Microsoft: Unexplained NetBIOS Traffic When Doing Traceroute

NBSTAT queries are often used to resolve an IP address to a NetBIOS name. During the Traceroute process, it looks up the NetBIOS name because it appears that a DNS reverse lookup doesn't work:

Microsoft: Microsoft Sysinternals Suite

Microsoft Sysinternals Suite is all their utilities rolled up into one. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.

Microsoft Sysinternals Suite is a bundling of the following selected Sysinternals Utilities:

• AccessChk
• AccessEnum 
• AdExplorer 
• AdRestore 
• Autologon 
• Autoruns 
• BgInfo 
• CacheSet 
• ClockRes 
• Contig 
• Coreinfo 
• Ctrl2Cap 
• DebugView 
• Desktops 
• DiskExt 
• DiskMon 
• DiskView 
• Disk Usage (DU) 
• EFSDump 
• FileMon 
• Handle 
• Hex2dec 
• Junction 
• LDMDump 
• ListDLLs 
• LiveKd 
• LoadOrder 
• LogonSessions 
• NewSid 
• NTFSInfo 
• PageDefrag 
• PendMoves 
• PipeList 
• PortMon 
• ProcessExplorer 
• Process Monitor 
• ProcFeatures 
• PsExec 
• PsFile 
• PsGetSid 
• PsInfo 
• PsKill 
• PsList 
• PsLoggedOn 
• PsLogList 
• PsPasswd 
• PsService
• PsShutdown
• PsSuspend 
• RegDelNull 
• RegJump 
• RegMon 
• RootkitRevealer 
• SDelete 
• ShareEnum 
• ShellRunas 
• SigCheck 
• Streams 
• Strings 
• Sync 
• TCPView 
• VMMap 
• VolumeID 
• WhoIs 
• WinObj 
• ZoomIt

Google: Allowing Less Secure Apps to Access Your Account

Google may block sign-in attempts from some apps or devices that do not use modern security standards. Since these apps and devices are easier to break into, blocking them helps keep your account safe.

Some examples of apps that do not support the latest security standards include:
1. The Mail app on your iPhone or iPad with iOS 6 or below
2. The Mail app on your Windows phone preceding the 8.1 release
3. Some Desktop mail clients like Microsoft Outlook and Mozilla Thunderbird

<< Change account access for less secure apps >>
To help keep Google Apps users' accounts secure, we may block less secure apps from accessing Google Apps accounts. As a Google Apps user, you will see a "Password incorrect" error when trying to sign in. If this is the case, you have two options:

* Option 1: Upgrade to a more secure app that uses the most up to date security measures. All Google products, like Gmail, use the latest security measures.

* Option 2: Change your settings to allow less secure apps to access your account. We don't recommend this option because it might make it easier for someone to break into your account. If you want to allow access anyway, follow these steps:
   1. Go to the "Less secure apps" section in My Account.
   2. Next to "Access for less secure apps," select Turn on. (Note to Google Apps users: This setting is hidden if your administrator has locked less secure app account access.)

AWS: Regions and Endpoints

To reduce data latency in your applications, most Amazon Web Services offer a regional endpoint to make your requests. An endpoint is a URL that is the entry point for a web service. For example, https://dynamodb.us-west-2.amazonaws.com is an entry point for the Amazon DynamoDB service.

Some services, such as IAM, do not support regions; therefore, their endpoints do not include a region. Some services, such as Amazon EC2, let you specify an endpoint that does not include a specific region, for example, https://ec2.amazonaws.com. In that case, AWS routes the endpoint to us-east-1.

If a service supports regions, the resources in each region are independent. For example, if you create an Amazon EC2 instance or an Amazon SQS queue in one region, the instance or queue is independent from instances or queues in another region.

For information about which regions are supported for each service, please go to here.

Microsoft: Enable IMAP4 or POP3 in Microsoft Exchange

Step 1: Start Microsoft Exchange IMAP4 or POP3 Service
1. Click Start, point to Programs, point to Administrative Tools, and then click Services.
2. To start the Microsoft Exchange IMAP4 service, in the results pane, right-click Microsoft Exchange IMAP4 or POP3, and then click Start.

Step 2: Configure IP Addresses and Ports for POP3 and IMAP4 Access
1. In the console tree of Exchange Management Console ( EMC ), navigate to Server Configuration > Client Access.
2. In the work pane, click the POP3 and IMAP4 tab.
3. Select either POP3 or IMAP4, and then under POP3 or IMAP4, click Properties in the action pane.
4. On the Binding tab, under TLS or Unencrypted Connections, click Add.
5. On the TLS or Unencrypted Connection Settings page, under IP address to Use, do one of the following:
    a. To use all available IP addresses for a server, select Use all IP addresses available on this server.
    b. To manually specify an address, select Specify an IP address, and then enter an IP address in the dialog box.
6. Under Port to Use, in the box next to Port, enter a port number, or accept the default port.
7. Click OK to save your changes.

* Note: Make sure you have allowed the specified IMAP4 port at the firewall.

IT Security: Relevant Knowledge Spyware / Adware

Relevant Knowledge is classified as spyware or adware by some of the anti-virus software vendors, e.g. Symantec, McAfee, CA, BitDefender, F-Secure and some others. Detections: Spyware.Marketscore, Proxy-OSS, Adware.Relevant.0961. Relevant Knowledge monitors browsing habits and purchasing activities. The data collected is sent to the creator of the application or third-parties. It displays surveys in a pop-up window. Relevant Knowledge uses Internet connection in the background without a user's knowledge and in some cases may even affect Internet connection speed because your Internet connections will go through its own proxy. RelevantKnowledge is bundled in many freeware and commercial applications and it is introduced to a user when those commercial or free products are installed. It could be Windows screensavers, themes, games, etc. That's why you should read user agreement very carefully before installing such applications; otherwise you may install Relevant Knowledge or similar spyware/adware without even realizing it. If you recently noticed a Relevant Knowledge icon on your computer task bar which is a gray circle with lines running through it like latitude and longitude lines on a rounded surface and rlvknlg.exe in your process list then your computer is infected with Relevant Knowledge. To remove it from your computer, please follow the removal instructions below.

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this browser hijacker. Hopefully you won't have to do that.
2. As this infection is known to be installed by vulnerabilities in out-dated and insecure programs, it is strongly suggested that you use an automatic software update tool to scan for vulnerable programs on your computer.
3. Go to the Start Menu. Select Control Panel → Add/Remove Programs.
If you are using Windows Vista or Windows 7, select Control Panel → Uninstall a Program.
4. Search for Relevant Knowledge in the list. Click Uninstall up near the top of the window.
5. Restart your computer. Relevant Knowledge should be gone. If it's still on your computer, please end RelevantKnowledge's process using Task Manager (rlvknlg.exe) and delete files from C:\Program Files\RelevantKnowledge\ folder manually.

* Note:
Associated Relevant Knowledge files and registry values:
<< Files >>
C:\Program Files\RelevantKnowledge\nscf.dat
C:\Program Files\RelevantKnowledge\rlls64.dll
C:\Program Files\RelevantKnowledge\rlls.dll
C:\Program Files\RelevantKnowledge\rloci.bin
C:\Program Files\RelevantKnowledge\rlservice.exe
C:\Program Files\RelevantKnowledge\rlvknlg64.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe

<< Registry values >>
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\RelevantKnowledge
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "RelevantKnowledge"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "OSSProxy" rlvknlg.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache Data "RelevantKnowledge"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"

Microsoft: Disk Cleanup in Windows Server 2008

So in order to use cleanmgr.exe you’ll need to copy two files that are already present on the server, cleanmgr.exe and cleanmgr.exe.mui. Use the following table to locate the files for your operating system.

Once you’ve located the files move them to the following locations:
1. Cleanmgr.exe should go in %systemroot%\System32.
2. Cleanmgr.exe.mui should go in %systemroot%\System32\en-US.

You can now launch the Disk cleanup tool by running Cleanmgr.exe from the command prompt.

Disk Cleanup can now be run by entering Cleanmgr.exe into a command prompt, or by clicking Start and typing Cleanmgr into the Search bar.