IT Pro Tuesday #301

IT Pro Tuesday #301

Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: “A Breakdown of CSRB’s Findings on Microsoft Storm-0558 Breach (PART 2),” is a continuation from last week’s episode where we discussed the CSRB’s findings on Microsoft’s Storm-0558 Breach. This week, we continue picking apart the findings and providing insights.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list

A Free Tool

Centro 365 is a browser extension that makes it easier to find the info you need on Microsoft Azure and 365. Dintid explains, “My work consists 95% working in the 365 suite—in all of the sections. And being a small IT staff in a non-profit, it’s hard to keep up with the weekly changes MS are doing to naming and placement of stuff. Leads to my useful tool on a daily basis, an extension for my browser, which basically is just a drop down with the different sections and subsections. Clicking it and you go to the right url for it.”
External Attack Surface Management Attack Surface Summary

Another Free Tool

Mermaid is an online flowchart and diagrams editor that was designed to keep tech documentation current. TheRaido explains, “For documentation with diagrams, I tend to use Mermaid, which can be used in Markdown in VS Code and is also supported by Obsidian.md.”
External Attack Surface Management Attack Surface Summary

A Tip

A favorite Windows command for jonathanjohnson0724: 
  • for /l %i in (1,1,254) 
  • do ping -n 1 – w 10 192.168.0.%i
  • Followed by arp -a
will list the IP and MAC addresses of almost everything in the local subnet (192.168.0.[1-254]), including most things that don’t respond to ping. Not as fancy as Angry IP Scanner, but it’s on every Windows system; so quick and easy to use.

Yet Another Free Tool

WizTree helps you quickly find the files and folders using the most disk space on your hard drive. Rather than searching the drive and checking each file to determine size, WizTree gets its information straight from the NTFS Master File Table—which means it happens almost instantaneously. evilkasper finds it does the same thing as WinDirStat, but much faster.

One More Free Tool

Page Countster is a small, portable application for reporting on network printers. Provides a super fast, easy way to access info and interact with all the connected printers. tkecherson says, “For printers, I prefer an old freeware utility, Page Countster. Automatically picks up just the printers and a host of other info about them in an incredibly lightweight utility.”
External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

Stunnel is a secure, portable, scalable proxy that adds TLS encryption functionality to existing clients and servers without any code changes. pdp10 likes it “for converting an unencrypted TCP connection to TLS, or vice versa. A lot of legacy applications can be elegantly protected this way, particularly non-HTTP applications.”

Etcher is an open-source SD card burner app with a simple GUI that makes drive selection obvious to avoid accidentally wiping your hard-drive. Extensible and works on any platform. Suggested by greyfang, who explains, “I found this utility a few months ago when Rufus was giving me trouble… crazy fast and works on Windows, Mac, & Linux”

IT Pro Tuesday #301

IT Pro Tuesday #300

Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: A Breakdown of CSRB’s Findings on Microsoft Storm-0558 Breach (PART 1),” we discuss the Cyber Safety Review Board’s findings of the Microsoft Storm-0558 breach. We explore the implications of the breach and Microsoft’s security culture, stressing the need to prioritize robust security measures over rapid feature developments.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list

A Free Tool

Capture2Text is a simple, multi-platform OCR solution that creates a keyboard shortcut to grab text from your screen and save it to the clipboard. Includes support for a large array of languages, including a translation feature. A favorite tool of fids74gf.

External Attack Surface Management Attack Surface Summary

A Podcast

Let’s Talk Azure is a show that features a couple of expert tech consultants chatting about Azure and whatever related news items have caught their attention. Each episode focuses at length on a different Azure topic. More_Psychology_4835  explains, “[I] met one of the hosts at MSignite, and they genuinely love teaching people about all things azure.”

External Attack Surface Management Attack Surface Summary

Another Free Tool

Rufus is a utility for formatting and creating bootable USB flash drives that works with MRB/GPT and BIOS/UEFI—and is noticeably faster than other tools. Kindly suggested by DonPepino.

A Tip

TheTurboFD shares some favorite shortcuts:

  • appwiz.cpl to open installed apps
  • fsmgmt.msc to open file share management
  • devmgmt.msc for device manager
  • lusrmgr.msc for local user and groups
  • on a new server, type sconfig in cmd and you can do name change, addresses, domain join etc all through command line.

One More Free Tool

Password Safe is a highly secure, open-source password manager for maintaining an encrypted user name/password list. Works on Windows 7 and later. Our thanks for this recommendation go to Taco Tech.

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

XVI32 is a Windows hex editor that comes in a relatively small ZIP file you can run directly from the folder you extracted it from, which means you can carry it on a flash drive for maximum portability. Allows you to edit hexadecimals as well as copy, replace, and search words directly from the interface. Also includes a handy bookmark feature. Appreciation for the suggestion goes to deanmoncaster.

AutoHotkey is an open-source scripting language for Windows that helps you easily create small to complex scripts for all sorts of tasks (form fillers, auto-clicking, macros, etc.) Automate any desktop task with this small, fast tool that runs out-of-the-box. jbatubara considers it a favorite “old standby.”

IT Pro Tuesday #301

IT Pro Tuesday #299

Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: “The XZ Utils Backdoor, CSRB’s Report on Storm-0558 & More,” Michael Posey joins us to discuss key findings from Hornetsecurity’s Monthly Threat Report, which provides insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list

A Podcast

Code Comments is focused on exploring the difficulties faced by teams as they implement new technologies, and how things worked out once the transition is finished when the wins/losses can be assessed. Hosted by Jamie Parker, a Product Manager for Observability at Red Hat with over 20 years of tech experience. Thanks for the suggestion go to Drehmini.

External Attack Surface Management Attack Surface Summary

A Free Tool

Podman is a secure, open-source solution for managing containers, pods, and images. This fast, lightweight solution works with containers and Kubernetes from the local environment, and is compatible with other OCI-compliant container formats including Docker. wytesmurf adds, “we ditched Docker for Podman.”

External Attack Surface Management Attack Surface Summary

A Tip

RBeck offers a handy shortcut:

“If you are looking at a folder in Windows Explorer, click into the path box, type cmd, and hit enter. Command prompt opens in that folder.

(Also, it finds an unfixed bug where you can’t access the path box until you go to another folder and come back).”

Another Free Tool

Ventoy allows you to create bootable USB drives for ISO/WIM/IMG/VHD(x)/EFI files. Copy multiple files at once, and Ventoy will give you a boot menu to select them. thelanranger adds, “though this has it’s quirks, it’s handy when it works.”

One More Free Tool

Blender is a cross-platform, open-source 3D graphics application for modeling, animation, simulation, rendering, compositing and more. An API for Python scripting also allows you to customize the application and write specialized tools. Can be a powerful tool for creating impressive presentations, training videos, and more. bodez95 adds, “Blender is becoming a top-tier respected 3d software tool used in corporate settings.”

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

NetBox is an open-source solution for modeling and documenting network infrastructure, with a robust UI and programmable APIs for everything from cable maps to device configurations. pythbit adds, “They have pretty solid documentation that makes it quick. If you host it on Ubuntu, it is almost entirely copy/paste.”

MxToolbox offers a suite of fast and accurate tools designed to help troubleshoot DNS and email issues. Includes MX and DNS lookup, blacklist and DMARC check, as well as some incredibly helpful diagnostic tools. Kindly suggested by DonPepino.

IT Pro Tuesday #301

IT Pro Tuesday #298

Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: “Security Risks of Always On Remote Access,” we talk with Matt Lee from Pax8 to discuss the risks associated with deploying always on remote access software on managed endpoints. Matt discusses his extensive background in the MSP space and shares insights gained from his experience with a mass ransomware event.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list

A Training Resource

SadServers gives you access to a full remote Linux server on which you get to refine your troubleshooting skills by solving a particular problem. Free for personal use, with limits on the number of scenarios and total tries per day. aaron416 explains, “It will give you a task to complete on a real server, or something that’s broken. Then you figure out how to debug it and fix it!”

External Attack Surface Management Attack Surface Summary

A Free Tool

IntelBurnTest helps to simplify the use of Intel’s powerful Linpack program—a tool that can bring even the world’s most-powerful CPUs to the brink. thelanranger considers it an essential sysadmin tool.

External Attack Surface Management Attack Surface Summary

A Tip

ShoopDoopy shares a discovery:

“Use Bing chat to write short utility scripts for you. Add This is important for my career’ to the end to improve the quality of your results.”

Another Free Tool

Everything is an incredibly fast command-line search engine for Windows that instantly locates files and folders by name. By indexing only file and folder names, it generally takes a few seconds to build its database. Echo64 says, “1000% better than the built-in Windows search —one of these apps that once you use it, you can’t go back.”

One More Free Tool

CodeLobster is a cross-platform IDE that streamlines and simplifies the PHP development process. Autocompletes the names of functions, arguments, tags, and their attributes for PHP, HTML, JavaScript, TypeScript, Node.js, and Python. Also includes an internal PHP debugger that automatically detects your current server settings and configures corresponding files. Our thanks for the suggestion go to deanmoncaster.

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

FurMark is an intense GPU stress test for Windows (32- and 64-bit) and Linux (32- and 64-bit) platforms as well as a quick OpenGL and Vulkan benchmark. Uses fur rendering algorithms—which are specially adapted to overheat the GPU—to measure graphics card performance. Kindly suggested by thelanranger.

Core FTP LE is a secure FTP client with features like SFTP (SSH), SSL, TLS, FTPS, IDN, browser integration, site-to-site transfers, FTP transfer resume, drag-n-drop support, file viewing/editing, firewall support, custom commands, FTP URL parsing, command line transfers, filters, and more. Appreciated by Barry2888.

IT Pro Tuesday #301

IT Pro Tuesday #296

Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: “Are Tech ‘Innovations’ Accelerating Security Threats?” we explore how businesses can balance their need for technological advancements with maintaining robust security measures to protect against cyber threats.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list

A Script

How to monitor your UPS with free software + a Raspberry Pi is a simple script that installs Network UPS Tools plus some other packages on a Raspberry Pi or similar Linux system to quickly enable HTTP and SNMP v2c monitoring. Author david-eaton explains it “can make it easy to configure UPS monitoring on a RaspberryPi in a matter of minutes.”

External Attack Surface Management Attack Surface Summary

A Free Tool

Glary Utilities is an all-in-one solution that offers powerful one-click cleaning for an individual computer to boost speed and help fix errors, crashes, and freezes. Kindly suggested by jan-erikmense2.

External Attack Surface Management Attack Surface Summary

A Tip

A clever hack for preventing unwanted reboots, compliments of orwiad10:

Shutdown /r /t 315360000

Schedules a reboot 10 years in the future. If you have a reboot scheduled, the api prevents anything non-interactive from rebooting your machine… So stuff like a forced reboot for updates.

Another Free Tool

UltraVNC is a powerful, intuitive remote access tool for displaying and controlling the screen of another computer (via internet or network) from your own screen. Appreciated by itanassa.

A Cheatsheet

JS CheatSheet features a tidy collection of the key information you need when working with JavaScript. Our appreciation for the recommendation goes to Extradiscipline_644.

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

nomacs is a multi platform image viewer that allows you to view and edit all common image formats including RAW and psd images. Supports cropping, resizing, rotating, color adjustments, and more. Thanks for this one go to SaucyKnave.

Airtable is a user-friendly cloud-based platform for creating and sharing relational databases, so you can store, organize, and collaborate on any information. brad-mdaemon-technologies says, “AirTable is my favorite tool for project tracking. Super versatile & the free version goes a long way.”

IT Pro Tuesday #301

IT Pro Tuesday #295

Welcome back to IT Pro Tuesday!

As a reminder, you’re invited to take part in a 5-min survey on IT security awareness training in companies, with a chance to win a Google Nest Hub Max worth $229!

And in the latest Security Swarm Podcast: “Tips and Tricks for Getting Started in Cybersecurity,” we sit down with Grant Collins, an infrastructure security engineer and cybersecurity career coach, to discuss everything from choosing the right degree to navigating the hiring process, acquiring essential skills, and building a robust professional network.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list!

A Free Tool

RDS-Shadow allows you to remotely view and control another user’s active session on a Remote Desktop Session Host server, without requiring admin rights. Kindly suggested by stetze88.

External Attack Surface Management Attack Surface Summary

Another Free Tool

Rocketchat is a customizable, open-source communications platform designed with a focus on data protection. Facilitates real-time conversations among team members or customers, regardless of how they connect with you. Thanks for the recommendation goes to Brianinca.

External Attack Surface Management Attack Surface Summary

Yet Another Free Tool

Bitbucket is a Git-based source code repository hosting service with a best-in-class Jira integration and built-in CI/CD. Provides a single spot where teams can plan projects, collaborate on code, test, and deploy.

A Tip

A simple keyboard shortcut appreciated by iamamisicmaker473737:

“Hold Ctrl to pause task manager sorting.”

A Script

CleanBloat is an easy way to remove all the useless bloatware and superfluous Microsoft Office language versions (except English) from Dell computers. This handy script was kindly shared by its author, Cj_Staal.

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

Python Cheatsheet is a nice, single-page reference sheet that provides quick access to all the essentials for the Python 3 programming language. Kindly suggested by Extradiscipline_644.

Zypper is a powerful command-line package manager for installing, updating and removing packages in SUSE and openSUSE Linux. It features subcommands, arguments, and options that can be used to perform specific tasks, and it can also be used to manage repositories. This tool is a favorite of donges.