Hell Week (or when your AS/400 goes belly up)

Isn’t it funny how most crises don’t arise from just one bad event happening?  Most crises arise from a long history of small, seemingly good decisions which weaken what used to be a resilient system.  While all of those people walk around congratulating each other on cost and time savings, a small few are trying … [Read more…]

A quick and easy master password tool

2016 has been a year full of breaches and a year full of passwords I’ve had to change. ¬†One resolution I’ve made in 2017 is to get away from using any multi-account passwords combinations, which means I’ve got to go full tilt into a password manager. I’ve been using KeePass for almost two years now … [Read more…]

My thoughts on my recent SANS SCADA training

If the guys a Red Tiger Security wanted to kick my brain into black hat mode – they succeeded!  I’ve just gotten back from a 5-day ‘boot camp’ style SCADA security class hosted by SANS in Houston, TX.  SANS actually hosted two similar courses – a more generalized SCADA Security training with an introduction to pentesting, and … [Read more…]

Quick Fix for RIS Not Enough Space On Partition Error

Here’s a quick fix when RIS tells you “the computer does not have enough disk space on the selected partition. Go to <drive>:RemoteInstallSetupEnglishImages<imagename>i386Mirror1 and make a copy of the IMirror.dat file. Go to http://www.winhex.com/winhex/index-m.html and download the latest version of WinHex. If you are more comfortable with another hex editor, then try it.  Change the … [Read more…]

Remotely changing Outlook Exchange Profiles

I’ve got a couple of remote users who report not having any new email since sometime in 2005. These guys don’t sign on to the computers all that often, so I suspect Outlook didn’t automagically change their mailbox settings when I moved them to our new Exchange server back in 2005. Typically, I would do … [Read more…]

Computer “locked up”, SPOOLSV.EXE using 100% CPU.

Symptom: Computer “locked up”, SPOOLSV.EXE using 100% CPU. Cause: Printing certain PDF files to a HP1012 printer from Windows XP and Windows 7 cause the SPOOLSV.EXE process (Print Spooler Service) to use 100% CPU. Other printer models may be affected. Please comment if you have run into this on other printers. Fix: Stop “Print Spooler” service (may … [Read more…]

Solutions for Windows Update error 80072EE2

I’ve been building serveral small test servers and workstations, but I ran into a Windows Update error 80072EE2 putting a test server on my production network.  After a quick google, there seems to be a ton of different causes for this but they are all network related.  Here’s the steps I recommend for troubleshooting this: … [Read more…]

WMI Error 1065 processing group policy

Ever have one of those days?  Among all the random things the corporate beast threw at me, I encountered a wonderful WMI error generated by a GPO refresh.  Here’s the error: Log Name:      System Source:        Microsoft-Windows-GroupPolicy Date:          11/5/2012 10:29:20 AM Event ID:      1065 Task Category: … [Read more…]