Sunday, July 21, 2013

How to filter MAC address in windows (DHCP)


This is a feature I have been waiting for way too long. Up until today if you wanted to
have some control over who is entitled to receive an IP address from your DHCP you
either had to configure reservations (for each of your systems) or had to use some lower
level device to filter out unwanted systems.Finally that is over now.

The Microsoft DHCP team has posted a new DLL called "DHCP Server Callout DLL" on their blog.
This DLL can be used on Windows 2003 and Windows 2008 DHCP servers to limit the scope of
systems entitled to receive an IP address from the server based on their MAC address.

To install it you need to download the installer and run it.

Once the installation completes you will have to new files in your %windir%\system32 directory:


The first file provides documentation (installation and usage) while the second file is the DLL needed
to enable the functionality.

Installation and Configuration

  • Create a new directory ,basically anywhere but I would recommend to create under the DHCP
    service directory: %windir%\system32\DHCP . Give it an informative name such as MACFilter.
  • Copy both files to the new directory (Once copied, you can safely remove the application using
    Programs and Features).
  • Create a new text file under the new directory called: "MACList.txt"
  • Add the following Registry keys to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DHCPServer\Parameters:
  • Please note, that you have to specify a full path for the log files including filenames (they will be create
    automatically when the DHCP service is started).
  • Before you start using the feature make sure to edit the MACFilter.txt file using the following format which is
    self explanatory:
  • Basically when choosing the ALLOW action, the server will provide IP addresses only to the systems that have their
    MAC addresses listed,while the DENY action will prevent the listed systems from getting an address. The MAC addresses
    should be listed without a delimiter and all lower case.
  • To enable the feature you have to restart the DHCP service. If successfully started the following event(1033) will be logged:


Once it is started you don't need to meddle with it. the following screenshot shows you what happens networking-wise
when a specific host is denied:

Which is basically nothing- The DHCP server simply doesn't respond.

As for the logs, they will help you determine what is happening. If you would like to archive your logs you will need to
provide a mechanism as at every restart the logs are recreated.




Wednesday, July 17, 2013

How to Easily Reset a Computer Back to a Clean State

When you’re managing a public computer, you need a special kind of tool. You need a way to reset that computer back to a clean state every time it boots so no one can make any harmful changes.

Commercial solutions like Deep Freeze offer this feature, and Microsoft once offered it via its Windows Steady State tool for Windows XP and Vista. However, Windows Steady State has been discontinued and doesn’t work with Windows 7.

We’ll be using Reboot Restore Rx for this, as it supports both Windows 7 and Windows 8.Steadier State is another solid option, but it only works in Windows 7, and even then only with Windows 7 Enterprise and Ultimate.

Installing Reboot Restore Rx

Before installing Reboot Restore Rx, be sure that your system is in the clean state you want to “freeze” it in. Install the software you want, update it, arrange the desktop, and do everything else you need to do. Of course, you can temporarily disable Reboot Restore RX to update your system state later.

While installing Reboot Restore Rx, you can select the partitions you want to restore at reboot. This allows you to have a separate data partition that won’t be touched, if you like — or you can set Reboot Restore RX to restore all your partitions.

The computer will restart to install the Reboot Restore Rx recovery environment. Whenever the computer boots, it will first boot into this environment, where the Windows drive’s state will be restored automatically before the computer boots normally. To undo any changes, you’ll just need to reboot your computer.

Preventing Users From Disabling Reboot Restore Rx

Reboot Restore RX is fairly simple to use. Its biggest problem is that it can be disabled without a password. By default, Reboot Restore Rx launches in the system tray each time you log in and provides you with a right-click option that allows you to easily disable the protection. If you’re using Reboot Restore RX to lock down a public computer, that’s not a good idea.

Your best bet is to prevent the Reboot Restore Rx icon from starting at boot by disabling it in MSConfig or a startup manager like the one found in CCleaner. If you want to disable the protection, you can then manually launch the Reboot Restore Rx application by browsing to it on your hard drive. The computer’s users could theoretically do this as well, but this provides more protection. You could even lock down the folder containing the Reboot Restore Rx  application and require special user permissions to access it, which would prevent people from disabling it even if they went out of their way to look for it.

If you need to launch it later, you’ll find the system tray program installed at C:\RebootRestoreRx\program files\Shield\shieldtray.exe

Updating or Changing Your System

Of course, you’ll occasionally want to modify your system. Whether you want to install updates, add new software, delete files, or do anything else on your computer, you’ll have to disable the feature. This is a very simple process.

  • First, disable the Restore on Reboot option from the system tray icon. If you have disabled the system tray icon, you will need to launch it manually.
  • Next, make your changes. Update your software and do everything else you want to do.
  • After you’re done, right-click the system tray icon again and select Restore on Reboot. When you do this, it will inform you that it’s making the current system the new baseline state.

Accessing the Boot Console

At the Reboot Restore Rx splash screen, which will appear every time your computer starts, you can press the Home key on your keyboard repeatedly to access a special menu. Anyone with access to the computer could theoretically do this, but they would need to know they have to press the Home key — it isn’t displayed on-screen.

You can choose to Uninstall Reboot Restore Rx from here. This will remove Reboot Restore Rx from your system.

Reboot Restore Rx isn’t the most secure and enterprise-ready option, but it’s very easy-to-use and runs on a variety of different Windows systems. Reboot Restore Rx is ideal for people who want their computers to be in the same state every time they boot and don’t want to purchase the Ultimate edition of Windows or perform a more complicated setup process, whether they’re a business with a few public computers or parents who want their childrens’ computers locked down.

Credits to howtogeek.

Monday, July 8, 2013

How to Backup the DHCP Database & Restore to another Server (both running Win2K3)


To move a DHCP database and configuration from a server that is running Windows Server 2003 to another server that is running Windows Server 2003:

  • Log on to the source DHCP server by using an account that is a member of the local Administrators group.
  • Click Start, click Run, type cmd in the Open box, and then click OK.
  • Type netsh dhcp server export C:\dhcp.txt all, and then press ENTER.

Install the DHCP server service on the server that is running Windows Server 2003

To install the DHCP Server service on an existing Windows Server 2003-based computer:

  • Click Start, click Control Panel, and then double-click Add or Remove Programs.
  • Click Add/Remove Windows Components.
  • In the Windows Component Wizard, click Networking Services in the Components box, and then click Details.
  • Click to select the Dynamic Host Configuration Protocol (DHCP) check box if it is not already selected, and then click OK.
  • In the Windows Components Wizard, click Next to install the selected components. Insert the Windows Server 2003 CD into your computer CD drive or DVD drive if you are prompted to do this. Setup copies the DHCP server and tool files to your computer.
  • When Setup is complete, click Finish.

Import the DHCP database

  • Log on as a user who is an explicit member of the local Administrators group. A user account in a group that is a member of the local Administrators group will not work. If a local Administrators account does not exist for the domain controller, restart the computer in Directory Services Restore Mode, and use the administrator account to import the database as described later in this section.
  • Copy the exported DHCP database file to the local hard disk of the Windows Server 2003-based computer.

Verify that the DHCP service is started on the Windows Server 2003-based computer.

  • Click Start, click Run, type cmd in the Open box, and then click OK.
  • At the command prompt, type netsh dhcp server import c:\dhcp.txt all, and then press ENTER, where c:\dhcp.txt is the full path and file name of the database file that you copied to the server.

Authorize the new DHCP server

  • Click Start, point to All Programs, point to Administrative Tools, and then click DHCP.
  • In the console tree of the DHCP snap-in, expand the new DHCP server. If there is a red arrow in the lower-right corner of the server object, the server has not yet been authorized.
  • Right-click the server objects, and then click Authorize.
  • After several moments, right-click the server again, and then click Refresh. A green arrow indicates that the DHCP server is authorized.

Monday, July 1, 2013

How to Create a Bootable Offline Version of Windows Defender

We’ve shown you many methods of removing viruses over the years, but now Microsoft has released a stand-alone version of Windows Defender, their own anti-malware application. Here’s how to make a bootable USB to scan for viruses.

We should point out that you can also scan your PC with a BitDefender boot disk, a Kapersky boot disk, an Avira boot disk, or even an Ubuntu Live CD, but this is one more tool to add into your toolkit.

Note: Windows Defender Offline is still in beta, proceed at your own risk.

Creating a Bootable USB

Head over to this website and download the latest version of Windows Defender Offline that matches your current system architecture.

Once the download has completed, double click on the package to get started.

When the Windows Defender Offline wizard starts, click next to continue

After you have accepted the license terms, you will be asked which type of media you will installing Windows Defender on, at this point choose to create a bootable USB.

Note: Please make sure that your USB does not have Bit-Locker encryption on it, as this will not work.

We are warned that our USB will need to be formatted before we continue, this means all the data on our USB will be lost, if this is ok click next.

Now the Definitions and files needed to make a USB bootable version of Windows Defender will be downloaded, and the USB will be created.

When Windows has finished creating the USB, you will be notified, along with further instructions.

Now the only thing that’s left to do, is boot an infected PC from the USB and initiate a scan, which is exactly the same as if you were to do it from within Windows. If you wanted you could also create a bootable CD\DVD, or even create an ISO file which can later be burned to disk. Regardless of the media you use to create your installation, this should definitely be added to your PC toolbox.