Linux kernel security hole patched

It’s time to patch your Linux kernel which is affected by worst vulnerabilities designated CVE-2016-8655, CVE-2016-6480, and CVE-2016-6828.

Philip Pettersson, a hacker and security researcher has reported this issues and bug.The Operating system attacked by this vulnerabilities are the new version of RHEL , CentOS & Ubuntu.

For more detail visit : http://www.zdnet.com/article/three-serious-linux-kernel-security-holes-patched/

Advertisements

Windows 10 Cumulative Update

December 9  , Microsoft has released Cumulative update for Windows 10 Version 1607 to fix the below issues as:

  • Improved the reliability of mobile device management (MDM) disenrollment, Distributed Component Object Model (DCOM), Peripheral Component Interface and PowerShell.
  • Addressed issue that causes excessive battery drain if you have a Chinese Input Method Editor installed and use Windows Hello to log in.
  • Addressed issue with OLE drag and drop that prevents users from downloading a SharePoint document library as a file.
  • Addressed issue with Super Floppy-formatted fixed media devices that are not recognized by Windows 10 Anniversary Update or accessible in Windows Explorer.
  • Addressed issue that causes the System Center Configuration Manager (SCCM) client to fail installation when a device is re-imaged using the SCCM task sequence.
  • Addressed issue that causes the loss of optional component (OC) state information, including all Hyper-V virtual machines, after the upgrade.
  • Addressed issue that causes Windows Explorer to display information that’s inconsistent with what’s stored on the Floppy disk.
  • Addressed issue that, after connecting a shared CD/DVD-hosted drive with no media inserted, causes some of the commands, like DIR and NET USE, to hang.
  • Addressed issue where customers cannot use directory cache sizes greater than 64 KB.
  • Addressed issue where Windows Explorer sometimes does not prompt for credentials when a user logs on using a Microsoft account.
  • Addressed additional issues with application compatibility and Internet Explorer

Associated KB article: Cumulative Update for Windows 10 Version 1607 and Windows Server 2016: December 9, 2016

Create custom SQL report using Report Builder 3.0

I am writing this post to explain step by step process how we can create a custom report in SCCM (System Center Configuration Manager)  using Report Builder 3.0.

The minimum requirement  to create the custom report using Report Builder we need to install the Reporting Service Point Role in SCCM site.

In this blog, I will create a custom report to fetch application installed and its version.

Let’s get started 🙂

1) Open the SCCM Console and navigate to monitoring . GoTo-> Reports->Create Report.

Report.png

2) Provide the name of the report which you want to have it  for this scenario I will name it as “Mayukh – Report to List Installed Applications” . Select the path where the report will reside in SCCM under “Reporting“. You can customise and have a custom folder under Reporting in SCCM .

Report-1.png

3) Click “Next”  , “Next”  , “Finish” . After you close the wizard Internet-Explorer will automatically launch , security warning dialog box will be prompted click “Run” to proceed. If you have installed Report Builder 3.0 it will directly launch the Report Builder where you can directly customize and create a report.

report-2report-3

4) Once the report builder will be launched GoTo-> DataSource -> Click on Properties. We will create a “Datasource” and in case if you have limited admin rights to connect to SQL Database you need to provide your credentials to proceed.

report-4report-5

To make sure your credential provide is correct and you can able to connect to Database instance click on “Test Connection“. You can see the successful message box .

Report-6.png

 

5) Now create a dataset and select the Data Source and click “Test Connection“. Click on “Edit Text ” and paste the SQL query . Click “!” to execute the query and see query works as expected and click “Next”.

report-8report-9report-11

6) Arrange the different fields as shown below and click “Next”. Click next , next and keep all the settings as default .

report-12report-13

7) If you would like to customise and have better look and feel you can design it . Click “Run” to execute the report and check if it works as expected.

Report-14.png

8) If everything looks fine , remember to save the report before you exit.

You can download and run the report directly from below link  :

https://www.dropbox.com/s/i8t1g5uwaqsd255/Mayukh%20-%20Report%20to%20List%20installed%20application.rdl?dl=0

 

 

 

 

 

 

 

 

 

How to Update and Patch Nano Server Using PowerShell ?

We can patch nano server with 4 simple steps as we usually do for any general windows server updates.

1) Check for Updates.
2) Install Updates.
3) Restart the server.
4) List all installed updates.

To get the above action completed we need to write PowerShell Script name it as WindowsUpdates_NanoServer.ps1

Login to your Nano Server and copy the below PowerShell script to the server. The script which check for updates and if any updates are require it will install and reboot the server.

######Check for Updates#####
$ci = New-CimInstance -Namespace root/Microsoft/ Windows/WindowsUpdate -ClassName MSFT_WUOperationsSession
$result = $ci | Invoke-CimMethod -MethodName ScanForUpdates -Arguments @{ SearchCriteria=”IsInstalled=0″; OnlineScan=$true}
$result.Updates

##### Install Updates#######

$ci = New-CimInstance -Namespace root/Microsoft/Windows/ WindowsUpdate -ClassName MSFT_WUOperationsSession
Invoke-CimMethod -InputObject $ci -MethodName ApplyApplicableUpdates

##### Restart the Server#####

Restart-Computer; exit

Note : If you receive a disk space error increase VHD size to 4 GB.

Once you login back run the below script to check whether the all the latest updates are installed?

##### List all installed Updates #####
$ci = New-CimInstance -Namespace root/Microsoft/Windows/WindowsUpdate -ClassName MSFT_WUOperationsSession
$result = $ci | Invoke-CimMethod -MethodName ScanForUpdates -Arguments @{ SearchCriteria=”IsInstalled=1″; OnlineScan=$true}
$result.Updates

Network Testing Tool (myPerf)

The myPerf tool uses a Java graphical interface to measure maximum network throughput between two WAN or LAN links. I have developed this tool using Java language as front-end which uses iperf utility at the backend . It is used to perform network test that create  TCP and UDP data streams.  Iperf is a tool for network performance, bandwidth and the quality of a network link. The utility is fully open source and runs on both Windows or Linux systems.

Download tool from here : https://www.dropbox.com/s/dfdadchm6wpv8lv/myPerfv1.0.rar?dl=0

1)  Open the zip file and extract it, once you open the folder you can view .jar file.

iperf-2.png

2) Launch the myPerfv1.o executable application .

3) Before we run to test the bandwidth we need  two PCs  or two servers. We will first run the application to the machine which acts as a server and click “Run”. We can choose the test will be for TCP or UDP data streams.

iperf.png4) Now we will launch the application on the machine which will act as a client to perform the test. The setting and port should be similar as that of server side and click “Run”.

iperf-1.png

Note : If you are facing issue to launch the jar executable  , check if you have installed latest version of  JAVA and environment variables are set for JAVA_Home.

 

Frequent Domain Account lockout issue

I am facing frequent lock issue with my AD account , this is a pretty common issue most of the user faces in IT Organization. The root cause of this  issue is they might have logged in with their account and forget to log-off or maybe they have mapped to network drive and once when they are trying to reset the password , the lockout issue arises.

Steps to troubleshoot for Client Side(Laptop/Desktop) :

1) Local User Account is present with the same Name as AD account, If same ID is available, Rename local ID to some other ID.
2) Clear Temporary Files
3) Delete Cookies / Temp Files / History / Saved passwords / Forms / from all the Browsers.
4) Start — > Run –> Temp –> Delete all temp files.
5) Start –> Run –> Prefetch –> Delete all Prefetch files.
6) Remove Mapped drives from my computer. My Computer –> Right click on Shared drive –> click on Disconnect
7) Remove stored passwords from Control Panel
8) Start –> Run –> Type Control UserPasswords2 , Click on Advanced managed passwords and delete all the passwords
9) Remote unwanted applications from startups (Run –> msconfig –> startup –> Uncheck unwanted software’s)
10) Scan the entire HDD and update the Antivirus agent.

Steps to troubleshoot for Server Side \Active Directory 

1) Download Account LockOut Management tool  http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=18465

2) Extract the file copy it to C:\LockOutStatus

lockout.png

3) Launch the LockOutStatus.exe application and GoTo->File->Select Target and provide user details and click “OK”.lockout-1.png

4) Check for DC server details and where the account is locked and map it to the server where ORIG lock was originated. Now login to the ORIG lock server and look for the security event logs.lockout-3.png

5) Trace event logs for username and the time when the lock occurs , once you find look for client IP address where the log originated and log-off from that client machine to resolve the issue.

logs.png

Notes : Try to be patient and find out the LockOut Time of the Originating server from LockOutStatus Tool and investigate for the same timeframe of security logs to resolve the issue.

Configuration Manager 1606 – Stuck in Downloading State

I was trying to update my SCCM environment from 1602 to 1606 , I can see the hotfix got stuck while downloading.

1606-update.jpg

How we can fix it ?

The solution seems to be straight forward , I stop/start SMS_EXECUTIVE service and it fixed the issue.

services.png

Within a few minutes, you will see the latest update appear and start to download.

Note : If the issue still persists try to have a look on log file dmpdownload.log.