Pacific Computer Wizards - Repository ....

An information repository of … thoughts, data, sharing, and ideas, posted.
    – Use the information in these posts at your own risk.      
                                The ideas, thoughts, and expressions posted here are for my own use.                 
                                 
  -President & Chief Wizard                                                        


Fonts

posted Jan 18, 2019, 12:49 PM by Andrew Chadick

CMD as administrator

attrib -r -s %systemroot%\fonts
 

takeown /f "%systemroot%\fonts" /r /d n
 

After taking ownership, you can go into Explorer and add those that need to have access.

SSL Tests - Checking for Vulnerabilities on your domain

posted Jan 10, 2019, 9:13 AM by Andrew Chadick   [ updated Jan 10, 2019, 10:03 AM ]

Testing for online vulnerabilities for your website is part of both PCI compliance, but is now the best practice for systems admins around the world. Making sure your web-server is secure, and your systems are reasonably safe is a priority.  Use these tools to help develop a testing regimen to treat your systems and make sure that they are healthy.  

Do this one first: 
https://www.digicert.com/help/

Others to use:
https://www.ssllabs.com/ssltest/
https://www.sslchecker.com/sslchecker
https://www.sslshopper.com/ssl-checker.html
https://www.howsmyssl.com
https://sslanalyzer.comodoca.com
https://www.htbridge.com/ssl/
https://www.wormly.com/test_ssl
https://www.thesslstore.com/ssltools/ssl-checker.php

Other build your own option:
https://prbinu.github.io/tls-scan/

Notes:
SSL Cipher Suite:
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384!DSS

SSL/TLS Protocols
TLSv1.3 TLSv1.2

Veracrypt

posted Nov 26, 2018, 6:16 AM by Andrew Chadick

Compatibility Layer
https://github.com/osxfuse/osxfuse/releases

Veracrypt
https://www.veracrypt.fr/en/Downloads.html

VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux. Brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a.

VeraCrypt main features:

Enable sandboxing for Windows Defender

posted Oct 30, 2018, 7:30 AM by Andrew Chadick   [ updated Oct 30, 2018, 7:58 AM ]

Setx Command Reference.

Running Windows Defender in a sandbox is supported on Windows 10, v1703 or later. 
You enable the sandbox by setting up a machine-wide environment variable: 
(setx /M MP_FORCE_USE_SANDBOX 1) and restarting the computer.

Run CMD as Administrator:
setx /M MP_FORCE_USE_SANDBOX 1

How it all works - and When to use it

posted Oct 12, 2018, 8:24 AM by Andrew Chadick   [ updated Oct 30, 2018, 7:37 AM ]

Microsoft Office 365 - Teams, Yammer, Outlook and SharePoint.  How all the tools work together on the one Windows 10 Interface.
https://blogs.technet.microsoft.com/cloudyhappypeople/2017/09/28/now-it-makes-sense-microsofts-collaboration-story-in-a-single-slide/

GSuite to Other (as Back up)

posted Oct 8, 2018, 10:15 AM by Andrew Chadick   [ updated Oct 8, 2018, 10:19 AM ]

Suite -> Gmail -> Adv Settings -> General Settings -> Recipient Address Map -> Edit
All Incoming Messages
Also Route to Original (True)
Add X-Gm-Original-To Header (Yes)


Note:  Name@Domain.x, Name@Domain.y   Then Click Add.

https://support.google.com/a/answer/4524505?hl=en

Let's Encrypt

posted Sep 28, 2018, 9:13 AM by Andrew Chadick   [ updated Oct 4, 2018, 12:16 PM ]

Configuration.xml - Office 2019 Standard - Office Deployment Tool

posted Sep 26, 2018, 2:48 PM by Andrew Chadick   [ updated Oct 4, 2018, 12:15 PM ]

<Configuration>
<Add OfficeClientEdition="64">
<Product ID="Standard2019Volume"  PIDKEY="AAAAA-BBBBB-CCCCC-DDDDD-EEEEE">
           <Language ID="en-us"/>
            <ExcludeApp ID="Access"/>
            <ExcludeApp ID="Groove"/>
            <ExcludeApp ID="Lync"/>
</Product>
</Add>
<Display Level="Full" AcceptEULA="TRUE"/>
<Property Name="AUTOACTIVATE" Value="1"/>
<Property Name="FORCEAPPSHUTDOWN" Value="TRUE"/>
<Property Name="SharedComputerLicensing" Value="0"/>
<Property Name="PinIconsToTaskbar" Value="TRUE"/>
<Updates Enabled="TRUE" Channel="Monthly" />
</Configuration>




Notes Office Deploy Tool / XML Usage:
Elevated CMD Prompt
setup /download configuration.xml
setup /configure configuration.xml
For the Retail version, you can use this Product ID: "Standard2019Retail"; 
<Add OfficeClientEdition="64" Channel="Monthly">
<Product ID="Standard2019Retail" PIDKEY="AAAAA-BBBBB-CCCCC-DDDDD-EEEEE">
If you want to enter your MAK key after the fact, under Account, Change Product Key, you can leave off the PIDKEY.

Cyber Safety -

posted Sep 7, 2018, 10:53 AM by Andrew Chadick   [ updated Sep 7, 2018, 10:54 AM ]

1) YOU ARE YOUR DATA


Criminals need 2 things to perpetrate cyber crime: Your Personal Identifying Information(PII), and access to a Point of Compromise(PoC). 


Examples of Personal Identifying Information (PII):

Names/Usernames

Date of Birth

Mother's Maiden Name

Address(es)

Phone Number(s)

Email Account(s)

Passwords

Social Security Number

Account Number(s)


Examples of Points of Compromise:

   Physical Items -

      Dumpster diving, mail theft, check fraud, burglaries, purse/wallet snatching


   Technology -

      Skimming, Shoulder Surfing, Gas Pumps, Point of Sale (POS) devices, Radio Frequency Identification (RFID)


   Computer and Internet -

      Social Media, Email, Unsecure Websites, Online Shopping, Classifieds, Unsecure Wifi, Filesharing, Bot Nets, Data Breach


   Mobile Devices -

      SMS Phishing, GeoTagging, Spyware, Malware, Bluejacking, Near Field Communication (NFC), Quick Response Codes


 

2) IF IT HAS A LOCK, USE IT


Secure Points of Compromise- Balance convenience versus safety/security

   Physical Items

      Use physical locks, purge, shred, secure mail


   Technology

      Credit versus Debit versus Cash (Pin number versus Zip Code)


   Computer and Internet

      Strong Passwords - A password as a lock (15 digits or more, Caps, lowercase, Number, Symbol!)  StrongPassCodes@HomeBEasy693.us

      Two Factor - If a dual authentication method is available USE IT


   Mobile devices

      Limit access, use passcodes/finger prints/application locks/pin access to applications


3) WHEN ASKED FOR PII, ASK WHAT FOR?


Practice responsible sharing!


   ASK:

      WHY do you need my PII?

      WHAT are you going to do with it?

      HOW will you protect my data?

      HOW can I monitor my data?

      WHAT will you do when you are done with the data?


Plan for Safety -

        It costs more NOT to pay attention 

               Use technology to monitor and protect your data

               Educate yourself on emerging technologies

               Be mindful of safety versus convenience when accessing technology


Resources for Remediation:

Federal Trade Commission:  File a complaint: 1-877-FTC-HELP or  1-877-382-4357  http://www.ftc.gov

Identity Theft Resource Center: 888-400-5530  http://www.idtheftcenter.org

Privacy Rights Clearinghouse:   http://www.privacyrights.org

These tips provided by NOVA - National Organization for Victim Assistance 1-800-879-6682.

Facebook feed on Chrome isn't loading correctly

posted Sep 7, 2018, 9:09 AM by Andrew Chadick   [ updated Sep 7, 2018, 9:30 AM ]

Chrome is an interesting browser, like IE back in the day, there are lots of configuration options, and lots of things that can break it.  You have to learn the areas that Google has placed all the switches that give it functionality.  One of the things that gives it more ability, is also one of the things that breaks it most, and that is the Browser Extension area.  

Google built in a function called Incognito, which in essence, is the browser, with just default settings, no add-ons, no changes to the way it works.  It also doesn't track you.

So, Facebook, it's a site that requires a pretty barebones browser to work correctly.  If there are too many extensions, or just the wrong function in the way, it doesn't load correctly.  For me, I had Grammerly enabled, and it was getting in the way.  So, when I encounter this issue, I disable it, using this shortcut method.  It can be a pain, or you can simply have a browser with as few mods as possible.  It's your choice.  Anyway, this is a quick run through on making a short cut that is for Incognito, and using it to switch on and off Chrome Extensions.


1. First, make a copy of your Chrome shortcut, that way you can access the browser as you normally would, once you’ve fixed the problem you’re having.

2. Find your copied Chrome shortcut, right click on it and select “Properties”. Be sure to Name it “troubleshooting” or something similar.

3. Select the “Target” field and add  “–incognito” to the end of the command.

4. Click “Apply” and then “Ok” to save the changes.

5. Now, double click on the new shortcut to enter into a “Safe Mode/Incognito Mode” Chrome browser.  

6. In the address bar, put “chrome://extensions” (minus the quote marks) into the browser’s address bar to view and change the extensions.

7. Disable each extension either all at once, or one at a time if you’re unsure which extension broke Chrome, simply switch them on and off, back and forth, until you figure out which one did it, using both shortcuts.


1-10 of 180

Comments