Tag Archive for: Windows

Process Explorer Updated

21 Feb 2014
February 21, 2014

Have you checked out the latest version of Sysinternals Process Explorer? This remains one of my favorite tools to use when trying to get a grip of what’s really going on in a Windows machine.

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

Now there’s one more really handy feature: it will submit the running processes to VirusTotal.com for further analysis. Don’t panic! It isn’t sending the actual files; it is sending hashes of them and it does it all very quickly. VirusTotal submits each process to up to 50 AV scanners and sends back the results of the scan. Just click the link in the right-most column to see the scan results.

Slick. Read more →

AWS: Check Drive’s Removal Policy

22 Dec 2013
December 22, 2013

This might be something that everyone else knows, but I was quite surprised the other day and thought I would share.

AWS Disk PropertiesI had just added some new EBS volumes to a new SQL Server database EC2 instance in AWS. See, I like to add 2 or 4 higher IOPS drives to database servers and then use the OS to put them in a RAID 0 stripe(s) for data files (and TempDB if I don’t have an ephemeral SSD handy. But perhaps that’s a post for another day…).

While configuring these new drives into an array I somewhat inadvertently ended up in the Properties dialog for one of the drives. Since I was there, I thought I would check things out.

The drive’s Removal policy was, by default, “Quick Removal.” This doesn’t strike me as the key to ultimate performance! This is how you treat external USB drives.

I checked the other 3 drives and determine that 3 out of the 4 I had just added were Quick and the one was “Better performance.” I then spot checked a handful of other instances and found similar results. Needless to say, I set them all to “Better” and then carried on.

But now I’m curious: Why were they defaulting to “Quick removal”. Yet, why weren’t ALL sharing that default?

Anyways, something to watch for when provisioning a new Windows server. Seems that this would apply to any virtualization platform, not just AWS.


Grub 2 Fixes

07 Mar 2011
March 7, 2011

The Linux Tux Penguin logoThese days I find myself spending the majority of my time in a Windows based OS of one flavor or another. However, I still have most of my machines set to dual-boot to a Linux distro (lately that’s usually Ubuntu). That way I still have it very handy when I want or need it.

Grub 2 is the boot-loader I see the most and I find it quite serviceable. And maddening. Until recently it actually drove me nuts for two main reasons. Fortunately, I finally took the time to do 5 minutes of research last weekend and those reasons are no longer issues.

Item 1: Setting the Default boot OS

By default, the top item in the boot menu list is the default OS to boot. And, by default, that’s the most recent Linux kernel. Well, since I spend the majority of my time in Windows that was becoming distressing.

Initially I found a way to modify the config to tell grub which line number was the default OS. However, each time I updated and got a new kernel this line number was no longer correct — the new kernel would get added to the top of the list and push everything down (see item 2).

Fortunately, I found a blog post titled, “Fix Windows as default boot on Ubuntu with Grub2 loader” that offers a very simple solution. Just specify the default OS by name instead of number! So simple… yet I sure struggled to solve it. For details just follow that link.

Item 2: Cluttering up the Boot Menu list with Old Kernels

I alluded to this earlier. Every time you update and get a new kernel you get two more entries into the boot menu. After just a few updates that boot menu gets long and cumbersome.

Cleaning up the boot menu is pretty simple though — and rather automated. Once you’ve verified that the kernel is working there’s really no reason to keep the old one(s) around. Just fire up synaptic and completely remove those old kernels. When you do so, their associated menu entries are removed automagically as well. I picked up this tip from another blog post titled, “Clean up the New Ubuntu Grub2 Boot Menu.”

So there you go, with just those two posts I’ve removed a major “pain point” from my daily dual-booting experiences. Yay blogs!

New Windows Vuln: ALL Versions

29 Jan 2011
January 29, 2011

imageI just noticed Microsoft Security Advisory (2501696) and, if you’re running a Windows OS, I think you should notice it too. This is a published vulnerability and there are proof-of-concept attacks out there. As usual, yikes.

In short:

The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of a Web request run in the context of the victim’s Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the affected Web site on behalf of the targeted user.

If you visit the associated Knowledge Base Article (2501696) you’ll find the “Fix it for me” button. Might as well give it a click until a patch or fix is released.

More details at the first link and also at the Naked Security blog.