How to Enable Virtual Sound Card in a Windows Server 2008 R2 Hyper-V Machine

I've been experimenting with Microsoft’s Hyper-V more and more lately. One early frustration is the apparent lack for virtual audio support in your virtual machines. In my case, Windows 8. 

Here are the steps that worked for me:

1. From the host Windows Server 2008 R2 machine, type ‘remote’ in the Search Programs and Files box:

2. Double-click the ‘Remote Desktop Session Host Configuration’ entry.

3. Right-click on the remote desktop connection (the default is RDP-Tcp) and choose properties:

4. Select ‘Client settings’ and remove the checkmark next to both ‘Audio and video playback’ options (to not disable these features):

5. Click Apply and then click OK to close the page.

6. Log-off the virtual machine. Now login to your virtual machine using RDP to see the changes applied to the system:

Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management by Chuvakin & Schmidt, Elsevier / Syngress

Authors: Anton Chuvakin, Kevin Schmidt

Paperback: 460 pages

Release Date: December 2012

ISBN10: 1-59749-636-7

ISBN13: 978-1-59749-636-0

Language: English

Publisher: Elsevier / Syngress

Summary: The authors do a “deep-dive” into many aspects of logging and log management

Audience: Sysadmins

---

What's My Take?

Despite a hefty 460 pages long, Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management is an easy read, primarily because it’s logically organized in 22 chapters. Each chapter covers a single concept and this also makes the book a good “grab-it-off-shelf” reference. With a little something for every sysadmin, the book has many practical guidance and real-world examples and case studies. I’d not really given the topic careful consideration previously, and found Chapter 20 on planning a log analysis system valuable. The Understatement of the Year Award comes from Chapter 4: “Log storage is an important consideration when it comes to logging.” I also liked the workflows in Chapter 16. Here’s a listing of the Chapter titles:

Chapter 1: Logs, Trees, Forest: The Big Picture

Chapter 2: What is a Log?

Chapter 3: Log Data Sources

Chapter 4: Log Storage Technologies

Chapter 5: Case Study: syslog-ng

Chapter 6: Covert logging

Chapter 7: Analysis Goals, Planning and Preparation: What Are We Looking for?

Chapter 8: Simple Analysis Techniques

Chapter 9: Filtering, Matching and Correlation

Chapter 10: Statistical Analysis

Chapter 11: Log Data Mining

Chapter 12: Reporting and Summarization

Chapter 13: Visualizing Log Data

Chapter 14: Logging Laws and Logging Mistakes

Chapter 15: Tools for Log Analysis and Collection

Chapter 16: Log Management Procedures: Escalation, Response

Chapter 17: Attacks Against Logging Systems

Chapter 18: Logging for Programmers

Chapter 19: Logs and Compliance

Chapter 20: Planning Your Own Log Analysis System

Chapter 21: Cloud Logging

Chapter 22: Log Standard and Future Trends

What Can I Learn From This Book?

Simply put: There really is a lot to learn about logging and log management. From the preface, the author writes, “It used to be that system administrators perused log files to look for disk errors or kernel panics. Today system administrators often time do double duty as system administrators and security administrators. The need to better understand what to do with security log data has never been more important. Security analysts are among the group of IT professionals who must also keep up with log analysis techniques. Many seasoned veterans have learned under “trial by fire” mode. This books aims to distill down what many people have taken years to learn by presenting material in a manner which will allow you to understand the concepts quickly.” I’d say this passage is a great summary of the book. If you deal with security (and I know you do) I’d recommend reading Chapter 17, Attacks Against Logging Systems.

Tools, Tools, Tools?

The authors described their logging methodologies but the book is not organized with a dedicated chapter on tools per se; this is probably by design since the tools are interspersed where they make sense. The print edition features a well done index and eBook editions will allow search.

Summing It All Up

There’s just not much out there in terms of books dedicated to the art and practice of logging. Bejtlich has two very good books (The Tao of Network Security Monitoring and The Practice of Network Security Monitoring: Understanding Incident Detection and Response) but both are narrowly focused on security issues. Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management is not only a worthy read but deserves a place in your IT book collection.

What I’d Like To See In The Next Edition

More emphasis on Windows and mobile platforms. More comprehensive coverage of Security Information and Event Management (SIEM) systems and cloud logging and correlation services (i.e., Loggly, Splunk, etc.). Note: There is one very short example of transporting logs to Loggly. I think an analysis of Return on Investment (ROI) for the various cloud services is also in order. Checklists the sysadmin can rapidly implement. A chapter on the pitfalls and pleasures of logging for digital forensics. Better yet, a companion book dedicated to using logging specifically for digital forensics examiners. A more affordable Kindle edition (only $1.50 less than the print edition at the time of this writing) would also be welcome. Proof-reading! Finally, the author should incorporate some of the tools available on his personal blog into this book (refer to http://chuvakin.blogspot.com/2010/11/log-management-tool-selection-checklist.html)!

Where Can I Find This Book?

You can find the book at O’Reilly website at http://shop.oreilly.com/product/9781597496353.do or Safari Books Online at http://techbus.safaribooksonline.com/book/networking/9781597496353

Ubuntu on the Desktop, Day 2

Ubuntu on the Desktop, Day 2

Encountered my first hurdle, if you will using Ubuntu on the desktop. Adobe F-l-a-s-h. Seems FireFox needs Flash to properly render the Ubuntu One Music site. Despite multiple clicks and tries, I couldn't get to a screen that would allow me as a poor little user to install the proper Adobe Flash plugin.

Ok Linux, I was thinking you'd throw me a hard one.

Time to dust-off the ol' terminal fu-skills.

Here's how I "solved" my f-l-a-s-h dilemma. Your mileage may vary:

- Login as "root"

- Launch a terminal session (keyboard shortcut, Ctrl +Alt +T)

- Type "sudo apt-get install flashplugin-installer" without the quotes and press the Enter key

- Launch Firefox to confirm Flash Player by visiting http://www.adobe.com/software/flash/about/

Nice, Linux!

Using Ubuntu on the Desktop

Using Ubuntu on the Desktop

So I've decided to make a concerted effort to use Linux on the desktop.  Why not Ubuntu?  Heading over to Ubuntu's website, two offerings for the desktop are available:  12.04 LTS or 13.04 9 (for those wanting the latest features). Of course, I want the latest features!

The ISO download at 794MB goes pretty quickly.  I fire it up in VMware workstation, creating a new VM using the default selections with dual core processor, 2gb ram and 20GB allocated disk space.

Soon enough, Ubuntu finished its' install routine and I was up and running.

First, I signed-up for the free Ubuntu One cloud service, to automatically sync between my Linux desktops.  It's actually billed as the, "the personal cloud that brings your digital life together! With Ubuntu One you can: Backup and sync all your documents, files, music and photos across your devices; Access them from anywhere; and get 5GB of storage for free" Ok. With that in mind, I'm eager to see if the hype is true.  

Next up was to check to ensure I had the latest version of all my software.

After setting my TimeZone parameters, my thoughts turned immediately to thinking, hey this Linux stuff is pretty cool, but what about the applications? Everyone knows Linux has no "real" software for getting work done, right? That's why we all use Microsoft Windows isn't it? I was pleasantly surprised to find a full-fledged Office Automation productivity suite, in the form of LibreOffice.

For system monitoring, Ubuntu has a nice built-in app to stay on top of CPU, Memory and Network utilization areas. Very cool.

Finally, I do a lot of work by remoting into various workstations and servers. Would Ubuntu support this requirement. Unequivocally, Yes. 

I'll close this first post by summarizing the Ubuntu setup and configuration process as very easy. There is no reason why the average tech enthusiast shouldn't be using Linux on the desktop in 2013.

How to Clear Windows 7 Virtual Memory Pagefile at Shutdown

How to Clear Virtual Memory Pagefile at Shutdown

Data resident in your virtual memory pagefile is a security risk, especially if you dual boot your PC with more than one operating system. By forcing Windows 7 to clear your pagefile, you have a more secure computer and there will be no leftover information in your pagefile to slow you down. In fact, many people report a generally better Windows 7 experience when they start each session with nothing in virtual memory.

To force Windows 7 to clear the pagefile at shutdown, login using an account with admin privileges. Then, click on Start > All Programs > Administrative Tools > Local Security Policy. This opens the Local Security Policy options window.

In the left pane, click on the Local Polices Folder and then Security Options folder. This displays a variety of local computer security policies for your PC.

In the right pane, locate an option titled Shutdown: Clear Virtual Memory Pagefile. Right click on this option and choose Properties.

On the Local Security Setting tab, choose the Enabled option. Click the OK button.

Now every time you shut down Windows 7, your PC’s virtual memory pagefile will be cleared of all data.