Category Archives: Windows
The key lies in preparation. Here a couple of things you want to do:
First make sure you know what current programs you want to re-install.
Before you do anything else, it’s handy to have a list of all your currently installed programs so you know what settings to back up, and which programs you want to reinstall later on.
Next backup …
Back up any Windows settings you can so you don’t have to do too much tweaking after you reinstall. The best way to do this is with Windows Easy Transfer, Windows’ built-in migration program for just such occasions.
Documents and files
Just copy these to an external drive or move them with Windows Easy Transfer as described above, though if you back up your computer regularly (which you should), you can always just restore them from your backup later on as well.
Then after completing the Windows re-install it’s time for the restore process. Basically it’s the opposite of what you did during the backup process. However what you may not have known is that there are tools out there that can help make re-installs of applications quick and easy. Keep in mind though that these tools won’t have all the programs you want to re-install.
Just check off all the programs you want, and Ninite will create an all-in-one package to install them in one fell swoop.
If you’re more of a command line geek, Chocolatey is a handy utility that brings Linux-style package management to Windows. With a few well-placed commands, you can install a ton of programs at once, bypassing the need for all those separate installers.
Portable apps essentially let you carry all your programs and settings over to another computer with no installation required. You’ll still have to search out each app yourself, but after you do it once, you’ll never have to do it again—every clean install from here on out will be much quicker because you’ll already have half your apps ready to go.
Head over to the source for all the details involved with performing a clean install of Windows.
- Beginner Geek: How to Reinstall Windows on Your Computer (howtogeek.com)
- Essential Windows Apps You Probably Missed (forums.pinstack.com)
- Expert Advice on Reinstalling to a Wiped Hard Drive (pc.answers.com)
Another day, another set of cracking tools.
Cryptography specialist Moxie Marlinspike released tools at Defcon today for easily cracking passwords in wireless and virtual private networks that use a popular encryption protocol based on an algorithm from Microsoft called MS-CHAPv2, news that will no doubt worry many a network administrator.The tools crack WPA2 Wi-Fi Protected Access and VPN passwords used by corporations and organizations running networks that are protected by the PPTP Point-to-Point Tunneling Protocol, which uses MS-CHAPv2 for authentication.ChapCrack captures the MS-CHAPv2 handshakes, or SSL Secure Sockets Layer negotiation communications, and converts them to a token that can be submitted to CloudCracker.It takes less than a day for the service to return results in the form of another token that is plugged back into ChapCrack where the DES Data Encryption Standard keys are cracked. With that data, someone can see all of the information traveling across the Wi-Fi network, including sensitive corporate e-mails and passwords, and use passwords that were revealed to log in to corporate networks.The tools are designed for penetration testers and network auditors to use to check the security of their WPA2 protected networks and VPNs, but they may well be used by people who want to steal data and get unauthorized access to networks.
Yet another reason for businesses that haven’t done so yet to move beyond PPTP and Windows XP
- Stronger password hashing in .NET with Microsoft’s universal providers (troyhunt.com)
- Wireless Internet Security (techhelpertoday.wordpress.com)
Numerous flaws were addressed via patches Tuesday by Microsoft.
The company also addressed at least 15 other flaws in its software, and urged customers to quit using the desktop Sidebar and Gadget capabilities offered in Windows 7 and Windows Vista.
By far the most urgent of the updates is MS12-043, which fixes a critical vulnerability in Microsoft XML Core Services that miscreants and malware alike have been using to break into vulnerable systems. Microsoft had already warned about limited, targeted attacks using this flaw, but late last month an exploit built to attack the XML bug was added to the BlackHole Exploit Kit, an automated browser exploit tool that is very popular in the criminal underground right now.
Other critical patch bundles include a fix for a dangerous flaw in the Microsoft Data Access Components (MDAC) of Windows, and an update to address a pair of vulnerabilities in Internet Explorer.
Microsoft also released a FixIt tool to help network administrators block the use of Gadgets and the Sidebar on Windows 7 and Windows Vista systems. “We’ve discovered that some Vista and Win7 gadgets don’t adhere to secure coding practices and should be regarded as causing risk to the systems on which they’re run,” Microsoft said in a blog posting, without offering much more detail about any specific findings.
- Bad week for Microsoft as security fails and cyber threats increase (seshippingnews.typepad.com)
- Security flaws signal early death of Windows Gadgets (zdnet.com)
- Microsoft patches critical drive-by IE9 bug, Windows zero-day (techworld.com.au)
From the ISC Diary:
Microsoft has released an Important update to the Windows Update function (Windows Update Agent 7.6.7600.256) because users have been experiencing update issues. Some users experience failed installation with error code 80070057 or 8007041B. Microsoft has provided a “Fix it” tool that can be directly downloaded here for those cases that won’t automatically apply the update and the Knowledge Base article located here.
If you’ve experienced this issue let the ISC know.
The GUI for Windows Server will eventually be no more. Here’s what Don Jones, over at RedmondMag.com, had to say about this eventuality.
- The full GUI experience on the Windows Server OS is now optional. Software meant to run on a server should not assume a GUI will be there, nor should it take for granted any of the many other dependencies that the full server OS has traditionally included. My analysis on this: It’s Microsoft’s shot across the bow. You’ll see a stronger position on this sometime in the future — maybe a few years off, but sometime. They want server apps to assume they’re running on what we used to call “Server Core.”
- The recommended way to run the Server OS is without the GUI. Didja see that? No, you don’t have to think it’s a good idea — I’m not pushing acceptance. I’m pointing out what’s happening. These are the facts on the ground.
- Microsoft has taken a (what I think is a very good) middle-ground step by introducing a “minimal GUI” mode in the server OS. That means you can have your GUI tools on the Server OS, as well as on your client computer, provided those GUI tools play by a few basic rules and don’t assume too many dependencies (like the presence of IE). They’ll have the full .NET Framework at their disposal, for example, which should help — especially if they’re tools based on the MMC architecture. So this gets you a “lighter” version of the Windows Server OS, but still lets you manage right on the console.My opinion, for what it’s worth: Anyone who thinks “minimal GUI” mode is anything more than a holding measure is crazy. To me, this clearly says Microsoft is trying to get us off the console for good. They know we’re not ready to give it up completely, so this is them trying to wean us off. Maybe I’m wrong on this — it’s happened before — but it sure seems that way when I look at the big picture.
- Notwithstanding the “minimal GUI” mode, Microsoft is recommending to software developers to not assume a GUI will be present. The full, rich GUI experience happens on the client. Not allowed connect to your servers from your client computer? The suggestion appears to be “rethink your architecture.”
In other words make sure you know command line interface and how to remote into a server because before long that will be your only way to access Microsoft Server.
My opinion is that Microsoft is pointed toward a world of “headless servers:” Minimal functionality from the console, rich management from a client computer. This is a step in that direction, and it’s intended to put us, and software vendors, on notice. Me, I’m going to take the hint. I hope y’all do as well. Windows Server “8” is a chance to start getting on board with what Windows will become — it’s not throwing us directly into the fire, but I think we have to take the opportunity to start adapting to this new direction.
- In Windows 7 and Server 2008 R2, the DES encryption types for the Kerberos authentication protocol are disabled by default. (itworldjd.wordpress.com)
- Windows Admins Need To Prepare For GUI-Less Server (tech.slashdot.org)
- CTU 2012 – Windows Server 8 Active Directory Overview (chengandrew.wordpress.com)
- Windows Server 8: Server Applications and the Minimal Server Interface (blogs.technet.com)