26 Jan 2012 Disable DLNA in Windows 7
If you are using your Windows 7 and have a active wireless network, then the chances are that you are sharing your media files with DLNA enabled devices like smartphones, TVs with wireless access and media centers.
This HOWTO describes how you can disable DLNA in Windows 7.
- Type “Manage advanced sharing settings” in the Start Menu
- Go to “Home and Work”
- Under “Media Streaming” you click the “Choose media streaming options” link
- Click the “Block all” button followed by the “OK” button
You have now disabled DLNA sharing on your computer.
Posted by Hans-Henry Jakobsen
14 Sep 2011 Windows grep command alternative
grep is a linux console command to print lines matching a line, but Windows does not have the grep command.
In Windows you have to use the findstr command in a console window.
Example
C:\>dir |findstr Windows 13.09.2011 10:41Windows
The findstr command is default case sensitive just like in linux.
findstr options
C:\>findstr -?
Searches for strings in files.
FINDSTR [/B] [/E] [/L] [/R] [/S] [/I] [/X] [/V] [/N] [/M] [/O] [/P] [/F:file]
[/C:string] [/G:file] [/D:dir list] [/A:color attributes] [/OFF[LINE]]
strings [[drive:][path]filename[ ...]]
/B Matches pattern if at the beginning of a line.
/E Matches pattern if at the end of a line.
/L Uses search strings literally.
/R Uses search strings as regular expressions.
/S Searches for matching files in the current directory and all
subdirectories.
/I Specifies that the search is not to be case-sensitive.
/X Prints lines that match exactly.
/V Prints only lines that do not contain a match.
/N Prints the line number before each line that matches.
/M Prints only the filename if a file contains a match.
/O Prints character offset before each matching line.
/P Skip files with non-printable characters.
/OFF[LINE] Do not skip files with offline attribute set.
/A:attr Specifies color attribute with two hex digits. See "color /?"
/F:file Reads file list from the specified file(/ stands for console).
/C:string Uses specified string as a literal search string.
/G:file Gets search strings from the specified file(/ stands for console).
/D:dir Search a semicolon delimited list of directories
strings Text to be searched for.
[drive:][path]filename
Specifies a file or files to search.
Use spaces to separate multiple search strings unless the argument is prefixed
with /C. For example, 'FINDSTR "hello there" x.y' searches for "hello" or
"there" in file x.y. 'FINDSTR /C:"hello there" x.y' searches for
"hello there" in file x.y.
Regular expression quick reference:
. Wildcard: any character
* Repeat: zero or more occurrences of previous character or class
^ Line position: beginning of line
$ Line position: end of line
[class] Character class: any one character in set
[^class] Inverse class: any one character not in set
[x-y] Range: any characters within the specified range
\x Escape: literal use of metacharacter x
\ Word position: end of word
For full information on FINDSTR regular expressions refer to the online Command
Reference.
Posted by Hans-Henry Jakobsen
19 Jun 2011 List installed Windows Updates using WMIC
I have recently been trying to find a way to export a list of some, but not all installed Windows Updates and patches on a Windows 2008 server. WMIC is a Windows command that has been available in Windows for a long time and has become a tool that can perform many kinds of actions and queries.
Microsoft has created a tool called Microsoft Baseline Security Analyzer that helps you determine the security state in accordance with Microsoft security recommendations and offers specific remediation guidance, but I have not tried it to see if all patches and updates are exported.
Open a Windows Command Prompt (cmd.exe) and type the following command
wmic qfe get
The result presented in plain text
Caption CSName Description FixComments HotFixID InstallDate InstalledBy InstalledOn Name ServicePackInEffect Status http://go.microsoft.com/fwlink/?LinkId=133041 PC-NAME Update 982861 pc-name\username 3/20/2011 http://go.microsoft.com/fwlink/?LinkId=161784 PC-NAME Update KB971033 NT AUTHORITY\SYSTEM 8/9/2010 http://support.microsoft.com/?kbid=2305420 PC-NAME Security Update KB2305420 NT AUTHORITY\SYSTEM 12/17/2010 http://support.microsoft.com/?kbid=2393802 PC-NAME Security Update KB2393802 NT AUTHORITY\SYSTEM 2/10/2011 ...
WMIC can also be used to gather other Windows related information and this is a list with many wmic commands I have copied from Tech-Wreck InfoSec Blog: WMIC Command Line Kung-Fu in case the site becomes unavailable.
This site has produced many interesting articles and is well worth a visit.
| Description | - Command |
|---|---|
| Spot Odd Executables | – wmic PROCESS WHERE “NOT ExecutablePath LIKE ‘%Windows%’” GET ExecutablePath |
| Look at services that are set to start automatically | – wmic SERVICE WHERE StartMode=”Auto” GET Name, State |
| Find user-created shares (usually not hidden) | – wmic SHARE WHERE “NOT Name LIKE ‘%$’” GET Name, Path |
| Find stuff that starts on boot | – wmic STARTUP GET Caption, Command, User |
| Identify any local system accounts that are enabled (guest, etc.) | – wmic USERACCOUNT WHERE “Disabled=0 AND LocalAccount=1″ GET Name” |
| Change Start Mode of Service | – wmic service where (name like “Fax” OR name like “Alerter”) CALL ChangeStartMode Disabled |
| Number of Logons Per USERID | – wmic netlogin where (name like “%skodo”) get numberoflogons |
| Obtain a Certain Kind of Event from Eventlog | – wmic ntevent where (message like “%logon%”) list brief |
| Clear the Eventlog (Security example) | – wmic nteventlog where (description like “%secevent%”) call cleareventlog |
| Get Mac Address | – wmic nic get macaddress |
| Reboot or Shutdown | – wmic os where buildnumber=”2600″ call reboot |
| Update static IP address | – wmic nicconfig where index=9 call enablestatic(“192.168.16.4″), (“255.255.255.0″) |
| Change network gateway | – wmic nicconfig where index=9 call setgateways(“192.168.16.4″, “192.168.16.5″),(1,2) |
| Enable DHCP | – wmic nicconfig where index=9 call enabledhcp |
| Service Management | – wmic service where caption=”DHCP Client” call changestartmode “Disabled” |
| Start an Application | – wmic process call create “calc.exe” |
| Terminate an Application | – wmic process where name=”calc.exe” call terminate |
| Change Process Priority | – wmic process where name=”explorer.exe” call setpriority 64 |
| Get List of Process Identifiers | – wmic process where (Name=’svchost.exe’) get name,processid |
| Information About Harddrives | – wmic logicaldisk where drivetype=3 get name, freespace, systemname, filesystem, size, volumeserialnumber |
| Information about os | – wmic os get bootdevice, buildnumber, caption, freespaceinpagingfiles, installdate, name, systemdrive, windowsdirectory /format:htable > c:\osinfo.htm |
| Information about files | – wmic path cim_datafile where “Path=’\\windows\\system32\\wbem\\’ and FileSize>1784088″ > c:\wbemfiles.txt |
| Process list | – wmic process get /format:htable > c:\process.htm |
| Retrieve list of warning and error events not from system or security logs | – WMIC NTEVENT WHERE “EventType<3 AND LogFile != ‘System’ AND LogFile != ‘Security’” GET LogFile, SourceName, EventType, Message, TimeGenerated /FORMAT:”htable.xsl”:” datatype = number”:” sortby = EventType” > c:\appevent.htm |
| Total Hard Drive Space Check | – wmic LOGICALDISK LIST BRIEF |
| Get Running Services Information | – Wmic service where (state=”running”) get caption, name, startmode, state |
| Get Startmode of Services | – Wmic service get caption, name, startmode, state |
| Get Domain Names And When Account PWD set to Expire | – WMIC UserAccount GET name,PasswordExpires /Value |
| Get Hotfix and Security Patch Information | – WMIC QFE GET /format:CSV >QFE.CSV |
| Get Startup List | – wmic startup list full |
| Find a specific Process | – wmic process list brief find “cmd.exe” |
| Get List of IP Interfaces | – wmic nicconfig where IPEnabled=’true’ |
| Change IP Address | – wmic nicconfig where Index=1 call EnableStatic (“10.10.10.10″), (“255.255.255.0″) |
| OS/System Report HTML Formatted | – wmic /output:c:\os.html os get /format:hform |
| Products/Programs Installed Report HTML Formatted | – wmic /output:c:\product.html product get /format:hform |
| Services Report on a Remote Machine HTML Formatted | - wmic /output:c:\services.htm /node:server1 service list full / format:htable |
| Turn on Remoted Desktop Remotely! | – Wmic /node:”servername” /user:”user@domain” /password: “password” RDToggle where ServerName=”server name” call SetAllowTSConnections 1 |
| Get Server Drive Space Usage Remotely | – WMIC /Node:%%A LogicalDisk Where DriveType=”3″ Get DeviceID,FileSystem,FreeSpace,Size /Format:csv MORE /E +2 >> SRVSPACE.CSV |
| Get PC Serial Number | - wmic /node:”HOST” bios get serialnumber |
| Get PC Product Number | – wmic /node:”HOST” baseboard get product |
| Get Services for Remote Machine in HTML Format | – wmic /output:c:\services.htm /node:server1 service list full / format:htable |
Tags: MBSA, Windows 2008, Windows 7, wmic
Posted by Hans-Henry Jakobsen
01 Jun 2011 NetBackup 7.x port usage
If you are unsure what ports Symantec NetBackup 7.x master or media Windows server uses, just open the following file
%SYSTEMROOT%\system32\drivers\etc\services
The content in this file could be like this if you have not made any changes to the default configuration
bpcd 13782/tcp bprd 13720/tcp vnetd 13724/tcp vopied 13783/tcp bpdbm 13721/tcp bpjobd 13723/tcp bpjava-msvc 13722/tcp NB_dbsrv 13785/tcp vmd 13701/tcp tldcd 13711/tcp tl8cd 13705/tcp tl4d 13713/tcp tlmd 13716/tcp tlhcd 13717/tcp acsd 13702/tcp
Tags: nbu7, netbackup, symantec
Posted by Hans-Henry Jakobsen
23 May 2011 Clear Read-Only flag on Disk in Windows 7 using Diskpart
This is a short HOWTO clear the read-only/readonly flag/attribute on a disk in Windows 7 using the diskpart command from a Windows Command Prompt.
Warning!
Be sure to do this on the right disk since the diskpart command can do serious damage if you run it on the wrong disk.
- Open a command window by running the diskpart command from a Command Prompt
- Determine which disk you are going to modify:
-
DISKPART> list disk Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 149 GB 1024 KB Disk 1 Online 465 GB 465 GB
- Select the disk you are going to modify
DISKPART> select disk 1
You have now selected disk 1
list disk Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 149 GB 1024 KB * Disk 1 Online 465 GB 465 GB
- Clear the Read-Only attribute on the selected disk
DISKPART> attributes disk clear readonly
The disk is no longe Read-Only protected.
If you would like to set the disk Read-Only again just do the same procedure and write
DISKPART> attributes disk set readonly
in the last operation.
When you are done modifying the disk attributes just issue the exit command
DISKPART> exit
and the diskpart windows will be closed.
Posted by Hans-Henry Jakobsen
