Tag Archives: installation

How to repair Windows Server using Windows SFC and DISM

Over time, system files in a Windows Server installation might require a fix. You can often repair the operating…

system without taking the server down by using Windows SFC or the more robust and powerful Deployment Image Servicing and Management commands.

Windows System File Checker (SFC) and Deployment Image Servicing and Management (DISM) are administrative utilities that can alter system files, so they must be run in an administrator command prompt window.

Start with Windows SFC

The Windows SFC utility scans and verifies version information, file signatures and checksums for all protected system files on Windows desktop and server systems. If the command discovers missing protected files or alterations to existing ones, Windows SFC will attempt to replace the altered files with a pristine version from the %systemroot%system32dllcache folder.

The system logs all activities of the Windows SFC command to the %Windir%CBSCBS.log file. If the tool reports any nonrepairable errors, then you’ll want to investigate further. Search for the word corrupt to find most problems.

Windows SFC command syntax

Open a command prompt with administrator rights and run the following command to start the file checking process:

C:WindowsSystem32>sfc /scannow

The /scannow parameter instructs the command to run immediately. It can take some time to complete — up to 15 minutes on servers with large data drives is not unusual — and usually consumes 60%-80% of a single CPU for the duration of its execution. On servers with more than four cores, it will have a slight impact on performance.

Windows SFC scannow command
The Windows SFC /scannow command examines protected system files for errors.

There are times Windows SFC cannot replace altered files. This does not always indicate trouble. For example, recent Windows builds have included graphics driver data that was reported as corrupt, but the problem is with Windows file data, not the files themselves, so no repairs are needed.

If Windows SFC can’t fix it, try DISM

The DISM command is more powerful and capable than Windows SFC. It also checks a different file repository — the %windir%WinSXS folder, aka the “component store” — and is able to obtain replacement files from a variety of potential sources. Better yet, the command offers a quick way to check an image before attempting to diagnose or repair problems with that image.

Run DISM with the following parameters:

C:WindowsSystem32>dism /Online /Cleanup-Image /CheckHealth

Even on a server with a huge system volume, this command usually completes in less than 30 seconds and does not tax system resources. Unless it finds some kind of issue, the command reports back “No component store corruption detected.” If the command finds a problem, this version of DISM reports only that corruption was detected, but no supporting details.

Corruption detected? Try ScanHealth next

If DISM finds a problem, then run the following command:

C:WindowsSystem32>dism /Online /Cleanup-Image /ScanHealth

This more elaborate version of the DISM image check will report on component store corruption and indicate if repairs can be made.

If corruption is found and it can be repaired, it’s time to fire up the /RestoreHealth directive, which can also work from the /online image, or from a different targeted /source.

Run the following commands using the /RestoreHealth parameter to replace corrupt component store entries:

C:WindowsSystem32>dism /Online /Cleanup-Image /RestoreHealth

C:WindowsSystem32>dism /source: /Cleanup-Image /RestoreHealth

You can drive file replacement from the running online image easily with the same syntax as the preceding commands. But it often happens that local copies aren’t available or are no more correct than the contents of the local component store itself. In that case, use the /source directive to point to a Windows image file — a .wim file or an .esd file — or a known, good, working WinSXS folder from an identically configured machine — or a known good backup of the same machine to try alternative replacements.

By default, the DISM command will also try downloading components from the Microsoft download pages; this can be turned off with the /LimitAccess parameter. For details on the /source directive syntax, the TechNet article “Repair a Windows Image” is invaluable.

DISM is a very capable tool well beyond this basic image repair maneuver. I’ve compared it to a Swiss army knife for maintaining Windows images. Windows system admins will find DISM to be complex and sometimes challenging but well worth exploring.

Go to Original Article

Vendor admits election systems included remote software

Election system security was compromised by the installation of remote access software on systems over the span of six years, a vendor admitted in a letter to a senator.

Election Systems & Software (ES&S), a voting machine manufacturer based in Omaha, Neb., admitted it installed the flawed PCAnywhere remote access software on its election management system (EMS) workstations for a “small number of customers between 2000 and 2006,” according to a letter sent to Sen. Ron Wyden (D-Ore.) that was obtained by Motherboard.

The PCAnywhere source code was stolen from Symantec servers in 2006, leaving the software vulnerable, and further issues in 2012 caused Symantec to suggest users uninstall the program before officially putting PCAnywere to its end of life in 2014.

ES&S had previously denied knowledge of the use of remote access software on its election management systems, but told Wyden about the vulnerable software that could have put voting machine security at risk. ES&S wrote that it stopped installing the PCAnywhere software in December 2007 due to new policies enacted by the Election Assistance Commission regarding voting machine security.

Gene Shablygin, CEO and founder of WWPass, an identity and access management company based in Manchester, N.H., said the actions by ES&S were “pretty consistent with the overall state of computer security” for the time.

“Today, these technologies and general approaches are totally unacceptable, and must be completely reworked. The last decade especially, was the period of explosive growth of hacking technologies, and the defensive side of many systems was left in the dust. So, most of the systems that are still in use — and voting systems are no exception — have multiple vulnerabilities, some of which are zero-day, or not yet discovered,” Shablygin wrote via email. “You can’t stop progress, and sooner or later, remote voting will become a matter of everyday life.”

Lane Thames, senior security researcher at Tripwire, agreed that the failures of ES&S with election system security shouldn’t be surprising, “especially during the 2000 to 2007 timeframe when cybersecurity was hardly ever on the roadmap for companies producing computing systems.”

“Another concerning point is the underlying arguments that imply the devices built from 2000 to 2007 are still in use. As with many critical infrastructure systems, costs can prohibit frequent hardware refresh cycles,” Thames wrote via email. “As such, many voting machines are likely to contain older operating systems and other software with many vulnerabilities due to these systems not being able to be updated with operating system patches and such. This is a challenging problem we face with all of our critical infrastructure, with very few good solutions at this time.”

ES&S did not respond to requests for comment and it is unclear if the affected election systems were ever fixed or if they are still in use.

Fixing voting machine security

Voting machine security was already proved to be in a troubling state after hackers at Defcon 2016 were able to crack all systems tested within just a few days.

Every system charged with securing our government’s processes … should be open to large security audits.
Jonathan SanderCTO, Stealthbits Technologies

Sean Newman, director of product management at Corero Network Security, said the news about PCAnywhere will make “little difference” in the likelihood of finding other election system security issues.

“They run software and, if they have any kind of internet connectivity, even for managing the voting system/process itself, then there’s a reasonable chance that vulnerabilities exist, which could provide unauthorized users with the ability to have an impact on the normal operation of the system,” Newman wrote via email. “The focus should be for vendors, like ES&S, to ensure they use secure coding practices to develop the software for such systems and avoid any need to expose such systems to the public Internet.”

Jonathan Sander, CTO at Stealthbits Technologies, noted that government “pressures to do everything cheaply and with world class, state actor proof security are in tension” when it comes to election system security and outside audits are needed.

“Every system charged with securing our government’s processes — a.k.a. protecting our collective benefit — should be open to large security audits. To sell anything to the federal government you need to go through tons of certifications. But that’s not enough,” Sander wrote via email. “Bug bounties to get the hacker community to find vulnerabilities, open review at a source level for all solutions to be used in government, and mandatory standards for any remote access features should be table stakes for putting in systems like this.”

Thames notes that a major issue is that “although the U.S. electoral infrastructure is part of the nation’s critical infrastructure, it is still largely up to local and state agencies to ultimately enforce security of the systems.”

“Herein lies another challenging problem. Local and state agencies likely have little to no expertise or budget for securing their voting systems. Every time I go to the voting polls, I see mostly volunteers with a few dedicated staff. Most volunteers at the polls will not have experience with cyber and/or physical security issues related to voting machines,” Thames wrote. “Moreover, the nation already has a significant deficit for staffing our cyber security departments, in both government and industry. Funding will likely need to be increased, somehow, for local and state government agencies in order to provide adequate security for our voting systems.”

Zyxel 310 NAS

Zyxel 310 NAS. Boxed with power supply, network cable, manual and installation cd.

Has served me well for the last 5 years, but the hard disk failed and I decided to upgrade to a 2 bay Synology NAS.

£22.50 inc postage.

Price and currency: 22.50
Delivery: Delivery cost is included within my country
Payment method: Bank transfer
Location: Loughborough
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference…

Zyxel 310 NAS

Zyxel 310 NAS

Zyxel 310 NAS. Boxed with power supply, network cable, manual and installation cd.

Has served me well for the last 5 years, but the hard disk failed and I decided to upgrade to a 2 bay Synology NAS.

£25 inc postage.

Price and currency: 25
Delivery: Delivery cost is included within my country
Payment method: Bank transfer
Location: Loughborough
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference…

Zyxel 310 NAS

Zyxel 310 NAS

Zyxel 310 NAS. Boxed with power supply, network cable, manual and installation cd.

Has served me well for the last 5 years, but the hard disk failed and I decided to upgrade to a 2 bay Synology NAS.

£25 inc postage.

Price and currency: 25
Delivery: Delivery cost is included within my country
Payment method: Bank transfer
Location: Loughborough
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference…

Zyxel 310 NAS

Samsung Windows 10 Laptop – Mint Condition £150

2.16GHZ Celeron
500GB Hard Drive

Includes genuine Windows 10 Pro installation Disc.

Computer is cleaned and fully restored ready for new user.

In immaculate condition
View attachment 1017331

View attachment 1017332

View attachment 1017333

View attachment 1017334

View attachment 1017335

View attachment 1017336

£150 collected in London – can arrange postage via courier at addition cost.

Price and currency: 150
Delivery: Delivery…

Samsung Windows 10 Laptop – Mint Condition £150

What is Windows Server Core ? – Definition from WhatIs.com

Windows Server Core is a minimal installation option for the Windows Server operating system (OS) that has no GUI and only includes the components required to perform server roles and run applications.

The smaller code base in Server Core reduces the amount of resources required to run the OS, takes up less disk space and lowers Server Core’s exposure to outside threats. Microsoft removed the GUI, which frees more RAM and compute resources on the server, to run more — or more demanding — workloads, which can benefit highly virtualized environments.

The full Windows Server 2016 RTM installation takes about 10 GB of disk space, while the Server Core installation takes up about 6 GB of disk space. With fewer processes and services running the OS, there is less chance that an attacker can use an unpatched exploit to enter the organization’s network. Server Core eases management overhead with fewer configuration options to limit the issues that occur when an administrator applies an incorrect setting.

Server Core management can challenge less technically adept IT pros. The lack of a GUI requires the administrator to have a high level of proficiency with PowerShell. An organization needs to perform a thorough test of workloads on Server Core to ensure there are no issues with remote management before a move to the production environment.

Server Core is available in both the Windows Server Semi-Annual Channel and Long-Term Servicing Channel releases. Microsoft supports Windows Server products in the Long-Term Servicing Channel with five years of mainstream support, five years of extended support and an option for six additional years through Microsoft’s Premium Assurance program. Microsoft supports Windows Server products in the Semi-Annual Channel for 18 months from each release.

Windows Server Core management

Because it has no GUI, administrators manage Server Core with either PowerShell or various remote tools, such as Remote Server Administration Tools (RSAT), Remote Desktop Services or Server Manager.

Microsoft developed a number of PowerShell cmdlets for various administrative tasks required to deploy and manage Server Core. A more advanced shop can build PowerShell scripts to automate complex workflows for frequently performed procedures. An administrator can use a remote PowerShell session to connect to the Server Core installation to execute the cmdlets.

[embedded content]

How to configure Windows Server
2016 Server Core

RSAT consists of a number of tools — Microsoft Management Console snap-ins, PowerShell cmdlet modules and command-line utilities — to manage the roles and features for Server Core. RSAT runs on a Windows client machine.

An admin can also use the Microsoft Server Configuration Tool — known as sconfig.cmd — to handle the initial configuration of a Server Core installation. The utility restarts and shuts down the server, adjusts Windows Update settings, enables the Remote Desktop Protocol and renames the host.

Uses for Windows Server Core

Server Core deployments are ideal for enterprises that need to deploy and maintain a large number of servers. Microsoft recommends Server Core for servers that require minimal administration once deployed for specific infrastructure roles, such as domain controllers and certificate authorities.

Microsoft recommends Server Core in Windows Server 2016 for the following roles: Active Directory (AD) Certificate Services, AD Domain Services, AD Lightweight Directory Services, AD Rights Management Services, Dynamic Host Configuration Protocol server, Domain Name System server, File Services, Hyper-V, licensing server, print and document services, Remote Desktop Connection Broker, Routing and Remote Access service, streaming media services, web server, Windows Server Update Services and Volume Activation Services.

History of Windows Server Core

Microsoft introduced Server Core with the release of Windows Server 2008. This installation option removed features and services not required to run the most common server roles. This version had limitations that held back adoption by administrators. There was no option to switch between Server Core and the full GUI version; if further modifications required the GUI, the admin needed to reinstall the OS. This release did not support certain administrative features, such as PowerShell remoting.

In Windows Server 2012, Microsoft made Server Core the default option for installation. The admin could use PowerShell to switch back and forth between the GUI if it was needed to install a driver or to perform another task that required the graphical interface. Once the administrator finished that job, the GUI component could be removed. Microsoft added an integrated scripting environment to the Server Core interface.

In Windows Server 2016, Microsoft removed the ability to convert Server Core to a full Windows Server with the GUI — also known as Server with Desktop Experience. Users need to perform a new installation to get the GUI with Windows Server.

Disadvantages of Windows Server Core

The lack of a GUI in Server Core is one drawback for some IT departments if administrators are not comfortable using PowerShell and remote management. A problem with a system that runs Server Core could tie up an inexperienced technician who must research how to use cmdlets or an unfamiliar utility when the issue could be resolved quicker if there was access to the GUI.

Server Core supports a large number of server roles, but there are quite a few that are not compatible with this OS. Also, many third-party applications require a GUI and do not support Server Core.

Windows Server 2016 removed the ability to switch a Server Core installation to the full GUI version — also known as Server with Desktop Experience — which took away the flexibility preferred by some administrators.

Windows Server Core vs. Nano Server

Microsoft released the initial version of Nano Server in Windows Server 2016 RTM as a separate installation option, and originally promoted it as an even smaller server deployment than Server Core at around 400 MB on disk.

In June 2017, Microsoft decided to rework Nano Server from a minimal server deployment option for infrastructure roles to a container-only image in the Windows Server 2016 release version 1709. This move stripped Nano Server’s servicing stack and numerous other components required to run various server roles, such as DNS and file server. The company recommends organizations use Server Core as a host for virtual machines (VMs), containers and traditional infrastructure workloads.