I make web apps, which I even put in my wwwroot folder of IIS. I decided one day I wanted to be able to see the web apps performing (and how they appear) from my other computers. So, one night I went on a determined search on how to set this up not stopping until I accomplished it. So, I was able to set it up. The thing is I was thinking about this setup the other day, and realized its actually a very insecure setup, and would rather disable it as it is now. I have recently read that using a VPN with certain settings is more secure. But, I am not here to ask what would be the most secure way to go about this, although suggestions on that could come handy too. But, I would really appreciate some help in figuring out how to disable my current intranet. I have Windows 8 and IIS 8. I also have done these things which I did based on doing the opposite of what I could find doing a couple quick google searches:
I went into the Allow an App through Windows Firewall window, and went to the selection of World Wide Web Services (HTTP), which was checked - like is suggested on some sites to have selected to enable an intranet - and I unchecked it and disabled it.
I went into IIS, and chose default website, and went to Bindings, which, other than the default binding of port 80, had a binding to a port number. I removed this binding.
I restarted my computer after doing these things.
So, I've done these things, and I haven't effected it, it still loads the webpages on other computers in my network as if I had done nothing. I feel helpless at this point, and so I came here to ask about this hoping someone might suggest something that could help.
Well, after a few days waiting for a reply from somebody here, I tried to see if there was anything else that I could do on my own. I was going to go back online hoping to find some other advice elsewhere, but then something came in my mind - maybe the fix for this problem is so simple it was under my nose all along - maybe if I simply uninstalled IIS it'd reset the installation.
So, I did just that, uninstalled IIS and then reinstalled it. It did reset it, and it works just fine on my computer, and not on any other computers - just as I wanted. I should've tried this all along! So, if anyone else stumbles on this page, and has enabled an insecure intranet and couldn't figure out how to disable it (like I was in the predicament of), if you haven't tried uninstalling and reinstalling IIS - try it - it should work.
Now, although I have a better idea of what a more secure intranet should be (as I mentioned above), I just thought it might be a good idea to ask people here on stackoverflow for there suggestions and opinions on how to go about that on another question post.
Related
There is a question here about this already (though,short of re-installing Windows, which I'm obviously trying to avoid, the other solutions don't work for me), but I have some research to add, and a possible solution... which I don't understand, but perhaps someone here is able to shed light on how to implement it? I'm using Visual Studio 2015 Community on Windows 10 Pro x-64 with Anniversary Update (and latest cumulative update).
There is a possible work-around - details at https://social.technet.microsoft.com/Forums/windows/en-US/2f51398c-cef2-4686-9505-904d3f71ef6d/windows-10-applocker-packaged-app-white-list-blocks-store?forum=win10itprogeneral - where the resolution is to allow all Windows App Store apps, however no steps are given, so I don't know how to do that.
There is a relevant hot fix at https://support.microsoft.com/en-gb/kb/2719305, however that is targetting an older version of Windows, so I'm not sure of the repercussions of trying that. I'm leaving that as my last resort short of re-installing.
And finally, there is re-installing, as per the other thread on here, as the Anniversary Update is considered the suspect (and I'm past the rollback window). I already had the AU when I first tried UWP, so I never had it working to begin with to know if this is the culprit or not. I have never touched applocker myself (had never heard of it) - I have this problem out of the box.
Apart from the time involved, I don't want to re-install as there has been mixed success with it - for one person it fixed it, for another it fixed it initially but the problem came back. I am trying to get a permanent fix (and only re-install if I can't find one).
Anyone know a permanent fix for this? Or how to implement the first suggestion? Or implications of the second?
P.S. for the sake of completeness (and to pre-emptively answer this question), one of the things I already tried is the MS trouble-shooter for this issue (I think I found this one on MSDN from memory). It suggested using my MS login instead of my local user, and to change the temp environment variables back to default (I had them pointing to RAMdisk), but doing those things failed to fix the issue.
Well, I ended up re-installing Windows, having corrupted it along the way, and that ended up fixing the issue. I found along the way that the problem actually stops ALL apps from the store installing (I never did find out how to implement the store fix I mentioned in my question), and that provides a quick way to see if the problem is fixed (rather than trying to build/deploy your UWP app each time you think you've fixed it, just try installing a store app).
I did find something that MAY be a solution, at https://answers.microsoft.com/en-us/windows/forum/windows_8-winapps/this-app-wasnt-installed-error-0x80073cf9/92ec7c44-51ef-4c6a-9331-22958e01b4ec?page=1, which relates to how to recover from a corrupted user profile (I'm not being allowed to upload a snapshot of the relevant reply due to still being relatively new here. Sigh) - which I now believe to have been the cause - however I didn't get to try it out as I'd already corrupted Windows at that point. Note that none of the other solutions in that thread worked for me, so I would start with this one first, as the other solutions only worked for some people. If you have this problem then I would try that first before re-installing.
P.S. at one point it looked like the Anniversary Update may have caused the problem, however after I re-installed I tried before applying the AU, and then again with the AU, and it kept working afterwards,so that was NOT the culprit. It was the user profile/Windows being corrupt.
As IT guys, we all help that friend or family member in need of our services. And we all occasionally have to install some program that we are never going to use again. So you install it, do your thing and remove it afterwards. But with installing and removing a lot of software, things get left behind: registry keys, profiles, logs, sometimes even a service. Now I don't like that mess, and it slows down my computer. So once every 4-6 months I have to do a clean install (got some images to fasten it up, but still annoying)
I'm looking for a way to "freeze" my system and start tracking all changes made, so I can remove them afterwards. Ideally I can store them as a file.
For example: I'm helping a friend out whose phone died, galaxy sWhatever. I have to install the drivers, KIES (I believe it was), some tools to get root access. After it's done I remove everything again. Two weeks later, he did it again. Reinstall drivers, kies, tools ... NOT convenient.
So I'm looking for a way to capture/virtualize/save/monitor programs, and installations. Perhaps get them to run modular. (Samsung problem? load my saved Android sdk session, load my Samsung drivers&tools session)
It would be perfect if it works with bigger stuff as well, like Visual Studio. It has several services (like slq) and resources and I only use it once every other month or so.
My search has led me to things like
VM's (which is my current solution) but it has large files, difficult to share files and devices, updates (every .. bloody .. time!).
Sandboxing (not what i'm looking for)
stuff like Docker. Which is somewhat what I'm looking for, but I need it on a personal level and not in a linux-VM
Any ideas? Anyone facing similar challenges? How do you deal with this?
Thanks!
I know blocking a website is a popular question but none of the answers I've seen address my particular situation:
I want to block a website (to be selected by the user, which must also have Admin rights, on Windows XP), without forcing her to restart her browser.
The well known technique of modifying the hosts file requires some browsers to be restarted. I want to accomplish that in a way that is browser-independent (e.g. Content Advisor works in IE but not in FF) and which doesn't require the user to restart his browser.
Please note that I am interested in knowing how to do this programmatically, so http://superuser.com or http://serverfault.com aren't really the right places for this question, as they mostly suggest tools and services, while I am interested in the underlying knowledge so that I can implement it myself.
Ideas?
Thanks.
Please note that I am interested in
knowing how to do this
programmatically, so
http://superuser.com or
http://serverfault.com aren't really
the right places for this question, as
they mostly suggest tools and
services, while I am interested in the
underlying knowledge so that I can
implement it myself.
Such tools would filter traffic by implementing a NDIS Intermediate Driver. See also this other question.
So, I've just started working with a new Joomla site, and something we've added has started hijacking various parts of the site and added links to various places we don't want. Unfortunately, I can't give out a link to the live site right now, but I can describe the problems:
In the footer, where it should say "Designed By: " and the name of the place we got our template from, it leaves the "Designed By:" but removes the name of the template author, and instead puts in two links (not giving the hijacker any more hits but here's the text of them), "online album" and "check whois"
When we hover over the site name, the alt text is set to "Forex Trading Home" which is most certainly not what it should be.
Finally, when you hover over the "Home" item in the main menu, a dropdown appears after a short delay, with a link to "cpanel reseller hosting" inside it.
Now, I'd like to get rid of these advertisements, but I've got no idea where they are coming from. If you guys know some commonly-hijacked files I can search in, or good debugging tricks to find them (I've tried FirePHP, but haven't had much success with it) I'd be much obliged. Unfortuantely, since a few people have been working on the site simultaneously, we're not really sure what extensions could have caused it (if that is in fact, the problem) - but all of them seemed ok, and came from the main Joomla extension site.
EDIT:
Here's a list of the modules I know were installed before we noticed the spam problems start happening:
EasyTemplate.
EasyTemplate - MultiPlugin
mod_picasaslideshow
Content - Picasa Album Embedding
Other than that, everything else was installed after the problems started, or was a theme that has since been uninstalled (and hence, I don't know what it is anymore). The theme that's on it now, I've looked at thoroughly, but is version of this Martial Arts Theme with a lot of modified images (and one change in the php from a .gif to a .png)
EDIT EDIT: So, still looking, but seems an older version of picasa2gallery (we had a new version at one point, but uninstalled it) had an LFI vulnerability. Perhaps that was the source. In any case, I think I'll be doing a full wipe, and just start over, really.
So, turns out the correct answer was "none of the above", not that I noticed that until after I erased everything to remove the hack.
Once I restored the theme, and nothing else, I noticed that the "hack" spam links were back, way too fast to even be an automated script.
That's when I discovered that there was a .gif file in the images directory that contained the "bad" PHP code to include the spam links. Ironically, the code they were using to make it was particularly bad, so at least I got a good laugh out of this long ordeal.
Moral of the story: Don't get themes from ThemZa, and if you do, be prepared to dig through them for cruft, if you like the way they look.
Your complete Joomla installation seems to be hacked, follow the guidelines what you should do now (re-installing and securing)
Check the server access logs. You'll most likely see accesses to a particular component (look for the com_* in the URI) that are excessive, or just out of place.
When this has happened to my sites it has been a particular component that hijackers are searching Google for (i.e. com_virtuemart was the last culprit) and then they attempt their exploit on the component hoping it is a flawed version.
If you can't positively identify and fix the hole they broke in through, it's likely the reinstall Tobias P. recommends is the only safe way. If somebody has access to files on that level, you have a big problem. You will need to identify which way they come in. This could have a multitude of reasons:
Somebody exploiting a Joomla security hole (or one in a plug-in)
Somebody having gained access to the FTP account through spying on a client computer
Somebody exploiting a weakness in the server software
this is most likely somebody exploiting a Joomla hole, and there's probably no reason to panic. But you definitely should find out, or do a reinstall. Maybe you'll find more specific help on the Joomla forums or with your ISP.
While you're at it, best change all FTP passwords too, just to make sure.
Good reading at Google: My site's been hacked - now what?
I am about to travel to Europe (I'm Australian but imagine this is a similar circumstance for US users and simply flipped for European users).
However, there is the slim possibility I will need to do some Visual Studio work while I'm travelling.
As I see it I have three options:
Leave a desktop PC on at home, access remotely via net cafes.
Carry a laptop with me on the trip, upload files as required using public wifi.
Option 2 but instead buy cheap light netbook that is miraculously capable of running VS.
Does anyone have any experience or advice to shed on any of these options?
For reference, this existing post suggests that VS remotely for short distances is okay, but over longer distances could be more problematic. I've used VS via RDP to a US server before and it was pretty laggy but for small changes I could get by.
Concerns I have that you may have some experience with:
Weight of luggage (ideally like to travel light)
Security of laptop (imagine it'll be too heavy to carry around all the time so have to leave it at hotel/hostel etc. and hope for the best)
Security of data (don't want someone stealing RDP access to my home PC)
Security of FTP (don't want someone stealing FTP passwords over wireless)
I'd go with option #2 (carry a laptop that can run VS).
This way you can use the "more convenient" method if it works well (use it as a RDP client if the connection is low-latency enough), but you can still work locally if the connection you find is not reliable.
I think the bottom line is, always have a backup method when depending on networks that are far away and beyond your control.
Edit: Regarding the additional security concerns, most of those are things you should deal with anyway, traveling or not. If the stuff you're working with is that sensitive, you should probably improve the security of your remote work environment with a VPN and more secure file transfer method. Before you take your laptop anywhere, know what your plan is if you were to lose it.
It's a vacation. How do you expect to rest up properly if you're always worrying about work. Leave the phone at home too.
I used to leave a home PC on with VS and use services like GoToMyPc or LogMeIn or some similar service.
Since I have started using a laptop, I just carry the thing with me with VPN connectivity on business trips along with a 3G data card.
But seriously, if on vacation, I do not want to take my laptop with me.
security
First and foremost, encrypt the contents of the HDD - be safe.
If I am on a business trip, the laptop is with me so I am not as concerned with where it is. If I am on vacation, I do not know that I want to take one with me.
If is important then I would keep my laptop/pc at work ON and there will be someone that has access to turn it on/reboot it. So I would carry a light laptop that lets me connect and work if I need it. If that goes down, I can always head into a cybercafe.
database
If you are anticipating working, bring your dev database with you. I know it hogs space and memory (while in use), but it pulling data over the wire has taken long enough to make me lose concentration.
standalone
Make the laptop standalone so that it can work without a connection to VPN or internet - coverage is not the best / uniform in all areas.
Use TrueCrypt for encrypting your harddisk. Use VPN, SSH or something similar for remote connections. I always bring my laptop, but in case I would lose it, it's just a brick for the finder, and I have a good backup system that makes me able to get up and running on another computer quickly.
I tried installing VS2010 on my NetBook and it was a no-go. I was, however, able to install Expression Blend/Web which is good for most tasks.
Edit: To make this more useful... my netbook is HP Mini 1100 Series w/1GB RAM running Windows 7 "Starter"
beware: i don't know where you are going in europe, but do not count on a reliable internet connection in a hotel. it generally works, but when it does not, don't count on the personnel to repair it. of course, if you also carry your own connection (G3 or EDGE on your mobile phone), then this will not be a problem.
I suggest using the option 2 when working on your source code.
I also recommand using Git so you can work with a source control while being disconnected from the office source control. When you get an access, you can sync your whole repository with your office repository.
Of course, it all depend on which source control provider you are using.
For the occasional stuff that are not on Git, use a VPN for enhanced security.
My experience:
1) Purchased a small netbook (Samsung netbook with 2gb or so of RAM, I can lookup exact model number if anyoned interested but I think it's comparable to, or just above the NC10 (just comment if interested)).
2) Internet is bad in Europe (at least the options available to trav ellers). Something to note.
3) The netbook performance was absolutely fine. You don't want to be doing too much dev because of the small screen (though it was only really an issue for me because I got sick of the trackpad and didn't have a separate mouse) but it's honestly pretty fast and easy to use for .NET MVC development in Visual Studio.