Search This Blog

Monday, 13 April 2015

Stop and Think Security Smart

Most of us are already aware that emails can contain hidden nasties but not all of us are aware what we can do to protect ourselves, this guide is to help you know what to do when you get an email that you are unsure of.

The Golden Rules

If you receive an email and you do not know who it is from or what it is about then, stop and think Security Smart.
If you receive a link in Facebook to something you do not know about from a friend, stop and think Security Smart.
If you receive an email attachment and you do not know what it is, stop and think Security Smart.
You would not let someone into your home without Photo ID, do not let the criminals into your Computer without first asking, do I know who you are?

What to do - The Email Attachment

Here is a classic email attachment malware, the email is sent from a generic fake email address like and is addressed to you, it has an attachment called something.ZIP and it asks you to
Update something on your computer because there is a problem
Take delivery of a parcel or invoice that we are waiting on
Accept a sales enquiry by opening their attached request
In 99.9% of cases these are always a criminal email targetting you, when you see an email like this delete it and then inform our Help Desk and we will investigate for you.

What to do - The FaceBook Video

Many times we when access Face Book we see a video posted by a friend and we click on it, but when we do we are asked to install a new video player so we can watch it. Note the arrow showing that we need to install a player to see the video.
in 99.9% of cases these are always the criminals again, do not install anything from this site, it will give the criminals access to your Computer.

What to do - The Email Link

The last common kind of email is the link to the criminals website, note the email above, it looks like it is from Google and it seems to say something that is acceptable and understandable, so you are inclined to click the link.
These are called phishing emails, its just a tech way of saying fishing and the criminals are fishing for you, if you click their link they have hooked you!
If a genuine site needs to contact you, when you next login the site will tell you what you need to do, genuine systems do not send emails like this.
Delete the email and do not click on any links.

How to stop our natural reaction

The criminals are targetting some of our basic instincts
  1. That we are naturally curious to find out more
  2. That we fear we may miss out on something if we do not take action
  3. That we go into automatic mode and do not always stop to think what we are doing
This happens to everyone, it is part of who we are, but all we need to do is stop anytime we are working on our computers and if something is happening you are unsure of or you are being asked to do install something you did not choose to do...
Stop and Think Security Smart!

Friday, 28 November 2014

Exchange 2013 CU6 - Mail Enabled Public Folders reject emails externally with a NDR

Users who send emails to a Mail Enabled Public Folder see an NDR when emailing externally even though the folder is set to allow emails without authentication.

NDR after CU6

When you send an email to the Mail Enabled Publci Folder post CU6 you will receive an NDR such as the above.

Exchange CU6 Update Notes

The change to the security is explained in the Exchane 2013 CU6 Notes here

Add Anonymous Permissions

To allow emails to be sent to the folder you can use the above Power Shell to enable Anonymous CreateItems permission on the folder.
Add-PublicFolderClientPermission "\Customer Feedback" -AccessRights CreateItems -User Anonymous

Monday, 8 September 2014

Shadow Protect Server does not connect when you change a Server Computer Name

If you change the Computer Name of a Server with Shadow Protect Installed you will need to change the name in the applicaiton before it will connect to the service.

1. Disconnected State


When you open Shadow Protect you will see the server is in a disconnected state and will show the error The RPC server is unavailable. In this case the server needs to be renamed from DAG to THUR

2. Rename Server


Right click on the server and choose Edit.

3. Edit Server Details


Under the Server Name and Server Address change the name to be the correct Computer and NetBios Name.

4. Restart Service


You now need to restart the ShadowProtect Service.


Tuesday, 15 July 2014

How to delete files from a QNAP NAS using SSH

Sometimes a QNAP NAS can get so full you cannot access it via SMB or delete files via the Web Management. Here is how to remove files via SSH.

Login to the Device via SSH using putty

Open putty and connect to the NAS via the Management IP address using SSH


Login to the device with Admin User only

List the Mount Points

Use the command df to show the mount points on the disks. On a QNAP NAS look for the folders /share/MD0_DATA

Change Folder

Use the command cd /share/MD0_DATA to change to that folder

Show Shares

You now show the shares on your QNAP NAS with the command ls

Change to Folder to be Deleted

To delete a folder, change to the parent folder and then you are ready for remove the folders and files

Remove Folders

You can then remove the folders and files with the command
rm -rf /share/MD0_DATA/ShareName/Folder

Confirm the Disk Space Reduction

In the Web Management GUI you can now confirm the disk space as it reduces

Cannot access Network Shares on Windows 8

I had an instance where I had a Windows 8 laptop with a local Administrator but when I tried to browse to the C$ share I was displayed the error "multiple connections are not allowed"  from command line I got an Access Denied message.  All this was even though I was using the right credentials.

It turns out to be a UAC filtering policy in Windows 8 that blocks access unless you use Remote Desktop to the OS.

The solution is in this Microsoft KB article

A big thanks to Helge Klein for this one.

Thursday, 3 July 2014

Hosted Exchange - How to check if a Mailbox allows Outlook Anywhere

Some Mailboxes in Hosted Exchange may not allow Outlook Anywhere, this is when they have been created as Basic Users and have been upgraded to Standard Users. The guide shows how to check this and how to rectify this.

#1 Get-CASMailbox


Open the Exchange Management Shell and run the commandlet Get-CASMailbox | FL

This will now display all the properties for the CAS Mailbox.

#2 MAPIBlockOutlookRpcHttp


Check the property MAPIBlockOutlookRpcHttp if this is set to True then the user is blocked from Outlook Anywhere.

#3 Change Setting


Extend the commandlet to change the setting for the mailbox using the boolean setting True False

Get-CASMailbox | Set-CASMailbox -MAPIBlockOutlookRpcHttp $false

#4 Check Change


Run the Get-CASMailbox and check the setting has now changed to False

Monday, 30 June 2014

UPS - How to configure an APC UPS Management Card

Configuring a APC UPS Management card is not difficult you just need to be patient and make sure it is all done right.

#1 Login


The default login for an APC is apc and apc

#2 Status


Once logged on you can see the Status of the device, the internal temperature and runtime are important to note.

#3 Configuration - Power Settings


Choose the Configuration, Power Settings option and then set the Rated Output Voltage to your country voltage, this is 240V in the UK.

#4 Configuration - Shutdown


Choose the Configuration, Shutdown option and then for Low Battery Duration select a time no less than 10 minutes otherwise you will not have enough time to shut down your servers before the UPS discharges.

#5 Administration - Local Admin


Choose the Administration, Local Users, Administrator option and set the User Name to ups-admin and set a password.

#6 Administration - Device


Choose the Administration, Local Users, Device option and uncheck the Access Box to disable the Device User.

#7 Administration - Read Only


Choose the Administration, Local Users, Read Only option and set the username to ups-read and set a password.

#8 Configuration Auto Log Off


Choose the Administration, Auto Log Off option and set the timeout to 10.

#9 DNS


Choose the Administration, Network, DNS option and then enter your DNS Servers, Host Name and Domain Name.

#10 SMTP Server


Choose the Administration, Notification, Email, Server option and then enter your SMTP Smart Host and From Address.

#11 Recipients


Choose the Administration, Notification, Email, Recipients option and enter your email address, change the SMT P Server to recipient.

#12 Test Email


Choose Administration, Notification, Test and then test to make sure your notification works.

#13 Identification


Choose the Administration, General, Identification option and enter the details.

#14 Time


Choose the Administration, General, Date Time option and set the Time Zone, set the NTP Server.

#15 Daylight Savings


Choose the Administration, General, Daylight Savings option and set the Traditional Daylight Savings.

#16 Date Format


Choose the Administration, General, Date Time, Date Format and set your regional format.