Large text/log file viewer (>1GB)

Many times we need to look content of a large log file or text file, but Notepad or Word gets hanged while opening.

Large Text File Viewer (LTF Viewer ) from www.swiftgear.com can help you in viewing large (>1GB) text/log files. It uses little memory and is able to open a gigabyte file instantly. It allows the user to perform high-speed complex text search by means of plain text or regular expression. It opens both ASCII and Unicode text files.

Increasing size of the OS Partition/Drive of a VMWare Virtual Machine Virtual Disk

If you want to extend the OS drive of your VMWare Virtual Machine, you can follow the steps given below:

1. Shutdown your Virtual Machine.
2. Remove all Snapshots created for the Virtual Machine.
3. Right Click your Virtual Machine and select Settings: navigate to 'Hard Disk' : select Utilities and expand the partition.
4. Now Power On your Virtual Machine and      install a Partition manager (such as Partition Magic, Paragon Partition Manger): allocate the un-allocated space as “primary” partition
5. Now simply use 'merge partition' option to merge the partitions ( OS partition should be taken as ‘basic’ )

How to clear/delete Symantec End Point Risk log files?

If you are looking for clearing/deleting Symantec End Point Risk log files of particular Windows based systems, can try following:

• Browse C:\documents and settings\all users\application data\Symantec\Symantec Endpoint Protection\Logs directory and delete all .log files
•  If you are using Windows 7: you should also delete all .log files located in following directories:
  
  
  • C:\Users\username\AppData\Local\Symantec\Symantec Endpoint Protection\Logs
          (where username is your Windows User Account Name)
  
  •  C:\ProgramData\Symantec\Symantec Endpoint Protection\Logs

     

Auto Scroll to down/bottom problem in Windows

The Problem: Whenever you double clicks a Folder or a MS Word/Excel document or Task Manager,  it automatically scrolls to down bottom. You also get problem in adjusting Volume bars and combo-boxes.

Windows:  The problem is found on Windows Vista/Win 7 .... for both Desktops & Laptops.

Solution: If all other features of your Windows are working properly, then it is not outcome of any Virus infection. There may be problem with Mouse (Wired/Wireless). Following steps may help you:
1. Clean your Mouse.
2. Go to Control Panel > Device Manager and navigate to your USB or Synaptic PS2 Mouse ("Mice and other pointing devices"). Right click and go to Driver tab, click Uninstall button to un-install the Driver.
3. Restart your system. Windows will automatically detect Mouse and install its Driver. On successful installation the Mouse should work properly and the problem of auto scroll to down should vanish.

4. If on restart, your system asks for Restart now/ Restart Later options, and on restarting the problem persists, then best option is replace your Mouse,  or as a temporary measure you can do following:
 i) repeat Step-2.
 ii). on restart, if your system asks for Restart now/ Restart Later options, then select 'Restart Later', keep working normally, and at the time of system-Turn -offuse Hibernate option. It shall keep preserved, and you won't get the restart message and the auto scroll to bottom problem.

Keepvid not working on Ubuntu Linux!! Java Applets are not working on Ubuntu Linux (Mozilla Firefox, Google Chromium Browsers)!!

http://www.keepvid.com is one the popular websites which allows downloading and saving videos directly from Youtube, Google, Metacafe etc.

The website uses Java Applet for fetching and saving videos. Java Applets are also used by several Commercial, Financial and Online Game websites. For running Java Applets, your browser should have Java Plugins installed.

It has been found that, default Ubuntu installation does not provide Java Plugin support for browsers (Mozilla and Chromium). To install Java Plugin, open Ubuntu Software Center (Synaptic Package Manager) and search 'java' and install a Java Plugin, as shown in image below:

and Restart your browser. It should work!!

Computer Forensics/Digital Forensics: using EnCase! Basic Steps & some Tips!

Computer Forensic is very similar to a post-Mortem examination for finding reasons of death. Difference is:

1. Here you have a Computer/Router/Switch/Firewalls/IDS/Hard/Disk/CD/USB/Floppy/Windows Event logs/Proxy server logs/DHCP server logs/Mobile phone/Camera Flash Memory in place of human body.

2. In place of finding reasons of “Death”, we try to:

• Track down the author of a threatening email. (by a psychopath or a terrorist)
• Recover files intentionally deleted by a disgruntled employee.
• Determine the root cause of a computer compromise. (hacker)

In-house Computer Forensics/Digital Forensics

In-house Computer Forensics/Digital Forensics capabilities are must for companies and enterprises. It helps in investigating data leak incidents, intellectual copy right thefts and other critical incidences. Companies dealing with sensitive customer information like credit card numbers, and other financial information would not like to involve an outsider for Computer Forensics.

Different Tools required for the Forensic?

At a minimum, you will need:

• An acquisition tool to perform forensic duplications (back-up) (Example: FTK Imager (new name AccesData), EnCase (Windows based GUI or LinEn or DOS Boot), Hardware: Logicube
• Deleted data recovery tool
• Basic text search and manipulations/analysis tools
• A data integrity verification tool
• Complete packages such as EnCase, the NTI suite, and The Coroners Toolkit (TCT) offer support and court-proven solutions for the computer forensic analyst.
• Certification programs from organizations like SANS

Locations where digital evidence may be found include the following:

• The suspect's machine
• In the case of a hacking incident, the target machine
• Switches, routers, firewalls, and other network devices
• Log servers (proxy logs, DHCP logs, and Windows event logs)
• Media (floppy disks, CD-Rs, CompactFlash cards)
• Other electronic devices (PDAs, cell phones, digital cameras)

Encase

Encase is a Computer Forensics/Digital Forensics tool from Guidance Software ( www.guidancesoftware.com). It includes tools for data acquisition, deleted data recovery, search & analysis and integrity verification.

Encase Forensics


Here are some basic steps for carrying out Computer Forensics using Encase:

1. Assume we need to do Forensic Analysis of a compromised/crime-suspected Computer

2. For a computer there are several components for which Computer Forensics can be carried out, such as Disk Drive (DD), RAM, USB storage device, etc. Here, we will focus on Disk Drive only

3. Data Acquisition: The first step a Computer Forensics investigation is to acquisition of the evidence. That is: to obtain a bit-wise replica of the disk drive without compromising its integrity. To ensure integrity of the disk drive, all write-operation must be blocked while imaging. For this, combination of acquisition/imaging software such as EnCase or FTK Imager along with a hardware based Write-Blocker bridge such as Tableau Bridge (http://www.tableau.com/) can be used.

Common Forensics Acquired File Formats are:

a) DD /RAW (“Disk Dump”)

b) AFF (Advanced Forensic Format)

c) E01 (EnCase )

To acquire image with EnCase and Tableau Bridge:

1. Shutdown the crime-suspected computer. Disconnect the target disk drive from and connect to EnCase host system through Tableau Bridge in Read-Only mode.

2. Open EnCase and create a new Case. Click Add Device and navigate to the target disk drive through ‘Local Drives’ icon. Acquire image of the disk drive by right clicking and choosing ‘Acquire’

3. The image is stored in EnCase format chunks: E01, E02, E03,...etc.

Note: EnCase for DOS Utility (DOS based) and EnCase LinEn Utility (Linux based) are available in form of bootable disks. Crime-suspected computer can be shutdown and rebooted from these bootable disks. These bootable disks allow acquisition of data with software based write-blocker.

4. Data Verification: At the completion of the acquisition process, EnCase calculates an MD5 hash. The hash value is written into the evidence file. When we add evidence file to a case, the CRC value is automatically verified and the hash value for the evidence data is recomputed. It helps to ensure that evidence file has not changed since it was acquired.

Note: To recompute the hash value of the image, right click on the image, and select Hash.

If you have been provided with a Raw Image (example: DD format Disk Image created through FTK Imager) and its hash value or without hash value, then you can compute hash value through md5deep.exe utility from www. md5deep.sourceforge.net for future references:

md5deep -e filename-dd.001

5. Now, Open EnCase and create your Case

6. If you have got Raw Image, then go to File menu and select “Add Raw Image” ; or if you have got EnCase evidence images, then select to add EnCase evidence files

7. Select the type of image as shown in above image: for Example: Disk

8. Deleted files recovery: EnCase allows for the analysis of data located at various locations on the disk image, such as unallocated space and slack space. With the use of multiple file viewers, files can be quickly searched and identified. , EnCase can also recover remnants of deleted or partially overwritten files.

9. Adding Keywords: Encase provides a search engine to locate information anywhere on the disk image. It is recommended to create a keyword list prior to beginning the case. Starting the Search. EnCase allows GREP (regular expression) search expressions also. We can set keywords by choosing View > Keywords from the main menu.

Search Hits can be found by selecting Cases > Search Hits.

10. By right-clicking and selecting Bookmark, important findings can be bookmarked. The bookmarked data can be accessed directly at Cases > Bookmarks

Here are some tips for using EnCase:

1. Installation: if after installtion of Encase, you find no "Add raw Image" option in File menu: then probably your HASP Dongle drivers could not install properly. Check it and install it from CD.
2. Avoid running Encase on image located at a USB HDD. You may get performance related issues & frequent Encase-hangs. Better first copy the image to your Local SATA/IDE HDD.
3. filename-dd.001 : it is a raw image by FTK imager. To do Encase Forensic on this raw image: Go to File menu and select "Add Raw Image". Then, select Image Type as Disk as shown in image below. Do not select the default that is 'None', it will not show Directory/folders graphically. Note: It may take several minutes to load the directory structure, so have patience.
4. You can switch from Table view to Disk view. It gives good idea of files chunks.
5. You can save your Case at every step of Forensics.
6. IP Address Analysis:robtex.com is a very good online DNS Tools collection.Its Blacklist Tab shows whether the IP/site is blacklist or not.

/span/span

Show Desktop key (Alt+Control+d) is not working in Ubuntu Linux!!

Open CompizConfig Setting Manager from Ubuntu dashboard, and navigate to Key bindings  tab of General options, as shown below:

Find Show Desktop setting. It may be disabled or bounded to some keys-combination.

To set it to keys-combination of  your choice: click the Disable button: an Edit Show Desktop windows  will pop-up:

You can, select Grab key combination, and type your keys-combination. you can use default: Control Alt d. CompizConfig Setting Manager will show it as <Primary><Alt>d

Now you can toggle to Desktop by pressing keys-combination Control Alt d

Installation of ASP.NET MVC 3: Error 0x80070643 installing ASP.NET MVC 3 / MVC 3 setup fails

While Installing MVC3 for VS2010, it gives installation did not succeed message and the logs show this error:

Here goes the solution.

1. Uninstall old version of Asp net web pages from you system.
2. Run the install (even though it fails) but leave it open on the screen at the end that says "Installation Did Not Succeed" (This is very important!)
3. Now you need to track down the temp files for the installer it should be in a folder D:/Temp/ext46220 (see the above error message screen shot it will give you the folder location)
4. Make a copy of this entire folder because finishing the installer will delete it.
5. Now that you have all the install files you just need to run the installers for the different components (to double check what they were you can open the log from the installer and see which msi's it ran)
6. So install AspNetWebPagesVS2010Tools.msi then AspNetMVC3VS2010Tools.msi form the copied folder.

This should work but after doing this when I was build a MVC3 application it gave errors sunc as missing reference for System.Web.MVC.dll and some Microsoft Web Helper DLLs for this I did following.

Since MVC3 has done major changes in this release as compared to MVC2 so you need to download ASP.NET MVC 3 Beta and NuPack.  download and install them using the Microsoft Web Platform Installer.

Some Password-Change related issues in ubuntu linux.Tested solutions.

Here are some Password-Change related issues in ubuntu linux and their tested solutions:

1."Authentication token manipulation error", while trying to change a Ubuntu user's password:

Possible resaon for this error is that the filesystem night be mounted as read only.  To fix it, simply type:

    mount -o remount,rw /

2. While using sudo passwd  command, it gives "password changed successfully" message., but in reality still taking the same old password, and denying the new password:

To solve this problem, first explicitly switch to the user account whose password you want to change.

    sudo su youusername

Tip: you may use sudo whoami command to find the current user.

now try :

    sudo passwd


Should work.

Unable to switch application-windows using Alt+Tab keys in Ubuntu Linux!

 If you are unable to switch application-windows such as terminal windows, gedit... using Alt+Tab keys in Ubuntu Linux, then you can try fix given below:
Go to   Dash Board > System Settings and select  Keyboard:

Select  Shortcuts tab and go to Navigation on left. Click on Switch applications setting and and set it to Alt+Tab:

 

Reboot the system.

If problem still persist, then you can try Compiz Config Settings Manager. To install  this, type:

sudo apt-get install compizconfig-settings-manager


Open it from Ubuntu Dashboard:

Go to  Window Management and check Application Switcher and Static Application Switcher:

Reboot your system, then again try Alt-Tab, it should work!!!



Tip: Compiz Config Settings Manager can help in solving many shortcut-keys related problem. For example: If show Desktop key (Alt+Control+d) is not working in your Ubuntu Linux, then you can try following steps:

Open CompizConfig Setting Manager from Ubuntu dashboard, and navigate to Key bindings  tab of General options, as shown below:

Find Show Desktop setting. It may be disabled or bounded to some keys-combination.

To set it to keys-combination of  your choice: click the Disable button: an Edit Show Desktop windows  will pop-up:

You can, select Grab key combination, and type your keys-combination. you can use default: Control Alt d. CompizConfig Setting Manager will show it as <Primary><Alt>d

Now you can toggle to Desktop by pressing keys-combination Control Alt d

Google Chome & Chromium (Windows/Ubuntu Linux) Internet Browser: Automatically clear cache, history and other browsed data on exit. Important privacy settings.

To protect your privacy, you should make sure that Google Chrome (Windows) & Chromium (Linux) Internet Browser automatically deletes your browsing history, autofill form data, passwords, typed URLs, cookies, and other traces of online activities. Following settings may help:

1. Click the “Customize and control Chromium (or Chrome)”  icon at top-right of the browser and select “Settings”, as shown below:

2.  Navigate to Personal Stuff settings (Linux) or Advanced Settings (Windows):

Password Settings: select “Never save passwords”

Form Autofill setting: uncheck “Enable Autofill to fill out web forms in a single click.”

3.  Navigate to Under the Hood settings  (Linux) or Advanced Settings> Privacy (Windows):




The most important setting required for clearing cache, history and browsing data is:
 Privacy> Content Settings

Check the “Clear cookies and other site and plug-in data when I close my browser”.

Tip: Many websites such as Facebook, Twitter, Flickr, DropBox, Google etc. use encrypted HTTPS at the time of authentication/verification only, after then plain HTTP takes over to avoid performance issues. HTTPS can provide end-to-end encryption and security between the web-application and the web-server. To force HTTPS protocol on your Chome or Chromium browser, you can use Use HTTPS or HTTPS Everywhere extension. These applications search for HTTPS connections available on the  Web-sites and enforce the HTTPS end-to-end communication, if the HTTPS is not available, then they simply re-direct to  plain HTTP connections. Below are pictures of popular HTTPS enforcer applications:

Set WiFi Access Point (Hot Spot) on Windows 7 based Laptop and share Internet with other Laptops, and Mobile Phone. Virtual Router setup.

If you have got Windows 7 based Laptop with Broadband or Cable Internet or 3G USB Modem, and want to share this internet on other devices having WiFi features such as other Laptops, Netbooks, Smart phones, Android Tablets, Kindle Readers and iPads,/iPods etc, then you can install and set up a Virtual Router base WiFi Access Point.

 

Virtual Router

 

 Virtual Router from www.virtualrouter.codeplex.com a free, open source software. It can turn any Windows 7 or Windows 2008 R2 Computer into a Wifi Hot Spot using Windows 7's Wireless Hosted Network (Virtual Wifi) technology.

Connections to devices are secured using Wi-Fi Protected Access II (WPA2) (one of the most secure wireless encryption.)

Installing and setting Virtual Router on a Windows 7 Laptop

Step-1: Turn-on Wireless connection on your Laptop. Each Laptop has got some Function key for enabling/disabling Wireless connectivity. Laptop manual can be referred for turning-on the Wireless connection.

Step-2: Download and install Virtual Router from http://virtualrouter.codeplex.com/ to your Windows 7 based Lapto. (The Laptop, where you have got Internet Connection and want to use it as Access Point (Hot Spot) for sharing Internet with other devices.)

Step-3: After installation Open Virtual Router GUI:  

• Set the network’s SSID to whatever you would like or leave it to default. SSID is the name of the Access Point (Hot Spot) you are setting. It will be visible as network name to devices, which   want to connect to connect to Access Point for Internet Access.

• You should be careful while setting password for Access Point. In order to secure your access point against password cracking attacks, the password should be  at least 8 characters long. Password should be  combination of upper-case and lower-case letters, digits and special characters.

• Select a connection, which you would like to share from the drop-down menu (Local Area Connection or Wireless Network Connection) and click the Start Virtual Router button to start your connection. This is the Broadband or Cable Internet or 3G USB Modem internet connection interface.

Tip: Go to: Control Panel\Network and Internet\Network and Sharing Center

You will find Wireless Connection network (Access Point (Hot Spot)) set by Virtual Router:

go to:

Control Panel\Network and Internet\Network Connections

Here you can find details of the Access Point (Hot Spot) set by Virtual Router:

if you wish you can check network properties:

Virtual Router enables " ICS (Internet Connection Sharing)" at the selected Broadband or Cable Internet or 3G USB Modem internet connection interface:

The Access Point (Hot Spot) is ready!

Configuring WiFi enabled to use the Access Point (Hot Spot)

Now, you can connect your WiFi enabled Laptops, Netbooks, Smart phones, Android Tablets, Kindle Readers and iPads,/iPods to use the Access Point (Hot Spot).

Just enable the WiFi on your device and search & connect to the SSID of the configured Access Point (Hot Spot). It will aske for the password, which was set  through Virtual Router setting.

Tips: At client Laptops: you should use DHCP not the Static IP-addresses:

you can configure it through: Control Panel\Network and Internet\Network Connections

To connect to the Access Point (Hot Spot): Go to: Control Panel\Network and Internet\Network Connections and right click to WLAN: "connect/disconnect".

Connect to the Access Point (Hot Spot) as set above. it shall ask for password!!give it.

 


Tip: If you are used to with windows command line, then you can play around following command and set Access Point without help of Virtual Router:

netsh wlan set hostednetwork mode=allow ssid=YourAP key=YourPassword

(run command prompt with Administrator rights)