In this issue:
Ask Our Readers: Blocking spam from all those strange TLDs (responses). Book Review. What registry value does this GPO policy setting change? Auditing registry changes. The ultimate Procmon guide. More whatznu in Windows 11. With a mask like this you can go anywhere! Download any version of Windows 10. Factoid: Click click clickety-click…ding! Plus lots more — read it all, read it here on WServerNews!
It’s hard to get where you want to go if you don’t have a map to guide you. Photo by Sylwia Bartyzel on Unsplash
HELP SPREAD THE NEWS! Our next issue will be on Monday February 7th. In the meantime please tell all your colleagues and friends about WServerNews and its companion newsletter FitITproNews, and let them know that they can subscribe to these and other TechGenix newsletters for free here. Thanks!!
Ask Our Readers: Blocking spam from all those strange TLDs (responses)
In our last newsletter we included an item about how TLDs (top-level domains) seem to be proliferating like rabbits. This drew a question from a reader named Francis in Quebec, Canada and we’re sharing it here with our readers hoping that one of you can give us the answer:
Yes! That’s a lot of TLDs. Many of them are for marketing use and are not managed properly. For many months now, I have been receiving unsolicited e-mails promoting products and services. In general, there is no address to unsubscribe. Several anti-spam do not block TLDs. I just created a rule in Outlook to redirect them to the recycle bin. During the Christmas holidays, more than 60 spam emails per day …
This is my rule…
Do you have a better way to address the problem?
Does anyone out there have a better approach than what Francis does above? Let us know, merci!
Got questions? Ask our readers!
WServerNews goes out bimonthly to almost 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? You can Ask Our Readers for help by emailing us your problem or question. Do it today!
Mailbag
Two issues ago we talked about problems arising from so-called improvements in Windows 11 and how Microsoft is having to go back and fix them. When will Microsoft learn to leave things well enough alone when they work well and users are used to using them? Anyways, Dennis DeMattia wanted to add his own comments about this subject:
I don’t know what your average reader does, but I use the file manager a lot to copy and paste files and folders. Prior to W11, one would right click the object, select copy and then right click the place where you are moving it, and select paste. Now, you have to “Select More Options” before each command selection. (Or use the silly ribbon, so now you have to move the mouse to the top of the screen and find the silly icon.) One would think that the more common commands would be first, and funny rare things like Compress would be in the secondary selection!
Even more scary, should you select a drive letter, one of the first options you see is Format. And on some systems, just pausing (not clicking) your mouse over that command starts it executing. This only happens on touch screen systems, and before format starts doing anything, it asks you first. But it should not be the first thing you see, and it really should not kick off magically. I saw this on a client computer. None of mine kick off by breathing on them.
Yikes! I think we’ll be sticking with Windows 10 for a while with our business here in Winnipeg.
Any other readers have gripes about changes in Windows 11? Email us!
Editor’s Corner
Where your Editor reviews a neat new book and then rambles on about some sysadmin-y stuff…
Book Review
The Cybersecurity Self-Help Guide from CRC Press is a good book! A lot of books about cybersecurity are either overly simplistic or way too deep for even serious IT pros to get much benefit from. This book by Arun Soni however is different: it explains concepts simply and clearly and it reinforces understanding through real-life scenarios and case studies, practical hands-on exercises, open-ended activities you can try out, and multiple choice self-tests. Chapters are short and fun to read, and each chapter focuses on some specific aspect of cybersecurity. Chapter topics include IP addressing, router security, two-factor authentication, website hacking, email spoofing, smartphone security, using VPNs, penetration testing, digital forensics, and more. Whether you’re an experienced IT professional or simply a self-educated user, if you’re looking to broaden your understanding of cybercrime, cyberthreats, and cybersecurity, this book is one you should definitely check out!
What registry value does this GPO policy setting change?
If you’re ever troubleshooting problems with a policy setting in a Group Policy Object (GPO) not seeming to be applied to a machine, you can always use Registry Editor to check whether the corresponding entry in the registry has been modified or not. The problem of course is finding what registry entry that maps to that GPO policy setting. Fortunately there is an easy way to determine this: just go to https://admx.help and look up your policy setting and you’ll find the associated registry entry displayed in full.
For example, as you can see here this policy setting:
Computers\Administrative Templates\System\Filesystem\NTFS\Do not allow encryption on all NTFS volumes
modifies the registry as follows:
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | System\CurrentControlSet\Policies |
| Value Name | NtfsDisableEncryption |
| Value Type | REG_DWORD |
| Enabled Value | 1 |
| Disabled Value | 0 |
Pretty useful if you use Group Policy in your environment!
Auditing registry changes
While we’re on the topic of watching for changes in the Windows registry, another way of doing this is to use the event logs on Windows platforms. By utilizing the advanced security audit policy settings found under Security Settings\Advanced Audit Policy Configuration\System Audit Policies in Event Viewer you can filter for event 4657 which is generated when a registry key value was modified. Note however that it doesn’t generate an event when a registry key is modified. More information concerning this can be found in Microsoft Docs:
https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4657
The ultimate Procmon guide
Then of course you can also track registry changes using Procmon (Process Monitor) one of the Windows Sysinternals tools. The IT Bros has a short tutorial on how to use Procmon for this purpose. But if you really want to master The Power of Procmon (gee that sounds like the title of an upcoming Marvel Universe movie) then I suggest you check out PowerShell guru Adam Bertram’s Ultimate Guide to Procmon on his website Adam The Automator. Adam has lots of other terrific stuff on his site and it’s well worth your time perusing it.
By the way, you can download the latest version of Procmon here:
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
More whatznu in Windows 11
We’ve been hard-pressed to find a *good* introduction to the new features and changes in Windows 11. Something that is sensible and easy to understand and without either marketing fluff or ironic criticism. Fortunately, along comes Michael Niehaus who has recently posted two articles on his blog Out Of Office Hours to explain in simple and clear changes what we need to know and understand about what’s new in Windows 11. Here are links to Parts 1 and 2 and stay tuned to Michael’s blog for further excursions into this topic:
https://oofhours.com/2021/12/29/whats-new-in-windows-11-part-1/
https://oofhours.com/2021/12/29/whats-new-in-windows-11-part-2/
And Finally: With a mask like this you can go anywhere!
And finally we’re pretty much in awe of the advances that AI and machine learning have been making in a broad range of different fields. But coming next Halloween watch out if your office, home or bank uses facial recognition to identify you and allow you to enter or access personal or business services you depend on. That’s because the odds are almost even that a stranger wearing a mask which mirrors one of these faces could hack your security system or account.
Wonderful, eh?
Got comments about anything in this issue?
Email us! We love hearing from our readers!
Please tell others about WServerNews!
Enjoy this issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers! And please tell others about WServerNews! It’s free and always will be free — and they can subscribe to it here. Thanks!!!
Tip of the Week
Download any version of Windows 10
Paul Thurrott has a great tip on his website on how you can use the Media Creation Tool to download any version of Windows 10 that you want or need for your environment:
https://www.thurrott.com/windows/windows-10/243391/tip-download-any-version-of-windows-10
Admin Toolbox
>> Got any admin tools or software you’d like to recommend to our readers? Email us your recommendations!
inControl for macOS is a tool that helps you manage your application windows and workflow:
https://wizardsoft.nl/products/incontrol
WIM Witch is a utility that can be used to update and modify WIM files for Windows deployment scenarios:
https://www.scconfigmgr.com/2019/10/04/wim-witch-a-gui-driven-solution-for-image-customization/
Duo Mobile can be used to to generate mobile-generated passcodes for online services and web applications that require them:
https://guide.duo.com/third-party-accounts
Factoid: Click click clickety-click…ding!
Our previous factoid (somewhat abbreviated) and question was this:
Fact: The number of top-level domains (TLDs) has been proliferating as the following list in TXT format from IANA illustrates:
Source: https://data.iana.org/TLD/tlds-alpha-by-domain.txt
Question: When was the last time you visited a website that had neither COM, NET nor ORG as its TLD? And if there are any such sites that you frequently open in your browser, what are their TLDs?
We got a couple of responses from readers on this one. Dennis DeMattia from Spokane, Washington USA comments that:
I use Fastmail for my email provider. While they do supply you a regular COM or NET name to use, You can also get at them as fastmail.fm. The fm TLD stands for Federation of Micronesia, but apparently you do not have to live in a grass hut to use one of their domains. It does make it easy to remember their URL however!
And of course if I try to open https://fastmail.fm in my browser it redirects immediately to the Fastmail login page.
Also, reader Daniel Bragg from BC, Canada says:
Of course, Country TLDs (like CA for my favourite country, Canada) I use regularly, and I like how I can change almost any www.Amazon.com address to www.Amazon.ca and 98% of the time I find the correct matching listing in my Canadian currency. However, I would ask a follow-up question (since most of your readers are IT staff, or at least IT-lingual): Would you ever *trust* a TLD that has more than 3 letters? Increasingly, I am more meticulous of web addresses, even the .ME (Montenegro), .IT (Italy), .LY (Libya) and .IN (India), not because of their country designations, but because of their English language equivalents. I can’t imagine a day when I would blindly trust www.WestJet.Booking – it just looks too dangerous to me, even though .BOOKING is a valid TLD.
Well, I guess you can always fly Air Canada instead of WestJet.
😛
Now let’s move on to our next factoid:
Fact: Typewriters have been making a comeback lately as a result of the pandemic.
Source: https://boston.cbslocal.com/2021/11/23/cambridge-typewriter-arlington-business-covid-pandemic/
Question: Do any of our readers still own a typewriter? Do you ever use it? Do you miss using it?
Email us your answer and we’ll include it in our next issue!
Subscribe to WServerNews!
Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!
Conference Calendar 2022
NOTE: Conference dates and locations (real/virtual) are subject to change
RSA Conference — Feb 7-10, 2022 in San Francisco, USA
https://www.rsaconference.com/usa
Cisco Live Amsterdam — Feb 7-11, 2022
https://www.ciscolive.com/emear.html?zid=cl-global
Big Data & AI World — March 2-3, 2022 in London, UK
https://www.bigdataworld.com/welcome
Mobile World Congress — June 29-July 1, 2022 in Shanghai
Cisco Live Las Vegas – June 12-16, 2022
https://www.ciscolive.com/us.html?zid=cl-global
Def Con 30 — Aug 11-14, 2022 in Las Vegas, USA
Big Data Expo — Sept 14-15, 2022 in Utrecht, The Netherlands
https://www.bigdata-expo.nl/en
Podcast Corner
Getting a Security Audit with Paula Januszkiewicz (RunAsRadio)
Network Automation With Nautobot (Heavy Networking)
https://packetpushers.net/series/weekly-show/
Getting Started with Wi-Fi in 2022 (Clear To Send)
Russia’s ransomware diplomacy (Risky Business)
https://risky.biz/netcasts/risky-business/
New Azure Features, TLS Changes & SDKs for Developers (Microsoft Cloud Show)
http://www.microsoftcloudshow.com/podcast
New on Techgenix.com
The Major Barriers to SMB Cybersecurity
Small and medium-sized businesses (SMBs) are a less resistant target for cyber attackers. This is why they must think about how to protect their data and systems.
https://techgenix.com/the-major-barriers-to-smb-cybersecurity/
Review of Letsignit
Letsignit is determined to become a world leader in corporate email signatures. Here’s our review.
https://techgenix.com/letsignit-review/
Do’s and Don’ts for Writing a Stand-out Cybersecurity Resume
The growth of the cybersecurity industry has opened up gates for numerous work opportunities. What matters most when you apply to a cybersecurity job is how you present your sustainability
https://techgenix.com/dos-and-donts-for-writing-a-stand-out-cybersecurity-resume/
Free apps: What You Need to Know Before Downloading
While free apps offer a fantastic array of benefits over paid versions, they also have significant risks. It’s important to learn how to protect yourself.
https://techgenix.com/free-apps-what-you-need-to-know-before-downloading/
The Evolution of Managed Kubernetes Platforms – What Lies Ahead in 2022
Since 2014, Kubernetes has been evolving to become an ecosystem of tools, platforms, and open-source technology built around its functionalities, driving the future of cloud computing and container technology.
https://techgenix.com/the-evolution-of-managed-kubernetes-platforms-what-lies-ahead-in-2022/
Fun videos from Flixxy
260 MPH On The German Autobahn In A Bugatti Chiron
Have you ever wondered what traveling at a speed of 260 mph (414 km/h) would look like on a public road?
https://www.flixxy.com/260-mph-on-the-german-autobahn-in-a-bugatti-chiron.htm
Wingsuit Flying Over The Egyptian Pyramids
Flying closer to the great pyramids of Giza than any wingsuit pilots than before is a whole new way to look at history.
https://www.flixxy.com/wingsuit-flying-over-the-egyptian-pyramids.htm
Jamming At The Jazz Roots Festival In Paris
Ksenia Parkhatskaya and her colleagues jamming at the Paris Jazz Roots swing dance event in 2015.
https://www.flixxy.com/jamming-at-the-jazz-roots-festival-in-paris.htm
The Three Little Pigs – Shakespeare Style
Ever wondered what ‘The Three Little Pigs’ would sound like if it had been written with a more classic, robust command of the English language?
https://www.flixxy.com/the-three-little-pigs-shakespeare-style.htm
Send us your feedback!
Got feedback about anything in this issue of WServerNews? Email us!
WServerNews – Product of the Week