Parallèlement, le BSI et le CERTA ont demandé à Microsoft de corriger ces faillent de sécurité qui pourraient avoir de grands impacts sur le grand plublique; les risques d’impacts sur les achats en ligne riques d’être gros, et d’apporter plus à la “crise” qu’aux comptes des commerçants.

Microsoft ont fourni une première réponse et contournement qui limiterait les risques mais ne les annule pas : mettre le niveau de sécurité sur le niveau “élevé” pourrait réduire les risques dûs à l’utilisation des contrôles ActiveX et Javascript. Il va sans dire qu’en désactivant ces deux fonctionnalités il devient difficile voire même impossible de parcourir quelques sites Internet.

Donc après le lancement du script Perl qui installe automatiquement les bons drivers, on arrive à une étape où il s’agit de spécifier l’emplacement des sources du kernel (ou noyau) qui correspond à la version installée. Le script demande explicitement le package kernel-header, mais mon expérience m’a fait comprendre qu’il ne s’agit pas de ça mais d’un autre package. je vous laisse suivre l’enregistrement commenté du déroulement de cette installation, et vous laisserai déposer vos commentaires auxquels je prendrai plaisir de répondre.

[kml_flashembed movie="http://www.ntsysv.com/wp-content/uploads/2010/01/install-vmware-tools-on-Fedora12.swf" height="300" width="400" /]

voilà! si vous avez des questions n’hésitez pas à les pauser dans les commentaires.

Vous pouvez avoir la version HD de la vidéo sur simple coup de fil!

Entrez votre code d’accès -

Enter your access code

Pour connaître notre solution de micro paiement : Allopass

Firebug

We start with the most useful one : Firebug.

Firebug integrates with Firefox to put riches of development tools at your fingertips as you are browsing. You are able to edit, debug, and monitor CSS, HTML, and JavaScript alive in any web page…

It lets you trace and fine-tune every line of HTML, JavaScript, and the Document Object Model (DOM). It’ll report on under-the-table AJAX queries, tell you the time it takes a page to load up, and allow you to edit a web page on the fly. The only thing it can’t do is allow you save your modifications back to the server.

Changes made in Firebug are not permanent. They just apply to the individual instance of the page you are changing. If you refresh the page, all alterations will be lost. If you navigate out from the page, all modifications will be lost.

If you’re accomplishing a test that implies locally altering HTML, JavaScript, or the DOM, make sure to copy and paste your changes into a separate file, or all evidence of your test will be lost. In a pinch, a screenshot works for recording test results, but can’t be copied and pasted to re-execute a test.

View Source Chart

View Source Chart allows you to graphically view HTML Tag edges, delimit Tag Nesting Order, Structure and Hierarchy. And finaly, adds a Simple but Powerful interface to Source Code.

The difference between source charting and identation only formating is that it allows user to :

* Rapidly scan and recognize a document’s tags without reading a single tag
* see how deeply nested an element is just by looking to its left (no scrolling/finding/reading tags)
* identify an element’s containing tags without being forced to scroll, find and read each tag

install it from here

Tamper Data

TamperData is an extension to track and modify http/https requests and is used for security testing more than for design matters.

you can get it here

Edit Cookies

Edit Cookies is the only Firefox extension that allows one to change any aspect of a cookie from within the browser itself.

get it here!

User Agent Switcher

The User Agent Switcher extension adds a menu and a toolbar button to change the user agent of the web browser. It’s designed for Firefox, Flock  and Seamonkey, and will run on any operating system  that these browsers support including Windows, Mac OS  X and Linux.

The extension is available here

SwitchProxy

SwitchProxy allows you manage and alternate between multiple proxy configurations rapidly and easily. You can also use it as an anonymizer to protect your computer from prying eyes.

have it here

I can not list all extensions, but I believe these are the most important in my point of view.

Thank you for your time and happy reading.

Ces deux utilitaires, quoique n’ayant pas un lien directe d’utilisation, ont été développés par Hs2n et fournis gratuitement sur le site dans la partie outils. Ci-dessous un passage en revu de leur utilisation.

WuInstall

WuInstall est un outil en ligne de commande pour Windows, qui vous permet d’installer les mises à jour Windows sur un ou plusieurs postes de travail d’une manière contrôlée en utilisant un script batch ou VBS au lieu d’utiliser la fonctionnalité de mise à jour automatique intégrée de Windows.

En effet, il est quelques fois difficile de passer automatiquement les mises à jour quand un applicatif risque de ne plus fonctionner correctement, surtout ceux basés sur une version spéciale d’un environnement donné (exemple : la CLR .Net)

Ceci dit, WuInstall utilise l’API standard de Windows Update pour chercher les mises à jour disponibles, que ce soit sur le site publique Microsoft Update, ou bien un serveur WSUS interne à l’entreprise. Si des mises à jour sont dispobiles, l’utilitaire peut bien les installer.

Export

Comme il est décrit dans l’introduction, l’outil export permet d’affecter le résultat de n’importe quelle commande en ligne de commande à une variable qu’elle soit d’environnement ou de script. Cette fonctionnalité est malheureusement absente en standard sous Windows. Petit exemple : vous voulez créer un fichier avec la date d’aujourd’hui dans un fichier batch: j’ai beau chercher mais il n’y a pas de méthode directe de le faire; cet outil vient à la rescousse comme le montre la figure ci-dessous prise directement sur le site de l’éditeur.

Exemple d'utilisation de l'outil Export

A noter que cet outil vient en deux versions : pour les versions 32 et 64 bits de Windows.

Voilà, j’espère que vous avez trouvé ces outils pratiques, Bonne lecture sur Ntsysv.com!

Copyright Ntsysv.com ]]> http://www.ntsysv.com/index.php/windows-scripting-deux-utilitaires-wuinstall-et-export/feed http://www.ntsysv.com/index.php/me2everyone-new-place-for-chat-shop-play-watch http://www.ntsysv.com/index.php/me2everyone-new-place-for-chat-shop-play-watch#comments Sun, 01 Mar 2009 12:11:08 +0000 ElMehdi http://www.ntsysv.com/?p=355 Something incredible has arrived!

I just became a shareholder in me2everyone and I never had to pay a single penny for the shares! It can only be described as the gold-rush for 2009. This company is going to be huge and shares will soar in value over the coming months! You can register for free and it never has to cost you a single penny!

Me2everyone is going to be a cool new virtual world where you can meet friends, chat, shop, play, watch videos, create an art gallery, open a virtual newspaper, and make money from your own online store! You and everyone you know make the decisions, shape the world, create real incomes and share in the profits. It’s a new place where you meet new people or invite your friends. Learn new skills or expand your business. Find the love of your life or help the planet.

Membership is free and every member automatically becomes a shareholder in me2everyone Limited. Personally I have 1000 shares in the venture I’m going to increase my shares very soon. This is an excellent chance for all of us to make some real progress in 2009 and beyond! Please don’t miss it.

If you are looking for something really good in 2009: something that changes your view on the world, then you really have to spend just one minute and look at this website.

Please click visit Me2Everyone for the details

Kind regards

ElMehdi

PS: More than 350 people signed up every hour during the first 2 days and the owners expect 100m+ over the next 3 years!! Be in now and get ready to share the wealth!

DNSSEC provides:

1. Origin authentication of DNS data,
2. Data integrity
3. Authenticated denial of existence.

These functions are based on asymmetric cryptography system

In other words, if an attacker attempts to create a DNS response that has been altered from the original authentic response in some fashion, and the attacker then attempts to pass the response off as an authentic response, then a DNSSEC-aware DNS client should be able to detect the fact that the response has been altered and that the response does not correspond to the authoritative DNS information for that zone. In other words, DNSSEC is intended to protect DNS clients from forged DNS data. This protection does not eliminate the potential to inject false data into a DNS resolution transaction, but it adds additional information to DNS responses to allow a client to check that the response is authentic and complete.

As I said before, dnssec is based on cryptography, especially Public key cryptography which relies on a public and private key pair

Two types of keys are identified for use in zone signing operations. The first type is called

A Zone Signing Key (ZSK) and the second type are called a Key Signing Key (KSK). The ZSK Is used to sign the RRsets within the zone, and this includes signing the ZSK itself, the KSK is used to sign root of the Zone, which includes the ZSK and the KSK and may also be used outside the zone either as the trusted anchor in a security-aware server or as part of the chain of trust by a parent Name Server.

DNSsec mechanisms require also changes to the DNS protocol. DNSSEC adds four new resource record types: Resource Record Signature (RRSIG), DNS Public Key (DNSKEY), Delegation Signer (DS), and Next Secure (NSEC). These new RRs are described in detail in RFC 4034

What are the uses of each resource record?

DNSSEC uses public key cryptography to sign and authenticate DNS Resource record sets (RRsets).

The public keys are stored in DNSKEY Resource records, Digital signatures are stored in RRSIG resource records while, The NSEC resource record lists two separate things: the next owner name (in the canonical ordering of the zone) that contains Authoritative data or a delegation point NS RRset, and the set of RRTypes present at the NSEC RR’s owner name but for A DS RR it refers to a DNSKEY RR by Storing the key tag, algorithm number, and a digest of the DNSKEY RR, The DS RR appears only On the upper (parental) side of a delegation

Deploying Dnssec

1. Enable dnssec in authorative and recursive servers : Means that your dns will support dnssec functionality, so you have to add the following line in named.conf file (named configuration file):

Options {Dnssec-enable yes; };

2. Generate zsk and ksk for each zone :
   i/ Create zsk key:

   Dnssec-keygen -a rsasha1 -b 1024 -n zone ecole.com

   This command will generate 2 files with the following extensions:

   .key is public portion of the key

   .private is private portion of the key

   ii/ Create the ksk key:

   dnssec-keygen -a rsasha1 -b 1400 -f KSK -n zone ecole.com

3. Include keys in the zone file : we have to add the public portions to the zone file either but just including using this syntax :

$INCLUDE keys/Kecole.com.+005+12513.key; KSK

$INCLUDE keys/Kecole.com.+005+03977.key; ZSK

Or using command line mode :

Cat keys/Kecole.com.+005+12513.key >> ecole.db

cat keys/Kecole.com.+005+03977.key >> ecole.db

4. Sign the zone using the following command:

Dnssec-signzone -o ecole.com -t -k Kecole.com. +005+12513 ecole.db Kecole.com.+005+03977

5. Update named.conf file :

Replace :

zone “ecole.com ” {

file “ecole .db “;

};

With:

zone “ecole.com ” {

file “ecole.db.signed “;

};

6. Creating a secure delegation :

The process for signing a sub domain is essentially similar to that defined for signing a zone with one single difference; A Delegated Signer RR can be added to the ecole.com zone file to create secure delegation.

In fact we have to follow the same steps described before but while singing the zone we have to use the command:

dnssec-signzone -o etudiant.ecole.com -t -g -k Ketudiant.ecole.com.+005+64536

etudiant.db Ketudiant.ecole.com.+005+48560

The -g argument is used to generate two special files called dsset-etudiant.ecole.com. (Containing the DS RR for the parent) and keyset-etudiant.ecole.com. (Containing a copy of the public Key DNSKEY RR of the KSK).

When the parent administrator receives the dsset-etudiant.ecole.com. and, optionally, the keyset-etudiant.ecole.com. files, they are placed in the same directory where the ecole.com zone is signed. The dsset-etudiant.ecole.com. File is included in the original ecole.com zone. Re-sign the zone by executing the dnssec-signzone command exactly as before

The only thing that has changed is the additional Ds reecords in the new zone file, so that the sub domain zone gets its authentification through the delegation point in ecole.com in the parent zone

You may understand more the use of the Ds record in my next article which will be about DLV System and how to create a trusted anchor within a chain of trust

I hope it was useful and I want to thankyou for your time.

Join the forum discussion on this post - (1) Posts

Ce matin un de mes clients a eu un serveur ESX qui affichait l’état “déconnecté” (ou disconnected) sur l’interface du client d’infrastructure, alors qu’il était présent et bien joignable hier. J’arrivais à me connecter sans problème si je me connectes en directe soit en SSH avec le client Putty, soit avec le client infrastructure mais en utilisant l’authentification locale à l’ESX (compte root et son mot de passe).

L’ennuie était que 3 des machines virtuelles n’étaient pas joignables, et je devais de toute urgence les remettre sur pieds. Enfin, ceci fait, je suis revenu voir ce problème d’enregistrement dans l’interface de la VI.

La solution était plutôt simple : comme je savais que l’ESX était bien démarré, les machines virtuelles joignables et en production, le problème serait sûrement dans un service qui, même démarré, ne répondait pas comme il le fallait. En l’occurrence, dans ce cas, c’est le service vmware-mgmt, ou Vmware Managment, qui ne fonctionnait pas comme il se doit.

Toujours sur la connexion SSH, il a suffit de relancer ce service avec la commande :

service vmware-mgmt restart

pour que la tentative d’enregistrement dudit ESX dans la VI soit effctive.

En fait, la même commande peut être écrite :

/etc/init.d/vmware-mgmt restart

si jamais la première ne passait pas pour une raison ou pour une autre.

N’oublions pas que la base de la plateforme ESX est un kernel propriétaire, mais aussi du RedHat ES3 (avec une update), donc les habitués de Linux n’auront pas de mal à s’y retrouver.

Voilà! je vous rappel j’ai déjà écrit un post qui traite des commandes (quelques commandes) disponibles sous ESX 3

As discussed in the Forum ( in a post about Remote Access), there’s some actions we can take (I can not list all of them) and that help speeding up Windows.

Physical Disk Speed

When choosing a hard disk for your computer or laptop, think in a long term fashion: you may keep some money in your pocket but you will have to get them out sooner than you think when your slow cheap new disk start struggling under whatever software you use. So spend more money and get a good disk for once.

Disk And File Fragmentation

Every time you delete or move a huge number of files or big files (an old movie or game) think about Defragmentation. Windows Built-in Disk Defragmentation Tool is not there by chance, it is enough to use with normal files; I say normal files because the tool cannot defrag paging file for example or some system files. The tool is available under  :

All Programs/Accessories/System tools

and is called Disk Defragmenter.

A nice method exists to Defragment disks in Command Line mode, using a batch file for example. The command defrag is here to help scripting all drives defragmentation while sleeping or taking a coffee. The help section of this command is clear and command usage is straightforward as discribed bellow :

C:\>defrag /?
Usage:
defrag <volume> [-a] [-f] [-v] [-?]
volume  drive letter or mount point (d: or d:\vol\mountpoint)
-a      Analyze only
-f      Force defragmentation even if free space is low
-v      Verbose output
-?      Display this help text

all you have to do is to replace <volume> by drive name (eg. C:, D:…).

For System and special files, there is many tools available to buy on the net.

Paging File aka Pagefile.sys

Paging file (or swap file) helps the Operating System to run more programs than what would only physical RAM do. It is a partition of the Disk (generally for Unix Like systems), or a file constructed in a particular way (possible for both Windows and Linux). All known Operating System need a paging space; an exception are the “Live” Systems, that run in available RAM and may not need to swap.

For Windows, the size of the Pagefile.sys file is automatically set and the default location is the system drive. Here, at Windows Setup time or after, it is recommended to create a dedicated drive to host the paging file, so that the heavy I/O load does not affect neither Windows itself nor any running application. For the size of the Pagefile.sys, it is linked to physical memory size and in general 1,5 to 2 times bigger. An easy way to decide is by checking the recommended size calculated by Windows as described in the following animation :

[kml_flashembed movie="http://www.ntsysv.com/wp-content/uploads/2009/02/ckeck-and-set-pagefile-size.swf" height="300" width="400" /]

You may have noticed that you can have more than one paging file.

You’ll have to reboot after changing paging file size or location.

Software’s Setup Folder

You should never install softwares using Disk I/O heavily on the same drive as Windows. For example, if you need to install an SGBD (Oracle, SQL server,MySql…etc), do not install it in system drive, performances will be impacted on both Windows and Software sides.

Same thing if we talk about any software which uses disk to cache temporary files to speedup its utilization. As example, Photoshop uses caching to make things go fast, and fortunately, it offers the posibility to define cache folder location.

Windows System Memory Locks

A great TIP by user Aicha in the same post in the forum talked about sizing Windows System Cache depending on physical memory size. I didn’t give it a try, but comments are open to you for feedbacks.

The configuration involves registry modification so please make sure you set configuration correctly, I’ll recommend making a backup before going any further.

So, here is the receip :

open Registry Editor by using “regedit” command

Browse to key : HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Session Manager\Memory Management

Edit (or create) the DWORD Value IoPageLockLimit

Enter the Decimal value 983040

If you have 2Gb of physical memory you may double this size. In fact, there’s rules to decide what to put as value : please refer to the following Microsoft Technet article for more details.

You may need to reboot.

Hope you found this interesting and I’d like to thank you for your time.

While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets.  Below are a few easy, cost-effective steps you will be able to take to make your computer more protected.

1. Always make backups of important information and store in a safe place separate from your computer.
2. Update and patch your OS, browser and software frequently.  If you have a Windows OS, start by going to windowsupdate.microsoft.com and running the update wizard.  This program will help you find the latest patches for your Windows computer.  Also go to officeupdate.microsoft.com to locate possible patches for your Office programs.
3. Install a firewall.  Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet.  Consideration should be given to the benefits and differences between hardware and software based firewall programs.
4. Review your browser and email settings for optimum security.  Why should you do this?  Active-X and JavaScript are often used by hackers to plant malicious programs into your computers.  While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you.  At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.
5. Install antivirus software and set for automatic updates so that you receive the most current versions.
6. Do not open unknown email attachments.  It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
7. Do not run programs from unknown origins.  Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes.  They may contain a Trojans horse waiting to infect a computer.
8. Disable hidden filename extensions.  By default, the Windows operating system is set to “hide file extensions for known file types”.  Disable this option so that file extensions display in Windows.  Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.
9. Turn off your computer and disconnect from the network when not using the computer.  A hacker cannot attack your computer when you are disconnected from the network or the computer is off.
10. Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program.  Obviously, you need to take this step before you experience a hostile breach of your system.

I hope these recommendations will help you.

Happy staying in Ntsysv Blog!

So, what’s the facts? The first one is that the application is not working, and thus, many people cannot work. The server (a Windows 2003 server) is a Dell server backed up with Symantec Backup Exec System Recovery (BESR), a tool that takes drives images so that recovery time is the least, and the last save is available in a network share. I have available too some free resources in an ESX enough to create a new virtual machine to host the server image.

As you noticed, the starting idea was to recover the image  of the physical server to a virtual machine. What I came up with is a new technique to virtualize a physical server, and transform it to a virtual machine. This is thanks to “Restore Anywhere” option available in BESR; in normal restore cases, we will restore to an identical hardware and this option is not needed, but in the scenario I described, the image is going to a virtual hardware. It is good to know that Windows License Product Key will be needed to be able to Activate Windows later on. No need for specific drivers as VMware ones are available by default.

So how we do it?

To be able to “remake” a blank server, BESR comes with a bootable CD that configures the basic information needed to work with the new server : we can configure network interfaces, map network drives,…etc. Once the IP stack is correctly configured (you can issue a “ping” command to the IP used to check if the server is responding) you can use the available wizard to map a drive to the network share hosting the images.

After this basic configuration, you can start recovering the server, or shall I say building the virtualized server. It will take up to 2 hours to restore 50Gb image if the ESX is “normally” used; of course, it may take less time in a test environment. After the first reboot, the server will start configuring the new hardware, this may take up to 15 minutes, so you can go and have a coffee! A question will be asked to you  is that if you need the server to be joined to a domain or you want to keep it in the “workgroup”. It is wise to let it in the workgroup till it becomes available to configure it at your ease.

The server is now up and running; the new virtual server will keep the initial name, applications and so on, but no hardware configuration will remain, neither network configuration. At this point, you can reconfigure your server as you wish.

For me, I was able to backup specific file using ntbackup tool in the new virtual machine and restore them to the original physical server. Please note that if you connect you new virtual machine to the network, and if you keep the same name, it may generate a “duplicate name” TCP/IP error. I bypassed this error by removing any DNS server IP, Wins server IP from network configuration. Also, you will have to disable Netbios naming utilization, so the server will only use IPs to communicate in the network.

I hope you liked this post and found it helpful, and I’d like to thank you for your time.