Tech Blog

We have two GPO’s one for TPM 1.2 and one for TPM 2.0, the reason being is TPM 1.2 is not compataible with 256 encryption.

Here’s a handy table Dell have produced:

https://www.dell.com/support/article/us/en/04/sln312590/tpm-12-vs-20-features?lang=en

We then use WMI filtering to distinguish TPM 1.2 from 2.0.

The TPM 1.2 WMI filter:

Namespace:

root\cimv2\security\microsofttpm

Query:

Select * from win32_tpm WHERE SpecVersion like "%1.2%"

The TPM 2.0 WMI filter:

Namespace:

root\cimv2\security\microsofttpm

Query:

Select * from win32_tpm WHERE SpecVersion like "%2.0%"

As per the title:

# All hosts connected in vCenter
$scope = Get-VMHost     
#OR specify a cluster
#$scope = Get-Cluster -Name 'Vsphere.Cluster01' | Get-VMHost

foreach ($esx in $scope){
Write-Host "HostName:", $esx
$hbas = Get-VMHostHba -VMHost $esx -Type FibreChannel
foreach ($hba in $hbas){
$wwpn = "{0:x}" -f $hba.PortWorldWideName
Write-Host `t $hba.Device, "|", $hba.model, "|", "World Wide Port Name:" $wwpn
}}

To identify the host on which the virtual machine runs, use one of these methods:

Query the vCenter Server database in MSSQL:

1. Log in to to the Microsoft SQL 2005/2008 Server as an administrator.
2. Open SQL Management Studio.
3. Right-click the database that vCenter Server is using.
4. Open a new query window and ensure that the vCenter Server database is selected.
5. Run this SQL statement :

   SELECT vpxv_vms.vmid, vpxv_vms.NAME, vpxv_vms.hostid, vpxv_hosts.NAME
   FROM vpxv_vms
   JOIN vpxv_hosts on VPXV_VMS.HOSTID = VPXV_HOSTS.HOSTID
   WHERE (
   (vpxv_hosts.hostid = vpxv_vms.hostid)
   AND (vpxv_vms.NAME = '<b><em>virtual_machine_name</em></b>')
   )

   This query returns the virtual machine ID, virtual machine name, host ID, and host name.

So VPN’s in my world normally surround work related matters such as a site-to-site VPN to connect two sites or buildings together.  That was however until NordVPN very kindly sent me a free trial of the software…..and I must admit I’m impressed.

So to begin with you get a huge array of download options including some Raspberry Pi and DD-WRT:

The install itself is a breeze, firstly it installs virtual NIC (which is normal practice, Dell and Cisco etc all do the same with their VPN clients):

Next…well its done:

Before I login, click the settings button and here’s the bit I like:

DNS Servers – This fixes a common problem “DNS Leak”, yes having a VPN is great unless your DNS isn’t working properly and your “leaking” meaning potentially your DNS is being hijacked (spoofed or injected with false IPs) or being snooped upon.  This settings sorts this issue and so long as you trust NordVPN who have promised me they don’t keep any logs!

Below this is Process Kill List, which means if the VPN drops for any reason then the list processes you’ve added will be stopped.

Once you login you’ll be presented with a huge array of countries to connect to and two options, either TCP or UDP:

TCP is a reliable protocol like a phone call its two way,

UDP protocol is like a post card, you know if it gets to its destination or not but is faster than TCP.

So that’s pretty much it, you can test your VPN is working by opening:

https://www.dnsleaktest.com/ – if its not then close and reopen your browser.

You now have a “safe” connect to the interweb and all its content!!

Boom

Desktop browsers

Chrome

1. In the browser bar, enter:

     chrome://settings/clearBrowserData

2. Select the following:
   • Browsing history
   • Download history
   • Cookies and other site and plug-in data
   • Cached images and files

   From the Obliterate the following items from: drop-down menu, you can choose the period of time for which you want to clear cached information. To clear your entire cache, select the beginning of time.

3. Click Clear browsing data.
4. Exit/quit all browser windows and re-open the browser.

Firefox

1. From the History menu, select Clear Recent History.

   If the menu bar is hidden, press Alt to make it visible.

2. From the Time range to clear: drop-down menu, select the desired range; to clear your entire cache, select Everything.
3. Next to “Details”, click the down arrow to choose which elements of the history to clear; to clear your entire cache, select all items.
4. Click Clear Now.
5. Exit/quit all browser windows and re-open the browser.

Internet Explorer 9 and higher

1. Select Tools (via the Gear Icon) > Safety > Delete browsing history….

   If the menu bar is hidden, press Alt to make it visible.

2. Deselect Preserve Favorites website data, and select:
   • Temporary Internet files or Temporary Internet files and website files
   • Cookies or Cookies and website data
   • History
3. Click Delete. You will see a confirmation at the bottom of the window when the process is complete.
4. Exit/quit all browser windows and re-open the browser.

Opera

1. From the Opera menu, select Settings, and then Delete Private Data….
2. In the dialog box that opens, select the items you want to clear, and then click Delete.
3. Exit/quit all browser windows and re-open the browser.

Safari

Safari 8

1. From the Safari menu, select Clear History and Website Data….
2. Select the desired time range, and then click Clear History.
3. Go to Safari > Quit Safari or press Command-Q to exit the browser completely.

Safari 7 and below

1. From the Safari menu, select Reset Safari….
2. Select the items you want to reset, and then click Reset. As of Safari 5.1, Remove all website data includes both cookies and cache.
3. Go to Safari > Quit Safari or press Command-Q to exit the browser completely.

Here’s a quick 5 min Https redirect on Windows Server IIS.

1. Open IIS on the web server that hosts your website, select your website from the the folder sites in the left hand column.

2. In the IIS section in the middle open “Error Pages”

3.  Once open click “Add” from the Actions tab on the right. A new windows will open, enter the following.

4. Finished! Test your new redirect.

On occasion I’ve needed to create a file of a decent size so I can test a copy script or upload or download times.  Here’s how to create a file:

Code to run from a command prompt:

fsutil file createnew <filename> <length>

Length being bytes!

Example:

fsutil file createnew STUPID_FILE.FILE 40000

Now if you like me work in IT then at some point in your life you will have had to encrypt a laptop with one of the various corporate encryption tools such as:

McAfee Endpoint Encryption

Sophos

Check point

etc etc etc….

Now I’m sure they all have benefits like remote kill switches and what not but personally I’ve never liked them, any of them……some take ages, some fail misserably and occasionally I have to re-build a laptop!

Recently though I came across something that for once I actually liked and its been under my nose for bloody ages!!

TrueCrypt, it encrypts and encrypts well with various Encryption Algorithms (such as AES with 256 bit key)!  So well in fact I may encrypt my own laptop with it and when it comes to IT at home I’m proper lazy!!

Also its easy, no servers and no thought, just three things!
A laptop
A Strong password
The software

(maybe a tutorial)

I would bore you with the how to install it but honestly I cant be bothered!! Search the interwebs and be amazed with the ease!