IT Pro Tuesday #29
Mega List of Tips, Tools, Books, Blogs, and More
Hello IT Pro,
This week is a mega list of all the items we’ve featured this quarter, broken down into categories. I hope you enjoy it.
Before we get started a few requests from me:
- If you’re thinking about upgrading, fixing or generally improving your Email Security and would like to know what EveryCloud costs please:
- Request a Quote (End Users or Partners)
- If you’d like to try us out for yourself please:
- Start a Free 30 Day Trial (End Users or Partners)
Why? Exceptional Detection; Configurable Spam Reports; Content Filtering; Outlook Plugin; Auto Spooling/Delivery; Detailed Reporting; 90-Day Logs; HIPPA Compliant; HTML; Email Footers; Email Continuity; Email Archiving; Exceptional Support; US, European, Australian Data Centers; Over 250 Five-Star Reviews and a whole lot more.
Now on with the tools. As always, EveryCloud has no affiliation with any of these unless we explicitly state otherwise.
Postman is a popular, free app to make API development faster and easier. It offers a powerful GUI, saved history of requests, flexible monitoring, automated testing with collection runner, mock servers, and unlimited collections, environments, tests, and sharing. It also provides detailed documentation.
Microsoft Sysinternals Suite is all their utilities in one convenient file. Contains the all the individual troubleshooting tools as well as help files, but not non-troubleshooting tools like the BSOD Screen Saver or NotMyFault. A shout out to azers for recommending this one.
RichCopy is a simple tool written by a Microsoft engineer named Derk Benisch. It provides a much-appreciated graphical interface for the very popular Robocopy command-line utility.
Windows Update MiniTool is an alternative to the standard (and sometimes overbearing) Windows Update. It allows you to control updates by giving you the power to search, install, and block Windows updates in any way you like.
Space Monger gives you a graphical image of your whole disk, where large files and folders are easily identified. This handy tool can be run from a USB drive, so you don’t even need to install it. Thanks for this one and Windows Update MiniTool go to mikedopp.
UNetbootin is a terrific, cross-platform utility for creating bootable live USB drives for Ubuntu and other Linux distributions without burning a CD. Thanks go to Gianks for this one.
CopyQ is a clipboard manager that adds some advanced editing and scripting capabilities. It monitors the system clipboard and saves text, HTML, images and more into customized tabs. From there, the saved content can be copied and pasted directly into any application. Clipboard history is easily searchable and can be filtered. Suggested by majkinetor.
Desktop Info provides a quick view of every kind of metric about your Windows system right on your desktop. The display looks like wallpaper but stays resident in memory and updates in real time. Gives you a quick way to monitor what any system is up to, while using very little memory and requiring almost nothing from the CPU. This one was recommended by mikedopp.
Healthstone is a lightweight, self-hosted, agent-based system-monitoring solution that runs lots of customizable health checks. The dashboard runs on a Windows or Linux server, and it has agents for the Windows and Linux hosts you want to monitor. You can customize the dashboard to send notifications via email, Pushbullet, or NodePoint tickets whenever a client stops checking in or any of the configured checks fail. Configuration is retrieved from the dashboard by all agents in the form of templates, which are stored in the templates folder and can be customized for your needs. Thanks to mikedopp for this one!
Rufus is another utility for formatting and creating bootable USB flash drives. This one works with MRB/GPT and BIOS/UEFI. Rufus is about twice as fast as UNetbootin, Universal USB Installer, or Windows 7 USB download tool when creating a Windows 7 USB installation drive from an ISO. It is also marginally faster for creating a Linux bootable USB from ISOs. We first heard of this one from Gianks, but there were quite a few others who shared the recommendation as well.
Axence netTools is a set of ten free tools for network scanning and monitoring. Includes: Netwatch (multiple host availability and response-time monitoring); Network port and service scanner; Wintools (view of launched processes/services, remote register editor and Windows event log view, HDD/RAM/CPU details, custom queries based on WMI protocol); TCP/IP workshop and SNMP browser; Traceroute; NetStat (list of inbound and outbound connections and open ports); Local info (tables with local configuration details, TCP/UDP stats); Lookup (DNS and WHOIS records); Bandwidth test; and NetCheck (LAN hardware and wiring quality check). This was recommended by DollarMindy as an “easy ping monitor with email alerts.”
MediCat USB is a a bootable troubleshooting environment with Linux and Windows boot environments and troubleshooting tools. A complete Hiren’s Boot Disk replacement for modern hardware that follows the Ubuntu release cycle with a new update released every 6 months. The DVD version was originally recommended to us by Spikerman “for when you need to helpdesk warrior.”
MobaXterm is an enhanced terminal for remote computing. It brings all the key remote network tools (SSH, X11, RDP, VNC, FTP, MOSH) and Unix commands (bash, ls, cat, sed, grep, awk, rsync) to Windows desktop in a single, portable .exe file that works out of the box. The free version includes full X server and SSH support, remote desktop (RDP, VNC, Xdmcp), remote terminal (SSH, telnet, rlogin, Mosh), X11-Forwarding, automatic SFTP browser, plugins support, portable and installer versions but only 12 sessions, 2 SSH tunnels, 4 macros, and 360 seconds for Tftp/Nfs/Cron. Thanks go out to lazylion_ca for suggesting this one.
WinDirStat provides free, open-source graphical disk-usage analysis for MS Windows. You’ll get a sub-tree view with disk-use percent and a list of file extensions ordered by usage. This tool was recommended by ohyeahwell, who likes to use it “for freespace as it can be deployed via ninite pro.”
IIS Crypto allows administrators to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012 and 2016. You can also reorder SSL/TLS cipher suites from IIS, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions. EOTFOFFTW tells us, “This tool has been very helpful in configuring SSL settings for Windows IIS servers.”
Ditto saves all your clipboard items so you can access them later. It works with anything that can be put on the clipboard — images, text, html and custom formats. The simple interface includes search and sync functions for ease of finding what you need. Thanks go to Arkiteck for suggesting this one!
Malwarebytes Anti-Malware should be your first stop if you suspect a malware infection. It is the most-effective malware remover — featuring deep scans and daily updates — and blocks malware, hacker, viruses, ransomware and malicious websites that slip through your traditional antivirus. Also available as a full AV program that you can buy if you wish to do so.
Termius is a complete command-line solution providing portable server management for UNIX and Linux systems — whether a local machine, a remote service, Docker Container, VM, Raspberry Pi, or AWS instance (similar to Putty for Android). This cross-platform Telnet, Mosh-compatible and SSH client. Securely access Linux or IoT devices to quickly fix issues from your laptop or phone. Thanks for this one go to blendelabor.
WSUS Offline Update lets you safely patch any computer running Microsoft Windows and Office — even when there’s no connection to the Internet or a network of any sort. More specifically, you first run WSUS Offline Update on a machine that has Internet connectivity to download the updates you need and copy the resulting update media to a USB drive. You then use the USB drive to run the update on the target computers. Recommended by mikedopp.
SystemRescueCd is a Linux system rescue disk that allows you to administer or repair your system and data after a crash. It can be booted via CD/DVD, USB or installed directly on the hard disk. Many system utilities like GParted, fsarchiver, filesystem tools and basic tools (editors, midnight commander, network tools) are included, and it works on Linux and Windows computers, desktops and servers. Supports ext3/ext4, xfs, btrfs, reiserfs, jfs, vfat, ntfs — as well as network filesystems such as Samba and NFS.
KiTTY is a fork of PuTTY, the popular Telnet and SSH client. It runs on Windows and can perform all the tasks of PuTTY plus many more. Features include portability, predefined command shortcuts, sessions filter, session launcher, automatic log-on script, URL hyperlinks, automatic command and password, running locally saved scripts in remote sessions, ZModem integration, icons for each session, transparency, unfortunate keyboard input protection, roll-up, quick start of duplicate sessions, configuration box, automatic saving, Internet Explorer integration for SSH Handler, binary compression, clipboard printing, PuTTYCyg patch, background images/transparency and organizing sessions you save in a folder hierarchy.
WinMTR is a free, open-source Windows application that integrates the functions of the traceroute and ping utilities into a single, convenient network diagnostic tool. Many thanks to generalmx for suggesting both this and SystemRescueCd!
SSL Labs SSL Server Test is a free online service that will run a deep analysis on the configuration for any SSL web server. Simply enter the hostname, and you’ll get a detailed report highlighting any problems found on each server.
Draw.io is a free, browser-based diagramming application that’s terrific for creating flowcharts and org charts. It’s available as an online application with optional integration to various cloud storage options.
ImmuniWeb® SSLScan allows you to test SSL/TLS security and implementation for compliance with PCI DSS requirements, HIPAA guidance and NIST guidelines. Checks SSL certificate expiration for subdomains, insecure third-party content, and email servers’ SPF, DKIM, and DMARC implementation. Credit for this one goes to pixl_graphix.
BadSSL.com offers a simple, free way to test a browser’s security setup. This helpful service was suggested by Already__Taken who advises you to “test what your MITM proxy will happily re-sign and present to you as a valid site.”
Testssl.sh is a free command line tool that checks a server’s service on any port for the support of TLS/SSL ciphers, protocols, recent cryptographic flaws and more. Recommended by stuck_in_the_tubes who likes it “for when you need to assess protocol encryption without the use of external services.”
For access to all of the sysinternals tools on any Windows box with internet, just Win+R and open \\live.sysinternals.com\tools. It’s a public SMB share with all of the tools that Microsoft hosts. Thanks to jedieaston for the tip.
BASH keyboard shortcut: ‘Control + r’ initiates a name/command lookup from the bash history. As you type, this ‘reverse incremental search’ will autocomplete with the most-recent match from your history.
Darknet Diaries podcast relates the fascinating, true stories of hackers, defenders, threats, malware, botnets, breaches, and privacy. The show’s producer, Jack Rhysider, is a security-world veteran who gained experience fighting such exploits at a Security Operations Center. Thanks to unarj for suggesting this one.
StormCast is a daily 5–10 minute podcast from the Internet Storm Center covering the latest information security threat updates. New podcasts are released late in the day, so they’re waiting for you to listen on your morning commute. While the format is compact, the information is very high-level and provides a real overview of the current state of affairs in the info-sec world.
Microsoft Cloud IT Pro podcast is hosted by Scott and Ben, two IT Pros with expertise in SharePoint, Office 365 and Azure. The podcast focuses primarily on Office 365 with some discussion on Azure, especially as it relates to Office 365 in areas such as Azure AD and Mobile Device Management (MDM) or Mobile Application Management (MAM).
Datanauts podcast keeps you up to date on developments in data center and infrastructure related to cloud, storage, virtualization, containers, networking, and convergence. Discussions focus on data center compute, storage, networking and automation to explore the newest technologies, including hyperconvergence and cloud.
Cloud Architects is a podcast on best practices, the latest news, and cutting-edge Microsoft cloud technologies. Nicolas Blank, Warren du Toit and Chris Goosen host discussions with various experts in the cloud space to gather helpful guidance and ideas.
Risky Business is a weekly podcast that covers both the latest news and thoughtful, in-depth discussions with the top minds in the security industry. Hosted by award-winning journalist Patrick Gray, it is a terrific way to stay up to date on information security.
The rollBak is a podcast on systems engineering, DevOps, networking, and automation — along with the odd discussion on software development or information security. Conversation is casual with the intention of making complex topics approachable in a way that fosters learning.
Get Started in PowerShell3 is a great jump start video series on starting out in PowerShell. According to sysadmin FireLucid, “It’s a great broad overview of how it works and I found it extremely useful to have watched before starting on the book.”
Ask Woody is a no-nonsense news, tips, and help site for Windows, Office, and more. You can post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through their forums. Recommended to us by deeperdownunder.
Learn X in Y minutes is a community-driven site that provides quick syntax for many popular programming languages. Here are direct links for some common ones, kindly provided by ssebs:
WintelGuy offers a handy collection of useful links, calculators, resources, and tools for the sysadmin. Thanks LateralLimey for the recommendation!
How-To Geek is a website dedicated to explaining today’s technology. Content is written to be useful for all audiences — from regular people to geeky technophiles — and the focus is to put the latest news and tech into context.
EventSentry is a comprehensive, well-organized resource for Windows security events and auditing on the web. It allows you to see how events correlate using insertion strings and review the associated audit instructions. This was recommended by _deftoner_ as an “online DB where you can search for Windows Event Log by id, os, error code, etc. I do a lot of auditing on a big network thru event log ids, and sometimes I found rare errors — and there is not a good db with all of them. Not even Microsoft has one.”
The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win tells the story of an IT manager’s efforts to save his company’s dysfunctional IT dept. The company’s new IT initiative, code named Phoenix Project, is behind schedule and hugely over budget. Bill is given 90 days to resolve the entire mess — or have his entire department outsourced. An entertaining read, with elements that seem familiar to most system admins. Comes highly recommended by sp00n_b3nd3r.
UNIX® and Linux® System Administration Handbook, 5th Edition, is a comprehensive guide written by world-class, hands-on experts. It covers best practices for every area of system administration — including storage management, network design and administration, security, web hosting, automation, configuration management, performance analysis, virtualization, DNS, security, and management of IT service organizations. You’ll learn all about installing, configuring, and maintaining any UNIX or Linux system, even those that supply core Internet and cloud infrastructure. A great resource for anyone responsible for running systems built on UNIX or Linux.
Taming Information Technology: Lessons from Studies of System Administrators (Human Technology Interaction Series) was suggested by AngryMountainBiker, who describes it as “essentially an ethnographic study of system administrators. The authors videotaped and otherwise documented SA’s over a period of time and were able to break down a number of fascinating incidents and how to improve the art. I’m disappointed this hasn’t been recommended reading for all SA’s and maybe more importantly, their bosses, who too often don’t really know what SA’s do.”
Learn Active Directory Management in a Month of Lunches is a practical, hands-on guide for those who are new to Active Directory. It covers the administration tasks that keep a network running smoothly and how to administer AD both from the GUI tools built into Windows and from PowerShell at the command line. Provides best practices for managing user access, setting group policies, automating backups, and more. All examples are based in Windows Server 2012.
Sans Digital Forensics and Incident Response Cheat Sheets provide a collection of assorted, handy incident response cheat sheets. It’s a helpful reference for commands, process, tactics, tips, tools and techniques that was compiled by Sans DFIR, the experts in incident-response training.
Ned Pyle’s blog from Microsoft’s Directory Services Team contains a wealth of posts on best practices and solutions to common issues. While no longer actively maintained by Ned Pyle, the library of information already posted is incredibly valuable. Thanks to azers for bringing this to our attention.
Happy SysAdm has been providing resources, solutions and tips for system administrators since 2010. The blog is written by a Senior Systems Administrator with close to 15 years experience in designing, scripting, monitoring and performance-tuning Microsoft environments going all the way back to Windows 3.1/95/NT4.
Stephanos Constantinou’s Blog shares the author’s original scripts for PowerShell, Microsoft Active Directory, Microsoft Exchange On-Premise and Online (Office 365) and Microsoft Azure. His current focus is on retrieving data from systems, editing it and automating procedures. You’ll also find a section with some PowerShell tutorials.
Have a fantastic week and as usual, let me know any comments.
Graham | CEO | EveryCloud
P.S. Get Extras by signing up to the weekly email!