In March 2011, we were going to do remote backup using NETGEAR ReadyNAS but by October 2017 we had done nothing and will cease supporting NETGEAR due to PowerShift Partner site going down indefinitely and NETGEAR staff moving to USA and Australian staff changing.
Backup and restore of EC2 instances on Amazon Web Services can be done via snapshots.
In January 2017, we migrated our Website hosting from Linux hosting to Amazon Web Services EC2 Linux instance. This involved backing up site and mail and using Amazon Web Services S3 to migrate to an EC2 instance. We then used third party DNS to delegate the site.
In February-March 2012, Symantec Netbackup and EMC MozyPro cloud-based backup services are being offered which we can setup for small business clients to give them extra flexibility and robustness in these tough economic times. A server can be rebuilt on a physical or virtual server from a backup stored in the cloud.
NAS can be used for remote backup akin to Dropbox.
In February 2019 I discovered if Windows Phone is lost, go to account.microsoft.com and select device then click 'find device'. This only works in IE not Firefox. It also assumes phone is registered with Microsoft before it is lost. Last known location of phone is shown on map.
iOS and Android phones also have similar find lost phone feature.
Windows Phone location is updated every so often and this is logged with Microsoft so phone can be tracked down to nearest location.
I had to backtrack and find Windows Phone manually as I was using Firefox and account.microsoft.com did not show me location. Later I discovered only IE worked for finding phone on map.
I rang phone using Skype but person nearby did not answer it so it went to voicemail. It is impossible to get round people problems like this.
Only Windows 10 has 'fine my device' feature not Windows 7. With Windows 7 use account.microsoft.com.
In January 2012, we also imported contacts from another phone's SIM to a Nokia MeeGo phone.
We used Nokia Account to backup contacts from Nokia MeeGo to Web and then restore them from Web to Nokia MeeGo when phone was flashed. We also imported the contact CSV file into a private Web database.
We will also import contacts from another phone via Bluetooth.
We downloaded lost apps from Nokia Store.
SMS messages were not backed up so were lost when the Nokia 6230 was lost. Backup at Nokia Care did not work on the old Nokia 6230's SMS messages but on everything else - phone numbers, images, audio files, video files.
In September 2018, my Samsung Galaxy Pocket Neo power button stopped working so I moved the micro-SIM to a Windows Phone 8.0 Nokia Lumia 820. I then imported contacts from Microsoft Outlook Live account by logging into Microsoft Hotmail/Live account and synchronising. Google Contacts also had contacts which would be imported manually as Google Account won't login due to security issues. I upgraded from Windows Phone 8.0 to 8.1 (600MB 35 mins) but that model won't upgrade to Windows 10 Mobile and may apps won't work so I used browser or another app. I transcribed data from car app to spreadsheet before crash. I lost SMS messages and notepad notes. I needed to export them using Samsung Smart Switch Windows tool and Android app and USB cable or WiFi before crash. Samsung also had Samsung Members app for Android for support I did not know about till after the crash.
In November 2018, after I had restored Samsung Cloud to Samsung Galaxy Note II, I found Smart Switch does not backup contacts only messages and other data from new phone to PC. I used dr.fone to backup the contacts and messages etc on phone to PC but it only works direct to phone. No data is available to be exported into CSV etc.
In June 2014, my N950 died so I had to export phone numbers from account.nokia.com as CSV and convert them to VCF with a Windows tool and import them into a Samsung Android phone. Some of the phone numbers were not imported, just the person's name.
In November 2018, I got a Samsung Galaxy Note II which I did a factory reset on by holding volume up (left), bottom button and power button (right) simultaneously. I then setup Google and Samsung accounts on new device and restored contacts and messages using WiFi.
Reset Samsung Galaxy Note N7105 (Hard Reset)
On September 2018, my Samsung Galaxy Pocket Neo Android phone died. Only way to restore contacts backup on new phone was by buying another Samsung device and sycing as Samsung has a monopoly on data backed up to Samsung Cloud.
On 27 October 2018, Samsung Cloud terms changed so that backups will be deleted if not used for more than 12 months. So I have to buy a Samsung device to sync my contacts from old phone or they will be lost.
I should have exported contacts from Android before this hell of being trapped with Samsung Cloud occurred.
Android backup does not backup contacts only app settings.
The Nokia N950 froze up and said 'too frequent boots - reflash device' when I tried to boot the phone when the battery was nearly flat and had inadequate power to boot. I ignored the message and powered up using power switch and the device luckily booted. I then backed up images and audio recordings via developer SDK. I plan on writing an FTP tool that will allow users to backup their phone's images, video, audio, phone numbers and SMS to an FTP site of their choosing via USB, SD Card, wifi or 3G. A Linux single user mode needs to be setup so a Nokia support person or developer can boot and rescue important files before reformatting and reinstalling the system. Too much vital information is stored on a smartphone and proper backups need to be setup or the phone will lose vital data if it crashes with a disaster recovery plan.
On Nokia N950, I did Settings / Sync and Backup / Backup and then FTPed the Backup files to the PC or select 'use as mass storage device' when USB is plugged into phone. Go to Accounts / Nokia / Synchronise to backup contacts to account.nokia.com. To enter changed password, go to Store / Download an item.
In March 2012, the Optus SIM card died so I had to get a replacement and restore contacts to SIM from Optus Backup, Nokia Account and Nokia N950 contacts.
Optus SIM Backup Down 2 months
In March 2012, I replaced my Optus SIM card.
Optus SIM Backup was down for 2 months with no end in sight.
I got Optus to email me the last backup as HTML table which I converted to CSV using app . I later imported it into MySQL for safe keeping.
New Optus SIMs do not have SIM Backup plus I would not rely on it but would use Nokia Account if you have a Nokia phone to backup and restore via the Internet over 3G as it is more reliable.
Nokia/Windows Phone Contacts
On 24/5/15, Nokia Account was replaced by Microsoft Account . Only Microsoft Hotmail Outlook Live contacts can be synced to Windows Phone not Samsung or Google.
Migration from Windows 7 to Windows 10
In March 2021, I backed up a Windows 7 desktop to an external drive using Macrium Reflect then mounted the image and used it to restore and transfer files to new Windows 10 desktop. This was a life saver as it was much quicker than using LAN or WiFi due to gigabytes of data involved. I had to move Macrium Reflect on Windows 7 after backup to Windows 10 to do restore.
Before I did the restore to the new Windows 10 desktop, I had to wait till Windows 10 had done all its updates first which took about 4 hours which was a very long time compared to Windows 7.
Windows 10 has a much richer interface so I had to find where everything was in Windows 10 after being used to Windows 7 simpler layout.
Corrupted Restore
In May 2018, a contact had not tested their restore of Windows XP backup of Kasperksy and restore failed causing BSOD (Windows to crash on boot).
They tried safe mode but that did not work and did not want to do a new installation of Windows losing all their software and data.
Windows registry and c:\windows\system32 files had to be patched or restored or last known configuration used to get system to boot again.
Macrium
In March 2012, I tried several times to use Windows 7 backup tool to backup a laptop but it was so slow and unclear which files were backed up or whether the backup job had failed and where the image was stored.
In the end I did a quick, successful backup using Macrium Reflect which was clearer to select partitions to backup and easier to restore from an image using a network drive.
In June 2015, Macrium Reflect 5.3 64 bit worked OK in Windows 8.1. I had to deactivate license from previous crashed Windows 7 laptop to use it on Windows 8.1 laptop.
In September 2019, Macrium 5.3 can be upgraded to version 7 . Windows 10 has partition problems with version 5 which were fixed in version 6 and 7 .
From 2008 onwards, I used ResourceMate on Windows laptop to catalogue 3500 items of my father's theological library to edit a book by him "Enriching Australia through educating indigenous people" by S Preston Walker still not out in 2018 10 years after starting due to lack of resources.
In October 2018, when I opened ResourceMate after months of not using it, I discovered all the data in the catalogue had gone so I restored the database from a ResourceMate backup file and got back 4087 items.
This saved me years of work. Thank goodness I backed up the catalogue to hard drive when closing the application.
I plan on upgrading from ResourceMate 3.0 Regular to Essentials in 2019 to ensure the database is still readable by new versions of software.
In October 2020, I loaded Desktop Reminder 2 on Windows 7 after it closed with index error to database due to reboot while it was running and found no data was loaded losing 6 months of task calendar and completion information.
I opened tasks.dr2 file in its folder and all the tasks reloaded.
I also discovered Desktop Reminder 2 was doing daily backups when used in its folder and could have used restore function to recover the data from backups.
Desktop Reminder 2 has a restore function from backups.
Also Desktop Reminder 2 should be closed before reboot to avoid data corruption or needing to reload data or restore data from backups.
If hosting or remote service is provided by an MSP, customer then only pays a monthly fee for maintenance, backup and security.
In July 2022, I had to disable plugins and turn off auto update for WP-Crontrol plugin that broke WordPress because Composer was not setup.
In May 2021, I setup backup to cloud of WordPress site using plugin.
In April 2020, my email to Bigpond bounced because my server was on Amazon Web Services EC2 and they wanted me to whitelist my domain. My domain is clean. In end I sent the email to my sister on Bigpond via gmail which did not bounce as Telstra thinks gmail has enough cred but not my AWS server. Spammers have ruined AWS's credibility in Telstra's eyes.
Bigpond First Attempt
Bigpond blocks my emails to my sister because I use AWS EC2 for hosting for my mail server and they won't whitelist my domain. Telstra blames everyone on AWS with being a spammer. My domain is clean but Telstra forces me to use gmail so their system doesn't block me as a spammer which I am not. Evil Telstra. I have chosen not to email any more Bigpond customers ever except through gmail.
Because Bigpond is so big they get away with poor policies and force everyone onto gmail instead of letting people run their own servers like I do. It is for dummies.
I emailed postmaster at Bigpond but got no reply re whitelisting of my domain and IP address so am forced to use gmail to get through their blocking of my IP address of my server.
Their call centre has 20 min queue due to COVID-19 so is understaffed instead of working from home. They don't have call back so I have to sit in queue to get through.
Their app for support and chat only works on Android and Apple and I only have a Windows Phone.
Their chat bot goes in circles and does not fix anything re email being blocked. There are no live chat agents.
Their Crowdsupport forum answer (archive) does not fix anything as I email the right email address for postmaster and forward the error message with request for my domain and IP address to be whitelisted but nothing happens as they are overloaded or slack.
Telstra is in the Dark Ages.
Bigpond Second Attempt
As I received a 554 error for bounced email sent to Bigpond, PTR Reverse DNS record needed to be setup for mail.wwwalker.com.au email server hosted on AWS EC2 instance . This was done via my DNS third party server (PTR record ) and AWS (reverse DNS record ).
In mean time till DNS is fixed for my domain, I have to forward emails to Bigpond users via Gmail or the emails will sit in mailq on Postfix on my mail server and timeout again.
Email postmaster at bigpond from gmail for whitelisting of IP address as email from wwwalker.com.au will bounce again after sitting several days in mail queue!
After 4 or 5 days of mail in mailq, deferred mail was delivered as Telstra whitelisted my domain on AWS EC2 so no more emails to Bigpond from my server will bounce!
Bigpond Suspected Spammer
In April 2020, email from my domain is bounced by Bigpond with 558 5.7.1 error suspected spammer. I emailed postmaster at bigpond to resolve this. I used gmail to email those Bigpond emails. Telstra call centre did not know what to do.
I decided not to email anyone on Bigpond any more from my domain unless they get another email address, e.g. gmail, because it marks my emails as spam and bounces them. I don't like using gmail.
I hate Bigpond. Telstra was very difficult to get to solve this problem.
Problem mail server: extmail.bigpond.com
Telstra Bigpond whitelisted my IP address.
Third Party Mail Server
The only way round this is to use a third party mail server like AWS SES where every email address has to be verified by region and forget using my own email server even though it is set up properly. This is such a waste of a server. The system has conspired to force all small IT people to outsource their IT to a bigger company.
Hotmail bouncing because domain was treated as spammer
An email to a hotmail address bounced because I had not set DNS SPF TXT record for my domain to "-all" (hard fail) on my DNS server so I set the SPF to have setting "-all". This stops others spoofing emails from my domain if they are using a different IP address.
SPF hardfail did not work but email to hotmail.com still bounced with same error 550 5.7.1 so I contacted Microsoft Outlook Postmaster via Microsoft Support request form to sort bounced email out.
Microsoft wanted me to enroll in Outlook.com Smart Network Data Service (SNDS) and Junk Mail Reporting Program to track anyone using my domain to spam. They would not unblock my domain for sending emails to hotmail so I had to use gmail again. Big companies are trying to eradicate any small operator and force all users to use big companies for email.
I use Gmail to email these domains so my email does not bounce:
Office 365 Exchange Server Bounced Email
In June 2021, email to Couriers Please bounced with 550 5.7.1 SMTP error. I need my domain whitelisted but could not get person at call centre to understand me so gave up and only use phone or their online form to communicate with them as they are non-technical and very hard to deal with.
Australian Parliament House Email Server Whitelisting Failure
In October 2019, my email to Australian Parliament House to local MP Terry Young was never delivered unless I used gmail again because my domain was not whitelisted and was hosted on Amazon Web Services. I spent hours setting up DMARC, SPF and DKIM on my domain DNS and Linux mail server but still email was not delivered to MP's email unless I used gmail not my personal server on AWS.
Spammers attempt to send 30000 or more emails per day via my server but I have blocked their IP address so none are sent.
Google Postmaster Domain Verification for Spam
In February 2022, email from my domain was bounced wrongly as spam by Gmail . So I registered my domain with Google Postmaster and verified it using TXT in DNS record . This is very similar to SPF and DKIM in proving authenticity of email from domain.
Mailing List Bouncing
In March 2022, person with long mailing list had emails bounced by 54 mail servers because servers wrongly detected it as spam because they used their standard gmail account to send the emails. They used another email address to send link to Google Drive. There is so much confusion because they use 3 emails to avoid being blocked as spammers - 1 gmail and 2 private mail server email addresses. Gmail is blocked if they email a PDF attachment but private email server email addresses are not blocked if they just email link to Google Drive not a PDF attachment. Instead of fixing problem of attachments and email addresses being blocked, they just multiply private mail server email addresses and email links not attachments and do not setup a mailing list on a proper server but use their own email account to email out a mailing list. It is a shambles.
Sender should use a consistent email address to send emails so receiver can find old emails via email address in intray. Otherwise they have to search on all alternative emails for sender or hunt on time and date in intray and search line by line which is quite frustrating.
Having sender and receiver email addresses being different for same person is very confusing just for sake of 2 people sharing gmail email.
mailchimp commercial server is OK for mailing lists as their servers are whitelisted. Also GNU Mailman is a good mailing list program for Linux, UNIX or MacOSX servers.
Tracking Email Delivery
In February 2021, tracking email delivery to my mail server helped me discover I had been blocking legitimate email which had kept retrying to send mail to me. I removed those firewall rules and email delivery was OK again. I kept logs of firewall rules and found my mistake of blocking wrong IP addresses which led to bounced inbound emails.
Before that I redirected email from my domain to gmail for a month to debug the problem of bounced emails to my mail server.
The following video helped me troubleshoot and track email delivery problems from firewall and cPanel email delivery logs.
How To Troubleshoot Email Delivery Issues - very useful tips re using tracking email delivery on cPanel
Mimecast Email Blocking
In April 2021, I found in my mail server log that email to university was greylisted with SMTP 451 Internal resource temporarily unavailable error which required mail server to retry. This technique is used to prevent spam. My mail server IP address had to be whitelisted so emails would go through and get a reply. It looks like Outlook Mimecast plugin was used to block incoming emails. I had to use Twitter to communicate with university till mail server was whitelisted.
What is GreyListing and do I need it? 12/20
In July 2020, email could no longer be forwarded from site to university mail server due to lack of SPF on forwarded email but was bounced with SMTP 550 SPF Sender Invalid - envelope rejected error. So we had to create separate mailboxes for that site.
May 2017 Technical Webinar: Email Security with Mimecast 5/17
Postfix receiving email with sender Domain not known error
In March 2023, when receiving email from UNSW CSE with internal domain and email address as sender to my Postfix server with domain checking for sender to stop spam, I got 120 retries every hour with SMTP 450 4.1.8 error. UNSW did not use FQDN for their email address.
I added an account and local domain to my Linux server running Postfix to match the incoming email so it was valid and whitelisted it in check_sender_access using /etc/postfix/sender_access and the email was received. This took me 2 days to work out.
Email with no DKIM header marked as spam by Gmail
In August-September 2023, email from my domain to Gmail was put in spam folder of brother and purged after 30 days because he didn't look in spam folder. I re-sent the email from my domain to Gmail and it went into his spam folder, he found it with my help, unblocked it and moved it to intray.
I configured opendkim to add DKIM header to emails when sending email via SMTP via Postfix on my mail server . Gmail now receives email with DKIM header and it is not treated as spam and purged. I had to check DNS of domain and find selector for DKIM record to setup opendkim to add DKIM header to outbound emails.
Outbound email goes through SMTP. Originally this was not configured to add DKIM header to outbound emails on my mail server using my domain but later was configured to add DKIM header.
Inbound email goes through IMAP and had been checking DKIM via opendkim to my mail server.
Phishing
In March 2020, a recruiter on LinkedIn emailed me re a consulting role with a link to a link to a page for more information that looked very like Microsoft OneDrive login but I could not login with my normal login as password did not work. I then worked out the recruiter was fake and was harvesting my login by copying Microsoft Live login and had sucked me in via phishing email from LinkedIn. I then reset my Microsoft Live password.
I studied phishing countermeasures MOOC via CSU IT Masters in 2018 which helped me pick this sneaky attack.
SSL for Android email
In July 2022, my email client on Android stopped working because certificate on my mail server was invalid or expired. I checked mail.log and there were errors re "dh key too small". I had to change openssl setting to enable email to be received any more from server on Android. Server had 128 bit key and Android used 256 bit key so key was too short for DH and failed. Dovecot used SSL certificate which was affected by openssl encryption.
Encryption - Email and Web
In July 2022, we changed setup of mail server for openssl as Android could not login due to short key.
In September 2019, we setup our mail server to use TLS.
In November 2018, we setup our Linux server to use SSL encryption via certificate.
Linux Attacks
hardening of Linux server
detect and block bots attacking server in logs
DDoS mitigation
firewall
What is SYN Flood Attack? Detection & Prevention in Linux - DDOS attacks using SYN and not responding so filling up connections 11/19
VIDEO
MicroNugget: Preventing TCP Syn-Flood Attacks
fail2ban - block constant attacks on site via Web server or ssh or postfix or dovecot (mail) or SASL 8/19
iptables firewall
attacks from Bulgaria, Vietnam, Netherlands, Iran, India, Brazil, Turkey, Russia
Varnish HTTP Cache
to mitigate DDoS incoming attacks crashing server every hour for over 6 hours 12/19
ssh login
Apache
SpamAssassin - filters emails and rates for spam level
Bitcoin Blackmail
In March 2019, I received blackmail emails wanting payment in Bitcoin. They had allegedly hacked my email or had a video feed via non-existent Webcam and wanted payment. This is exploitation.
Bitcoin is perfect vehicle for fraud and exploitation worldwide by hackers of digital assets like email or Websites or Webcam or phone cams as it gets round anti-money laundering protection of banks.
Bitcoin can be tracked to receiver.
Data breaches, that feed this exploitation frenzy, need to be prevented by better IT security.
Data Breach at PageUp People
In May 2018, PageUp People, a recruiting agency portal, had a data breach by hacker gaining access. Red Cross, UQ, Coles Careers, Telstra, Queensland Rail etc used PageUp for recruitment services.
People who had their identity hacked can gain help from IDcare who handle identity and cybersecurity issues for people.
Those whose account has been hacked need to change their password.
Spam Assassin (Email Filtering)
In January 2016, we configured Spam Assassin and account level filtering to move spam into Trash based on Spam-Score threshold. Before that spam was mixed up in the main email inbox and took hours to delete or remove. It mostly gets it right, otherwise the reader can rescue any misclassified spam and move them back to the inbox.
Facebook Security
In March 2022, a friend was hacked on Facebook in Malawi Africa. People should setup 2-factor authentication on Facebook and other sites using Microsoft Authenticator or Google Authenticator apps. Then when person logs in from new browser or IP address site will prompt for password as well as a constantly changing 6 digit code obtained from the relevant Authenticator app. This will stop hackers getting in. They should also change their password every month or so on Facebook.
In March 2022, a friend who did not check his friends' IDs on Facbook led to fake user befriending me via that friend and trying to con me. I unfriended them. I then got friend to unfriend them who was letting them all in.
In September 2014, I was locked out of my Facebook account and I had to provide ID to get back in when I added as a friend a fake entry for Australian Cane Farmers Association. That fake entry was deleted by Facebook.
In 2012 or so, my login on Facebook was infected by a virus when someone from Orange City Council I was a friend of on Facebook shared a post that made out I was swearing at all in my group when I clicked a link on the post that had reverse meaning to what the link did. I unfriended that person to stop this.
Malware Removal
In March 2021, Microsoft Exchange server Web access was hacked due to static cryptographic keys. Microsoft mitigation did rewrite on IIS of URL that was being attacked so bots could not login till full patch was applied.
In December 2020, SolarWinds Orion was infected by SUNBURST malware worldwide . SolarWinds changed all its CAs .
In May 2013, a Windows 7 was infected with MIXI.DJ browser plugin when I installed CrossFont (converts Mac fonts to Windows fonts), so I uninstalled it and several games and removed it from add-ons, search engines and default page in Firefox and Internet Explorer.
In April 2012, our Windows 7 laptop was infected by Security Shield malware which blocked all apps including browsers, delete and rename and made the PC run very slow. Safe mode and using a Linux PC were ways to download an antivirus or antimalware to remove it. We tried PC Tools Spyware Doctor with Antivirus, AVG, Windows Defender and finally Malwarebytes Anti-Malware.
Malwarebytes Anti-Malware full scan is very slow, taking 7 hours for 500,000 files. AVG did the same in 2 hours.
Microsoft Security Essentials detected Rogue:Win32/Winwebsec so I let it remove it.
The first video is better but the second video has info about http://live.sysinternals.com/procexp.exe for seeing and killing processes running when task manager is blocked.
Meltdown and Spectre CPU speculative execution cache reading bug
In 3 January 2018, Intel CPU had bug that cache in kernel could be read by user so passwords and security keys could be sniffed. Operating systems have been patched including Windows, Linux, MacOSX, Android and iOS. This is a very esoteric bug. Older hardware is not affected. CPU speculated on result of if statements in logic and executed and stored results in cache which someone reading through memory could find via side-channel (internal memory).
Patches brick CPUs.
Antivirus can block fix so check status .
Easy explanation of Meltdown and Spectre
Harder explanation of Meltdown and Spectre
WannaCry Attack
Around 15/5/17, WannaCrypt Ransomware worm attacked 200,000 Windows servers in 150 countries through security exploit and brought them down. Servers had to be patched and rebooted.
Botnets
A detailed look into the Mozi P2P IoT botnet 12/20
Botnets use P2P (peer to peer) networking to distribute themselves using routers and IoT devices with poor authentication controls.
These vulnerable devices need to have their firmware upgraded urgently to close the security holes. Firmware upgrades are available from the manufacturers' websites e.g. Netgear, D-Link, Huawei, Realtek.
In December 2020, Mozi botnet attacks appeared in my Linux server Web logs as devices trying to get botnet software downloaded from remote host to router with poor authentication controls they are attacking and run malware remotely using RCE or Remote Code Evaluation which distributes itself to even more vulnerable devices in a massive network of nodes.
See NETGEAR Product Security for router vulnerability alerts and patches or upgrades.
RFID Card Scanners
In December 2023, because I walked too close to a Translink Smartticket machine it scanned my debit card and charged it $10 without my permission so I had to call Translink to have it reversed which will take 10 business days.
Use a RFID blocker card holder to shield cards from RFID so ticket machines or thieves cannot suddenly take funds without permission.
Queensland Camera Traffic Fines
In December 2023, I was fined heavily for carrying a mobile phone to use Google Maps while driving on Western Freeway Mt Coot-tha. There were no traffic signs warning drivers of massive fines for carrying mobile phone while driving.
I bought a Brisbane Gregory's street directory (paper book) and stopped using mobile in car for Google Maps to avoid massive traffic fines.
CrowdStrike global outage on Windows Servers
news
Remediation and Guidance Hub: Channel File 291 Incident 6 Aug 2024
Faulty CrowdStrike update takes out Windows machines worldwide 19 Jul 2024
Statement on Falcon Content Update for Windows Hosts 19 Jul 2024:
Details
Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
Windows hosts which have not been impacted do not require any action as the problematic channel file has been reverted.
Windows hosts which are brought online after 0527 UTC will also not be impacted
Hosts running Windows 7/2008 R2 are not impacted
This issue is not impacting Mac- or Linux-based hosts
Channel file "C-00000291*.sys" with timestamp of 0527 UTC or later is the reverted (good) version.
Channel file "C-00000291*.sys" with timestamp of 0409 UTC is the problematic version.
Current Action
CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes.
If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:
Workaround Steps for individual hosts:
Reboot the host to give it an opportunity to download the reverted channel file. If the host crashes again, then:
Boot Windows into Safe Mode or the Windows Recovery Environment
NOTE: Putting the host on a wired network (as opposed to WiFi) and using Safe Mode with Networking can help remediation.
Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory
Locate the file matching "C-00000291*.sys", and delete it.
Boot the host normally.
Note: Bitlocker-encrypted hosts may require a recovery key.
Workaround Steps for public cloud or similar environment including virtual:
Option 1:
Detach the operating system disk volume from the impacted virtual server
Create a snapshot or backup of the disk volume before proceeding further as a precaution against unintended changes
Attach/mount the volume to to a new virtual server
Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory
Locate the file matching "C-00000291*.sys", and delete it.
Detach the volume from the new virtual server
Reattach the fixed volume to the impacted virtual server
Option 2:
Roll back to a snapshot before 0409 UTC.
AWS-specific documentation:
To attach an EBS volume to an instance
Detach an Amazon EBS volume from an instance
Azure environments:
Please see this Microsoft article
Bitlocker recovery-related KBs:
BitLocker recovery in Microsoft Azure
BitLocker recovery in Microsoft environments using SCCM
BitLocker recovery in Microsoft environments using Active Directory and GPOs
BitLocker recovery in Microsoft environments using Ivanti Endpoint Manager
Microsoft Cloud Status
Windows Server has to boot to revert to previous safe update
uninstall CrowdStrike
install alternative to CrowdStrike
disable automatic Windows Updates
restore previous safe update of Windows
restore from backup
CrowdStrike IT Outage Explained by a Windows Developer - Dave's Garage - 7/2024
Dave's tweet re bad bug in kernel driver of CrowdStrike 7/24
Web-Based Systems
reCAPTCHA for protecting Web forms from spammers
In April 2017, I upgraded to Google Recaptcha v.2! It took me 2 or 3 hours to work out syntax! Recaptcha now uses JSON and Javascript as well as PHP.
We removed Sweetcaptcha because it has been infected with ad links.
Installing Google reCAPTCHA on Web site forms to prevent bots trashing the email system is also done by us. Contact us for an example. No more bots get through now.
Data Integration of Financials with Web Portals
In October 2010, we moved our bookkeeping to a private Web portal rather than rely on old PCs and managing upgrading Windows. We do bulk uploads of records to Web and report for tax purposes and business accounts using the Web instead of PC software making us more agile and flexible and not forcing us to come back to Orange to do accounts.
Cloud computing is where the user uses applications loaded from the Internet. The data is stored offsite, perfect for mobile applications or disaster/recover options for small businesses with small IT budgets and pay by the month modes.
Monitoring
In February 2012, we provided Web-based email-to-SMS alerts for ourselves or customers on a 24/7 basis using our own online scripts that monitor emails for specific criteria. Later we will use Nagios when have more resources. We also examine standard logs and deduct the best way of repairing the security breach or restoring the system to a safe restore point from backups.
Mailing List Archive Backups
In February 2012, we are working to recover a 1980s style system Lyris ListManager mailing list after the server was rebooted and only part of the list archive was restored from backups. Later we may migrate it to Mailman . As the original was lost, I found a copy of a personal flat file Eudora mail archive, munged it with Python, Ruby, PHP and flex and am migrating it to another Website. Others converted an HTML archive of earlier years to Word and uploaded it to box.com and Google Docs as redundancy.
System Upgrades
Windows
Windows 7 upgrade to Windows 10
In February 2020, I need to upgrade Windows 7 to Windows 10:
upgrade Windows 7
disk image using Macrium Reflect
get NBN connected (156 carriers to choose from)
get external drive or blank DVD to burn ISO
download ISO files for upgrade using NBN
migrate to Windows 10
get second hand Windows 10 computer from eBay
migrate files from Windows 7 to Windows 10 over ethernet or disk chassis using USB
Windows Update not working on Windows 7
In January 2017, I installed new client for Windows Update on Windows 7 and installed over 200 updates. Before that no updates were done as the client was faulty.
Windows Upgrades and Cloud Computing
Office 365
Your email, Microsoft Office, Exchange and Sharepoint can be migrated to Office 365 by us. We are qualified administrators of Office 365. We did this in June 2016 in Caboolture for a Windows 10 laptop customer and migrated their email and address book from Outlook .pst file.
Mobile Support
In September 2018, I upgraded Windows Phone 8 to 8.1 but could not upgrade to Windows Mobile 10 due to my Nokia Lumia 820 not being supported.
PC Support
As Windows XP support expired on 8 Apr 2014, we are able to migrate Windows XP, 7 or 8.1 to a Windows 10 or into the Cloud. No more virus updates or patches will be available after that date so the system is vulnerable. This will require wizards and backups to be run and software and data migration from old applications to those that will run on Windows 8.1.
In July 2015, we upgraded to Windows 10 including installing drivers for biometrics and Web camera from earlier versions of Windows.
In April and August 2012, we upgraded Windows XP systems to Windows 7 including a backup. In January 2014, we upgraded a laptop from Windows 7 to Windows 8.
Microsoft Money is obsolete and only runs on Windows XP. Data from financial information needs to be exported and imported into software that is supported either on the desktop or into Cloud software like we did.
Other common jobs are rebuilding PCs with Windows XP, Vista, 7, 8 and 10, Linux or FreeBSD.
Examples:
upgrade Windows 8.1 to Windows 10
upgrade non-geniuine Windows XP Pro to Windows 7, setting up an ADSL/Wifi hotspot, transferring email to Thunderbird, backing up partitions to a 1TB external drive and stopping line dropping out
reverting from Windows Vista to Windows XP for InDesign to work to speed again with Dell quad-speed processor, not be a dog;
upgrade Windows 98 to Windows XP including setting up a wireless ADSL2+ router for a small business.
Linux
Linux Debian Long Term Support (LTS)
In June 2018, Linux Debian 8 Jessie was end of life and Apache was crashing intermittently, so as per Debian Long Term Support (LTS) , I added LTS repositories and joined email list for LTS upgrades.
Virtualization
To save hardware, we can create virtual machines to run your applications. This allows us to run Linux and Windows on top of each other. We did this on limited hardware in Brisbane to enable us to test software running on FreeBSD, SuSE Linux and Fedora Linux all on a Windows XP Pro PC without having to install them on separate partitions. This is heaven for a sysop with a limited budget.
This flexibility improves agility and produces quick disaster recovery. This is what they had to do after September 11, 2001 in USA - move their staff to another location and rebuild servers from backups to survive using minimal hardware and working over the Internet from remote locations. Many sites or small businesses worldwide now backup to a remote server for a monthly fee per Gigabyte. This is now called cloud computing.
Using virtualization, snapshots of various operating systems like Unix, Linux, FreeBSD, Mac OS X and Windows can be saved and then reloaded on a totally different operating system allowing for very quick response should the hardware fail or a system be overrun with viruses or spambots due to lax security.
Common virtualization software includes VirtualBox, VMware, Xen or HyperV.
This can also be done via Docker and Kubernetes.
Testing
This is ideal for setting up various work or test machines without having to purchase many pieces of hardware to run them on.
If the customer provides us with a support ticket with configuration information in it to reproduce a bug, we can login to our own virtual server and reproduce the errors without having to go near their server and deploy a fix for the problem from our inhouse resources.
If the customer does not have enough modern PCs to run test machines, we can install VMware and load a virtual operating system image to test systems at low cost and high efficiency and enable us to get on with the job despite a lack of dedicated hardware on the customer's premises. We have done this onsite in Brisbane when we were doing technical support for a small company and just could not get a spare PC to test systems on to achieve our objectives. VMware virtual images are a great way to get around these hardware limitations often foisted upon us to save money by the customer.
As usual it is easier to spend our own time and money doing virtualization than waiting for ages for the customer to spend money then ending up doing it for them for free just to get a job done on time and make money. This seems to be how small businesses
avoid paying any money - they put financial pressure on suppliers and in the end they donate equipment or time to get a job going rather than have it fold due to the customer avoiding investing in equipment and training. The tradeoff is we own the technology and bring our own tools to the job to avoid delays so the customer owns nothing and just gets a service.
As of March 2012, Veritas Backup Exec 2012 now supports VMware and Hyper-V so only one backup for multiple Windows or Linux Virtual Machines on a host is required.
Tools
VMware is mostly about setting up virtual machines in data centres. We do not use it much inhouse except for setting up a test machine. They are into 1000s of seats (licenses) per customer (enterprises) not little guys like me who have may be 1 or 2 licenses. They are a greedy big company. I do not recommend VMware for small businesses only medium to large enterprises. Apart from their free VMware player, everything else they sell is over $10,000 USD per licence.
VMware has several open source divisions: Springsource (Cloud Java beans platform), RabbitMQ (messaging), Zimbra (groupware) and Tanzu (Kubernetes) which is of value to me as an opensource developer. I went to a course in Brisbane in 2011 with Queensland JVM on Springsource and RabbitMQ.
We recommend opensource virtualization products like Xen Project .
VDI is Virtual Desktop Infrastructure so the user can run their desktop on a virtual server not their own PC. Microsoft, VMware and Citrix support this.
Around 2014, we looked at Docker containers to run instances of operating systems.
NBN compatible VDSL2 modems
On 6 June 2024, my NBN connection died using ZTE H268A modem. I tried to find another NBN compatible modem but NBN had a very difficult to understand ITU standard for modems to meet to be compatible so one had to believe statement that modem was compatible on retailers' sites like Officeworks or use trial and error and return it to try another one if that modem didn't work.
NBN modem compatibility documentation which is very difficult to understand unless person is an electrical engineer
modes of delivery of NBN
trial and error - believe retailer that modem is compatible and try it and if it fails return it and try another until a working modem is found
modems that appear NBN compatible:
D-Link DSL245GE AC1200 - reliable
Communications Infrastructure Disaster
In November 2012, Southern Grampians Shire Council was cut off for 2 weeks when Telstra Warrnambool Exchange burnt down. This is a lesson on having backup plans that are tested.
Due to excess data on Optus and Vodafone mobile networks being very dear at $10/GB, in November 2015, I setup TPG broadband at my home office to combat this excess data charges.
NBN cuts copper about 6 months after it comes to an area. Caboolture will be cut off in September 2016 so all people must switch to NBN or mobile for communications.
Email Mailbox Full
In August 2019, to connect with customer via email to try and get some violin lessons going, I had to help them receive email from me which was being blocked because their mailbox was full without their knowledge. They also wanted to know if I got their emails but I hadn't because their mailbox was full so no email could be received or sent. This required checking for pending emails from me to them in my mail queue of my mail server. They had to delete the excess emails so my email could be received and I could receive their email. Once they had cleaned up their mailbox I was able to receive an email with one large image of several megabytes and they received two test emails from me. It was quite a saga over several days.
Message Size Too Big
In March 2021, I detected in my mail.log via pflogsumm Perl tool that someone had emailed me an email that was too big for my mail server's message size limit so was bounced with SMTP error message:
552 5.3.4 Message size exceeds fixed limit
My Postfix mail server has a message size limit of 10MB and if the email received is over that limit it will be bounced.
I had to use domain of sender, whois and ABN to find who was emailing me such a large file.
Instead of emailing a large email, sender should:
break it into several smaller emails and email a smaller file or
upload the files to Dropbox.com or Google Drive or Cloud drive and email a link or
compress file to get size under limit or
reduce resolution of images or
upload to file server or Web server or intranet or extranet and email a link to server to download it directly not via email
correct broken links on Website
Mail server is a very slow file server so alternative ways need to be found to send large files.
I think person was emailing me many PDFs which exceeded 10MB maximum message size instead of fixing broken links on their Website to PDFs. All they had to do was fix broken links not send a very large email with PDFs in it that bounced and caused all sorts of problems sorting out bounced email. I could also have found out information re market research in job market elsewhere via Google instead of trying to get PDFs from site with broken links.
Many untrained people use email like a sledge hammer to send anything and everything causing all sorts of size issues when size is too big. All they needed was some WordPress skills on how to fix broken links then login to admin console and fix them in 2 minutes rather than bundle all the PDFs up that had broken links to them on the Website and email them as a very large email that bounced and caused hell for the receiver.
Devops
see also Groupware and Devops
Devops is a crossover between development and operations.
We have skills in:
operations - AWS, Azure, Linux
development - PHP, Perl, Python, C, bash, awk, sed
We once for a client in Sydney successfully setup and ran a large import/merge job of 1 million rows of CSV patent record data from many jurisdictions and formats into MySQL database using PHP to setup a batch pipeline of C jobs using MySQL C API on our own Linux server, a form of Devops.
VoIP Call Blocking, Voicemail and Call Forwarding
VoIP allows user to have personal PABX.
In August 2022, I rang Exetel re blocking scam callers to my NBN VoIP landline phone. I had the number of the scam caller from my Uniden DECT phone. I could not block calls on the Uniden DECT 1105 was it was too simple.
ZTE modem did not allow me to block calls.
I learned from Exetel call centre tech support that I could login to Exetel user console and setup call blocking, voicemail and call forwarding:
dashboard | home phone | manage | calls & voice settings
block calls
voicemail | email | SMS alerts
call forwarding (not with voicemail)
Having voicemail setup on my VoIP landline number was good because before it was setup people rang and could not leave message so wondered why I did not get call. With voicemail the recordings were emailed to me on my mobile or a SMS was sent to alert me to ring voicemail from home phone when I got home.
Call forwarding to my mobile would be good when I was away from home for a period of time.
Contact Us
Get in touch if you need help rebuilding, upgrading, recovering, backing up, virtualization of your system or protecting of Web forms from bots. We have experience with Windows and Linux both local and remote backup to disk, flash drive or tape and to the Web.
We have experience with gigabytes of backups.
Links
Mult-Factor Authentication (2FA/MFA)
to prevent hackers finding password and gaining access to site or server, as well as password login, a code is entered from or button is pressed on app to allow access to site or server
apps
Authy
Duo
Google Authenticator
Microsoft Authenticator
Facebook 2FA setup
In March 2022, Lapsus$ UK cyber gang attack using MFA:
botnets attack security vulnerabilities of IoT and routers with malware by Remote Code Execution (RCE)
Coronavirus shutdown support
backup
UPS (Uninterruptible Power Supply)
devops
browser
cloud
VM
Created: 28 June 2007 23:10
Last Updated: 5 Dec 2024 16:19
WWWalker Web Development Pty Ltd