Hacking

The book I read to research this post was How To Become World’s No 1 Hacker which is a very good book that I read at kindle unlimited. Presumably the author wants to remain but this book is a guide to all aspects of hacking. When this book was written there was no Windows 8, Windows Server 2008 or Windows Server 2012 so these aren’t covered. There are many lists of top 10 tools for accomplishing various tasks. For example the top 2 password cracking tools are Cain and Able & John the Ripper. Expect a password to take at least a few hours. A shortcut is to research the person’s children’s names and pet’s names as it is surprising how often even nowadays these are used as passwords. If you have to crack the password from scratch you will need a rainbow table that gives you various combinations in order to crack it. Google apart from being a search engine by entering the right terms will give security information about someone. Also if there are wireless ports Wireshark a packet sniffer will tell you which ones are unprotected. Nmap will give information related to a network. One trick if you are going into a secure building is to go in ahead of an employee and hold the door open for them then pretend to be fumbling around looking for your swipe card to get into the secure area and chances are they will hold the door open for you and let you in. This book is around 320 pages so is a decent length. I thoroughly enjoyed it and do recommend it.

 

Network+

The book I read to research this post was Comp TIA Understanding Basic Networking Components by Darril Gibson which is a very good book that I read at kindle unlimited. This book covers basic networking knowledge. I did read in another book that the A+ exam covers what you should know if you work as a computer technician full time for 9 months and Network+ covers what you should know after 18 months. This book covers the basic knowledge you should have before reading a study guide for that exam. It also has important information about the exam in general. It also has sample questions from the exam and a glossary of important terms. The exam is done on a computer with some of the questions being multiple choice. Others require that drag a picture or answer to a particular question it is the answer to. There are also pictures where you might have to match a tools name or choose one with the appropriate setting. There was also a bit of interesting information on firewalls. There are software firewalls that operate with in the operating system. There are also hardware firewalls which businesses normally use. One type is the packet stateful where rules on the types of packets or information transmitted are used to decide what can be allowed through. These rules can be quite complex and are used to filter out any potential malware. I did quite enjoy this book and would recommend it. Obviously if you have already reached Network+ standard you probably know everything that is in this book.

 

Subnetting Secrets

The book I read to research this post was Subnetting Secrets by Paul Browning which is an excellent book that I read at kindle unlimited. This book explains the subject in easy to understand terms. It is around 90 pages so is fairly short. Subnetting is adding network components particularly routers and switches to a network where they use something something called a subnetwork mask which is a unique number identifying that device. Subnets come in different classes with class having potentially 16 million components and computers on a network. Organisations and companies who are huge and only use around 10,000 of these allocations will typically purchase one of these subnet classes. The Ministry of Defence in Britain is one such user of this class. Then there are classes B and C which correspondingly get smaller. Each of these steps of classes starts at 255 and goes down in increments of 32. Don’t make the mistake of halving or doubling them. Class D is multicast where one IP address is used for multiple broadcasting or receiving. Class E is used for experimental use. There is a subnet calculator available at http://howtonetwork.net. The more hosts on a subclass the fewer receiving units are each network. The higher the number of the subclass the fewer the number of hosts. Often the network components on a network seek an address automatically but sometimes if there are designated addresses you have to enter them manually. The latest standard is IVPV6 although sometimes IVPV4 is sometimes used. To work out these addresses the computer uses binary where a circuit being on corresponds to a 1 and off 0. This is rather complicated for humans so we tend to use octal or hexadecimal. They are base 8 and base 16. The binary blocks are normally grouped into blocks of 255 in decimal to make it possible to see at a glance. I thoroughly enjoyed this book and do recommend it.

Real Digital Forensics

The book I read to research this post was Real Digital Forensics by Keith J Jones et al which is a very good book that I bought from Amazon. This book is around 640 pages so is quite a substantial size. It is quite a technical book that takes you by the hand in a kind of tutorial in what to do if your computer network gets a virus or other malware in both Linux and Windows. Some of the steps seem quite easy and might seem a bit obvious like using a digital camera to photograph evidence that is on the screen or pulling a cable out of whatever you access the internet with if you fear confidential information is being accessed. A lot of viruses are killed if you restart the computer or network and while restarting the network might be a problem you might also not want to prior to collecting evidence. It is because the hacker is trying to remain obvious they often allow the malware to be killed easily. Other times of course it will be necessary to run anti-virus which you should run regularly anyway and also make sure it has effectively disinfected the computer because some malware requires unusual steps to be taken. I had one that required the computer to have system restore turned off while the process was running for example. Anti-virus also applies to any devices like mobile phones and tablets and this book recommends a program called Hotsync which is a free program you can download for PDA’s. This book doesn’t cover things like Android as I think it is a few years old. You also should check what ports are being used and what files are being accessed as well as where suspect files have come from. If a computer or network is breached there is bound to be evidence like this. A virus will typically keep trying different ports to try and access other computers and the internet which is another tell tale sign. You can often use a program called Snort in one of its versions for this. Another program ideal for wireless networks is Wireshark. I did quite enjoy this book and do recommend it. I think ideally you want this book open while you repeat the steps rather than just read it.

 

Deploying Internet Wireless Hot Spots

The book I read to research this post was Deploying Internet Wireless Hot Spots by Bryan Foo which is a very good book that I read on kindle unlimited. This is a fairly short book for network service engineers that cut out all the excess dialogue and concentrates on the steps involved in connected a wireless access capability to your network. It has example models of the various items needed. There are also example set up settings to at least get your network up and running leaving you to finish configuration at a later point. A lot of the hardware used is Cisco. Cisco is the king of the crop when it comes to networking. You need a wireless access point to provide the internet connection and get a contract with a service provider. Another essential is a router which can either work with fast ethernet, cable or the ADSL component in telephone line. This will give a wired connection for back. A necessity is a PoE Switch which looks a bit like a router at first glance and is like a pre amp on a home network in that both provide current to send a signal down the cable. With cable most people use cat 6 or cat 5e and over long distances fiber-optic. You also need wireless access cards and whatever you do don’t use the default passwords. Make them a decent length with numbers, capital letters and small case and use special characters. I did thoroughly enjoy this book and would recommend it. It is the most easy to follow book on computer networks I’ve read.

Cyber-Security

The book I read to research this post was Cyber-Security by Edward Amoroso which is a very good book that I read on kindle unlimited. This book is around 250 pages so is a decent length and is a little pricey so if possible read it on kindle unlimited which works out cheaper. This book is a general guide to securing your computer or network against viruses and cybercrime for non-technical people. There is a lot of anecdotal stuff in the book like Taiwan allegedly has an arsenal of over 1,000 viruses developed by the military for use if that country gets invaded. A lot of other countries have teams similarly developing malware for wartime. No country has released a mass cyber attack on another country so far and security has come a long way in recent years but it is still a very real threat. During the first Gulf War a team of 5 Dutch hackers got into various defense computers connected with the conflict at the Allied end. They had so much power over the network one military official said they could have sent toothbrushes instead of bullets to the frontline which of course would be disastrous for them. Most companies probably have too much trust in their employees and have taken almost no measures to prevent workers doing malicious acts like espionage or putting a back door program in networks or software. Of course implementing these kind of measures is very difficult. They might call in a consultant every few years to check everything but is liable to not notice a lot of things and a lot of damage can be sustained in that time. A lot of hacking attacks take place from like typically a unsecured UNIX computer in a college that maybe doesn’t have its internet usage monitored. Edward works for AT & T the big telecommunications company in America in monitoring their networks so does know a thing or 2 about malware. I did really enjoy this book which isn’t a how to guide but is more a general guide and of course recommend it.

Google Chromecast

The book I read to research this post was Unlock The Power Of Your Chromecast by Aaron Halbert which is an excellent book which I bought from kindle. If you just need to do things like watch Netflix on your Chromecast you probably don’t need but if you want to get the most out of it like using various apps and programs to add additional features or watch channels like Disney and Spotify which aren’t officially supported this book is for you. The Google Chromecast is about $35 and is a tv streaming box a bit like the Roku or Apple TV. Unlike them it uses a wireless router and computer network to do the streaming. It works with a 3D signal uses the router mostly to do the processing which frees up the processors on your television, tablet or computer. Say if you are watching YouTube on it you haven’t got to keep the app open to do that because it converts it into a TV signal leaving you to do other stuff on your computer. There are various services for the Chromecast mainly for different tv stations you can watch and some are kind of unofficial and will typically be a lower resolution than full HD. There is localhost which is free and cloud based and gives you up to 2GB to store media to play which isn’t much space you have to pay for anything additional. There is a program called handbrake which you can probably search for in Google but that lets you convert from other formats into MP4 the compatible format and that is a free program. If there is no kind of signal going to the Chromecast it will merely display a screensaver. It will stream stuff to a tablet for you to watch. This book which when I downloaded was number 1 on the computing ebook chart on kindle at the time does tell you everything you could possibly want to know about the Chromecast and does a good job of explaining it. A final thing if you do presentations and have a large HDTV you can do your presentations streamed from a laptop via the device on the television and lets face it a Chromecast is lot more mobile than a projector. I did really enjoy reading this book.

 

 

Microsoft Sharepoint 2013 Part A

This is the 1st installment in my blog post series on Microsoft Sharepoint 2013 which is based on what I learn doing the video training course Using Sharepoint 2013 by Infinite Skills. Sharepoint is a website often called a sharepoint site and central repository for workers information. You can share documents and as long as you have the necessary permissions can search for stuff. It allows file sharing and integrates with programs like Exchange 2013 & Office 365. Most work is done within your web browser and information is in the form of files and folders with a lot of stuff being stored in sub folders. A sharepoint site is normally a top level site with lots of subsites and things like libraries forming a hierarchy. Everything is termed a site collection although a small firm might only have a single site. Generally each department within a company will have a sub site. Employees will often have what we call a mysite and all this works equally well as an internet site or intranet site. All sites have a URL which has a hierarchy beginning with the name of the website and working down through the various subcategories. A home page which is the page you first land on in either a main site or a subsite will contain home in the address. Internet Explorer which is also made by Microsoft is fully supported through versions 8-10 and other versions and browsers will work most of the time with mostly minor if any glitches. Active X controls sometimes don’t work with other browsers. If you work quite a lot with a particular webpage you can save it as a favorite to make it easy to subsequently find. HTTPS means a site is a secure site requiring a password and user name etc. A lot of the sharepoint pages end with the filetype .aspx which is a file type generic to this program. The foundation version doesn’t support mysites but the standard, enterprise and office 365 versions do. If you are merely learning how to use Sharepoint I would recommend getting a single user account of the office 365 version which is just $4 per month and is good value. Sharepoint also integrates with social media sites and you can follow others and have updates about them put on your mysite which centralizes it and saves you having to go to there page.

 

Microsoft Exchange Server 2013

The book I read to research this post was Microsoft Exchange Server 2013 Unleashed which is an excellent book which I read at http://safaribooksonline.com. This book is quite comprehensive in its coverage of Exchange 2013. The first version of this software was Exchange 4.0 and the reason it was version 4 but the earliest version was that versions 3 and earlier were Microsoft Mail which was a desktop program not a server product. It had nothing to do with Exchange in its software architecture. Prior to this if a company wanted a server communications network they had to use Novell Groupwise which meant all the hassles of making sure the Novell operating system ran on their servers. Exchange is designed in particular to run with Lync 2013, Sharepoint 2012, Office 365 and in particular Outlook. Outlook comes in several flavours, there is OWA which can be used on a guest machine via the internet, or Outlook Anywhere which works via mobile devices. Sharepoint is useful if the works have to work together and communicate via computer in a complex way. Exchange is more than capable of straightforward communication. Lync handles instant messenging and Im in general has caused problems for companies in other programs because viruses can exploit vulnerabilities inherent in it. Having it in a server product that integrates with server Microsoft products is a way around that.If a computer handles sensitive data the company should consider issuing staff with smartcards you swipe in addition to using strong passwords and you can buy PGP which stands for pretty good privacy certificates which you can use with the computers in particular to discourage man in the middle attacks. I enjoyed this book which would have been out of my league had I not done a video training course in Exchange 2013. It covers it in lots of detail and must be one of the definitive books on the subject. I think a lot of people would find this book difficult to follow.

 

 

Microsoft Exchange Server 2013 Part G

This is the 7th and last installment in my blog post series on Microsoft Exchange Server 2013 which is based on what I learn on the video training course by Infinite Skills with the same name.  The offline address book is an address database that is downloaded and stored locally. For most jobs you will search for addresses with a query or following certain criteria ie all the addresses in London. This following criteria and filtering we often call rules. You can replicate mailbox data from one server to another up to a maximum of 16 with in Exchange Server and we call these mailbox servers. If one mailbox server goes down it is simple for another one to take and only one will be active with the others passive at any one time. Data is written from the active server to each of the passive ones and they are kept updated. This is called database availability groups. Microsoft tried to force businesses to buy Sharepoint Server in addition to Exchange Server and it is very costly, by stopping having public folders in the latter and only in the former. There was a public outcry from particularly small businesses who would also have to train their staff to use Sharepoint and Microsoft backed down. Starting in Exchange Server 2007 SP1 public folders have become even more of a major feature with them having a different file type but residing in the same database as other information avoiding the need for replication that was common in earlier versions. Since the 2013 version you have to have to have a mailbox with in the program to access public folders. A high availability server which is by definition one that is up 99.999% of the time equating to 5 1/2 minutes of downtime per year which isn’t even as long as the time needed to power up a server. This is mainly achieved by having several servers with back with at least some ready to take over at a moments notice and of course lots of replication and updating. Some companies like Amazon which stand to lose a lot of money if there is a power outage even have generators ready to keep everything on line. I’ll try and start a new series of blog post software tutorials tonight. I noticed I did say Exchange handled Instant Messaging in an earlier post and it’s actually Microsoft Lync Server 2013 which does that.