Windows 10 Tweaks, Tips and Tricks

Here are some simple but effective windows tweaks, tips and tricks to streamline your windows computing experience. Here are list of my collections (still keep adding):
1. Fix High CPU Usage by Windows Software Protect Service (Sppsvc.exe)
2. Install Telnet Client
3. Check System Uptime
4. Hiding Windows Folder
5. 上帝模式一键开启
6. 历史问题一目了然 (Reliability Monitor)
7. 一Click锁定电脑 Other than WIN+L
8. 常用程序快捷启动
9. 快速以管理员方式启动程序
10. 无盘符分区，保护/访问两相宜
11. 双击任意窗口的最左上角都能关闭该窗口
12. Ctrl+Alt+Del=Ctrl+Shift+Esc to open Task Manager
13. Issue: Microsoft Office can't find your license for this application or Windows is not activated
14. Windows 10 Battery Report
15. RDP Port Change to TCP 443
16. Windows 10 Defaultuser0 password Issue

Install Portainer to Manage Containers - Nginx, MySQL, WordPress

Portainer is a lightweight management UI which allows you to easily manage your different Docker environments (Docker hosts or Swarm clusters). It is meant to be as simple to deploy as it is to use. It consists of a single container that can run on any Docker engine (can be deployed as Linux container or a Windows native container). Portainer allows you to manage your Docker containers, images, volumes, networks and more !


1. Installation in CentOS / Ubuntu
1.1 CentOS 7/Debian 9

Here is an easiest way to install docker into your CentOS / Debian system. It is just one command:

sudo -i

yum -y update

curl -sSL https://get.docker.com/ | sh

Free Tier VPS Bench Comparison for AWS, Azure and Google Cloud

All of AWS, Azure and Google Cloud are providing some kind of free tier to the users. I am always wondering how those free tier VPS performance looks like. I did some bench work to test them out.

Here is the method and result.

Bench script:
https://github.com/n-st/nench provides a nice bench.sh and a single command for you to run this script on your VPS.

Commands to run this script:

(curl -s wget.racing/nench.sh | bash; curl -s wget.racing/nench.sh | bash) 2>&1 | tee nench.log

(wget -qO- wget.racing/nench.sh | bash; wget -qO- wget.racing/nench.sh | bash) 2>&1 | tee nench.log

Sysinternals Tool Sysmon Usage Tips and Tricks

Microsoft Sysinternals tool Sysmon is a service and device driver, that once installed on a system, logs indicators that can greatly help track malicious activity in addition to help with general troubleshooting.
Sysinternals from Web Browser:

• https://live.sysinternals.com/

Basic Sysmon Usage commands:

Installation:
sysmon -i -accepteula [options]

• Extracts binaries into %systemroot%
• Registers event log manifest
• Enables default configuration

Forwarding Windows Event Logs to Syslog Server (Kiwi Syslog)

Centralizing your logs saves time and increases the reliability of your log data, especially for Windows machines. When Windows log files are stored locally on each server, you have to individually log into each one to go through them and look for any errors or warnings. It’s possible for a Windows server to forward its events to a “subscribing” server. In this scenario the collector server can become a central repository for Windows logs from other servers in the network.There are many ways you can forward your windows event logs to a centralized log server. You can use event log forwarding feature which was introduced in Windows Server 2008. Event log forwarding brought forth a native and automatic way to get events from multiple computers (event sources) into one or more machines called collectors. Another option is to use third party software, such Solarwinds Free Event Log Forwarder for Windows. 

In this post, I am going to introduce another free software , Eventlog to Syslog. The Eventlog to Syslog utility is a program that runs on Microsoft Windows NT class operating systems monitoring the eventlog for new messages. When a new message appears in the eventlog, it is read, formatted, and forwarded to a UNIX syslog server.

1. Install Syslog Server - Kiwi Syslog Free Version
Download address: https://thwack.solarwinds.com/community/free-tools-and-trials

Install Mac OSX AnyConnect Package on Cisco Router and on Mac Machine

Symptoms: 
One of my clients reported a Cisco AnyConnect issue. It only happened to his machine and later we found that is because he is using Mac machine. His credential works fine if he uses it at windows machine.

From following screenshot, obviously there is Mac AnyConnect package missing from vpn gateway.

Error Messages:

"VPN
The AnyConnect package on the secure gateway could not be located. You may be experiencing network connectivity issues. Please try connecting again.

PFsense Configuration with Topology and Screenshots

pfSense is an open source routing and firewall software that is based on the FreeBSD distribution. The basic features including:

pfSense Home Topology

• Static/default/dynamic routing
• Stateful firewall
• Network Address Translation (NAT)
• Virtual Private Networks (VPN)
• Dynamic Host Configuration Protocol (DHCP)
• Domain Name System (DNS)
• Load balancing and so on. 

With many supported add-on packages, other advanced features including:

• Snort (for Intrusion Detection and Prevention)
• FreeSWITCH (Voice over IP)
• Squid (Proxy)
• SquidGuard (URL Filtering/HTTPS inspection)
• Darkstat (Network Traffic Monitor)

Qualys Scanner Appliance and Qualys Guard Service Tips and Tricks

The Qualys Cloud Platform and its integrated apps can simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Qualys Scanner Appliance is an option with the Qualys Cloud Platform. With the Qualys Scanner Appliance, you can easily assess internal network devices, systems and web applications.  This post summarize some of my experience with Qualys Guard service from Qualys Scanner Appliance.

1. AssetView 
1.1 Dashboard