Windows Administration and Security

Radio on the Internet, eh? How about Ubuntu Linux on Windows 10?!!!

• Installation guides (each has something unique to teach you)

  • How to Install and Use the Linux Bash Shell on Windows 10, by Chris Hoffman, March 5th, 2018

  • Windows 10 Installation Guide, Microsoft Technet, May 26, 2018

  • How to Install the Linux Subsystem for Windows 10 (and Run Linux in Windows), by Alexander Fox, January 31, 2018

  • Windows 10 Bash & Linux Subsystem Setup, YouTube video by Traversy Media, February 2, 2018

  • How to Run Linux/Bash on Windows 10 Using the Built-In Windows Subsystem for Linux, YouTube video by Corey Schafer, February 21, 2018

  • How to run Linux on Windows 10 with “Bash on Ubuntu on Windows!” - Windows 10 Anniversary Edition, YouTube video, by Scott Hanselman, Jul 1, 2016

• Developer convenience tooling

  • Living Inside The Updated Windows Subsystem For Linux, by Rui Carmo, May 7, 2017

  • Introducing the Windows Console Colortool, by Craigaloewen, August 11, 2017

  • GitHub neilpa/cmd-colors-solarized (“Solarized color settings for Windows command prompt”)

  • Targeting the Windows Subsystem for Linux from Visual Studio, by Marc Goodner, February 8, 2017

• Windows Terminal

  • How to Customize the New Windows Terminal App, by Josh Hendrickson, June 25, 2019

  • Programmatically Opening Windows Terminal in a Specific Folder, by Rick Strahl, September 03, 2019

• Using Ansible through Windows 10’s Subsystem for Linux, by Jeff Geerling, October 5, 2016

• Setting Up Docker for Windows and WSL to Work Flawlessly, by Nick Janetakis, December 25, 2018

• Going Overboard with WSL metadata, by Brian Ketelsen, March 10, 2018

• Package management in git for windows?, Stackoverflow post, September 22, 2015

• GitHub Gist evanwill/gitBash_windows.md (“How to add more to Git Bash on Windows”)

• See also VS Code in the Python IDEs, shells, and debuggers section.

Surface Pro

• How to fix a Type Cover not working on a Surface Pro 3 or Surface Pro 4, YouTube video by Ian Dixon, November 27, 2015

Security Guides and HowTos

• Use AVG Rescue CD to clean up your infected computer [Allows “dead-system” malware cleanup. This is more reliable than trusting the OS that could be subverted by some malware to lie to you. The only down side is it is Linux based, so it sometimes doesn’t have drivers for obscure network interfaces and uses a text menu that freaks some people out. But it is pretty reliable in cleaning up things that run- time AV might miss. I keep one (and the instructions) pre-positioned at the houses of my relatives whose computers get infected a lot.]

  • AVG Rescue CD Guide, AVG

  • AVG Rescue CD GNU/Linux

  • How to Use the AVG Rescue CD, eHow.com

  • AVG Tutorial | How to remove infection from PCs using AVG Rescue CD, Youtube.com video

  • See also: Viruses and Anti-Virus (and Anti-Antivirus…)

• Windows Vista Security Guide, Microsoft

• BitLocker Drive Encryption Overview, Microsoft

• How to Encrypt a USB Flash Drive or SD Card with Windows 10, by Brian Burgess, December 27, 2015

• Fundamental Computer Investigation Guide For Windows

• How To Set Up VNC Over SSH On Windows XP, by Erik J. Heels

• Intro to Securing Your Windows Files

• Overview of Active Directory Security concepts

• Windows 2000 Security Recommendation Guides, National Security Agency, June 1, 2001

• Secure FTP transfers via Secure Shell Tunnelling (Using Teraterm for Windows and WS_FTP as an example)

• NET USE (usable for removing stored passwords from shares, etc.)

• Wim’s BIOS Page: Everything you want to know about BIOS

• NSA Guidelines for Securing Windows NT Networks (see also other Trusted Information Systems research and papers)

• Remapping Ctrl and Caps Lock in Windows! (I hate keyboards that have it wrong!)

• Articles on debugging from Microsoft’s Knowledgebase

Security Related Tools

• The Microsoft Office Visualization Tool (OffVis) Fact Sheet, Microsoft

• Microsoft’s Enhanced Mitigation Evaluation Toolkit. (Download it here.)

• Five Best System Rescue Discs, by Alan Henry, February 17, 2013

• Eraser

• Ultimate Boot CD for Windows

• NetBus

• Back Orifice

• NTInternals

• Known NT exploits

• Running Sleuthkit and Autopsy Under Windows, by Charles Lucas, June 11, 2004

• Debugging Tools, loranbase.com

Viruses and Anti-Virus (and Anti-Antivirus…)

• Computer Security Resources: Is is Safe to Download?, Antivirusware Independent Antivirus Reviews

• The AVG Rescue CD is quite useful for helping disinfect computers for family and friends. (Hint: Pre-position a CD at their house so when they call you for help, you don’t have to talk them through downloading and burning an ISO image to CD-R!) See also: AVG Rescue CD GNU/Linux ISOs and how to build them from scratch

• Online virus checking sites

  • Virustotal live screener

  • Norman’s Sandbox live screener

  • Jotti’s malware scan

  • Clamav Online Specimen Scanner (COSS)

Windows Event Logging

• Windows Logon Forensics, SANS Reading Room

• An Analysis of Microsoft Event Logs, by Michelle D. Mullinix, A Capstone Project Submitted to the Faculty of Utica College, December 2013

• Windows Security Log Event ID 4624, UltimateWindowsSecurity.com

• Event ID: 4776 Source: microsoft-windows-security-auditing, EventID.net

• Explanation for multiple 4624 events per login event? I get 2 per login with different Logon ID values., Microsoft TechNet post, April 5, 2017

• Windows security audit events, (Excel spreadsheet) Microsoft Download Center, May 5, 2016

• GitHub williballenthin/process-forest (“Reconstruct process trees from event logs”)

• python-evtx is a pure Python parser for recent Windows Event Log files

Backup and Restore

• Back up your email: Outlook for Office 365 Outlook 2019 Outlook 2016 Outlook 2013, Microsoft Office Support web site

• Export or backup email, contacts, and calendar to an Outlook .pst file, Microsoft Office Support web site

• How to use Outlook Data Files to make offline copies of mail folders, University of Sussex IT support site

• How Can I Save All My Emails for a Personal Backup?, by Melanie Pinola, LifeHacker.com, March 14, 2013

• Did You Know Windows 8 Has a Built-In Time Machine Backup?, by Chris Hoffman, May 8, 2013

Miscellaneous

• PowerShell equivalents for common Linux/bash commands, by Mathieu Buisson, TheShellNut, September 30, 2015

• How to Create a Bootable DOS USB Drive, by Chris Hoffman, How-To-Geek, June 14, 2017

• How to Create an Image of Your PC Before Upgrading to Windows 10, HowToGeek

• Access denied when running robocopy the second time to update changed files, by kennethostnes, November 17, 2011

• v5: How to fix Windows boot problems, Macrium Knowledgebase

• How to resize partition under Windows 10?, by Daisy, October 14, 2016

• Breakdown of MBR, by invoke-ir.com

• Windows 8 Security Features, by Aryeh Goretsky, ESET blog, October, 2012

• Windows 8: FUD for thought, by Aryeh Goretsky, ESET

• Rob’s Zone Alarm Page (information about Zone Alarm log file contents)

• Secure Routine Windows to UNIX Web updating using tunnelling via Teraterm and Rsync

• Installing ssh and rsync on a Windows machine

• TTSSH: An SSH Extension to Teraterm

• Securing your UNIX connections with the secure shell (ssh)

• Windows NT Utilities by Gordon Chaffee (includes Windows 95/NT ssh/scp port)

• NT Systems and Services, Stanford University

• A *REAL* NT Rootkit, patching the NT Kernel, Phrack Magazine, Issue 55, Article 5

• NT Objectives was mentioned in a DEFCON talk on forensics. They produce a free toolkit (that let’s you do the same thing as find does for free on Unix!)

• Microsoft Security Advisor

• John Kozubik’s NT Security Column at Network Command

• How to Configure a Firewall for Windows NT and Trusts Article ID: Q179442

• WinNT, Terminal Server, & Exchange Services Use TCP/IP Ports Article ID: Q150543

• “CIFS: Common Insecurities Fail Scrutiny” by Hobbit, Avian Research - January 1997

• File Sharing: Unknown Dangers on your network, by Kristopher Klaus

• Just what is SMB?, by Richard Sharpe

• Overview of Windows 95 & Networking Issues, The University of Central Oklahoma

• Win95 FAQ Part 7 of 14: Networking

• Microsofmt Windows 95 Security Tips For Users Connected to the Internet via Cable Modem or Other Direct Channels

• “NetMeeting Security Concerns and Deployment Issues,” by Chris Shenton, NASA.

• “Cryptanalysis of Microsoft’s Point-to-Point Tunneling Protocol (PPTP)” by B. Schneier and P. Mudge [Microsoft’s response]

• Windows 95/98 Computer Security Information, CERT/CC

• The new Unix alters NT’s orbit - NC World - April 1998

• Securing Windows NT Installation

• NT Security - Frequently Asked Questions

• Bill Wall’s Windows NT links

• NT SECURITY

• Security White Papers and Web Links for Windows NT

• NTBugTraq email list

• The PC Hacking FAQ

• Behavior Blocking: The Next Step in Anti-Virus Protection, by Carey Nachenberg, SecurityFocus.com, March 19, 2002

• Antivirus Research and Detection Techniques (part 1), by Jay Munro, ExtremeTech.com, July 1, 2002

• Antivirus Research and Detection Techniques (part 2), by Jay Munro, ExtremeTech.com, July 10, 2002

• Is AntiVirus Technology Headed For Obsolescence? by Larry Seltzer, eWeek.com, June 26, 2003

• The Art of Computer Virus Research and Defense, by Peter Szor, Addison Wesley in collaboration with Symantec Press, ISBN 0321304543, February, 2005