Friday, September 26, 2014

CVE-2014-6271 Shellshock and Sonicwall IPS Signature gaffe?

If you manage a Sonicwall firewall, be aware that for some strange reason, Sonicwall decided to make the signature for Shellshock a "Low" priority. If you've enabled IPS on your Sonicwall firewall, and don't have "Prevent All" and "Detect All" checked for low priority attacks, then you're not protected. WTH? While the CVE and all reports mark it as high, 10/10, why the hell would Sonicwall mark it as low?

If you don't want to check prevent and/or detect for low priority signatures, you can still prevent Shellshock by searching for Signature ID 10529, and changing Prevention and Detection to Enable, which I recommend you do like, yesterday.


Monday, September 15, 2014

WMI Explorer Utility

WMI Explorer looks like a useful tool for the Windows and SCCM admin. From http://wmie.codeplex.com/

WMI Explorer is a utility intended to provide the ability to browse and view WMI namespaces/classes/instances/properties in a single pane of view.

 Features

• Ability to browse and view WMI namespaces/classes/instances/properties in a single pane of view.
• Ability to provide alternate credentials for connecting to remote computers.
• Ability to filter classes and instances matching specified criteria.
• Ability to view classes/instances in Managed Object Format (MOF).
• Ability to search classes, methods and properties with names matching specified criteria.
• Ability to run custom WQL queries.
• Automatic generation of WQL query for the selected Class/Instance.
• Automatic script creation (PowerShell and VBS).
• Highlighting of objects that have been previously viewed in the same session.
• Lists property enumeration values (if available). This is generally useful for SMS Provider classes.
• Lists property values containing embedded objects. This is especially useful for SMS Provider classes.
• Caching of retrieved classes/instances.

Friday, September 5, 2014

100 Days of DevOps with PowerShell

If you are a Windows admin, you need to get on the bus with Devops before you get left behind. I used to think of Devops as a Linux admin thing. With Powershell 4.0 and Windows Server 2012, Devops is here for Windows.

Why do you need Devops or Powershell on Windows systems? For starters, although some tasks may take less time to do manually than it would take the time to automate with a script, any repeatable process may benefit from automation with Powershell. If you have servers that share a common configuration, like web, email, or database servers, you can use Powershell Desired State Configuration to automate and enforce the configurations.

From the System Center Central blog:

What is PowerShell DSC?

Desired State Configuration (DSC) is a feature in PowerShell 4.0 and Windows Server 2012 R2 that helps Windows administrators manage and deploy software services’ configuration data and the environment the services run in.
DSC provides a set of PowerShell language extensions, cmdlets and a process called declarative scripting. The goal of DSC is to provide administrators with a method for maintaining consistent configuration sets across computers or devices.  You can write an expression describing a system configuration, and the system will evaluate and apply the configuration. Common use cases for PowerShell DSC include (but are not limited to):
  • Enabling or disabling server roles and features (like IIS)
  • Deploying new software
  • Deploy an IIS website (including the site content)
  • Managing registry settings
  • Running Windows PowerShell scripts
  • Managing files and directories
  • Starting, stopping, and managing processes and services
  • Managing groups and user accounts
  • Managing environment variables
  • Fixing a configuration that has drifted away from the desired state
  • Discovering the actual configuration state on a given node
The bottom line is PowerShell DSC enables IT Pros to support consistent, standardized configuration and continuous deployment, both core goals of DevOps.

Thursday, September 4, 2014

Force Desktops to launch in full screen mode in XenDesktop and XenApp 7.5

In earlier versions of XenApp you could make a desktop full screen in the published application settings. In XenApp/XenDesktop 7.5 this setting is no longer available. It's a little bit of an annoyance to have to click the top menu of Desktop Viewer to make it full screen, but even then it won't stretch across both screens in a dual monitor setup.

Lal Mohan at Citrixology has a very good post on how to edit StoreFront to launch a desktop in full screen mode.

On your StoreFront server, open the C:\inetpub\wwwroot\Citrix\<StoreName>\App_Data\default.ica file in Notepad, and add the line "DesktopViewer-ForceFullScreenStartup=true" under the [Application] section.