Windows Defender mods
article #1091, updated 25 days ago

Here’s a regedit to disable:

Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 1 /f

and here’s an msiexec remover, quiet; not sure if this still works:

msiexec /uninstall windowsdefender.msi /quiet /log uninstall.log

Categories:   Windows OS-Level Issues   

==============

Replacement for PuTTY
article #1090, updated 26 days ago

If you’ve ever wanted an easier interface, here’s SmarTTY:

http://smartty.sysprogs.com/

Categories:   New and Interesting Apps   Remote Access

==============

One-binary file with lots of Unix commands
article #1089, updated 26 days ago

If you download swiss.exe from here:

https://github.com/minoca/swiss/releases

you can copy it to rm.exe, cat.exe, and many other names, to give you Unix-syntax commands under Windows. This includes the ability to handle forward slashes. A full list is here:

https://github.com/minoca/swiss

It is also its own shell.

Categories:   New and Interesting Apps   

==============

GOW: A Lightweight Alternative to Cygwin
article #1088, updated 26 days ago

Much smaller.

https://github.com/bmatzelle/gow/wiki

Categories:   New and Interesting Apps   

==============

ESET antivirus command-line scanner
article #1087, updated 27 days ago

If your machine has ESET antivirus, it has a very powerful command-line antivirus scanner and cleaner. Here’s a command line I’m using:

"C:\Program Files\ESET\ESET Endpoint Antivirus\ECLS.EXE" /memory /boots /unwanted /clean-mode=delete /quarantine C:\

Categories:   Antivirus/Antimalware Tools and Issues   

==============

Test DMARC record for a domain
article #1086, updated 28 days ago

A free tool:

https://www.dmarcanalyzer.com/dmarc/dmarc-record-check/

Categories:   Email   DNS

==============

Mount NFS Shares in Linux
article #1045, updated 32 days ago

So you have an NFS server share known to be working, and you want to mount its share(s) on your Linux client machine. Here’s a summary. We’re using NFS4.

  1. So we start out thinking that we have an NFS server 10.11.11.10. We verify it’s ready for connection, if we run this command from the client:
    showmount -e 10.11.11.10
    and receive one or more NFS folder shares, e.g.:
    /Media 10.11.11.0/255.255.255.0
  2. We need a place to mount the share on this machine. So:
    mkdir /Media
  3. Next we try it manually:
    mount -t nfs 10.11.11.10:/Media /Media
  1. Now let’s make sure all of our NFS4-related services are enabled and running on the client.
sudo systemctl enable nfslockd.service
sudo systemctl start nfslockd.service
sudo systemctl enable nfs-idmapd.service
sudo systemctl start nfs-idmapd.service
  1. We now make sure that permissions allow users of the client read/write access to the share. There are two problems here. The first is to make the shared folder and all contents read/writable by all designated users. The second is to make this happen across systems, i.e., from server to clients.

So first we set the shared folder and all contents chmoded g+rwXs, chgrped to a sharing-designated group, on the server side. We then create a new user group on both server and clients, perhaps named “sharedfiles”, add all selected users to that group on clients and server, make sure the GID is the same for the group name on all of the machines, and then reboot them all.

The GID is a numerical indicator for the group, which is more important to the local OS than the name of it. As part of the above we do need to make sure the GID is the same for our new user group, across all machines, or else the OSes will not recognize the equivalency. On each of them then, after the group is created, we do this:

groupmod -g 20000 sharedfiles

A list of current groups and GIDs is available here:

cat /etc/group

You’ll notice that 20000 places the new group long after all of the others in general. This is intentional, to avoid conflict with existing configurations.

  1. Then we set up automount. We do this by adding the following line to the end of /etc/fstab:
10.11.11.10:/Media /Media nfs noauto,x-systemd.automount,intr,rsize=4194304,wsize=4194304,x-systemd.device-timeout=10,timeo=14,x-systemd.idle-timeout=1min 0 0

Items:

  • NFS by itself is normally a very strong connection at a very low level, which means that unless an NFS mount is handled with care by other facilities, a client machine can freeze up very hard if its server becomes unreachable, rather different than SMB on Windows. There are at least three different methods to do this well. The above uses a facility within systemd, which this author found much easier to handle than the other two he found. If your Linux system does not use systemd, you should use one of the others, e.g., autofs, which is a layer unto itself.
  • The option “intr” is instead of “hard” or “soft”. It makes NFS transactions explicitly interruptible, which helps prevent corruption if the server goes down.
  • rsize and wsize can vary a lot. The number is in bytes. The above is a recent report on gigabit; if you’re on a lower-speed network you should use a correspondingly full order of magnitude smaller pair of numbers, e.g., the commonly reported rsize=8192,wsize8192.

Categories:   LAN Networking   Linux OS-level Issues

==============

Symbolic Links (symlinks) in Windows
article #371, updated 32 days ago

In Vista or Windows 7, there is a built-in command, “MKLINK”. Here’s a good reference, suggested by Matt Quick:

http://www.howtogeek.com/howto/windows-vista/using-symlinks-in-windows-vista/

For a long while they were called “junctions”. In Server 2000, Server 2003, or XP, you’ll need this:

http://technet.microsoft.com/en-us/sysinternals/bb896768

The syntax is a bit different for each. And Windows does not support these “junctions” to directories on remote shares. But this can help a lot, for instance, when moving something like a profile folder from local drive to local drive. They are set up at the NTFS filesystem level, just like Unix/Linux.

A great example of usage, is moving a profile folder. It works like this:

  1. Create a new user, local if it’s not a DC.
  2. Reboot the server/PC, to unlock profile files and folders.
  3. Log in as the new user.
  4. Create a new folder for the profile to be moved.
  5. Robocopy the old profile folder’s contents to the new. Make sure you get everything hidden!
  6. Rename the old folder as backup, and create a junction from the new folder to the old folder’s container.
  7. Log in as the new user and test.

Categories:   Tools   Windows OS-Level Issues

==============

Browse shadow copies (VSS)!
article #747, updated 32 days ago

From the amazing Matt Quick:

http://www.shadowexplorer.com/

Categories:   VSS   Tools

==============

Use any Windows key with your Windows 7 ISO
article #768, updated 32 days ago

From the amazing Matt Quick. The “eicfg removal utility” here:

http://code.kliu.org/misc/winisoutils/

will take a Windows 7 ISO of any version, and convert it into one which will install whichever version is appropriate for your OS key. Detailed instructions are here:

https://mattthequick.wordpress.com/2015/01/13/create-all-in-one-windows-7-install-media-by-removing-ei-cfg/

Categories:   Windows OS-Level Issues