All posts by redmad

Secure IIS Web Server & disable weak ciphers

Even if your website is running under HTTPS, you have to also secure SSL/TLS configuration and monitor news about new vulnerabilities and attacks, regarding SSL/TLS ,like:

In order to disable weak ciphers in Windows and secure iis web server, you have to do it through Group Policy Object Editor:
1. run gpedit.msc
2. expand Computer Configuration, Administrative Templates, Network, and then click on SSL Configuration Settings.


3. open the SSL Cipher Suite Order setting and set up a strong cipher suite order.

Or you can do it through the registry, following this article from Microsoft.

If you find it too hard to set a strong cipher suite order and disable vulnerable ciphers, you can use IIS Crypto from NARTAC SOFTWARE.
IIS Crypto is a free tool that gives you the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2003, 2008 and 2012 very easy.


After you finish, test your web server with Qualys SSL Labs Server Test. This is a free online service, which performs a deep analysis of the configuration of any SSL web server on the public Internet.

    Also check your web server compatibility with various browsers, just to be sure that you support all the browsers:

  • BrowserStack
  • modern.IE

Related Links:
Guide to Deploying Diffie-Hellman for TLS
SSL Labs SSL/TLS Best Practises
Hardening Windows Server 2008/2012 and Azure SSL/TLS configuration

Create your own XBMC Media Center using a Raspberry Pi


Use a Raspberry Pi to build your own XBMC Media Center

Raspberry Pi provides output in 1080p H.264 video and it is one of the best media players you can have in order to use XBMC.

One of the lightest and fastest Operating System that you can use on Raspberry Pi is OpenELEC, which is built specifically to run XBMC.

What you will need:



  • 1. Insert your SD card into your SD Card reader and then insert your SD Card reader into your System.
  • 2. Download and extract Win32 Disk Imager
  • 3. Download and extract the latest OpenELEC Image
  • 4. Run Win32 Disk Imager and follow the screenshots


4a. Open the OpenELEC image and verify that the drive is the correct one.

4b. Click “Write” and the procedure begins


4c. Wait until the progress is complete and then safely remove the SD card.

4d. Connect your Raspberry Pi to your TV and plug in the Ethernet cable.

4e. Power up Raspberry Pi and your done. XBMC Media Center will start in about 30 seconds!

4f. There is one step more if you want to continue and this is to recover the unused space of the SD card.
SSH to Pi with username: root /password: openelec





XBMC 13.0 Gotham Beta 2

XBMC 13.0 Gotham beta 2 fixes the issues addressed after the release of the first beta, two weeks ago.



  • Fixes the subtitle issue that the XBMC 13.0 Gotham Beta 1 has
  • Fixes XBMC playback crash on some Android devices
  • Crash on exit should be fixed on various platforms
  • more information on

First Beta release of XBMC 13.0 codenamed Gotham

The first beta release of the upcoming XBMC 13.0 is finally here. If you have tried the nightly builds it is now the time to try the beta version.


The most important features of this release, which they appeared in the nightly builds also, are:

  • Android Hardware Decoding
  • Raspberry Pi and Android speed improvements
  • Stereoscopic 3D Rendering
  • Improved Touchscreen Support
  • Improved UPnP capabilities
  • Dramatic Audio Engine Improvements
  • Settings Improvements
  • Making Subtitle Search Better
  • An Extended Python and JSON-RPC API for developers
  • and many others…

read more at XBMC 13.0 Gotham – Beta1 rises!

In order to download the beta version of XBMC 13.0 beta, visit XBMC download section and scroll down to Current Beta1 Release: 13.0 “Gotham”.

Retrieve or Decrypt Password of an application pool in IIS 8.5 or 8.0 or 7.5 or 7.0

If you have lost or forgot the password of an application pool identity on IIS, there is a very easy way in order to retrieve it.

The following procedure can be used on a server with IIS 8.5 or IIS 8.0 or IIS 7.5 or IIS 7.0.

1. Locate the application pool name from IIS Manager,

2. Run command prompt as Administrator

3. Change path to: C:\Windows\System32\inetsrv>

4. Enter the command: appcmd list apppool "apps" /text:*
note: “apps” is the application pool name in this example

5. Now you have the password, because it is stored in clear text. Remember to grant least privileges to these accounts, because the password can be easily retrieved.

PowerShell V3 Update Help

In the latest version of PowerShell, you can download and install the latest help files with the Update-Help cmdlet.


Parameter Set: Path
Update-Help [[-Module] <String[]> ] [[-SourcePath] <String[]> ] [[-UICulture] <CultureInfo[]> ] [-Credential ] [-Force] [-Recurse] [-UseDefaultCredentials] [ ]

Parameter Set: LiteralPath
Update-Help [[-Module] <String[]> ] [[-UICulture] <CultureInfo[]> ] [-Credential ] [-Force] [-LiteralPath <String[]> ] [-Recurse] [-UseDefaultCredentials] [ ]

In case you are using proxy with username/password authentication you will get this error when you try to update:

update-help : Failed to update Help for the module(s) 'Microsoft.PowerShell.Management, Microsoft.PowerShell.Utility, CimCmdlets, ISE, Microsoft.PowerShell.Diagnostics, Microsoft.PowerShell.Host, Microsoft.PowerShell.Security, Microsoft.WSMan.Management, PSScheduledJob, PSWorkflow, PSWorkflowUtility, Microsoft.PowerShell.Core' with UI culture(s) {en-US}: Unable to connect to Help content. Make sure the server is available and then try the command again.

To set proxy settings in PowerShell you can use:

import settings from Internet Explorer:

netsh winhttp import proxy source=ie

set proxy settings:

NetSH WinHTTP Set Proxy proxy-server="ProxyServer:8080"

If you are using authentication on your proxy server, try the following:

$browser = New-Object System.Net.WebClient
$credentials = Get-Credential
$browser.Proxy.Credentials = $credentials



find out more for update-help cmdlet here

HTC WildFire S – Copy contacts from Phone to Google Account

You have a smartphone and you are looking for a best practice to backup up your contacts… You can do it the traditional way, by synchronizing the phone with your computer, or do it with the modern way, back up to the cloud.

The following procedure describes the procedure on HTC WildFire S and assumes that your contacts are on phone memory at the moment, but it should be similar with most of smart phones (at least Android).

How to do this:

    1. Export your phone your contacts to SD card: [highlight]People (contacts) – Options – Import/Export – Export to SD card[/highlight]. This will create a .vcf file on your SD card, containing your phone contacts.
    2. Import the above contacts to your Google account: [highlight]People (contacts) – Options – Import/Export – Import from SD card – Google Account[/highlight] (This procedure will find automatically any .vcf file from SD card and will import it to your Google Account).
    3. Make sure that you synchronize your Google account at least once:[highlight] Settings – Account & Sync – Google – Sync Contacts.[/highlight]

Configuring Volume and Folder Quotas in Windows Server 2003 R2

File Server Resource Manager was first introduced in Windows Server 2003 R2, for configuring volume and folder quotas.

In order to install File Server Resource Manager, go to Control Panel – Add/Remove Windows Components – Management and Monitoring Tools – File Server Resource Manager

File Server Resource Manager Windows 2003 R2
File Server Resource Manager Windows 2003 R2

Continue reading Configuring Volume and Folder Quotas in Windows Server 2003 R2