June 2018 - IT VIET

Technology Hardware & Solution Provider

Wednesday, June 27, 2018

What are Cryptomining & Cryptojacking | How do you defend against cryptojacking?

7:25 PM 0

Cryptomining
Transactions for various forms of cryptocurrency are verified and added to the blockchain digital ledger
Requires large amount of processing power and energy to be efficient
Cryptojacking
Unauthorized use of someone else’s computer to mine cryptocurrency

Symptoms and rectification of Cryptojacking
How is it done?

  • Hackers install malware or a script that does cryptomining into the compromised server/computer
  • The  malware or script (usually javascript) automatically starts up in the background and mines cryptocurrency for the hacker
  • This is most commonly done when a user visits an infected website or through phishing
Symptoms:

  • High CPU and/or GPU usage
  • Overheating
  • Crashes or restarts
  • Slow response times
  • Unusual network activity (e.g. connections to mining-related websites or IP addresses). For example, you may notice unexpected PowerShell processes connecting to IP addresses associated with xmrpool[.]net, nanopool[.]org, moneropool[.]com, and similar addresses.
Rectification:

  • Investigate any abnormal activity
  • Disable Javascript on specific sites
  • Install anti-malware software and run periodic scans
  • Monitor logs for unusual activity

How do you defend against cryptojacking?
The following cybersecurity best practices can help you protect your internet connected systems and devices against cryptojacking: (source from https://www.us-cert.gov/ncas/tips/ST18-002)
Use and maintain antivirus software.
Antivirus software recognizes and protects a computer against malware, allowing the owner or operator to detect and remove a potentially unwanted program before it can do any damage. (See Understanding Anti-Virus Software.)

Keep software and operating systems up-to-date.
Install software updates so that attackers cannot take advantage of known problems or vulnerabilities. (See Understanding Patches.)

Use strong passwords.
Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices. It is best to use long, strong passphrases or passwords that consist of at least 16 characters. (See Choosing and Protecting Passwords.)


Change default usernames and passwords.
Default usernames and passwords are readily available to malicious actors. Change default passwords, as soon as possible, to a sufficiently strong and unique password.

Check system privilege policies.
Review user accounts and verify that users with administrative rights have a need for those privileges. Restrict general user accounts from performing administrative functions.

Apply application whitelisting.
Consider using application whitelists to prevent unknown executables from launching autonomously.

Be wary of downloading files from websites.
Avoid downloading files from untrusted websites. Look for an authentic website certificate when downloading files from a secure site. (See Understanding Web Site Certificates.)

Recognize normal CPU activity and monitor for abnormal activity.
Network administrators should continuously monitor systems and educate their employees to recognize any above-normal sustained CPU activity on computer workstations, mobile devices, and network servers. Any noticeable degradation in processing speed requires investigation.

Disable unnecessary services.
Review all running services and disable those that are unnecessary for operations. Disabling or blocking some services may create problems by obstructing access to files, data, or devices.

Uninstall unused software.

Review installed software applications and remove those not needed for operations. Many retail computer systems with pre-loaded operating systems come with toolbars, games, and adware installed, all of which can use excessive disk space and memory. These unnecessary applications can provide avenues for attackers to exploit a system.

Validate input.
Perform input validation on internet-facing web server and web applications to mitigate injection attacks. On web browsers, disable JavaScript execution. For Microsoft Internet Explorer, enable the cross-site scripting filter.

Install a firewall.
Firewalls may be able to prevent some types of attack vectors by blocking malicious traffic before it can enter a computer system, and by restricting unnecessary outbound communications. Some device operating systems include a firewall. Enable and properly configure the firewall as specified in the device or system owner’s manual. (See Understanding Firewalls.)

Create and monitor blacklists.
Monitor industry reports of websites that are hosting, distributing, and being used for, malware command and control. Block the internet protocol addresses of known malicious sites to prevent devices from being able to access them.
Read More

Monday, June 25, 2018

How to fix office activation licence issue / How to fix Office 365 /2016 “Activation” or “Unlicensed Product” Problems

9:21 PM 0
In this article We will show you how to troubleshoot office activation licence issue(Office 365 /2016 “Activation” or “Unlicensed Product” Problems). These step practically followed by us and 100% working. Please follow several method step by step which help to resolve your query.



Step 1: Go to Control panel > Click on Credential Manager > Remove all office 365 email credential from window credentials.
Or you can open Run command and type --> control userpasswords2 --> Hit OK

Step 2: Delete all credential relate to office 365





Let's check status, and it's OK now.


Another WAY: 

Step: Open cmd(Command promopt) with administrator previlage > type cd c:\Program files\Microsoft office\office16 > then type cscript ospp.vbs /dstatus > after that you will see multiple key (as mentioned in screenshoot 3RQ6B & GMR2K) > Type cscript ospp.vbs /unpkey: 3RQ6B & cscript ospp.vbs /unpkey: GMR2K  (to remove license from office) and after that you can reactivate office licence.


Note:- If still you face office activation licence issue then follow last method and we are dam sure that last method will resolve your issue 100%.

ANOTHER WAY:

Step: Open Run(Press Window+R botton) > Type regedit and press Enter > Go to location (Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Office\16.0\Common) > Then right link on OEM and delete that > After that please close these. Then open office type user name password of your email account, you will see that your office licence activate.




Related Posts :


How to removing saved credentials from Windows XP, Windows Vista, Windows 7, or Windows 10

Read More

Top 10 Key Most Commom Interview Questions for Network Administrators

8:58 PM 0

Getting ready for your first network admin interview? Here are technical questions to expect, along with the answers.
If you're not properly prepared, technical interviews can turn sour in a hurry. IT managers are looking for a good fit from a cultural perspective, but they also want to make sure you can handle tasks that require thorough understanding of specific IT functions. This is especially true for eager candidates who want to break into IT infrastructure roles such as network administrator.
In most organizations, the role of the network admin covers three primary areas: routing and switching, wireless LAN technologies, and security. The day-to-day care and feeding of a network often involves understanding the Spanning Tree Protocol, routing protocols, and network monitoring/troubleshooting tools. Competency in physical cabling is also useful as network administrators are often tasked with adding/moving various network components around, which requires them to connect/disconnect devices using copper Ethernet, fiber optics, DAC and various other LAN and data center physical connectivity options.
Wireless LAN technologies are an increasingly important skillset for network administrators. This includes knowing how to setup and secure WiFi SSIDs, but also how WiFi signals are propagated. Knowing wireless fundamentals such as frequency, wavelength, refraction, diffraction, and signal-to-noise ratio (SNR) helps for troubleshooting common issues such as interference, physical obstructions and noise.
Finally, network administrators are required to have a solid background in IT security, at least from a network perspective. This includes understanding firewalls, intrusion-prevention systems, secure remote access, data loss prevention, and end-to-end data encryption. Even in large companies that have their own IT security department, it’s common for the network administrators to do much of the heavy lifting when it comes to designing, integrating, and managing network security devices.
If you’re getting ready for your first network administrator interview, here are 10 technical questions employers are likely to ask.

1. What is the smallest IPv4 subnet mask that can be applied to a network containing up to 30 devices?
One of the first lessons a network administrator must learn is how to properly size IPv4 subnets. Whether you have a standard /24 VLAN for end users, a /30 for point-to-point links, or something in between, understanding how to subnet is a vital skill. To answer this question, a subnet that must contain up to 30 devices works out to be a /27 – or a subnet mask of 255.255.255.224. Be sure you can perform this work with a pen and a sheet of paper. To check your work, feel free to use subnet calculator sites such as this one.

2. What's the purpose of Spanning Tree?
One of the most confusing topics for new network administrators is the Spanning Tree Protocol (STP). This protocol operates at layer 2 of the OSI model with the purpose of preventing loops on the network. Without STP, a redundant switch deployment would create broadcast storms that cripple even the most robust networks. There are several iterations based on the original IEEE 802.1Dstandard; each operates slightly different than the others while largely accomplishing the same loop-free goal. This is partly why STP is so confusing. Topics such as path cost calculations, root bridge IDs, BPDUs, and root/BPDU guard should be well understood prior to any technical interview.

3. What does "stateful" mean at it relates to stateful firewalls?
Firewalls have become a crucial network admin competency in any enterprise organization. The basic premise behind modern firewalls is that access policies are configured to only allow traffic to and from specific IP addresses and TCP/UDP ports. To help accomplish this goal, the firewall maintains a dynamic “state table.” Within this state table, you’ll find information regarding the active connections that pass between secure interfaces. Only packets that match the rules and are known to the firewall as “active” will be permitted to pass through. This eliminates the possibility that a rogue – and potentially malicious – packet would be accidently masked as legitimate and allowed into secure portions of the LAN.

4. Which travels farther, 2.4 GHz or 5 GHz WiFi signals and why?
The 2.4 and 5 GHz spectrums are both used in enterprise WiFi deployments. While the 5 GHz range boasts better transmit and receive speeds, it does so at the cost of signal propagation. Because the 2.4 GHz radio waves are in a lower frequency spectrum, the waves are larger and thus can travel farther – and are more capable of penetrating obstructions.
5. Can you explain what the purpose of administrative distance (AD) is as it relates to routing protocols?
When using a dynamic routing protocol in conjunction with static routes or other dynamic routing protocols, administrative distance (AD) becomes a key consideration. Within a router, there may be many routes to the same destination. For example, you may have a route to the 10.10.10.0/24 network learned by both EIGRP and OSPF. So, which will the router choose to place into the routing table? The one with the lowest AD, of course. By default, EIGRP-internally learned routes have an AD of 90 while OSPF has an AD of 110. Thus, the route placed into the routing table would be the EIGRP learned route.
6. Provide examples of when you would use a static NAT, and when you might use a dynamic NAT
Network address translation (NAT) is often used at the internet edge. Internet-connected businesses own or lease publicly routable IPv4 space. Then within the local LAN, they use non-routable, RFC 1918 IP subnets. For those devices to reach the internet, NAT is used to convert the non-routable IP address to one that is routable. NAT maintains a table that maps the internal IP to the external IP. This mapping can either be static or dynamic in nature. For servers that must always be accessible by other devices on the Internet, a static NAT is the proper choice. That way, the server is always reachable using the same public IP address. For users who only need access out to the internet, dynamic NAT is the preferred choice; it allows hundreds or thousands of devices to share a single publicly routable address. The NAT table keeps track of the different dynamic mappings using a 16-bit port number. This is technically known as port address translation (PAT).
7. What is the purpose of the ARP table?
Network pros must understand how layer 2 switching and layer 3 routing work together on a network. This is where the ARP table comes into play. On layer 3 network devices such as routers or layer 3 switches, the ARP table maintains a list of known IP addresses and their corresponding MAC address where their next layer 2 hop resides. Static ARP entries can be configured. However, in most cases, the ARP table is dynamically learned using broadcast messages originating from the end device that are learned by the subnet’s L3 gateway.
8. Why does voice and video traffic use the UDP protocol as opposed to TCP?
Real-time streaming of data such as voice and video is becoming increasingly important. Because this type of data is time sensitive, it doesn’t make sense to use the TCP protocol that has built-in retransmission capabilities in the event the original packet doesn’t reach its destination. Instead, UDP is used because it does not have retransmission features. Instead, UDP’s “best effort” transport service is far better suited in situations where a packet or two lost does not mean the entire data set must be retransmitted.
9. What are two primary methods for authenticating WiFi users on an enterprise LAN?
The most basic authentication method is to use a WPA2 pre-shared key (PSK). The problem with the PSK is that it must be shared with all that use it. Thus, unless you change the key often, the network can become insecure. WPA2 PSK is sometimes used on enterprise LANs for guest users to allow them to access the internet and not any internal resources. For employees, the far more common authentication method is to use what’s known as WPA2 Enterprise, which allows users to login with 802.1x authentication. Typically, this is a RADIUS server that ties into a back-end Windows AD server. This method allows the user to seamlessly login to the enterprise LAN using their own password that’s tied to their AD account.
10. Can you identify SC, ST and LC fiber connectors?
Finally, it’s important to have a foundation in physical cabling options, both copper and fiber. Years ago, I was in a technical interview where the interviewer brought in a patch cable. The interviewer asked me whether the patch cable was single- or multi-mode and what the connection type was called. Fortunately, I knew that most single-mode fiber was yellow and that it had the smaller LC type connectors. If the patch cable is orange with round connectors that twist-lock, it’s almost certainly a multi-mode patch cable with ST connectors. Make sure you can quickly identify the most physical cabling types used in LANs and within data centers.

Thank you.
Source: https://www.networkcomputing.com/data-centers/10-key-interview-questions-network-administrators/607087480

ENGLISH FOR JOB INTERVIEWS


Read More

How to Fix 100% Disk Usage on Windows Task Manger

8:39 PM 0
Recently, more and more Windows 10 users report that they have come across 100 disk usage Windows 10 issue.

In this article we will share hanging issue which is very common issue for us and we all are aware how to fix hanging issue when memory and CPU taking 100% utilization of system, but when you see harddisk 100% utilization on your system so you think to upgrade harddisk into SSD, before going to upgrade into SSD, please follow below step to fix issue. 




To fix the 100% disk usage issue please following the step.
Read More

Wednesday, June 13, 2018

How to connect MSSQL DATABASE in PHP (Using with codeigniter)

7:48 AM 0

To connect MYSQL or MYSQLI in php is rather common than connetion SQL SERVER.  In my posted, i will using codeigniter for a example. For SQL SERVER in codeigniter, you need need to download some Drivers so that we can use SQL SERVER with other PHP .

The download version must be compatible to your PHP version example
Supported Operating System

  1. Version 4.0 supports PHP 7.0+ on Windows and Linux
  2. Version 3.2 supports PHP 5.6, 5.5, and 5.4 on Windows
  3. Version 3.1 supports PHP 5.5 and 5.4 on Windows
  4. Version 3.0 supports PHP 5.4 on Windows

link : https://www.microsoft.com/en-us/download/details.aspx?id=20098


Step 1. 

Download the Drivers from the below link
LINK : https://www.microsoft.com/en-in/download/details.aspx?id=20098
Extracted sqlsrv drivers and copy to folder ext in your php version


STEP 2.

Add these two line in your php.ini file
extension=php_pdo_sqlsrv_55_ts.dll
extension=php_sqlsrv_55_ts.dll 

STEP 3
RESTART Apache (Wamp)
The Above step will install the required drivers for the php to support SQL SERVER . Only the connection with php application is left. For that we need to change the configuration. In Codeigniter you need to edit the file config/database.php file with the correct credentials and fields like database, port username ,password...

$db['default']['hostname'] = 'IP Sql server';
$db['default']['username'] = 'sa';
$db['default']['password'] = 'mssql';
$db['default']['database'] = 'YourDB';
$db['default']['dbdriver'] = 'sqlsrv';
$db['default']['dbprefix'] = '';
$db['default']['pconnect'] = FALSE;
$db['default']['db_debug'] = FALSE;
$db['default']['cache_on'] = FALSE;
$db['default']['cachedir'] = '';
$db['default']['options'] = array(PDO::ATTR_TIMEOUT => 5);
$db['default']['char_set'] = 'utf8';
$db['default']['dbcollat'] = 'utf8_general_ci';
$db['default']['swap_pre'] = '';
$db['default']['autoinit'] = TRUE;
$db['default']['stricton'] = FALSE;

After you changes in database.php, run you PHP apllication in the browser.

Done.

View on Youtube
  
Read More