BreakthePaywall now available in Google Chrome

BreakthePaywall is now available as a Google Chrome Extension.

Visit the Breakthepaywall home page: http://www.breakthepaywall.com

Or search in the Chrome store for ‘BreakthePaywall’

Or click this direct link: 

https://chrome.google.com/webstore/detail/breakthepaywall/ddlcmnkkbojfnfclfhbdfkcmhfaebhgc

The Chrome version utilises referer and agent hacks but does not perform any cookie deletion or other storage manipulation. However, this should be enough for most paywall websites.

The Extension adds a simple BTPW button to the Chrome toolbar which you can use to toggle BreakthePaywall on and off. When it’s coloured blue it’s on and grey is off.

Advertisements

Completely disable IPv6 in Windows

You can’t get rid of IPv6 stuff from windows completely but you can effectively turn it off.

IPv6 seems to cause all sorts of problems under Windows and in most cases nobody needs it – yet….the fear is that IPv4 IP numbers are running out and therefore we have to start moving to IPv6 with it’s huge address range (IPv4 just under 4.3billion addresses, IPv6 3.4×1038 or 340 undecillion i.e. vastly more).

However, apart from the fact that there are still masses of unused IPv4 addresses and address ranges out there – I personally know of 2 class C address ranges for companies that I have worked for in the past, handed back to the ISP when not required anymore and are still listed under that companies name as being used – the software and hardware manufacturers need to make easy to transition and co-exist with both address ranges, otherwise it just aint gonna happen. And this is where MS windows seems to fall down in it’s implementation.

My view is, if you don’t need IPv6 yet then turn it off until you do.

My investigations of how to do this were prompted by noticing rogue network adapters listed under Windows 7 AND 8. Running IPCONFIG in the command prompt brought up several strangly named adapters with names such as Toredo tunneling adapter, MS ISATAP adapter.

The toredo adpaters are described on Wikipedia as:

In computer networking, Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet but which have no direct native connection to an IPv6 network. Compared to other similar protocols its distinguishing feature is that it is able to perform its function even from behind network address translation (NAT) devices such as home routers.

https://en.wikipedia.org/wiki/Teredo_tunneling

And ISATAP:

ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) is an IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of an IPv4 network.

https://en.wikipedia.org/wiki/ISATAP

I would say that both those functions are better suited to gateway devices i.e routers and switches. Most people on home or business networks will carry on using IPv4 locally for ever – there is no need to upgrade to IPv6 addressing on these networks. Therefore, the translation of one addressing schema to another should be carried out at the edge of these networks – on the hardware devices that connect us to the rest of the internet.

So to get rid of these adapters and turn off IPv6 this is what I have gathered so far:

The Toredo and ISATAP adapters are invoked on demand but stay in your system. They are not listed in the normal Network and Sharing centres network connections. They only appear under and IPCONFIG command or within the device manager as hidden devices:

  • Goto device manager under the control panel.
  • Select Show hidden devices from the View menu.
  • Right click on Toredo or MS ISATAP adapters and select uninstall.

Next you need to disable IPv6 on all network connections.

  • Goto Network and Sharing centre in the control panel.
  • Select Change adapter settings from the left hand side.
  • Right click on each adapter and select properties.
  • Untick the TCP/IPv6 component:

IPv6.png

Make sure you do this on all adapters including virtual ones.

Next you need to add a registry entry under the following registry key:

  • [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesTCPIP6Parameters]
  • Add A Dword parameter named: DisabledComponents
  • With the value: ffffffff

This is documented here: http://support.microsoft.com/kb/929852 expand the Disable IPv6 entry and the bottom of the article for a full list of parameter values.

As far as I know that’s about as far as you can go at present at disabling IPv6.

WSUS Forcing reporting, downloading and installing using powershell

——————————————-

# Powershell Script to force clients check into WSUS server

# Import Active Directory PS Modules CMDLETS
Import-Module ActiveDirectory

$comps = Get-ADComputer -Filter {operatingsystem -like “*server*”}

$cred = Get-Credential

Foreach ($comp in $comps) {

Invoke-Command -computername $comp.Name -credential $cred { wuauclt.exe /detectnow }
Write-Host Forced WSUS Detect on $comp.Name

Invoke-Command -computername $comp.Name -credential $cred { wuauclt.exe /reportnow }
Write-Host Forced WSUS Report-In on $comp.Name

}

——————————————-

You can change “*server*” to “*” to invoke on all systems.

MSCHAP-v2 for Cisco ASA VPN connections using Radius on Windows Server 2008

When we upgraded our Windows domain servers to 2008 we found the default authentication methods had changed – PAP/SPAP was no longer enabled by default:

radius.png

Consequently our VPN users could not connect as it turned out they were using PAP/SPAP by default.

We wanted to MS-CHAP-v2 for obvious security reasons so we needed to find out how to change our VPN tunnel groups on the Cisco ASA unit to use the stronger authentication method.

Within each tunnel group:

Configuration -> Remote Access VPN -> IPSEC (IKEv1) Connection Profiles (or whatever type of VPN you use)

Under Advanced -> Password Management

Enable the password management option:

password_mgmt.png

You can also set the password expiration notification here if you use that on your network – this is the Active Directory password expiration i.e. you are prompted every so often to change your network password. If you have users that are permanently on VPN connections then this can be set to warn them well before their expiration so that your IT team does not get calls regarding passwords not working 🙂

The Password Management turns on MS-CHAP-v2 for your VPN connections so you can keep your Radius servers using MS-CHAP-v2 only and ensure you are using the strongest authentication on your VPN connections.

NOTE: Once MS-CHAP-v2 is working you will notice that a extra box appears for domain in your VPN Client logon dialog box – you should enter your Windows Active Directory root domain in this box.

 

WMI Event errors in Windows 2008 32bit

We were getting WMI errors in the event log after installing Windows Server 2008 32bit:

Windows Management Instrumentation has stopped WMIPRVSE.EXE because a quota reached a warning value. Quota: HandleCount Value: 4117 Maximum value: 4096 WMIPRVSE PID: 2352

Everywhere we looked seemed to suggest a rebuild of the WMI repository.

But that seemed a bit drastic instead we found that recompiling the MOF files worked. Here’s how:

1. Open a CMD prompt 

2. Change directory: cd%windir%System32WBEM (for X64 use SysWOW64WBEM)

3. Execute the following:

FOR /f %s in ('dir /b /s *.dll') do regsvr32 /s %s
Net stop /y winmgmt
FOR /f %s in ('dir /b *.mof *.mfl') do mofcomp %s
Net start winmgmt

You can just copy from here and paste into the command prompt each instruction in turn.

No more messages received after this.

Windows RDP Keyboard Shortcuts

Just pressing Ctrl+Alt+Del when in an RDP session sends the keystrokes to your local desktop – how do you do Ctrl+Alt+Del in a remote desktop session? Here is how to do it and some other useful keyboard shortcuts:

Ctrl+Alt+End – Equivalent of Ctrl-Alt-Del – Security dialog box is opened where you can lock, log off, change password etc.

Ctrl+Alt+Break – Toggles between full screen and window mode.

Alt+Page Up – Equivalent of Alt+Tab – switches between application windows.

Alt+Home – Equivalent of pressing start menu – opens the start menu.

Ctrl+Alt+plus sign (+) – Equivalent of Print Screen button – copies just the RDP session window not your whole screen.

Ctrl+Alt+minus sign (-) – Equivalent of Alt-Print Screen button – copies just the window that has focus within your RDP session.