IT Pro Tuesday #42

Mega List of Tips, Tools, Books, Blogs & More... 

 
Hello IT Pro, 
 
This week is a mega list of all the items we've featured this quarter, broken down into categories. I hope you enjoy it.
 
And each week we update the full list on our website here.
 
Free Tools
 
PortableApps.com is an open-source platform that lets you to take your favorite software with you. It works from any synced cloud folder (DropBox, Google Drive, Box, etc.), your local PC on an internal or external drive, or any portable storage device (USB flash drive, memory card, portable hard drive, etc.) moved between PCs. The platform offers a full collection of open source and freeware software as well as compatible commercial software.
 
 
 
Netcat is a Linux networking utility for reading/writing across network connections, via TCP or UDP, that can help with monitoring, testing, and sending data. This feature-rich network debugging and exploration tool can create virtually any type of connection and is designed to be a dependable back-end for direct use or easily driven by other programs and scripts. Features include port scanning, file transfer, port listening, and use as a backdoor. Suggested by Necrowerx.
 
 
Keypirinha is a fast launcher for Windows that is described as an alternative to Launchy and a cousin of Alfred. Recommended by DrnXz, who considers it “basically Spotlight for Windows but really nicely customisable.”
 
 
 
Sharex is a screen capture, file sharing and productivity tool. According to the recommendation of stesha83, there is no question of the value of this productivity booster: “Sharex sharex sharex sharex sharex. Sharex. Also sharex. Capture desktop or region to any image or video format and process through any workflow before uploading it or saving anywhere you like. Lifechanging.”
 
 
 
Censys allows you to find and monitor any server on the Internet. It shows what servers and devices are exposed on your network, so you can find vulnerabilities. Suggested by videoflyguy because the site “constantly updates their results, basically just keeps port scanning the internet and reports the results. You get 10 free searches per day, and it has helped me find several weak points in the network.”
 
 
 
Cuckoo Sandbox is an advanced, modular, automated malware analysis system. This open-source solution can: analyze malicious files (executables, office documents, pdf files, emails etc.) and websites under Windows, Linux, Mac OS X, and Android virtualized environments; trace API calls and general behavior of a file and distill it into high-level information and signatures that are easily understood; dump and analyze network traffic, even when encrypted with SSL/TLS — with native network routing support; and perform advanced memory analysis of the infected virtualized system. Because of its modular design, any aspect of the analysis environment can be customized. Thanks for this one go to NerdBlender, who likes it as a “sandbox for malware analysis.”
 
 
This tool from The Lazy Administrator automates the new user creation process for AD and Office 365 to make it quicker and easier. The tool can easily be used across multiple clients, is incredibly easy to use and offers the option of creating just an Active Directory user, just an Office 365 user—or both. The blog post explains how it works and provides download links.
 
Netwrix Account Lockout Examiner provides notifications of Active Directory account lockouts and help in identifying the root cause when an account keeps locking out. User accounts can be unlocked from the tool’s console or a mobile device. Recommended by tGasMaskt "as a free tool for monitoring accounts that frequently lockout."
 
PuTTY is an open-source SSH and telnet client. While it was originally developed for the Windows platform, the software is available with source code and is developed and supported by a group of volunteers.
 
Security Onion is an open-source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes an easy-to-use setup wizard that helps you easily build a set of distributed sensors for your enterprise. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. Thanks to NameThatIMadeUp for the suggestion!
 
YUMI (Your Universal Multiboot Installer) is a tool for creating a Multiboot Bootable USB Flash Drive containing multiple operating systems, antivirus utilities, disc cloning, diagnostic tools, and more. Unlike MultiBootISOs that use grub to boot ISO files directly from USB, YUMI uses syslinux to boot extracted distributions stored on the USB device, and reverts to using grub to Boot Multiple ISO files from USB, if necessary. This recommendation was compliments of videoflyguy, who tells us he likes it because "it can install multiple ISOs to one drive and even remove specific ISOs if you want to update them."
 
Snappy Driver Installer Origin makes it quick and easy to install and update Windows device drivers for XP, Vista, 7, 8, 8.1 and 10. Snappy features a state-of-the-art driver matching algorithm, built-in application and driver pack updates, full portability to run from a USB flash drive, and it can be fully automated using the built-in scripting engine. Best of all, Snappy is free and open-source.
 
Lansweeper is an easy-to-use agentless IT asset management and network inventory tool for Microsoft Windows that answers the question: 'Who is using what?' Features include a built-in helpdesk ticketing system, an inventory system, remote connection management, and in-depth information on each device. The company offers a free 20-day trial period so you can try it out before investing anything. Recommended by Chess_Not_Checkers as one of the "two things that I couldn't live without."
 
Listary is an incredibly fast Windows search utility for finding/moving files and launching applications. Its lightweight interface doesn’t strain system resources, and it integrates with Total Commander, Directory Opus, XYplorer, Xplorer2, WinRAR, FileZilla and other tools. Thanks go to jelloeater85 for the suggestion.
 
Cockpit is Red Hat's easy-to-use, integrated, open web-based interface that helps you understand the health of your server at a glance. The GUI simplifies tasks like storage administration, journal inspection, starting/stopping services and monitoring multiple servers. Cockpit runs on Fedora Server, Arch Linux, CentOS Atomic, Fedora Atomic and Red Hat Enterprise Linux.
 
WinSSHTerm lets you use keyboard shortcuts and intelligent navigation tools to quickly switch between or start new SSH sessions—even if you have to manage multiple systems. It has built-in support for copying files and running X applications and is ready for production use. The software works with the original PuTTY/KiTTY executable and includes multiple tabs and windows, master password, shareable connections and template variables. Supports file transfer (WinSCP), X (VcXsrv), SSH jump servers/bastion hosts and has a portable version available. Easy migration can be made from PuTTY, PuTTY Session Manager, MobaXterm, SuperPuTTY, mRemoteNG and MTPuTTY. Suggested by Specific_West as a "way better terminal than mobaxterm if all you do is command-line Linux stuff."
 
AD Tidy is a tool for cleaning up orphaned user and computer accounts in your Active Directory domain. You first configure your search parameters, then select accounts from the results to disable, delete, move, remove from all groups, set a password and more. Thanks to nachomountain for the recommendation.
 
sysadmin-util is a collection of scripts for Linux/Unix sysadmins. Examples include:
  • ago—Show how long ago a file/directory was modified in a human-readable fashion.
  • chronic—Run a command, hiding STDOUT and STDERR if it completes successfully (for cron-jobs, where output is generally ignored in the case of success)
  • mk-passwd-hash—This spits out a hash which can be used with `usermod -p` on Linux (or similar tools on openbsd, solaris) to set a password.
Thanks to steve_in_finland for sharing these tools!
 
Advanced IP Scanner is an easy-to-use, portable network scanner. It shows all devices on your LAN, providing access to shared folders and remote control of computers (via RDP and Radmin). Recommended by dRaidon as really "useful [because] you don't always have access to nmap."
 
PingCastle is a free AD audit tool for detecting critical security issues—offering an overview and guidance on how to address those issues. Recommended by SysAdmineral "for getting a grip on how well the environment is hardened and what other, less visible, things may be lurking around. Also has some analysis of nested groups."
 
16 Powershell Modules shares some of the great tools created by System Architect Przemyslaw Klys in 2018. 
Example modules include: 
  • PSWriteWord – creates Microsoft Word documents without Word being installed.
  • PSWinReporting – scans Domain Controller Security Events providing reports about who, when and what changed in Active Directory.  
  • PSWinDocumentation – automates creating infrastructure documentation straight to Word, Excel and MS SQL. Currently supports generating documentation for AD and in smaller portions for AWS and Office 365.
 
Wifi Analyzer lets you use your android phone to see all the wifi channels around you. It can help you locate a less-crowded channel for your router, and thenewimprovedhankp tells us it's useful to show "dead spots, conflicting wifi networks, and [because it] works for 2.4 and 5 Ghz signals."
 
Jarun Terminal Utilities is a repository of useful open-source Terminal utilities that blend Terminal functions with a GUI world. The collection is the handiwork of developer Arun Prakash Jana, who wanted to help sysadmins working on remote Terminals to accomplish tasks more easily. Tools include: 
  • nnn—a tiny file manager for navigation, file movement, (un)archiving, remote transfers, editing text files & more
  • googler/ddgr—performs google search from the Terminal.
  • buku—Terminal bookmark manager (with a web interface if required)
  • bcal—helps with storage-specific calculations (does regular calculations by invoking bc)
Our thanks to sablal, the developer, for sharing these great tools!
 
Speccy is a fast, lightweight, advanced system info tool that tells you what’s inside a PC. It can offer a quick summary or detailed information on every piece of hardware in the computer. Scan results can be saved as a snapshot, XML or text file for easy sharing. Suggested by NoelSlevin as a convenient tool to keep handy for occasional use.
 
GNU Midnight Commander is a feature-rich visual file manager. This full-screen, text-mode application allows you to copy, move and delete files and whole directory trees; search for files and run commands in the subshell. An internal viewer and editor are included. BorgClown likes it because "it’s much faster navigating a complex directory structure than typing directory names, even with tab completion. You can customize the F2 menu, which passes the selected item to your chosen command. Arrows, Enter and Functions accomplish a lot of work by themselves."
Everything
 
The Book of Secret Knowledge is an extensive collection of helpful lists, manuals, blogs, hacks, one-liners, cli/web tools and more that can be useful in the daily life of a SysAdmin. For example:
  • Can I use—provides up-to-date browser support tables for support of front-end web technologies.
  • ShellCheck—finds bugs in your shell scripts.
  • Shell & Utilities—describes the commands and utilities offered to application programs by POSIX-conformant
  • It is intended for everyone and anyone — especially for System and Network Administrators, DevOps, Pentesters or Security Researchers. Thanks to wheybee99 for sharing this one!

 
 
Cheatsheets
 
Powershell (and more) Cheatsheet Compilation. Thanks for Prateeksingh1590 who put together this cheatsheet compilation, with over 14 specific Powershell Cheatsheets. A few examples include:

 
Tips
 
Here are some helpful, lesser-known keyboard shortcuts for Windows, pulled together by sysadmin brother_bean.
 
Press the Windows Key + ...
  • Left or Right arrow—to snap the active window to half of the screen. (You can also do this by clicking and dragging your active window and smashing it into the left or right side of the screen.)
  • Up arrow—to maximize active window.
  • D—takes you to your desktop again to go back to your active window.
  • M—to minimize everything.
  • Shift + Left or Right arrow—to send your active window to the next monitor over, left or right respectively.
Since the keyboard shortcuts for Windows seem to be so popular, we’ve got some more for you. Thanks for these go to RegularAlicorn.
  • Win+Ctrl + D: New virtual desktop
  • Win + Ctrl + (Left Arrow|Right Arrow): Switch virtual desktop backward/forward
  • Ctrl + Shift + Enter (from the Start Menu): Open focus program with admin privilege
  • Win + X (Win8+): Really neat menu (RegularAlicorn’s most-used shortcut)
 
Here are a few more of those ever-popular but lesser-known Windows keyboard shortcuts:
  • Win + Pause to open the system settings
  • Win + L to lock your computer
  • Ctrl + Win + Shift + B to reset the graphics driver (may help avoid a restart for docking issues)
 
Services
 
UptimeRobot is a service that alerts you whenever your monitored websites are down. Sites are checked every 5 minutes (or more depending on settings), and alerts can go out via e-mail, SMS, voice calls, Telegram, Slack, Microsoft Teams, push or web-hooks. It allows you to check HTTP(s), ping, port and keywords; view uptime, downtime and response times; verify downtime from multiple locations; and adjust settings to ignore minor downtimes or maintenance windows. Thanks go to orgitnized for suggesting this one!
 
Blacklist Monitor is an RBL monitoring service that can monitor all your IP addresses and domain names and notify you should anything get blacklisted. Helps you quickly find the source of the spam or malware that's affecting you and immediately begin the delisting process. The service is free for up to 32 IPv4 and domain monitors.
 
Quotes
 
"A computer lets you make more mistakes faster than any invention in human history—with the possible exceptions of handguns and tequila."  —Mitch Ratcliffe
 
 
Tutorials
 
Sysinternals Video Library is a series of six videos on Windows troubleshooting topics. Recently, presenters Mark Russinovich (cofounder of Winternals and Sysinternals) and David Solomon (Windows internals expert and trainer) kindly agreed to make the videos available for free—and much of the information, while dated, is still useful. Shared by andyinv who says they're "13 years out of date now, but the basics still apply." ZAFJB adds that the "videos are still relevant. These tools are virtually unchanged since then... [because] they were properly written and damn good from the outset."
 
Websites
 
NixCraft is an online community of new and experienced Linux and Unix sysadmins. Content includes research and discussion on various open-source software, including enterprise Linux distributions, traditional Unix operating systems like OpenBSD/AIX/HP-UX, cloud computing, building scalable and high availability infrastructure, networking/DNS/Web/Proxy/office servers, security and firewalls, automation and infrastructure deployment, Desktop Linux, Apple OS X Unix operating systems, best practices and easy-to-follow tutorials.
 
 
The Deployment Bunny offers a wealth of Information and resources on OS deployment, virtualization and Microsoft-based infrastructure. The website is the brainchild of deployment expert Mikael Nystrom, a Microsoft MVP and Senior Executive Consultant at TrueSec. Mikael has worked with all kinds of infrastructure tasks, in all kinds of environments, from enterprise to small business and is often selected by Microsoft for partner trainings or to speak at major conferences. His current area of interest is in building Private Cloud solutions based on Hyper-V, System Center and Windows Azure pack as well as building deployment solutions for client and Server OS.
 
Slipstick Systems Outlook and Exchange Solutions Center is the website of Diane Poremsky, an Outlook MVP and author of several books on the topic. The site offers help for Outlook users and Exchange Administrators. Resources include hints, utilities, apps, tutorials, updates and a forum.
 
PoshGUI is a very simple GUI designer for Powershell that provides a way to develop GUIs quickly without a paid application or manual coding.  Recommended by quarky_uk and IT_2784628364, who says, "That site changed my life."
 
Podcasts
 
Podnutz Tech Podcast Network offers assorted podcasts targeted toward end users of all different kinds of tech. Topics range from Windows residential and business support to computer repair to Linux (for regular people) to Android games. Because the hosts are also end users, conversation is always appropriately focused and interesting. Thanks to speel for the recommendation!
 
 
Smashing Security is a podcast featuring computer security industry veterans Graham Cluley and Carole Theriault. The hosts discuss cybercrime, hacking, and online privacy with assorted expert guests in an informative and entertaining style. Winner: “Best Security Podcast 2018.”
 
 
Jupiter Broadcasting is a podcast network built on the initial success of "The Linux Action Show!" The network is currently home to a number of informed and entertaining shows on Linux, Open Source, Security, Privacy, Community, Development, News and Politics. Our thanks to speel for directing us to this one.
 
Security Now is a podcast where hosts Steve Gibson and Leo Laporte discuss hot topics in security. Gibson is about as expert in security as one can get—he's the man who literally invented the term spyware and he created the first anti-spyware program. Laporte is founder and owner of the TWiT Netcast Network and has a long history in tech and media. Records live every Tuesday.
 
RunAsRadio is a weekly podcast for the sysadmin who works with Microsoft products. A new 30-minute episode comes out every Wednesday, covering a specific topic in the field of IT from a Microsoft-centric viewpoint. Join host Richard Campbell in his informative discussions with a different guest expert each week. Thanks to johnjohnjohn87 for pointing us to this one.
 
Defrag Tools is a show in which MS experts explain how to make the best use of the tools from SysInternals. Each episode focuses on a specific tool in depth to cover features, appropriate uses, and how to get the most from it. New episodes appear each week. Our appreciation for this one goes to Phil4real.
 
The Case of the Unexplained is a webcast of Mark Russinovich's #1-rated TechEd sessions showing how to troubleshoot the toughest Windows and application problems using Sysinternals and other advanced tools. Each episode covers different techniques for troubleshooting using real-world examples. Appreciation to bagaudin for the recommendation.
 
Phishing Quiz
 
Jigsaw Google Phishing Quiz is a quick way to answer the question, "Can you recognize when you're being phished?" This 8-question quiz presents realistic examples that help you assess just how good your internal "phish detector" is at identifying warning signs in assorted scenarios. It's a nice assessment tool as well as providing a bit of training on whatever you might miss, since the quiz also reviews the tell-tale signs present in each scenario.
 
Books
 
Deep Work: Rules for Focused Success in a Distracted World teaches the reader to foster the ability to focus without distraction on cognitively demanding tasks. Author and professor Cal Newport celebrates the power of such focus by demonstrating how a deep work ethic will produce massive benefits in virtually any profession. He then shares a series of four rules to adapt your thinking and habits to foster the deep work state. Suggested by wheres_my_toast, who sees it as "a nice little exploration of the psychology behind distraction free work [that] outlines some nice methods for building "deep work" sessions into your routine."
 
PowerShell in Depth, 2nd Edition is an invaluable reference guide for any Windows admin who already knows the basics of PowerShell. Written by PowerShell MVPs Don Jones, Jeffrey Hicks, and Richard Siddaway, the book covers in detail every major technique, technology, and tactic an admin would need to be able to work in PowerShell. Each technique has been developed and thoroughly tested, so you will be learning how to write production-quality, maintainable scripts—efficiently and easily. For PowerShell version 3 and later.
 
Pro SQL Server Internals, 2nd ed. is for developers and database admins who want to design, develop and maintain systems that best leverage SQL Server. The book fosters an understanding of how to get to the root causes of problems rather than slapping quick-fixes on the resulting symptoms. Explains how different components work in depth, how they communicate with each other and how different design and implementation decisions affect system performance. Recommended by become_taintless for learning "how SQL Server works on a deeply technical level."
 
Security Policy Templates
 
Information Security Policy Templates is a set of templates originally compiled to help the people attending SANS training programs that are now available to all. According to the recommendation by bfrd9k, this is "a good, reasonable, collection. I've only needed to make minor adjustments to their templates."
 
Blogs
 
Microsoft Deployment Toolkit Blog is written by Charles Parker, a Microsoft certified Deployment Specialist who has been working in systems deployment since 2005. The blog documents what the author has learned over time in the hope of making systems deployment projects easier for sysadmins and their end users. Topics covered are of interest for a breadth of different experience levels — from those new to deploying Windows with MDT or for intermediate MDT users.
 
 
Vinfrastructure is Andrea Mauro's blog on virtualization, cloud and storage. The author shares his knowledge as a virtualization expert and architect, system administrator on Linux and Windows OS, network and storage specialist, and teacher (both for industry and university). It was voted among the top virtualization blogs in 2017.
 
TechBunny: Random Thoughts About Tech is a blog by Jennelle Crothers, who spent 15 years as a SysAdmin overseeing Windows domains, Exchange Server, desktops and other IT systems. As a Microsoft Technology Evangelist for IT Professionals, she writes about the latest news and hints for getting the most out of Microsoft technologies.
 
The Practical Sysadmin is where Josh Reichardt shares the interesting tidbits he discovers while designing and building simple, scalable systems. The blog covers a broad range of tech topics, with some recent areas of interest being building Docker, Rancher, Kubernetes and other distributed systems, as well as automating infrastructure with code.
 
Adam the Automator is the blog of Adam Bertram—founder of the tech startup TechSnips, Microsoft Powershell MVP, Pluralsight and Udemy training course author, and technology writer for both print and online tech publications. Posts are focused on automation via software, DevOps and scripting.
 
NT Weekly is a technology blog focused on Microsoft Azure Infrastructure. Posts go back to 2006, and there are over 1100 to date on topics related to Windows Server, Exchange, Office 365, Azure AD and Intune. All the approaches featured were tested and used in production and test environments. Recommended by ShyAwayFromLight, as a good resource.
 
Humor
 
Shit Sales People Say is a humorous Twitter account lamenting the difficulties sales people tend to create for those who have to implement. A bit of fun to break up the day of any sysadmin who’s stuck trying to deliver on all those promises. A shout out to kenelbow for the suggestion!
 
 
 
A bit of fun, compliments of SonOfDadOfSam:
 
A programmer is going to the store.
His wife says, "Get a loaf of bread—and if they have eggs, get a dozen."
The guy comes back with 12 loaves of bread.
His wife says, "Why did you buy so much bread?"
He says, "They had eggs."
 
 
Thanks to CoilDomain, figfigworkwork and wagodago for these clever jokes that most people will never understand:
 
I'd tell you a joke about UDP, but you probably wouldn't get it.
 
A TCP packet walks into a bar and says, "I'd like a beer."
The bartender replies, "You want a beer?"
The TCP packet replies, "Yes, I'd like a beer."
 
An SQL statement walks into a bar and sees two tables.
It approaches and asks, "May I join you?"
 
 
Have a fantastic week and as usual, let me know any comments.
 
Graham | CEO | EveryCloud
 
P.S. Get Extras by signing up to the weekly email!