Friday, 28 November 2014

IT Technology: Stuxnet


Stuxnet is a computer worm that was discovered in June 2010. It was designed to attack industrial programmable logic controllers (PLCs).

PLCs allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g. in the automobile or power plants), the majority of which reside in Europe, Japan and the US.

Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.

Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, preventing detection of the presence of Stuxnet.

Stuxnet is typically introduced to the target environment by an infected USB flash drive. The virus then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of both criteria, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the codes and giving unexpected commands to the PLC while returning a loop of normal operations system values feedback to the users.


Reference:
Stuxnet
http://en.wikipedia.org/wiki/Stuxnet

Thursday, 20 November 2014

IT Technology: Hard Disk Performance Calculator


This tool ( http://www.wmarow.com/strcalc/ ) is used to calculate the performance and capacity of disk drives, disk arrays and SSD arrays. Based on the parameters of drives, their quantity in the array, RAID level and nature of workload calculates the number of average random IOPS and actual capacity of the array.


Reference:
iops calculator
http://www.wmarow.com/strcalc/

Wednesday, 19 November 2014

VMware: VMware vCenter Converter

Building a virtual machine from scratch can take several hours. Setting up the hardware parameters, installing the operating system, and then adding third-party applications to the OS can be a huge time sink. Fortunately, you can reduce the amount of time spent creating and configuring virtual machines by cloning and importing physical or virtual systems to your VMware ESX/ESXi server.

<< VMware vCenter Converter: Physical-to-Virtual (P2V) and Virtual-to-Virtual (V2V) >>
VMware vCenter Converter is an application developed to migrate systems. The application converts and packages a source system into a new virtual machine that can reside on an ESX/ESXi server.

vCenter Converter performs both physical-to-virtual (P2V) and virtual-to-virtual (V2V) migrations. In a P2V migration, the operating system running on a physical system is copied to a virtual machine. In a V2V migration, an existing virtual machine running on one virtualization platform is copied to a virtual machine running on another virtualization platform. But vCenter Converter is not limited to virtual machines created in VMware platforms; it can also import and convert VMs created in competing software, such as Microsoft Virtual Server and Microsoft Hyper-V.


<< Hot vs Cold Migrations >>
VMware vCenter Converter is capable of accomplishing both hot migrations and cold migrations.

Hot migrations are those which occur while the source system is in a running state. Hot migrations are not recommended for certain tasks — like migrating Active Directory Domain Controllers into a virtual machine (this task should be performed during a cold migration) — but work well with systems where local data remains static.

Cold migrations, on the other hand, occur while the source system is offline. Cold migrations are ideal for systems like SQL servers and mail servers that have data that is regularly updated or altered. During cold migrations, the physical computer itself is still running, but the operating system that is being cloned is inactive. Cold migrations are initiated by booting VMware Converter from a disc.


<< Physical-to-Virtual (P2V): Hot Migration >>
1. To perform a P2V migration in vCenter Converter Standalone, click “Convert Machine.” Select “Powered-on Machine” from the drop-down menu on the Source System tab.

2. Select “This Local Machine” if you intend to migrate the physical machine to where VMware vCenter Conversion is installed. Otherwise, click “A Remote Machine” and then enter the IP address and login credentials for the source system. Click “Next.”

3. Select “VMware Infrastructure Virtual Machine” from the drop-down menu. Enter the server address and login credentials for the system running VMware ESX/ESXi. Click “Next.”

4. Review the system parameters on the Options tab. To make changes to a device, network or service option, select the desired setting from the list.

Click “Advanced Options” to synchronize the source system with the destination system immediately after cloning or at a scheduled date and time. If you’re cloning a Windows machine, it’s recommended that you check “Install VMware Tools on the Destination Virtual Machine” and “Remove System Restore Checkpoints on Destination” on the Post-Conversion tab.

Click “Next” after making the desired modifications, if applicable.

5. Review your configuration on the Summary tab; then click “Finish” to perform the migration.


<< Physical-to-Virtual (P2V): Cold Migration >>
1. Boot to VMware Converter, and then click “Import Machine” from the toolbar. Click “Next”; then click “Physical Computer.” Click “Next” again.

2. Select “A Remote Machine” or “This Local Machine” on the Source Login screen. If selecting “A Remote Machine,” enter the name or IP address for the source system; then enter the login credentials. Click “Next.”

3. Select “Automatically Uninstall the Files When Import Succeeds” if prompted, and then click “Yes” to continue. On the Source Data screen, select “Convert All Disks and Maintain Size” to import an identical hard disk configuration to the destination machine. To make modifications to the disk configuration, click “Select Volumes and Resize to Save or Add Space.”

Uncheck a volume to remove it from the migration. To specify a new volume size for a disk, select the drop-down menu below “New Disk Space.” Choose “Maintain Size” to use the original volume size or choose “Min(imum) Size” to import only the part of the disk that has been used. You can also manually specify the size of the disk by typing the desired capacity in GB or MB.

4. Select “VMware Infrastructure Virtual Machine” from the drop-down menu on the Destination Type screen. Click “Next.” Enter the server address and the login credentials for the ESX/ESXi server.

5. Name the destination system. Click “Next.” Select the preferred host to run the virtual machine from. Click “Next” again.

6. Select a datastore for the virtual machine. The datastores should be large enough to hold the data stored to the source system’s hard disks. To assign a datastore to each hard disk, click “Advanced”; then select a datastore for each hard disk and config file. Click “Next.”

7. Select the number of network interface cards (NICs) to import. Check “Connect at Power On,” if preferred. Click “Next.” Check “Install VMware Tools,” “Customize the Identity of the Virtual Machine,” and “Remove All System Restore Checkpoints.” Click “Next.”

8. On the Computer Info screen, enter the computer, owner and organization names. Generate a new security identity (SID), if desired, then type the location where the Sysprep files are stored, if applicable. Click “Next.” If you’re importing a Windows system, enter the licensing information for the machine. Click “Next.”

9. Select a time zone from the drop-down menu. Click “Next.” Select a NIC and then click “Customize,” to alter the network parameters, if preferred; otherwise, use the default settings. Click “Next.”

10. Enter the workgroup or Windows server domain information on the Workgroup or Domain screen. Input the necessary login credentials; then click “Next.”

11. Review your settings on the Summary screen. To power on the destination VM after completing the conversion, check “Power on the New Virtual Machine After Creation.” Click “Finish” to begin importing the source system to the ESX/ESXi server machine.


<< Virtual-to-Virtual (V2V): Hot Migration >>
After installing vCenter Converter Standalone to the virtual machine, launch the Conversion wizard. Select “Powered-On Machine” from the drop-down menu, click “Local Machine,” and then follow the same steps as described in the section Physical-to-Virtual (P2V): Hot Migration.

One thing to keep in mind before performing a hot migration, however, is that, in some instances, vCenter Server can interfere with the migration process. If the source system is inside a Distributed Resource Schedule (DRS) cluster that vCenter Server controls, DRS Power Management (DPM) will turn off the ESX/ESXi host that vCenter Converter is working with. Change DPM to Manual via the cluster’s Settings screen before performing the hot migration. Once the migration is complete, revert Power Management to its previous configuration.

Although hot migrations have their purpose, they’re only needed when a virtual machine is too important to be taken offline. In all other instances, you should perform a cold migration. The following steps detail the offline conversion process.


<< Virtual-to-Virtual (V2V): Cold Migration >>
1. Power down the source machine before proceeding. Select “Convert Machine” from the toolbar to launch the Conversion wizard.

See steps 2a and 2b to import a VM from a hosted virtualization platform; See steps 3a and 3b to import a VM from a bare-metal virtualization platform.

2a. Hosted Virtualization: Choose “VMware Workstation or Other VMware Virtual Machine” or “Backup Image or Third-Party Virtual Machine” from the Source Type drop-down menu, depending on which platform the source machine is using.

2b. Hosted Virtualization: Enter the full file or network path linking to the virtual machine. Supported third-party platforms include Microsoft Virtual PC and Microsoft Virtual Server (.vmc), and Parallels Desktop (.pvs). Use .vmx for virtual machines created in VMware. Note that if you’re importing a VM from Microsoft Virtual PC, you should remove the Virtual PC Additions from the machine, as they can interfere with the conversion process.

Enter the login credentials for the server if accessing a network share, and then click “Next.” Skip to step 4.

3a. Bare-Metal Virtualization: Select “VMware Infrastructure Virtual Machine” or “Hyper-V Server” from the drop-down menu on the Source System screen. If vCenter Converter is not installed to Hyper-V Server, a prompt will appear requesting permission to install the application to the system. Confirm the installation of the software to proceed with the conversion.

Enter the server address and login credentials for the ESX/ESXi or Hyper-V Server. Click “Next” to go to the Source Machine screen.

3b. Bare-Metal Virtualization: Search through the inventory to locate the source system. If you’re accessing ESX/ESXi through vCenter Server, choose “Hosts and Clusters” or “VMs and Templates,” depending on where the source machine is housed.  Select the virtual machine to import into the ESX/ESXi Server, and then click “Next.”

4. Select “VMware Infrastructure Virtual Machine” from the Select Destination Type drop-down menu. Enter the address, user name, and password for ESX/ESXi Server into the required fields. Click “Next” to go to the Destination Virtual Machine screen.

5. Enter a new name for the destination machine or use the default name. Select a destination location for the VM if managing ESX/ESXi through vCenter Server. Click “Next” to go to the Destination Location screen.

6. Select a host, resource pool, or cluster to accommodate the virtual machine; select a datastore where the files associated with the virtual machine should be stored (optional); and then select the virtual hardware version from the drop-down menu (optional). Use Version 4 for machines running ESX/ESXi 3.x, Version 7 for machines running ESX/ESXi 4.x, and Version 8 for machines running ESX/ESXi 5.x. Click “Next” to go to the Options screen.

7. Click “Edit” to make changes to a hardware device. If you’re importing a virtual machine based on the Microsoft Windows operating system, select “Advanced” from the middle pane to view the Post-Conversion tab. Uncheck “Remove System Restore Checkpoints on Destination.” Check “Reconfigure Destination Virtual Machine” to personalize the OS (e.g., create a unique name and password, enter a new product license, or change the workgroup or domain settings). Click “Next” after making the desired changes.

8. Review your selections on the Summary screen; then click “Finish” to begin importing the VM.


Reference:
1. VMware P2V Migration: Importing Virtual Machines into VMware ESXi Part 1
http://blog.pluralsight.com/vmware-p2v-migration

2. VMware V2V Migration: Importing Virtual Machines into VMware ESXi Part 2
http://blog.pluralsight.com/vmware-v2v-migration

Tuesday, 18 November 2014

IT Technology: Blackmagic Disk Speed Test


Blackmagic Disk Speed Test allows you to get a great real world indication of your disk array performance. Reported in a simple frames per second count, Disk Speed Test uses long sustained block transfers just like capturing and playing video, so it's more accurate than generic disk test utilities.


Reference:
Blackmagic Utilities Included!
https://www.blackmagicdesign.com/products/intensity/software

IT Technology: Physical Address Extension ( PAE )


Physical Address Extension (PAE) is a processor feature that enables x86 processors to access more than 4 GB of physical memory on capable versions of Windows. Certain 32-bit versions of Windows Server running on x86-based systems can use PAE to access up to 64 GB or 128 GB of physical memory, depending on the physical address size of the processor.

The Intel Itanium and x64 processor architectures can access more than 4 GB of physical memory natively and therefore do not provide the equivalent of PAE. PAE is used only by 32-bit versions of Windows running on x86-based systems.

With PAE, the operating system moves from two-level linear address translation to three-level address translation. Instead of a linear address being split into three separate fields for indexing into memory tables, it is split into four separate fields: a 2-bit bitfield, two 9-bit bitfields, and a 12-bit bitfield that corresponds to the page size implemented by Intel architecture (4 KB). The size of page table entries (PTEs) and page directory entries (PDEs) in PAE mode is increased from 32 to 64 bits. The additional bits allow an operating system PTE or PDE to reference physical memory above 4 GB.

In 32-bit Windows running on x64-based systems, PAE also enables several advanced system and processor features, including hardware-enabled Data Execution Prevention (DEP), non-uniform memory access (NUMA), and the ability to add memory to a system while it is running (hot-add memory).

PAE does not change the amount of virtual address space available to a process. Each process running in 32-bit Windows is still limited to a 4 GB virtual address space.


<< System Support for PAE >>
PAE is supported only on the following 32-bit versions of Windows running on x86-based systems:
* Windows 7 (32 bit only)
* Windows Server 2008 (32-bit only)
* Windows Vista (32-bit only)
* Windows Server 2003 (32-bit only)
* Windows XP (32-bit only)


<< Enabling PAE >>
Windows automatically enables PAE if DEP is enabled on a computer that supports hardware-enabled DEP, or if the computer is configured for hot-add memory devices in memory ranges beyond 4 GB. If the computer does not support hardware-enabled DEP or is not configured for hot-add memory devices in memory ranges beyond 4 GB, PAE must be explicitly enabled.

To explicitly enable PAE, use the following BCDEdit /set command to set the pae boot entry option:
bcdedit /set [{ID}] pae ForceEnable

IF DEP is enabled, PAE cannot be disabled. Use the following BCDEdit /set commands to disable both DEP and PAE:
bcdedit /set [{ID}] nx AlwaysOff
bcdedit /set [{ID}] pae ForceDisable

Windows Server 2003 and Windows XP:  To enable PAE, use the /PAE switch in the boot.ini file. To disable PAE, use the /NOPAE switch. To disable DEP, use the /EXECUTE switch.


<< Comparing PAE and other Large Memory Support >>
PAE, 4-gigabyte tuning (4GT), and Address Windowing Extensions (AWE) serve different purposes and can be used independently of each other:
PAE allows the operating system to access and use more than 4 GB of physical memory.
4GT increases the portion of the virtual address space that is available to a process from 2 GB to up to 3 GB.

AWE is a set of APIs that allows a process to allocate nonpaged physical memory and then dynamically map portions of this memory into the virtual address space of the process.

When neither 4GT nor AWE are being used, the amount of physical memory that a single 32-bit process can use is limited by the size of its address space (2 GB). In this case, a PAE-enabled system can still make use of more than 4 GB of RAM to run multiple processes at the same time or to cache file data in memory.

4GT can be used with or without PAE. However, some versions of Windows limit the maximum amount of physical memory that can be supported when 4GT is used. On such systems, booting with 4GT enabled causes the operating system to ignore any memory in excess of the limit.

AWE does not require PAE or 4GT but is often used together with PAE to allocate more than 4 GB of physical memory from a single 32-bit process.


Reference:
Physical Address Extension
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366796(v=vs.85).aspx

Cisco: SMARTBill Call Accounting System for Cisco Call Manager

Telephone bills constitute a large part of an organisations expense. With NexLabs SMARTBill call accounting system, managers and IP telephony administrators have the control costs and measure the performance of their staff and telephony network. A comprehensive set of reports and tools provide users with broad overviews as well as detailed information all from the comfort of their own desks.

Features:
* Powerful user access controls
* Multi-site support
* Multi-tenants support
* Unlimited operator rates
* Flexible organisation structures
* Custom User PINs
* Contact Centre Reports
* Automated Reports
* Automatic Synchronisation with Call Manager


Reference:
SMARTBILL
https://marketplace.cisco.com/catalog/products/4237

Wednesday, 12 November 2014

Palo Alto: GlobalProtect by Palo Alto Networks

GlobalProtect provides a comprehensive security solution for mobile devices built upon the technologies of the Palo Alto Networks enterprise security platform and tailored to address mobile requirements. It delivers unprecedented levels of integration to deliver a unique solution that combines technology, global intelligence and policy enforcement over mobile apps and threats. These principles allow businesses to provide a safe environment for applications and data while still permitting users to enjoy the native user experience of their preferred device.

GlobalProtect safely enables mobile devices based on three categories of security requirements:
Manage the Device
GlobalProtect enables organization to manage mobile device configuration, provision apps and oversee device usage throughout the organization with GlobalProtect Mobile Security Manager.

Protect the Device
GlobalProtect establishes an IPsec/SSL VPN tunnel to protect the device. The tunnel terminates on a Palo Alto Networks next-generation firewall, which delivers consistent enforcement of security policy and threat preventions to users regardless of where they are located. The next-generation firewall inspects the traffic for threats to protect the mobile device from malicious content.

Control the data
GlobalProtect uses apps, users, content and device state as policy criteria for determining the network resources that users can access. Unmanaged or non-compliant devices can be blocked from accessing sensitive resources. The solution also controls business data on mobile devices while respecting the user’s privacy for personal data.


<< How GlobalProtect Works >>
GlobalProtect Gateway
Delivers mobile threat prevention and policy enforcement based on apps, users, content, device and device state. Extends a VPN tunnel to mobile devices with GlobalProtect App. Integrates with WildFire for preventing new malware.

GlobalProtect App
Enables device management, provides device state information, and establishes secure connectivity. Connects to the GlobalProtect Gateway to access applications and data in accordance to policy. Exchanges device configuration and device state with the GlobalProtect Mobile Security Manager.

GlobalProtect Mobile Security Manager
Provides device management to configure the device. Uses WildFire malware signatures to identify devices with infected apps. Shares information about the device and device state with GlobalProtect Gateway for enforcing security policies. Hosts an enterprise app store for managing business apps. Isolates business data by controlling lateral data movement between business and personal apps.


<< Platform support >>
GlobalProtect Gateway
* Palo Alto Networks next-generation firewall

GlobalProtect Mobile Security Manager
* Palo Alto Networks GP-100

GlobalProtect App
* Android 4.0.3 and later (Google Play)
* Apple iOS 6.0 and later (App Store)
* Microsoft Windows XP, Vista, 7, 8, and 8.1
* Apple Mac OS X 10.6 and later
* Linux (using vpnc)


Reference:
GlobalProtect: Safely Enable Mobile Devices
https://www.paloaltonetworks.com/products/technologies/globalprotect.html

Tuesday, 11 November 2014

IT Technology: Substitution Augmentation Modification Redefinition ( SAMR ) Model

The Substitution Augmentation Modification Redefinition ( SAMR ) Model offers a method of seeing how computer technology might impact teaching and learning.  It also shows a progression that adopters of educational technology often follow as they progress through teaching and learning with technology.

While one might argue over whether an activity can be defined as one level or another, the important concept to grasp here is the level of student engagement. One might well measure progression along these levels by looking at who is asking the important questions.  As one moves along the continuum, computer technology becomes more important in the classroom but at the same time becomes more invisibly woven into the demands of good teaching and learning.


Reference:
SAMR Model
https://sites.google.com/a/msad60.org/technology-is-learning/samr-model

Friday, 7 November 2014

Google: Useful Tips to Administrate Google Apps for Education

1.  Google Apps Migration for Microsoft Exchange and Outlook
2.  Google Active Directory Sync
3.  Google School Directory Sync - import from CSV
4.  Deleted user - Google will permanently delete the users after 5 days ( use suspended rather than deleted )
5.  Can restore the Drive and Gmail data of an user within 26 days
6.  FIM - ForeFront Identity Manager - Middleware sync between the school information system to other application including AD
7.  SSO Easy - Single Sign On for Google Apps
8.  Should turn on Objectionable Content - filter bad words, student welfare and credit card info
9.  No way to upload student's photos to Google
10. For Google Classroom, if the teachers click on Student, only Google Admin can do the change in the console
11. Google will give unlimitted storage space after 2 weeks from 7 Nov 2014
12. CloudLock to scan the sensitive contents in Google Drive and disable the sharing for students
13. Need to let the management know if you enable the sharing outside the organization because the information is exposed
14. Document's name in Google Drive can be the same because the URL is unique
15. Recommended only staffs can create site in Google Site
16. Do not allow phone call for students in Google Hangout
17. Add a suffix to groups created by users so that you can avoid the student to create an unappropriate group in Google Groups
18. Google Takeout - Take out all the data from Google Apps
19. Turn off Youtube and Google+ for the students under the age of 13
20. Disable Google Place and Google Adworks - students do not need that
21. You can track the person who has done the configuration ( Google Admin ) in Google Reports
22. Set alerts in Google Reports so that you will be alerted if someone has done some changes
23. Set the Admin roles accordingly to restrict the personal who can access the Google Admin console
24. You can use Google Apps Manager - GAM ( command based, free version ) and Flashpanel ( GUI based, paid version ) to manage your Google Apps

Wednesday, 5 November 2014

Microsoft: Windows & Exchange Changing an Username and Email Address


Step 1 - Change the Username, Logon Name and Display Name
1. On the Exchange server > Start > Run > dsa.msc {enter} > Locate the user in question > Right click and rename.

Note: You can do this on any Domain Controller but for Step 2 we will need to be on an Exchange server, or a machine with the Exchange Management tools installed.

2. As soon as you press {enter} > The rename user dialog will open, and you can change the display name, and the user logon name > OK.


Step 2 - Exchange 2000 / 2003 (Including SBS 2000 / 2003) Change the Email address
Note: For newer versions of Exchange see below.

1. Whilst still in active Directory Users and Computers > Right click the affected user > Properties.

2. E-mail Addresses tab > Add > SMTP Address.

3. Type in the new email address > OK.

4. Untick the "Automatically update email..." option > Select the NEW email address >Set As Primary > Apply > OK.

Note: It can take a while for your global address list to update, then your Outlook clients need to get the updated list, sometimes this can take a couple of days! Be patient, the changes have been made.


Step 2 - Exchange 2007 / 2010 (Including SBS 2008 / 2011) Change the Email address
1. On your Exchange 2007/2010 Server Launch the Exchange Management Console > Recipient Configuration > Mailbox > Locate the user > Properties.

2. E-mail Addresses tab > Add > Type in the new address > OK.

3. Untick the "Automatically update email..." option > Select the NEW email address > Set As Primary > Apply > OK.

Note: It can take a while for your global address list to update, then your Outlook clients need to get the updated list, sometimes this can take a couple of days! Be patient, the changes have been made.


Reference:
Changing a Username and Email Address (Windows & Exchange)
http://www.petenetlive.com/KB/Article/0000698.htm