VirtualBox installation on Ubuntu droplet of DigitalOcean

# sudo apt-get install dkms
#wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add –
#sudo sh -c ‘echo “deb http://download.virtualbox.org/virtualbox/debian trusty contrib” >> /etc/apt/sources.list.d/virtualbox.list’
#sudo apt-get install virtualbox-4.3

#apt-get install xfce4 xfce4-goodies tightvncserver

#vncpasswd

#/usr/bin/vncserver -depth 16 -geometry 1024×768 :0 < to active machine use that
http://www.tightvnc.com/download/2.7.10/tightvnc-2.7.10-setup-64bit.msi <<< DOWNLOAD THIS FILE IN YOUR WINDOWS DESKTOP TO REMOTE ACCESS

NOW Running
45.55.187.7<< this ip for VPS ::5900 << this port to access
ups

Advertisements

RDP licensing server enable procedure

1. The graphical management tools for RDS Session Host Management are disabled when not oprerating a Domain (why?). The fall back is configuration via group policy:

Local Computer Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing
Use the specified RD license servers = <server IP>
Set the Remote Desktop licensing mode = Per User

This got us to a stage where Licensing diagnostics looked good and no related local errors showed up in the server logs but remote sessions were still refused, leading to…

2.  Force-removing the RDS licensing time-bomb registry entry:

computer\hkey_local_machine\system\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod

RegEdit alone couldn’t do it. It had to actually be run under highest privileges with the help of Sysinternals: psexec -s -i regedit.exe

After another reboot things seem to be working now. However, I am somewhat suspicious that this only hacked the time bomb but did not actually activate the CAL licenses (none show used in RD License Manager).
Anyway, hope this helps someone not to waste hours.

Thanks.

Ransomware Tools

following sites have useful information and removal tools for ransomware infection

http://nomoreransom.org

http://virustotal.com

few tips to prevent ransomware:
– Disable Windows Script Host 

Numerous spam campaigns are pushing various crypto-ransomware families (and backdoors) via .zip file attachments. And such .zip files typically contain a JScript (.js/.jse) file that, if clicked, will be run via Windows Script Host.

Do yourself a favor and edit your Windows Registry to disable WSH.

Here’s the key (folder).

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings

Create a new DWORD value named “Enabled” and set the value data to “0”.

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings

And then, if you click on a .js file, you’ll see this.

Windows Script Host access is disabled on this machine. Contact your administrator for details.

Which is way better than seeing an extortion note.


PREVENT EXECUTION IN FOLLOWING FOLDERS:

%appdata% and %Localappdata%


ENFORCE UAC to prevent Malware execution

use APPBLOCKER to allow only predefined program execution.

 set Open with for “javascript” “windows script” “powershell script” files using “NOTEPAD” so that they will be opened automatically only by notepad and it will not be executed.

Enable “Display File Extension” in windows file browser so that malwares which will have .exe extensions hidden in the disguise of malware.pdf  will be displayed as “malware.pdf.exe”


How to Protect both “Client system folders” and “server shared folders” using Kaspersky Endpoint Protection. ( Excellent and useful video – 7 minutes)

 

How to configure Kaspersky to prevent Ransomware infection in managed computers

https://support.kaspersky.com/10905#block6

 

 

How to add SRV records in DNS servers for Microsoft Office 365

NET4 REGISTRAR CONTROL PANEL EXAMPLE:

 

SRV Entry request can be made from the control panel itself for the domains. The directions to be followed are –

Login to http://Net4.com with CRN ID and Password;
Click on my services – Domain –
Click on DNS Tab –
Select SRV Entry on the drop down under TTL-
Add SRV Host Entry (like-Services.Protocol.domainname) –
Mention Data entry(like -Weight Port Target) –
Then Create.

Note: For example in the First SRV record provided as per screenshot.
Service = _sip Protocol = _tls Name @ = example.com
So in host you need to mention
_sip._tls.example.com
As Data entry will be in format Weight Port target Weight= 1 Port= 443 Target = sipdir.online.lync.com
So data will be
1 443 sipdir.online.lync.com