First email in my life this mail is trusted

I have received thousand or millions of email from the day I registered my email account since young day, this is first trusted email I ever saw. How cool it was. ”Hotmail” double-checked my email

Facebook in https

Just saw the prompt notification after login Facebook account, Facebook have lifting it’s security to prevent identity fraud. Good job !

How to scan range of server using for update using MBSA CLI

MBSA 2.2 can be downloaded from here

Differences Between Mbsa.exe and Mbsacli.exe

For most functions of MBSA, the GUI tool, Mbsa.exe, and the command-line tool, Mbsacli.exe, perform the same functions. In some cases, the command-line interface provides more technical options for advanced administrators. The following command-line switches are examples of command-line interface–based features that are not available in the MBSA GUI tool:

• /nvc. This switch instructs MBSA to not attempt to connect to the Internet to check for an updated version of the MBSA scan tool.
• /qp. This switch instructs MBSA to not show scan progress.
• /qt. This switch instructs MBSA to not display the completed scan report immediately after a scan completes.
• /Unicode. This switch instructs MBSA to provide the completed scan report in Unicode format.
• /u. This switch lets you specify the user name of an administrator-level user on the target computer(s).
• /p. This switch lets you specify the password of an administrator-level user on the target computer(s).
• /catalog. This switch lets you specify an alternate location for the offline catalog (Wsusscn2.cab) file.
• /rd. This switch lets you specify an alternate location for the completed scan report. (This is useful when running MBSA in a non-user context or as a domain administrator.) You can use this switch to place completed scan reports on a network share or in a local directory.
• /nd. This switch instructs MBSA to not download any files from the Microsoft Web site when performing a scan. In other words, it instructs MBSA to perform the scan like it would in offline mode.
• /xmlout. This switch instructs MBSA to perform a security scan (no vulnerability assessment checks) using the most basic files necessary to perform an MBSA scan (Mbsacli.exe and Wusscan.dll) without performing a full MBSA installation. This is useful for performing a basic security scan without having to install all MBSA features. This mode allows a limited set of command-line switches, including only /catalog, /wa, /wi, /nvc, and /Unicode.

When the mbsacli command runs without any command-line switches, it runs a default scan against the local computer.

Scanning range of server for WSUS update remotely from one server, this is great used for who have more than 1 server in big range, helpful.

Example:

C:\Program Files\Microsoft Baseline Security Analyzer 2> mbsacli /nvc /r 172.x.x.10-172.x.x.15
Microsoft Baseline Security Analyzer
Version 2.2 (2.2.2170.0)
(C) Copyright 2002-2010 Microsoft Corporation. All rights reserved.

Scanning...
1 of 16 computer scans complete.
2 of 16 computer scans complete.
3 of 16 computer scans complete.
Scan Complete.

172.18.200.11 : Logon failure: unknown user name or bad password. (Not joined to domain)
172.18.200.15 : Could not resolve the computer name: . Please specify computer name, domain\computer, or an IP address. (IP Not in use)
172.18.200.14 : Could not resolve the computer name: . Please specify computer n
ame, domain\computer, or an IP address.(IP Not in use)

Computer Name, IP Address, Assessment, Report Name
-----------------------------------------------------
DEV\AD01, x.x.x.12, Incomplete Scan, DAD01 (4-18-2011 5-10 PM) (Valid Server)
DEV\DSM01, x.x.x.13, Incomplete Scan, DSM01 (4-18-2011 5-10 PM) (Valid Server)

Icon showing update detected, 19 updates is detected and ready for installation

Scripting

How to scan range of server using for update using MBSA CLI

Amazing 9 years old football player

This kid have great talent to play football in international field.

But if you are same team with him, you might be bored, because he never pass the ball (Jokes)

Right Management Service (RMS)

 

RMS is used for protect documents & email

What RMS can prevent

• Prevent viewing
• Print
• Save / Modify
• Copy / Paste
• Forwarding
• Expiration

What RMS cannot prevent

Protect against

• Camera photo
• Screen capture program
• Recording software

Work for who

• User email address
• Client window vista/7/2008 (Download required for XP,2k,2k3)
• Applications (Office Pro 2003,2007 Enter/Pro/Ultimate)
• Mobile 6
• Office Sharepoint 2007 above
• Exchange Server 2007 SP1 above

Installation

Server1

• Prepare RMS services account (Password never expires), RMS installer account (Password never expires)
• Install Active Directory Certificates services, Webs Server (IIS)
• Setup certificate templates, web server (duplicate certificate, 2003/2008), allow server permission to server that allow to enroll
• Enable customize certificate template created

Server2

• Bring in certificate –> MMC –> Certificates –> Request new certificate –> Fill up details to enroll, FQDN, URL (rms.lab.com), make private key exportable and achieve
• Add Roles ADRMS and fill in step by step details required
• ADRMS, add new template
• Test it

How to change Lightweight data services (LDS) database & log & backup DB folder location & restore & removal

How to change location LDS database folder location from default location to E: drive , LDS log and creating a backup

1. 1) Moving LDS database folder location, LDS log folder location
2. 2) Backup LDS database
3. 3) Authoritative restore
4. 4) Remove LDS

1) Moving LDS database folder location, LDS log folder location

• Step 1: Create new folder for LDSdatabase, LDSlog, LDSBackup
• Step 2: Go to cmd, net stop ldsinstance
• Step 3: From cmd, using ntdsutil, access to lds instance, type in activate instance ldsinstance
• Step 4: files
• Step 5: move db to e:\Ldsdatabase
• Step 6: move logs to e:\Ldslog
• Step 7: verify from folder
• Step 8: quit
• Step 9: Go to cmd, net start ldsinstance

2) Backup LDS database

• Step 1: Go to cmd, net stop ldsinstance
• Step 2: From cmd, using dsdbutil, access to lds instance, type in activate instance ldsinstance
• Step 3: ifm (install from media)
• Step 4: create full e:\ldsbackup
• Step 5: Go to cmd, net start ldsinstance

3) Authoritative restore

• Step 1: Go to cmd, net stop ldsinstance
• Step 2: From cmd, using dsdbutil
• Step 3: list instances
• Step 4: authoritative restore
• Step 5: restore object cn=lablds, dc=lab, dc=com

4) Remove LDS

• Step 1: Uninstall custom lds from add/remove
• Step 2: Uninstall LDS roles

April Fools 2011 video : Complex numbers in Math Class

Video from MDWeathers

3 minutes to relax.

This is truly cool where this guy integrated reality and virtual to give a presentation, timing have to match next action.