It is easier than ever to mine bitcoin, as the new site bitminer.io allow you to simply enter your bitcoin address and just leave the tab open and it will mine bitcoin for you about .0006 per day which may not seem like much but it will add up. Do it now and check it out using my link in the last sentence.
Although Docker is available in Windows Server 2016, it is not immediately obvious how to set it up and start running containers on a Windows Server 2016 server. The first step is to enable the Windows Feature Containers with the PowerShell command
Install-WindowsFeature -Name Containers -Verbose . After enabling the Containers feature, installing Docker requires executing the following PowerShell commands:
Install-PackageProvider -Name NuGet -MinimumVersion 184.108.40.206 -Force
Install-Module -Name DockerMsftProvider -Force
Install-Package -Name docker -ProviderName DockerMsftProvider -Force
# Open firewall port 2375
netsh advfirewall firewall add rule name="docker engine" dir=in action=allow protocol=TCP localport=2375
# Configure Docker daemon to listen on both pipe and TCP (replaces docker --register-service invocation above)
dockerd -H npipe:// -H 0.0.0.0:2375 --register-service
Optionally you can also install the PowerShell Docker Dev module with the following commands:
Register-PSRepository -Name DockerPS-Dev -SourceLocation https://ci.appveyor.com/nuget/docker-powershell-dev
Install-Module Docker -Repository DockerPS-Dev -Scope CurrentUser
To be sure that Docker is installed run the following commands in PowerShell or Command Prompt:
Now you can download the microsoft windowsservercore or nanoserver images and begin creating containers.
docker pull microsoft/windowsservercore
docker pull microsoft/nanoserver
WARNING: THIS link will download Policy Analyzer 3.0 and samples in a safe zip file from Microsoft:
Microsoft Policy Analyzer 3.0 is now available and according to Aaron Margosis: “Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs).” There is a pdf file that is included with the download that explains how to use the application. The new updated 3.0 version also includes several PolicyRules files that can be imported into the Policy Analyzer application and used to compare to the computer’s policies or any imported GPO backup files.
The best use of this software in my opinion is to use it in a domain to analyze your organization’s Group Policy Objects and to look for conflicts with Local Policies or within all the GPOs. You can point it to the SYSVOL folder and import the group policy objects that are being used in the domain. Then by comparing them, you will be alerted to any conflicts and you can export the results to an Excel spreadsheet. It is an excellent tool that will take some time to get used to, but it is extremely important for any security professional to do an analysis of an organization’s policies.
(Microsoft’s Channel 9 Podcast – Defrag Tools)
I recently installed the Security Compliance Manager 4.0 using and already installed version of SQL Server 2016 express. This is how you need to install SCM 4.0 on windows 10, since SQL Server 2008 is no longer compatible with Windows 10. If you do not already have SQL Server Express installed, then you need to download and install SQL Server express 2014 or 2016 and install just the engine. Then you can install Security Compliance Manager 4.0 and it will ask for an installed instance of SQL Server and you must choose the name of the instance that you just installed. Then SCM4.0 will install successfully on Windows 10. Although Petri.com has posted a review of Microsoft Security Compliance Manager in 2014, there is now a new version available and this post will discuss Version 4.0. Security Compliance Manager will allow you to download Microsoft recommended Security Baselines for Windows 7,8, and 10, and for Windows Server 2012, 2016, and SQL Server 2012. These baselines contain group policies and settings that are recommended by Microsoft to secure your Active Directory domains.
Also available now is Policy Analyzer.
The most interesting of the new baselines is perhaps the Windows 10 1607 Security Baseline, and it is available to download after you install Security Compliance Manager 4.0. This baseline can be exported to an Excel spreadsheet that separates the settings and configurations into different tabs. For some reason I am not able to preview this page anymore as I type it, I think adding Google tag manager has screwed it up. So I’m going to post this and then investigate what happened, and I might have to remove the Google Tag Manager. Hopefully I will continue this post later, if you have any questions about these two security software applications from Microsoft feel free to email me at james at jgnetworksecurity.com.
The first thing you want to do before you start creating a nano server image, is to mount a Windows Server 2016 ISO. This will cause a drive letter to be created with the Windows Server 2016 Image mounted, which is required for the application because the Nano Server media folder needs to be available for the application. This application is basically a front end for the PowerShell script New-NanoServerImage. Now go through the wizard and be sure to create a name for the Virtual Hard Disk, by entering Name.vhdx. If you are going to want to join this nano server to a domain before starting it, you will have to provision a djoin.exe blob. When the wizard completes and you create the NanoServer vhd or vhdx file, now you need to create a new virtual machine and use this vhdx as the hard drive for the new Hyper-V virtual machine.
Windows Spectrum – This service has the name of Spectrum, and is described with the following caption “Synthesizes perceived environment captured through reality understanding modules”. This service will most likely be used with Hololens and Augmented Reality or Virtual Reality accessories. If you are just using Windows 10 as a computer and not with any hololens-type devices, it should be safe to disable this service or just leave it set to manual.
WFDSConMgrSvc – This service is used with wireless devices, the exact description states “Manages connections to wireless services, including wireless display and docking.” It should also be safe to disable this service if you are not using any wireless screens or docking stations.
PrintWorkflowUserSvc_290d03 – This service is also new and could have a different combination of letters and numbers at the end of its name. Not much information here, its related to some type of printing workflow, perhaps 3D printing?
Payments and NFC/SE Manager – This service is named “SEMgrSvc” and should only be necessary if you are running windows on a newer mobile type pc that has Near Field Communications capabilities. On an old PC you can disable this service.
LPA Service – Also Named the wlpasvc – This service provides profile management for subscriber identity modules.
Dusmsvc – The Dusmsvc does not have an explanation, however Microsoft documentation explains that DUSM stands for Data Usage Subscription Management, so if you are just using your computer at home and don’t have to worry about data usage limits, than you can leave this service alone as well. You may want to leave it if you are ever curious how much data that Windows 10 uses, since it could be measured with the help of this service. MSDN Documentation explains that “The Data Usage Subscription Management (DUSM) schema defines elements that are used to describe cost information for a subscriber’s connection to a metered network.”Emojii_stickers
Don’t use admin as the username to login to your website. Reason: Bots on the internet are constantly scanning the net and 95% of the time will automatically attempt to log in to your website using admin as the username. If you block any logins using admin, then you will block these attempts to hack your webserver.
There is a folder called Panther, that holds the logs called setupact.log, and setuperr.log. The setupact.log should contain a run through log of the installation progress of the latest build install. If it fails, it will normally roll back to the last build and the user will not know why it failed. This Panther folder may hold the only answers to why the install failed. The Setuperr.log should just display the last error in the install process, which may help diagnose exactly why the installation of the latest build failed. However, most likely you want to read the setupact.log.
If you disable the Windows Firewall, you will no longer be able to remote desktop into the machine, you will not see the machine on your network, and you will really not be able to do anything with it. It does no good, from a management perspective to disable the windows firewall. Try it and see. Disable the windows firewall and then try to connect to that host with Remote Desktop, (mstsc.exe). It will not work, it will even show the error that says that Remote desktop is not enabled, even though it is. As soon as you start the windows firewall service with an exception for port 3389, the rdp session will commence. You wont be able to ping the server either, the point is, DO not disable the windows firewall, unless you feel like troubleshooting network connections for awhile. Just leave the firewall enabled and configure the rules. I Never disable the windows firewall no matter what.