Monthly Archives: November 2014

BitLocker without TPM

Posted on by
Reply

Most people know BitLocker can be enabled only if there is Trusted Platform Module (“TPM”) on a motherboard. However, we can use the BitLocker without TPM chip. Here is a manual.

TPM, Trusted Platform Module

TPM, Trusted Platform Module

  1. Press “Windows+R” at the same time on your keyboard to start the Run command line.
  2. Type “gpedit.msc” and click OK.
  3. A new window will be opened.
  4. Click on Administrative Templates under Computer Configuration
  5. Double Click on Windows Components in the right window.
  6. Double Click on BitLocker Drive Encryption.
  7. Double Click on Operating System Drives.
  8. Double Click on Require Additional Authentication at Startup
  9. A new window will be opened.
  10. Click “Enabled”
  11. Click OK and close the window.

Now you are ready to use BitLocker for your drives.

  1. Right Click on C or any drive in Computer folder.
  2. Choose Turn On BitLocker
  3. Follow the Steps

If you want to know whether your system has a TPM on Windows, you can check it out on Trusted Platform Module Management (tpm.msc)

Change Linux timezone

Posted on by
Reply

If you want to change Linux system timezone such as CST, KST and so on, follow following steps. But, you should know the string of timezone you want to change. You can search at this site – http://www.timezoneconverter.com/cgi-bin/zoneinfo

# Confirm current setting information of the system about timezone

$ date
$ cat /etc/timezone

# I gonna to change it’s timezone to CET and synchronize
$ echo “Europe/Luxembourg” | tee /etc/timezone
$ cat /etc/timezone
$ dpkg-reconfiure —frontend noninteractive tzdata

# Check if the value is changed
$ date

 

Export Win Tasks List to CSV

Posted on by
Reply

If you want to check all of Windows Task Schedulers at a glance, you can do this by using schtasks.exe which is a Windows default system program in C:\Windows\System32\.

C:\> schtasks.exe /Query /FO CSV /V > %COMPUTERNAME%_%DATE%_schtasks.csv

Once you set /FO option as CSV format, you can read this result by Excel. And you can see the title of each column if you use a /NH option.  Here is a sample about the columns.

  1. TaskName
  2. Next Run Time
  3. Status
  4. Logon Mode
  5. Last Run Time
  6. Last Result
  7. Author
  8. Task To Run
  9. Start In
  10. Comment
  11. Scheduled Task State
  12. Idle Time
  13. Power Management
  14. Run As User
  15. Delete Task If Not Rescheduled
  16. Stop Task If Runs X Hours and X Mins
  17. Schedule
  18. Schedule Type
  19. Start Time
  20. Start Date
  21. End Date
  22. Days
  23. Months
  24. Repeat: Every
  25. Repeat: Until: Time
  26. Repeat: Until: Duration
  27. Repeat: Stop If Still Running

Especially, I focus two columns, “3. Status” and “14. Run As User” in terms of incident response.