Common Types of Computer Viruses

May 16th, 2014 by Rossy Guide

An infective agent that typically consists of a nucleic acid molecule in a protein coat, is too small to be seen by light microscopy, and is able to multiply only within the living cells of a host. A computer virus is a computer program that can replicate itself and spread to multiple computers. It is used to refer to malware, including adware and spyware programs. There are varying effects from a computer virus.

Common types of computer viruses are:

Boot viruses:

Boot viruses are left to infect only the master boot records of the hard disk. This would make the computer unable to boot. Most commonly spread are by floppy disks. Never start the computer using an unknown disk drive or floppy disk.

Program viruses:

Program viruses will infect only executable files. Once executed, programs load into memory, along with the virus contained within them. These viruses are friendlier than boot viruses and can be removed a lot easier.

Polymorphic viruses:

A virus written to change itself in order to evade virus detection.  Each infection is different, and this makes detection very hard. Detection is still possible, depending on the antivirus.

Macro viruses:

Macro Viruses affect programs and document. This infection can only spread if infected documents are opened on another machine.

File Infector Virus:

This virus infects executable files or programs. Format as .exe files. When file or program is running, the virus would be activated.

Web Scripting Virus:

A web scripting virus is a computer security through websites that breaches web browser security.  This allows the attackers to inject client-side scripting into the web page. Web scripting viruses are usually used to attack sites with large populations such as social networking, user review, and email. Web scripting viruses are able to propagate a bit faster than other viruses. A common version of web scripting viruses is DDoS.

Worms:

A worm is a virus by design and considered to be a sub-class of a virus. Worms spread from computer to computer, traveling without any human action. A worm takes advantage of file or information transport. The worm has been designed to tunnel into your system.

Trojan horse:

Trojan horse Virus is delivering a malicious program that causes destruction to computer. A Trojan horse is delivered by someone or hidden within another program that may seem harmless.

Adware:

Adware is a form of malware. One word – pop-ups.  Adware is designed to pop up advertisements.  Adware can be very annoying.

Spyware:

Spyware is written to monitor actions on a computer.  A common type of spyware is a key-logger program.  This program can record every key stroke and mouse click you make.  Spyware can be delivered via a Trojan horse program.

Backup Wireless Network Settings in Windows 7 and 8

May 15th, 2014 by Rossy Guide

Tutorial

If you plan to re-install your Windows, then you will have to re-configure all the applications, copy your personal files and setup network configurations again. Particularly setting up your wireless network is not that easy, if you want to move current wireless network connection settings to another PC or deploy these settings on multiple PCs you need to backup wireless network profile which is tedious task that can be done by following various steps starting from Control Panel.

Network Profiles Utility is a simple and portable windows application and lets you easily import and export wireless connection profiles to and from a computer easily. This prevents the user from continuously setting up a proper network connection, especially when a static IP and DNS settings among multiple Windows machines are involved. The general operation and purpose of the app is simple, backup all network configuration data so that you can quickly and easily restore it later.

Advantages:

o Backup and restore wireless (WiFi) and wired network settings
o Profiles are automatically restored if a profile is detected for your computer
– If no profile exists then it will ask to create one
o The profiles are restored to other computers
o It is portable

Disadvantages:

o When an action is completed once, the application closes, which is annoying if you don’t want it to be closed (this setting can be disabled)
o It does not list Windows XP as supported.

The Network Profiles Utility allows you to specify which settings you want to automatically backup or restore. Also, you can specify the location of the profile backup by clicking Browse button. When the app is launched for the first time, you will have to setup some few configurations using the Config window. And these configurations will let you to control the behavior of the tool. You want to choose which settings you wish to backup or restore. Also, this includes wireless profiles, IP/DNS settings or both. Then you can also choose to save the profile in the name of your computer or username.

After setting all the options, just click “Save & Close” button.

The next window is even simpler to use and will let you to enable or disable Wireless profiles and IP/DNS parameters. The application also allows you to manually back up or restore settings by hitting the Export or Import buttons, respectively. In this window, you can click the “Export” or “Import” button to backup or restore the profiles. If you want to change your settings again, just click the “Config” button to open the settings panel.

Finally, the Network Profiles Utility works fine on Windows 7 and Windows 8.

Advanced Encryption Standard (AES) and Rijndael

May 14th, 2014 by Rossy Guide

What are these?

AES stands for Advanced Encryption Standard, a specification for the encryption of electronic data. It is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector. It currently supports 128, 192 and 256-bit keys and encryption blocks, but may be extended in multiples of 32 bits.

AES is based on the Rijndael /rayn-dahl/ symmetric block cipher designed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes.

History:

o Due to limitations of DES (small key and block sizes), NIST started an open process to select a new block cipher. In January of 1997, a process was initiated by the NIST to find a more robust replacement for the Data Encryption Standard (DES) and to a lesser degree Triple DES. The specification called for a symmetric algorithm using block encryption of 128 bits in size, supporting key sizes of 128, 192 and 256 bits, as a minimum.

o Proposals have been submitted to NIST around 1998. The NIST selected 15 candidates for the AES, which were then subject to preliminary analysis by the world cryptographic community, including the National Security Agency. In August 1999, NIST selected the following five algorithms for more extensive analysis

o MARS
o RC6
o Rijndael
o Serpent
o  Twofish

o Rijndael from Belgium was chosen as the AES in 2001 after an open process because of its security, performances, efficiency, implement ability, and flexibility.

Features:

1. Encrypts using the AES Rijndael Block Cipher Algorithm.
2. Satisfies FIPS Publication 197 from the NIST and FIPS-197 validated (AESAVS).
3. AES is not Feistel Network. It is a type of SPN and it has 128 bits block size and three allowable key sizes |K|={128,192,256}. Also, it has variable number of rounds

o If |K|=128 then Nr=10
o If |K|=192 then Nr=12
o If |K|=256 then Nr=14

1. AES includes the key expansion function.
2. Optional parity check feature for data integrity.
3. Optional additive data masking throughout the core for strong differential power attack resistance.
4. Optional cycle hiding for DPA resistance.
5. Simple, fully synchronous, reusable design.
6. Completely self-contained: does not require external memory.
7. Available as fully functional and synthesizable Verilog or VHDL, or as a netlist for popular programmable devices and ASIC libraries.
8. Deliverables include self-checking test benches.

The Network Storage System

May 13th, 2014 by Rossy Guide

What is a Network Storage System?

A network storage system provides a centralized repository for digital data that can be accessed by many users, and they use high-speed connections to provide fast performance. It is designed to back up files, databases and data to a central location that can be easily accessed by standard network protocols and tools. Network Storage System can include improved performance, reliability and availability.

 

Basic Description:

A network storage system allows computers to share large volumes of data across high-speed LAN connections. The two standard types of network storage are,

1. Storage Area Network (SAN)
2. Network Attached Storage (NAS)

Storage Area Network:

A Storage Area Network (SAN) links together multiple storage devices and provides block-level storage that can be accessed by servers. It is also used on business networks. It utilizes high capacity disk arrays and Fibre Channel interconnection technology.  San technology also supports important storage features, including disk mirroring, controllers, data backup/restoration, networking gear like routers, switches, bridges and gateways, data archiving/retrieval and data migration.

A storage area network is using three principle components:

o Cabling
o Host bus adapters (HBA)
o Switches

SANs can use a variety of communication protocols, including Fibre Channel, iSCSI, ATA over Ethernet (AoE), Fibre Channel over Ethernet (FCoE), ESCON over Fibre Channel, HyperSCSI and others.

Network Attached Storage:

Network Attached Storage (NAS) is a hard disk storage device that is set up with own network address and provides file-based data storage services to the network. NAS units usually do not have a keyboard or display, controlled, configured over the network, often using a browser. A NAS typically makes Ethernet and TCP/IP connections. NAS is a home or small business network. The NAS holds many gigabytes to few terabytes of data.

A NAS can store any data in the form of files, such as email boxes, Web content, remote system backups. NAS software can usually handle a number of network protocols, including Microsoft’s Internetwork Packet Exchange, NetBEUI, Novell’s Netware Internetwork Packet Exchange, and Sun Microsystems’ Network File System.

The two protocols are mainly used NAS such us,

o Sun Network File System (NFS)
o Common Internet File System (CIFS)

Both NFS and CIFS operate in client/server fashion. Both predate the modern NAS by many years. NAS systems also support Hypertext Transfer Protocol (HTTP).

Top 10 Issues and Solutions for Windows 8

May 12th, 2014 by Rossy Guide

List of 10 issues with their solutions:

1. Windows 8 installation error. Error message: “Windows 8 installation has failed”

Solutions:

o Check system requirement to install Windows 8.
o Try to disable the entire connection and restart computer.
o Disconnect all the external devices, and choose the ‘install only’ option.
o Create an installation USB and run the upgrade setup.
o Try installing Windows 8 by doing a CleanBoot.

2. App / program cannot work

Solutions:

o Try to un-install and re-install the program. Switch to local account and then try to run the app.
o Try to disable firewall programs.
o Re-install Windows 8.

3. App cannot install from app store. Error message: “Your purchase can’t be completed”

Solutions:

o Try to disable firewall programs.
o Check network and use Proxy connection.
o Check if the date and time is correct.
o Update app.
o Re-install Windows 8.

4. Cannot connect to network

Solutions:

o Check hardware, cables, modem, and network adapter.
o Check your connection settings in Control Panel >> Network and sharing center >> Change adaptor settings.
o Run Network troubleshooter.
o Update network driver hardware and install driver in Windows 7 compatibility mode.
o Check network adapter driver if it is damaged. Use Windows update-to-update driver from the manufacturer’s website.

5. No sound on Windows 8

Solutions:

o Check sound card if it works properly.
o Check driver if it’s installed properly. Make sure to install driver in a compatible mode.
o Use a troubleshooter.
o Update drivers. Check network adapter driver if it is damaged. Use Windows update-to-update driver and install a driver.

6. Windows 8 Black screen

Solutions:

o Reboot the system by pressing the power button. Sometimes, rebooting can fix this issue.
o Go to safe mode to uninstall certain programs, then restart the computer.
o Disconnect all the external devices and check.
o Check graphic Drivers and programs.
o Remove the drivers of the Graphics card, Audio Card, Network Card and security programs. Then, reboot the system to perform upgrading again for a test.

7. Windows 8 freezes

Solutions:

o Check system if it meets system requirement to install Windows 8.
o Check if any new program has been installed.
o Run System Maintenance Troubleshooter.
o Try to update all the drivers.

8. Cannot play YouTube video

Solutions:

o Upgrade to the most recent version of Adobe’s Flash Player.
o Temporarily disable popup-blocking software installed on the computer to test.
o Allow YouTube.com as a trusted site in Firewall software.
o Try to disable firewall programs.

9. Driver won’t be installed/ recognized

Solutions:

o Try to update driver for hardware and install driver in Windows 7 compatibility mode.
o Run hardware and devices troubleshooter.

10. Cannot activate Windows 8

Solutions:

Activate Windows 8 manually by Phone Activation:

o Click Start -> Search box type: slui.exe 4.
o Press Enter.
o Select your Country.
o Select the Phone Activation option, and hold on for a real person.

Where to Place the Temp Folder in Windows?

May 11th, 2014 by Rossy Guide

What is Temp Folder in Windows?

The temp folder is set by the program you are currently running. In computing, a temporary folder is a directory used to hold temporary files. Many operating systems and some software automatically delete the contents of this directory at bootup or at regular intervals.

For security reasons, it is best for each user to have their own temporary directory, since there has been a history of security vulnerabilities with temporary files due to programs incorrect file permissions or race conditions.

Where to place the Temp Folder in Windows?

By default temp folder is set to %TEMP%. TEMP has been changing regularly its location for every new brand of Windows.

Normally the path of Temp folder will be

C:\Users\<username>\AppData\Local\Temp

 

The “<username>” would be the name of the user signed on to the PC, therefore, if your username for the PC is star, the path would be:

C:\Users\star\AppData\Local\Temp

An easy way to get the full path of the Temp folder, we do the following steps:

o Click Start button
o Then click Run option
o Type cmd in open box
o In the resulting Command Prompt enter the command ECHO %TEMP%

This displays the full path of the actual temp folder and you can follow the path and identify its location.

If you want to view the folder in Windows Explorer you may run into one small problem; the AppData folder is marked as hidden. Supposing you can’t see that folder, you’ll need to do this.

o Press F10 for a menu in Windows Explorer
o Choose Tools / Folder Options.
o Click the View tab.
o Choose the option “Show hidden files and folders” (“Show hidden files, folders and drives” in Windows 7)
o Then click OK.

Now you can navigate all the way to the Temp folder.

What is The Bitrate?

May 10th, 2014 by Rossy Guide

Basic description

o In digital telecommunication network and computing, bit rate (it is sometimes written bitrate or as a variable R) is the number of bits that pass a given point in a given amount of time, usually a second.

o Bitrate is usually measured in some multiple bits per second (bps), kilobits per second (Kbps), or megabits per second (Mbps).

o Bitrate can also be described as the quality of an audio or video file and it is simply the speed in which a video or music download from the source to our computer.

o Also the bitrate is the rate and that bits are streamed to play the file. A 192kbps file pushes 192k bits per second at playback. For example, an MP3 audio file that is compressed at 192 Kbps and the sound may slightly be clearer than the same audio file compressed at 128 Kbps. That is because more bits are used to represent the audio data for each second of playback. Similarly, a video file that is compressed at 3000 Kbps will look better than the same file compressed at 1000 Kbps.

o For the audio and video file, higher bitrate means more quality and lowering it will lower the quality.

o Bit rate may be used frequently when discussing transmission technology details and data transfer rate (or data rate) when comparing transmission technologies for the end user.

o For the Bitrate, the symbol for “bits per second” is “bit/s” (not “bits/s”) and in less formal context the abbreviations “b/s” or “bps” is sometimes used.

SCCM PXE Boot: “File Not Found”

May 9th, 2014 by Rossy Guide

What is that issue; how it can be fixed:

To test, we added a bare metal client to the database, placed the resultant client record within a collection, and advertised a simple image deployment task sequence. When booting the pc, we get an immediate “PXE-T01: File not found”. Now, since we no longer configure DHCP options to point to the PXE server, nor to tell the PXE client which boot filename to acquire, exactly what file does the TFTP daemon use when responding to a PXE request.  The smspxe.log reflects the fact that the PXE client is communicating with the service and requesting a boot file.

10.10.1.29 is the SCCM server

10.10.1.35 is the DHCP server

10.10.1.146 is the PXE client

So far, I have completely removed the PSP/WDS services, restarted the server, reinstalled WDS/PSP, and again restarted the server.

Solution1:

On Server which is hosting WDS service

1. Stop the WDS service.
2. Delete C:\WINDOWS\TEMP\PXEBootFiles\Windows
3. Start the WDS service
4. Check smspxe.log again and see if <![LOG[Unable to delete directory… exists.

This solved above issues, and my folders in …\SMSBoot\x86 …\SMSBoot\x64 and …\SMSBoot\ia64 were populated with the needed files.

Solution 2:

1. Uninstall PSP role from SCCM console
2. Stop the WDS service
3. Delete C:\WINDOWS\TEMP\PXEBootFiles\Windows
4. Start the WDS service.
5. Install PSP role

IMS SIP: Next Generation Network

May 8th, 2014 by Rossy Guide

What is this?

IMS stands for IP Multimedia Subsystem. IMS is the 3rd Generation Partnership Projects (3GPP) vision for converged telecommunications architecture and it has received a lot of attention in the industry recently. IMS refers to network architecture and it supports Internet Protocol (IP) sessions between devices over any type of connection protocol, whether wire line and wireless or cable subscribers. Also IMS employs Voice- and Video-over-IP technology based on a 3GPP profile of Session Initiation Protocol (SIP), and runs over the standard packet-based IP network. IMS manages internetwork handoffs, bandwidth negotiation and quality of service (QoS), while it keeps peers engaged in the session advised via the SIP as to the level of multimedia presence. The following figure presents a simplified view of the IMS architecture.

Simplified view of the IMS architecture

Also, IMS applications are hosted in the service layer and the layer consists of SIP Application Servers (AS) (such as the WebLogic SIP Server) which execute IMS applications and services by manipulating SIP signaling and interfacing with other systems.

 

Features:

The conception of IMS services are fundamentally tailored to user preferences on multiple access networks and bundle multiple service features (e.g. voice/video connectivity, community tools, presence, conferencing, gaming and TV broadcasting). Also maintenance of NGN standards is now the responsibility of EP E2NA.

 

General description:

The next-generation network (NGN) is a packet based network and it is the body of key architectural changes in telecommunication core and access networks. The NGN is a network that transports all information and services and it is packet based and uses IP to transport the various types of traffic (voice, video, data and signaling). The term ‘ALL IP’ NGN network is the IP Multimedia Subsystem (IMS) which provides an ‘access independent’ platform for a variety of access technologies. Also, the NGN supports generalized mobility which will allow consistent and ubiquitous provision of services to users.

Uses of SIP network elements in NGN

o Peer-to-Peer Communication (P2P) of SIP User Agents
o SIP Communication via SIP Proxy Server
o SIP and RTP Communication via Session Border Controller (SBC)
o Interconnect Communication with circuit-switched network via Media Gateway (MGW) und Signaling Gateway (SGW)
o RTP IP Communication via Media Gateway (MGW)

WSUS Troubleshooting Survival Guide

May 7th, 2014 by Rossy Guide

Basic features

While troubleshooting a particular technology such as Windows Server Update Services (WSUS) we may also need to identify where the issue is located in order to correctly perform data gathering. And sometimes data gathering phase must be done in both locations (client and server) at the same time in order to better understand what’s happening. There are some key steps that should be done before start reviewing data and performing troubleshooting itself. We can summarize the troubleshooting process in the following core phases:

o Understanding the problem
o Collecting data
o Analyzing data
o Performing an action towards the resolution of the problem
o Re-evaluate and see if the action plan succeeded
o If it did, document the actions that were done in order to fix the problem
o If it didn’t, re-evaluate the initial action plan and the initial findings, look for gaps and areas that can be explored further. Elaborate another data gathering plan and move back to step 2

WSUS Components

There are two components [Client and Server] that can be found as below:

WSUS Server Architecture:

WSUS Client Architecture:

Another core foundation while troubleshooting WSUS is the understanding of the Windows Update Agent result codes and setup return codes.

 

Issues

WSUS Installation and Synchronization Issues:

Some of the common WSUS installation/synchronization issues are as follows:

o Troubleshooting the WSUS installation process
o Troubleshooting WSUS Setup issues
o Troubleshooting WSUS Upgrade issues
o Troubleshooting the WSUS synchronization process
o Issues with Synchronization
o File cert verification failure error message on WSUS

Server Administration Issues

The server administration issues are as follows:

o Issues with Administration Console
o Issues with Update Storage
o Issues with Update Approvals
o Issues with the Database
o Issues with Reports

There are also scenarios where the troubleshooting will be done on the server and client side. The following are some important resources on this area:

o Troubleshooting WSUS Agents that Are Not Reporting to the WSUS Server
o Clients Not Reporting
o General Guidance for Windows Server Update Services (WSUS) client – server performance

In addition, the next scenario where troubleshooting is done on both sides is when the issue is related with Background Intelligent Transfer Service (BITS). The following are some important resources related to BITS:

o BITSAdmin Tool
o Issues with BITS

Client Administration Issues

The client administration issues are as follows:

o Issues with Client Self-Update
o You receive a “0x80070002” or “0x80070003” error code after you download an update from Windows Update, from Microsoft Update, or from Windows Server Update Services
o You receive error 0x80240020 when you use Windows Update Web site, Microsoft Update Web site, or WSUS to install updates
o You receive a “0x80070002” error code when you download an update from Windows Server Update Services in Windows XP
o You receive an error code 0x800710dd going to WSUS for updates
o You receive a notification to Install an update which shows that is not approved on WSUS
o You receive an error code 0x80190194 when updating Windows clients through WSUS

Tips

There are many tools that can be used while troubleshooting WSUS. Some examples are:

o Microsoft Network Monitor

o Cool WSUS troubleshooting tools and script examples

o Server Diagnostic Tool

o Client Diagnostic Tool

o Windows Update Agent API Updated Header Files

o WSUS API Samples and Tools

o WSUS MPSReports

o Best Practice Analyzer for WSUS