What’s Wrong with Using Public Wi-Fi?

Most of us put a lot of effort into finding free Wi-Fi, but public Wi-Fi networks have their own share of problems—particularly that it’s very insecure. Even if a Wi-Fi network has a password, other people on the network could see what you’re doing, or—if they were so inclinded—steal personal information and passwords. Luckily, there’s a lot you can do to stay safe: make sure sharing is turned off, use HTTPS whenever possible, and run your traffic through a VPN.

Posted in News and Security | Leave a comment

What do Viruses, Trojans, and Other Malware Actually Do?

Everyone knows viruses and trojans are bad, but a lot of people don’t know how exactly they work. Viruses, for example, are programs that copy themselves and infect a computer, spreading from one to another—just like, well, a real life virus. Trojans, on the other hand, are applications that look normal, but secretly have code that’s doing something else—like letting someone else control your computer. Make sure you’re running a good antivirus program—even if you have good browsing habits.

Posted in News and Security, Windows How-To | Leave a comment

How Do I Keep My Laptop’s Battery In Good Health?

You’ve probably heard some people say you should drain your battery completely before charging it, or that you should keep it between 40% and 80% all the time to make it last longer. Most of these rules are outdated, applying to older nickel-based batteries. Luckily, most or all of your gadgets these days run on Lithium Ion batteries, which are easy to take care of. They last longer when you perform shallow discharges, keep them cool, and don’t leave them plugged in while they’re running at 100%. Honestly, though, batteries have a finite life no matter what, and your efforts will only go so far—so don’t stress about it. Focus your efforts on getting better battery life out of your iPhone, Android phone, or laptop on a given charge instead—and knowing how to replace the battery when it starts dying.

Posted in Uncategorized, Windows How-To | Leave a comment

Tweak Windows 10 for Speed!

Windows 10 much like other Microsoft operating systems has been over-inflated with to many services and features. This guide has some tips, tricks, and tweaks to increase performance on Window 10.

Maximizing the amount of physical RAM makes a dramatic difference in Windows 10 performance. A 32-bit system running Windows can accommodate up to 4 GB of RAM, and a 64-bit system can handle 128 GB (or much more, depending on the version of Windows 10 you install and your computer’s motherboard).

Memory modules are inexpensive, so consider installing the maximum RAM on a 32-bit system and at least 16 GB on a 64-bit system for everyday use. You should also buy the fastest RAM that the system will support (check the computer’s manufacturer specifications).

Minimize the paging file

The Windows paging file, or pagefile, supports system crash dumps and enables the system to use physical RAM more efficiently by writing some file content to disk if the main memory is near capacity. On most Windows 10 machines with 8 GB of RAM or more, the OS manages the size of the paging file nicely. 2.5 GB is typical on 16 GB systems, and 5 GB on 32 GB systems.

However, the more memory installed, the smaller the paging file you need because it’s unlikely the computer will use all its memory at one time. That means you can reduce the size of the paging file. To minimize the paging file, follow these steps:

1. Open System Properties. (Right-click the Start menu, select System and then click Change Settings, or use the Control Panel.)

2. In the System Properties dialog box, on the Advanced tab, click the Settings button in the Performance section.

3. In the Performance Options dialog box, on the Advanced tab, click the Change button in the Virtual Memory section.

4. In the Virtual Memory dialog box, jot down the minimum allowed, recommended and currently allocated paging file sizes in the last section. Then, uncheck the box that says “Automatically manage paging file size for all drives.” If more than one drive appears in the available drives list, click your system drive (the one on which Windows is installed, which is usually C:).

5. Click Custom Size, and then type values into the Initial Size (MB) and Maximum Size (MB) boxes, making the maximum size 1 GB (1,000 MB) or up to 4 GB (4,000 MB), depending on the amount of installed RAM.

6. Click Set, then OK.

After these steps, close all open dialog boxes and restart your computer.

Better yet, if you have multiple physical drives (not just multiple partitions of a single drive), you can increase system speed by splitting the paging file across two drives. Allocate about 300 MB of the paging file to the system drive, select the second drive in the Virtual Memory dialog box, set the initial size and maximum size values and click Set.

Use an SSD

Another way to boost Windows 10 performance is to use a solid-state drive (SSD) for the system/boot drive, rather than an ordinary hard drive. This can dramatically reduce startup time. Then add a second SSD for Intel Rapid Start. The size of the second drive can be smaller than the first. However, if you want to move the paging and hibernation files to the second drive, as well as other potential files, find a drive with a capacity of 120 GB or larger.

Disable visual effects in the UI

Although animations and shadows make the user interface (UI) look great, they use quite a bit of CPU and memory resources. To turn off these features, open System Properties. In the System Properties dialog box, on the Advanced tab, click the Settings button in the Performance section. On the Visual Effects tab, you can uncheck all the options to your liking. Each visual feature uses up some RAM and CPU clock cycles so the less the better.

Get rid of unneeded services

Turning off unneeded system services is another technique for improving overall Windows 10 performance. Some services you can safely disable are ASP.NET State Service, Portable Device Enumerator Service and Windows Media Player Network Sharing Service, to name a few. (For a more complete list, I recommend BlackViper.com.)

To disable services, open the Services console by entering services.msc in the Run box (right-click the Start menu button and select Run). In the Services console, right-click the service you want to turn off and select Properties. In the properties dialog box, click the Stop button and then select Disabled from the Startup Type drop-down list (Figure 2).

Be sure to disable one service at a time, reboot the computer and use it for a while before disabling another service.

Manage Windows startup entries

Whittling down the programs that launch automatically when Windows starts can get you from the power-off state (or a restart) to the Windows desktop much more quickly. To manage Windows startup programs, open the Task Manager and click the Startup tab. Select programs you don’t want to launch automatically and click Disable.

Windows 10 also has a built-in Internet lookup for process names, which makes it easy to decide what to leave enabled and what to disable. To use it, right-click any entry and select Search Online. The default browser opens with a list of results for that particular program.

At Windows startup, apps that are loaded from the Startup folder are delayed to allow the system to load its processes first, which keeps things orderly and makes for a speedier experience. However, you can reduce startup time even more by minimizing the app startup time delay, which requires a Windows Registry edit:

Open the Registry Editor (regedit.exe).
Drill down to the following registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Serialize
Note: If the Serialize key does not exist, create it. Click the Explorer key in the left pane, select Edit > New > Key from the menu bar, type Serialize to name the key and press Enter.

Create a new DWORD value called StartupDelayInMSec and with a value of 0. To create the DWORD value, right-click the Serialize key in the left pane and select New > DWORD (32-bit) Value. The value is set to 0 by default (Figure 3).
Exit the Registry Editor.

Once you reboot, you should notice that the computer starts up faster than before the tweak.

Reduce the boot delay timeout value

The boot delay timeout value is set to 30 seconds by default. Reducing the value to 10 seconds still leaves enough time to get into Safe Mode if needed, or you can use msconfig to force Safe Mode on the next reboot.

To change the timeout value, enter msconfig in the Run box. In the System Configuration dialog box, on the Boot tab, change the Timeout value to 10 and clickOK

If you implement all these techniques for reducing startup times and increasing memory, you should notice a much faster Windows 10 system. Even a few of the recommendations will earn you a more responsive and enjoyable computing experience.

Posted in Windows How-To | Leave a comment

Hylafax-IAXModem-Elastix-Avantfax Slow reloading fix

This is one that plagued me for a while. Unfortunately the fix was not found anywhere that I could locate.

We run eFax servers that utilize Elastix (Build on top of FreePBX), Hylafax, IAXModem, and Avantfax for a front end. This allows us to send SIP trunks to the box and utilize virtual IAX modems to send and receive fax.

The issue we were seeing was when a change was made to the eFax users delete/edit/add and it would initiate the reload of Hylafax and IAXModem it would take upwards of 30 minutes for all modems to come back up registered and ready to go. It originally took around a few minutes to reload the modems. Keep in mind we have around 380 virtual modems per box (there seems to be a hard limit somewhere in the software).

30 minutes is an unacceptable downtime for a eFax server so I dove into every config file I could find. Nothing seemed to provide any indication that things were incorrectly configured.

Finding nothing and watching all the logs I noticed that the Faxgetty process from Hylafax logs every step for each modem using syslog from de-initialization to initialization and finally the ready state. It had always done this. Because it would take time to write to the file if something is also reading the file we would see an issue like this, similar to when you have a script processing a file if you have it echo to the terminal it will take 2-3 times longer to execute (usually).

This thought that the log could be the issue led me to the fix for this issue.

Running Ubuntu or Elastix (Cent OS) vi /etc/syslog.conf

You will see a section that looks like this

# Log anything (except mail) of level info or higher.

# Don’t log private authentication messages!

*.info;mail.none;authpriv.none;cron.none             /var/log/messages

Change that to look like this (adding the bold section)

*.info;mail.none;authpriv.none;cron.none;debug.none             /var/log/messages

Save the file and restart syslog

/etc/init.d/syslog restart

Now my modems restart in 30-45 SECONDS down from 30 plus MINUTES! Seems that something is reading the file as the Faxgetty process was writing the file exponentially increasing the time it took to execute a simple reload command for a virtual modem.

Hopefully this helps someone with the same issues it was a rather annoying one 🙂

Posted in Linux How-To | Tagged , , , | Leave a comment

USB Rubber Ducky | USB Rubber Ducky

I want one of these 🙂

Posted in Networking, News and Security | Leave a comment

Netstat – Examples used for finding DDOS

netstat -na

This display all active Internet connections to the server and only established connections are included.

netstat -an | grep :80 | sort

Show only active Internet connections to the server on port 80, this is the http port and so it’s useful if you have a web server, and sort the results. Useful in detecting a single flood by allowing you to recognize many connections coming from one IP.

netstat -n -p|grep SYN_REC | wc -l

This command is useful to find out how many active SYNC_REC are occurring on the server. The number should be pretty low, preferably less than 5. On DoS attack incidents or mail bombs, the number can jump to pretty high. However, the value always depends on system, so a high value may be average on another server.

netstat -n -p | grep SYN_REC | sort -u

List out the all IP addresses involved instead of just count.

netstat -n -p | grep SYN_REC | awk '{print $5}' | awk -F: '{print $1}'

List all the unique IP addresses of the node that are sending SYN_REC connection status.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Use netstat command to calculate and count the number of connections each IP address makes to the server.

netstat -anp |grep 'tcp|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

List count of number of connections the IPs are connected to the server using TCP or UDP protocol.

netstat -ntu | grep ESTAB | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr

Check on ESTABLISHED connections instead of all connections, and displays the connections count for each IP.

netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

Show and list IP address and its connection count that connect to port 80 on the server. Port 80 is used mainly by HTTP web page request.

Posted in Linux How-To, News and Security | Leave a comment

Hak5 – Building a high performance home router

This was a pretty cool setup.

Posted in Networking | Leave a comment

Apple Releases Security Updates for QuickTime, Safari, Mac EFI, OS X Yosemite, and iOS

Apple has released security updates for QuickTime, Safari, Mac Extensible Firmware Interface (EFI), OS X Yosemite, and iOS. Exploitation of some of these vulnerabilities may allow an attacker to obtain elevated privileges or crash applications.

Available updates include:

  • QuickTime 7.7.7 for Windows 7 and Windows Vista
  • Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
  • Mac EFI for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5
  • OS X Yosemite 10.10.4 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10 to v10.10.3
  • iOS 8.4 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later

US-CERT encourages users and administrators to review Apple security updates HT204947(link is external), HT204950(link is external),HT204934(link is external), HT204942(link is external), HT204941(link is external) and apply the necessary updates.

Posted in News and Security | Leave a comment

ISC Releases Security Updates for BIND

The Internet Systems Consortium (ISC) has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition.

Updates available include:

  • BIND 9-version 9.9.7-P1
  • BIND 9-version 9.10.2-P2

Users and administrators are encouraged to review ISC Knowledge Base Article AA-01267 and apply the necessary updates.

Posted in News and Security | Leave a comment