronghold Data has graciously donated a $25 Mythos gift card, an external USB battery pack, and car charger. I'm also providing a $5 Starbucks gift card. The prizes are:

1st place; $25 Mythos card + external battery pack
2nd place: $5 Starbucks card + car charger

There is no entry fee and one bracket per person. The pool is open to any Joplin area geeks so feel free to pass this on. Sign up now, brackets are available on March 13th.

Sport: Mayhem
League Abbreviation: swmo-tech
League Password: geeks

If you do not have a CBSSports.com account you will be prompted to create one.

Monday, September 23, 2013

Demystifying the Command Line

The command line can be a confusing place. There is lots of black space and no where to click. This post is my attempt to at least partially demystify the command line. I realize this can be an intimidating tool. Powerful tools will always seem more difficult when you first adopt them.
Let's start with a simple PowerShell example to create a user account.
New-ADUser clark.kent -surname "Kent" -givenname "Clark" -displayname "Clark Kent"
I want to break this command into components. The first component is "New-ADUser". This is the command to be executed. In PowerShell, this is referred to as a PowerShell Cmdlet (pronounced command-let). This is the program (or script) to be executed. A quick note about case. Windows is case-insensitive which means you can use new-aduser, NEW-ADUSER, or nEW-aduSER. All of these examples are valid.
The next component is "clark.kent". This is an argument or parameter. Arguments are either optional or required. A command may have no arguments, one argument, or multiple arguments. Whether a argument is required and the number of arguments to use is determined by the command (or cmdlet).
The final component in this example is an option. The options in the above example are "-surname", "-givenname", and "-displayname". An option is just what the name suggests, a way to provide additional information at the command line. Command line options are typically not required. Some options will require a corresponding value while others will work as a toggle (to enable or disable a certain behavior). The options above all have corresponding values. See the table below.
OptionValue
surnameKent
givennameClark
displaynameClark Kent
A side note about options. The specifier for options will vary based on the command, operating system, or environment. In PowerShell, the specifier is the dash symbol (-). In the Windows command line, it is typically the slash (/). In Linux, the dash or double dash is common (- or --).
When you are using PowerShell, you can always find help with the Get-Help cmdlet. To find help with the New-ADUser cmdlet, use "Get-Help New-ADUser". You may be able to find examples by using the -examples option (i.e. "Get-Help New-ADUser -examples").
Finally, consider the example below. Hopefully the information above allows you to better understand this more complex command.
New-ADUser –Name "Jimmy Olsen" –SamAccountName jimmy.olsen –DisplayName "Jimmy Olsen" –Title "Photojournalist" –Enabled $true –ChangePasswordAtLogon $true -AccountPassword (ConvertTo-SecureString "TheD@ilyPlan3t" -AsPlainText -force) -PassThru
Try to identify the components of this command.
This example uses PowerShell but the concepts apply to other systems. I hope this helps you to understand the command line a little better.

Tuesday, June 11, 2013

Review: Network Flow Analysis


Network Flow Analysis
Network Flow Analysis by Michael Lucas

My rating: 4 of 5 stars



This book is great if you are just getting started and not familiar with network flows. It walks you through all the steps you need from configuring your sensors and collectors to setting up a flow reporting system. I did give the book 4/5 stars because there are a few mistakes and shortcuts. It's nothing that an experienced network admin can't overcome but is a little frustrating. Like most technical books, some of the software and websites have changed. Just be prepared to do a little searching as you work through the book.

Overall, the content is spot on and I would recommend this to any network admin who is responsible for performance and maintenance.




View all my reviews

Review: The Lion, the Witch and the Wardrobe


The Lion, the Witch and the Wardrobe
The Lion, the Witch and the Wardrobe by Pauline Baynes

My rating: 0 of 5 stars



I'm trying to catch up on some books I started. I glad I came back to this one. It's great, I can't wait to read the rest of the series!



View all my reviews

Friday, March 8, 2013

Downgrade VMware Virtual Hardware Version

Note: According to VMware documentation, downgrading the hardware version of your vSphere virtual machine is unsupported

Recently, I found myself in a pinch and needing to quickly spin up a virtual guest on an ESXi 4.1 host. Unfortunately, the only template I had available for Windows Server 2008 R2 used virtual hardware 8 which is not compatible with ESXi 4.1. The notes below describe how I was able to downgrade the hardware version on a template from 8 to 7 and deploy a guest from that template.

There are three steps to downgrade the VMware hardware version on a template.
  1. Remove the template from vCenter or host inventory (be careful not to delete it from disk).
  2. Edit the .vmtx file and .vmdk pointer files.
  3. Add the template back to the inventory.

In order to downgrade a VM template, you need to edit two files; a vmtx file and the vmdk pointer file. The simplest way to make these changes is from an SSH session on your ESXi host (or the ESXi console). After removing the template from inventory, navigate to the directory containing the VM template and open the .vmtx file in your favorite editor (like vi). Look for this line

virtualHW.version = "8"
and change it to
virtualHW.version = "7"

Save the changes to the vmtx file and find the pointer file to the vmdk. Open it with your editor and look for this line

ddb.virtualHWVersion = "8"
and change it to
ddb.virtualHWVersion = "7"

Now save this file and exit your editor. Add the template back to the inventory and test it out by deploying a VM guest from the template.

If you found this useful or if it didn't work out, leave a comment below.

Thanks for visiting!

                     


Sunday, July 1, 2012

Review: The Wreckage: A Thriller


The Wreckage: A Thriller
The Wreckage: A Thriller by Michael Robotham

My rating: 0 of 5 stars



Michael Robotham is one of my favorite authors. These books engage you from the beginning and I find it difficult to put them down. The Wreckage is no different, filled with action and a complex story line. A late twist brings everything into focus.

With all that said, I found The Wreckage to lack the suspense from some of the earlier novels. This is still a great book and very enjoyable. I love it and can't wait for [b:Say You're Sorry|13521564|Say You're Sorry|Michael Robotham|http://photo.goodreads.com/books/1340805869s/13521564.jpg|19082240] to hit US shelves!



View all my reviews

Friday, May 25, 2012

Fake Antivirus and Firefox Cache Tools

Firefox has some pretty nifty features. One of those is the ability to view the cache contents without any extra tools. This post covers an incident with a fake antivirus popup and how I used the built in Firefox tools to confirm my suspicions.

The Story

This all started when I got a text message from my wife earlier today. This is the image she sent me:
The story goes, our daughter was using the computer and this appeared on the screen. My initial thought was this is a fake antivirus popup. However, we do have Microsoft Security Essentials (MSE) on that computer and the screen shot is convincing. Following the old saying of "you are better safe than sorry"; I told her to shut down the computer and I would look at it when I got home.

The Initial Review

Once at home, I looked more closely at this incident. First, I opened MSE to review the logs and found that nothing was detected in any previous scans (edit: MSE actually calls this History). This starts to confirm the suspicion of a fake antivirus popup.

The next step was to take the cache files from my daughter's profile and put them in a virtual machine. Since she uses Firefox, this is easy to do. If you are interested, explanations of the Firefox cache directories are here.

A quick peek at the history reveals this is definitely fake antivirus related.
The entries for detectionprotectorprocesses.in and "Viruses were found on your computer!" are dead giveaways. At this point you could stop but I will take a few more minutes to show you some of the Firefox cache exploration tools.

Firefox Cache Tools

I start the cache exploration by typing about:cache into the URL bar. This gives you the screen below which is not very useful.
Clicking on "List Cache Entries" starts to look more interesting.
This page can be searched by pressing Ctrl+F. I searched for "detectionprotectorprocesses.in".
The fifth detectionprotectorprocesses.in entry refers to a PNG image file. Clicking on that link takes us to another page, specific to the alert.PNG cache entry.
This page is filled with information. It includes HTTP server response headers and a full packet capture of the PNG image. In the center of the page is a line marked "file on disk". This gives the location on the disk where the cached image is located. I navigated to that location, copied the file to a temporary directory, and renamed it with a PNG extension.
Opening this file removes any remaining doubt about the fake antivirus popup. This recovered image perfectly matches the text message I received earlier today!


Conclusion

I suspect the popup came from the website directly prior in the browsing history, possibly from an advertisement. If that is true, it appears the problem has been remedied. I did look for some contact information on that website, but I did not locate any. I would have preferred to report this information, but I was unable to.

Firefox is a great browser. These cache tools are great for troubleshooting and fun to explore with as well. I am certain Firefox includes many more tools that I don't know about. Hopefully you found something useful in this post. Thanks for reading!