Pages

Monday, July 31, 2017

Using Command Line explorer.exe Net to Re-establish Network Shares After VPN is Established Through a Captive Portal

As shown in Using Net Use to Re-establish Network Shares After VPN is Established Through a Captive Portal Net use can be easily used with Windows Task Scheduler to reconnect the shares after establishing a VPN connected over a captive portal. An alternative method is to create a .cmd file using explorer.exe to reconnect the shares and the Windows Management Instrumentation Command-line (WMIC) to find and terminate the explorer processes


Create a .cmd file similar to

start "RECONNECT_HOME_DRIVE" /MIN explorer.exe H:\
start "RECONNECT_SHARE_DRIVE" /MIN explorer.exe X:\

WMIC PROCESS WHERE "CommandLine like '%%explorer.exe /factory%%'" DELETE

Use the same process described in Using Net Use to Re-establish Network Shares After VPN is Established Through a Captive Portal to find and create the event trigger. The steps from the other post are included below.

Start the Windows Event Viewer and look for a useable event for the trigger. In my case, under Applications and Services logs I found an event logged upon successfully establishing the VPN. 

After finding a suitable event, right click on it and select Attach Task to This Event.

Give it a name and description. Select Next
When an Event is logged. No updates. Select Next
Define the action. Select Start a Program radio button. Select Next
Browse to the Program/Script (command file) created and provide any optional arguments. Select Next.
Review the event and trigger and select Finish.

Now, log off and log back in. If all is correct then upon successfully establishing the VPN the script will be triggered and the shares will be reconnected.


Tuesday, July 25, 2017

Using Net Use to Re-establish Network Shares After VPN is Established Through a Captive Portal

When on a customer site or traveling for work, you will probably encounter a captive portal at some point. In my case, my Outlook personal folders and home directory are on corporate share drives and I need to re-establish the connectivity to the share before starting Outlook. Due to the captive portal, the VPN connection cannot be established after logging in so Windows never re-establishes the connections to the shares.

An easy way to automate the re-connection of the shares is to locate an event, ideally a VPN or network event, to use as a Task Scheduler Trigger.

Create a .cmd file using the following template save it.


@echo off
net use x: \\computername\sharename /persistent:yes
net use h: \\computername\sharename /persistent:yes

Start the Windows Event Viewer and look for a useable event for the trigger. In my case, under Applications and Services logs I found an event logged upon successfully establishing the VPN connection. 

After finding a suitable event, right click on it and select Attach Task to This Event.

Give it a name and description. Select Next
When an Event is logged. No updates. Select Next
Define the action. Select Start a Program radio button. Select Next
Browse to the Program/Script (command file) created and provide any optional arguments. Select Next.
Review the event and trigger and select Finish.


Now, log off and log back in. If all is correct then upon successfully establishing the VPN the script will be triggered and the shares will be reconnected.

Thursday, July 6, 2017

NoMagic's Cameo Enterprise Architecture - Sizing Windows 2012R2 Server for Remote Desktop Services

To facilitate a rapid deployment of NoMagic's Cameo Enterprise Architecture (Magic Draw), the thick client products can be run on Windows 2012r2 servers running as application servers. Additional Remote Desktop Services (RDS) Client Access Licenses (CALs) will allow the application server(s) to provide for simultaneous use of the products. This white paper identifies the memory and core (CPU) sizing for the RDS servers to satisfy the user requirements for using these products on application servers.

For details, obtain the whitepaper here.

Saturday, June 24, 2017

Make Your Own Coffee Container Bug Box For Kids

Here is a quick and easy way to make a bug box out of a used coffee container. If you have all the supplies then this will take under 10 minutes to create a bug box. To make the bug box you will need the following items.


  1. A used and cleaned plastic coffee container.  A Folger's 30.5 oz container works well.
  2. Mosquito netting utility fabric. Jo-Ann Fabric sells a mosquito netting utility fabric.
  3. An X-ACTO Knife or other (sharp) knife.
  4. Glue gun, glue (for plastic and fabric Quick Grip works well).
  5. Scissors.
  6. Sandpaper or something to rough up the plastic before gluing.
  7. Something to press the netting to the glue. Thin card stock works.
Start by taking the coffee container and use the knife to but out the Folger's label. Now, make the same cut on the back side of the container. Try to not but to fall outside of the line. The area immediately outside of the cut will be for the glue.


 






Next, take the label cut from the container and lay it on the mosquito netting and cut the mosquito netting about 1/2 inch larger than the plastic label. This is cur wider so it will overlap the glue and adhere to the container.








Take the sand paper and rough up the area on the inside around the area that was cut out. This will help the glue adhere to the plastic. Now, take the glue or glue gun and put a bead of glue on the inside of the container around the opening. Lay the mosquito mesh over the glue and use cardboard or the plastic label cut out to press the mosquito mesh into the glue. Before the glue dries you can adjust the mesh to remove wrinkles. To keep the container from rolling, I found it helps to place it on the lid.

Repeat for the other opening.


There you go! You now have a bug box. Let the container and mesh sit per the drying duration on the glue used. After the glue dries, kids can use the container for bugs, fireflies, frogs, or I suppose small snakes.

Whatever you and your kids chose to put in the container, enjoy the fun of them learning.

Saturday, April 1, 2017

Over the Counter Orthotics - Samurai Insoles

Having flat wide feet can greatly limit a person's shoe selection. The show needs to be available in wide widths, with a removable insole, and comfortably accommodates orthotics. These requirements can reduce the limitless shoe selection down to only a few brands. I have had insole orthotics since my 7th grade running days and until December 2016, have had to suffer with finding shoes that fit both my wide foot and orthotics. I've had custom orthotics made for $300-$500 a pair and results are not always great. One pair was supportive but I was never able to find a shoe that comfortably accepted the orthotics and my feet. My current custom orthotics require replacement and while I have tried OTC orthotics over the years, I have not had any luck until I found orthotics from Samurai Insoles.

Plain and simple, these insoles are wonderful only $40!

If purchasing Samurai Insoles on Amazon, you will receive an email with tips. I recommend reading the tips and following the tips based on your situation. The tips are:

TIP #1: We recommend a new(ish) pair of quality, well fitting sneakers, boots, or clogs to go with your Samurai Insoles. If they have a manufacturer's insole that can be removed and replaced with our insoles, even better! 

TIP #2: Simply remove the manufacturer's insoles from your shoe, and replace them with your new pair of Samurai Insoles. 

TIP #3: Samurai Insoles are designed to fit in your shoes without any trimming necessary. But hey, there's LOTS of different sizes and shapes of shoes out there!  So, if your insoles have an uncomfortable amount of excess material at the toes trim a small amount of material away from the front of the insole only.  

TIP #4: You'll notice a rim where the padded case has been vacuum sealed to our unique orthotic shell in the heel area.  Yes, this should be there!  As part our unique design, the material around the orthotic shell is simply to anchor the insole to your shoe.  You should not feel the vacuum sealed rim during use.  If you do, please let us know. 

TIP #5 (LAST, BUT MOST IMPORTANT): We recommend becoming accustomed to your Samurai Insoles over the course of 7-14 days. Start off by wearing your Samurai insoles about an hour the first time, then replace them with your shoe manufacturer's original insoles. Repeat this process every day, adding an additional hour of use with each successive day, until you reach 8 consecutive hours of use. If your feet become fatigued while wearing Samurai Insoles, remove them at that point, and wear them the following day for the same time period, increasing the amount of time worn by an hour each successive day. 

If you are searching for OTC insoles, I highly recommend the Samurai Insoles. Check them out on Amazon. As always, YRMV.

Thursday, September 1, 2016

CompTIA Cybersecurity Analyst+ Exam (Updated December 2016)

https://certification.comptia.org/certifications/cybersecurity-analyst
I had the opportunity to take the CompTIA Cybersecurity Analyst beta certification exam (CompTIA CSA+) beta certification exam. This intended to be a new certification that is a vendor neutral certification path between CompTIA's Security+ and the CompTIA Advanced Security Practitioner (CASP) certifications. Similar to other CompTIA exams, the exam consists of both multiple choice and performance based questions. The exam I took had a total of 103 questions with 5 of those questions being performance based. The total test time allotted for the beta exam was 165 minutes. CompTIA plans to release the final exam in 1Q2017 so the makeup could change for the final exam.

The performance based questions rely on the test taker's ability to analyze snippets of log files and then using that information from the log files to determine what is occurring within the network or with an external source. You could be faced with questions to review a scan and answer the questions (e.g. determine false positives and scan type), review network traffic/workstation/server logs to determine the host containing malware and the infected process running. These are more detailed than the CompTIA Security+ performance based questions so prepare yourself and budget your time. The only nit I had with these questions is the floating dialog box with the simulation description. It can be resized but it was getting in the way of the log file analysis.

The multiple choice questions have the typical CompTIA wording flavor. The questions are to the point but remember to look for the specific keywords that are essential to answering the multiple choice question with the best answer. The beta multiple choice questions included but limited to Incident Response Management, Security Information and Event Management (SIEM), choose the correct open source tool invocation to perform a task, identify what has occurred based on a snippet of network traffic. The tools in the exam and log files are based on common open source software tools available to security analysts. CompTIA's examples from the beta exam website are:

Open Source Software Description URL
Wireshark Network protocol analyzer / packet capture tool https://www.wireshark.org
Bro and/or Snort Network intrusion detection systems (NIDS) https://www.bro.org
https://www.snort.org
AlienVault Open Source SIEM (OSSIM) with Open Threat Exchange [OTX]) Security Information and Event Management (SIEM) software https://www.alienvault.com/products/ossim

I do not know if this will be identified in the DoD 8570 Approved Certification list but it will be in CompTIA's best interest if it is ultimately included. My guess is, if it is included, it will fall in with the CND-SP certifications instead of IAT, IAM, and IASAE.


The exam is intended for someone with a couple of years of cyber analyst experience with hands on tool experience. I found the beta exam to be refreshing and if the final is similar to the beta exam then I believe that CompTIA will have a great exam for Cyber Security Analysts. Based on the beta exam, I recommend keeping eyes open for the release of the final exam in 1Q2017 and taking a look at it.

Updated December 7, 2016: I was notified today by CompTIA that I passed the Cybersecurity Analyst+ (CSA+) certification exam. CompTIA's website states that the exam will be available to the general public on February 15, 2017. Good luck with the new exam.

Saturday, June 25, 2016

HOA Activity - Meet Your Neighbor

Historically, our Home Owners Association has not sponsored events for the residents of our community. Our Board of Directors, of which I am serving as president, has changed over in recent years and is becoming much more active. We held our first, of hopefully many, Meet Your Neighbor event at our community pavilion and it was a success!
Because this was our first event of this type. we went small. Our offering was grilled hot dogs, chips, cookies, water, and juice. As an incentive, we also held a drawing for all of the residents who attended for two $25 gift certificates to a local restaurant. We purchased food for 64 residents for under $100 plus $50 for the door prizes. For a little under $150 we had a great afternoon and met with some wonderful people.

I am looking forward to many more of these community events.