Sync.com seemed like a good alternative for sharing files AND backup AND version control. With any new system, someone tries to breaking (inadvertantly usually) and one needs to recover. Someone moved (copied actually) a sync SHARED folder to the desktop. There also was the same directory stuck in time on the proper spot – so it looked like the sync broke. However, the one on the desktop kept syncing and that was being kept up to date.
There is hiden .syncinfo (not sure exactly what it is called) in each folder being synced. Even if you turn on hidden files – it cannot be seen. Continue reading
Well, it seems after these last ransomware attacks (which I have been a part of the reconstruction crew) I have learnend about other methods of connecting to remote systems. But RDP is a pretty lightweight protocol for remote connection – it works and it works well except for its vulnerability last quarter. So … if we limit HOW we get to the point that RDP is available (VPN w. certs, username, SSL, limiting firewall scope) then we can still use RDP.
But how to we secure RDP down even further? Ideally I would like it where if the certificates match – boom your in only from certain machines. SSH works like this on Unix. Here are some links to peruse that might answer this question. I will augment this article once I have cracked what I wish to accomplish (this sentence will be removed). Oh – and please do not email certificates or passwords. HUGE pet peave of mine when websites or people do this.
I previously blogged about exporting files and metadata from Sharepoint. It worked!!!! Well, now that all the files are extracted – I have ended up with a csv.
- seems some double quotes are included – but a proper csv parser (eg. Excel) will turn those into 1 single quote
- The Xml column contains an xml node
- Add an xml header and a root node
- <?xml version=”1.0″ encoding=”UTF-8″ standalone=”no” ?>
- <z:row …..
- Then using Notepad++ with “XML Tools plugin installed” – you can surf the node path with ctrl-alt-shift-P
- turns out to be /root/z:row
- a c# app – try this article
- Also – use the Plugins->xml tools->Pretty Print Attributes
- An XPath /root/z:row[@ows_MetaInfo] would get what we require
- Parse this crazy thing with CRLF or
- The first number 1234;# is the id number – remove it
- field name
- TY = type
- val = value
- Use a regex like this to parse
- Now .. undoing the whole thing by hand
- undo the HTML Entities – now this will likely be done with the XML API
- use the Notpad++ plugin HTML Tag (Plugin->Html Tag->Decode Enitites)
- < -> < etc.
- unencode entities like #x0020 to a space etc.
- To extract thumbnails – they are stored in Base64 – here is a c# app to decode into jpegs
So, moving off to the cloud for some clients. Here is an article that helps “roll your own” backup of AWS servers using AMI (AWS Machine Images). It deletes old backups etc. What I really like about the article is it tells us that we have to understand the manual process first and it leads one through two different scenarios of a snapshot backup and an AMI backup BEFORE instructing one to install the CLI (command line interface) and roll your own unix scripts. Articles follow. Know how each affects costs – EBS? S3? Your own? How much your ISP will charge for transferring and how long it will take etc. etc. Continue reading
It might be better to “pull” things from a server for backup , but pushing is much easier to setup. So … I looked into things and connecting to a Z drive COULD be dangerous. One Encryption-Ransomware makes it a first priority to kill off the backup drive, then encrypt the files. So any drive that is connected as a Z drive (for example) would either be encrypted or wiped. So how best to protect? Well what about (s)ftp? Better, but it could overwrite old backups. So 2 fold … backup NOT via SMB and then have a 2nd “last backup” as well. Drop box does this but it is expensive to have dropbox for that large and to have ‘history’ turned on – but it DOES WHAT WE NEED!! What I did was install WinSCP and have it use a queue and when the queue is empty – it shuts WinSCP down. Simple, drag and drop. Yes it is not automatic, so what i have is the backups being stored on a simple hard drive – the WRONG way, but then I take that backup and WinSCP it off as my historical copy alongside the other historical folders. That 2nd computer, if there is a fire, should be offsite or across the building minimizing the chances of a complete disaster. Beats tape rotations. Fire safe, secure, encryption proof (within a week) and an offsite rotation if the customer wishes by taking the local hard drive weekly (if you can find the J personality style who will do that religiously)
Ok – so the SBS server is FULL AGAIN. WHAT NOW!?? I deleted exchange clear off it – so it is not those logs, disabled IIS – so not those logs – WHAT NOW!? SBS Monitoring. OK – so follow this 1 (or two once you get in there) and clear out the temp files in …
- C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data
I had to pay attention to the note at the bottom to enable the .ps1 file.
Also there is a temp.mdf – that too is MASSIVE. Look at properties of the System Databases -> TempdB and see if the ‘large file’ is the one you think it is (there is a file path) Then Follow these instructions … note that a detail is missing on where sqlservr.exe is located – see here.
Don’t forget that to find large files SUPER fast – use Windirstat.exe – cause it is awesome (awesome like Notepad++ and Beyond Compare – yes… that cool!!!)
I had a need to install something for a client to avoid using RDP port 3389 as Microsoft has a vulnerability and people can exploit it. Now with crypto viruses on the rise, it is never too late to lock things down. Also now that heart bleed is solved – we can get back to this method. This was BEYOND a super explanation that really made my day (it was a long few days) . It is long, but … copy/paste things in and voila – end point complete.
This link FINALLY got me up and going using the RealVnc Client. I just made a new account like this guy did. FINALLY it is running. It has been years and I am trying to lock things down a little on my Linux machine.
Seriously!? And no checkbox to turn it on? Powershell commands!? I guess is why Mac costs 2x as much. Here is a great post. Get Started.
Finally an article that explains it. Microsoft has rules that mark incoming mail as spam even tough, as humans we would prefer to see the emails without the spam warning. Enter SPF. If you have a microsoft email – it is quite an ordeal.