A little something about everything

internet marketing and website development made simple..

Exploitable LDAP server used for an attack: Microsoft Active Directory / Exchange Server

You've just received notice that your Active Directory server is being used as part of a wide scale dDoS attack. Here is how you can fix it.

Go to the firewall settings on the active directory server or reported server IP and look for the following rules.

  • Active Directory Domain Controller - LDAP (TCP-In)
  • Active Directory Domain Controller - LDAP (UDP-In)
  • Active Directory Domain Controller - LDAP for Global Catalog (TCP-In)
  • Active Directory Domain Controller - Secure LDAP (TCP-In)
  • Active Directory Domain Controller - Secure LDAP for Global Catalog (TCP-In)

For each of these alter the rule by choosing the Scope tab and entering only IP addresses that should have access to LDAP information. For example, Microsoft Exchange Servers within your network that need access to LDAP.

For assistance securing your network or if you are looking for hosted exchange services check out Area51.mn.


How to setup VPN for mac/apple PCs

This is a quick guide on how to get a VPN up and running on a mac PC

  • From the main "Apple" menu choose "System Preferences" then "Network"
  • Now select "+" button, then use the "Interface" drop down to choose "VPN"
  • Use the "VPN Type" drop down to choose "PPTP" or "L2TP", you can also choose a name for this connection if you would like. Then choose "Create".
  • Choose the VPN from the list of option in the network connection window to complete the server address and account name
  • Choose "Authentication settings" to enter your credentials the choose "OK"
  • You can now click the connect button to connect to the VPN, and choose "Show CPN status" if you would like to appear on your menu bar.


Performance enhancements for IIS 8

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxCachedFileSize (REG_DWORD) | Suggested: 16777216 Decimal

This registry key is used by the file cache to determine the maximum size of a file that can be cached. The file size is in bytes. The default value of this key is 256 KB. If the file size is greater than 256 KB, the file cannot be cached. 

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxCachedFileSizeInMB (REG_DWORD) | Suggested: do not specify unless you need to cache files larger than 4GB.

The value of the MaxCachedFileSize registry key is the maximum file cache size in bytes. This registry key value cannot be set to more than 4 GB. You can use MaxCachedFileSizeInMB to set the maximum file size to cache more than 4 GB. If both MaxCachedFileSizeInMB andMaxCachedFileSize are defined, the effective maximum cached file size is the sum of both values. The default value of MaxCachedFileSize is 256 KB. If you define only the value of MaxCachedFileSize, the effective maximum size increases by 256 KB.

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MemCacheSize (REG_DWORD)

This registry key specifies the maximum amount of memory that a file cache in a worker process uses. The default value for this registry key is 0. The default value specifies that the cache size is determined dynamically. This registry key tries to estimate the available physical memory and the total virtual memory. If you set the value for this registry key to 0, the length of time in seconds that objects are held in cached memory is adjusted to the value in the ObjectCacheTTL registry key.

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ObjectCacheTTL (REG_DWORD)

The user mode file cache and the kernel mode output cache use this registry key. Both the caches run a scavenger operation for every ObjectCacheTTL seconds.

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\UriMaxUriBytes (REG_DWORD) | Suggested: 16777216 Decimal

The maximum size of an entry in the kernel-mode cache. Responses or fragments larger than this are not cached. If you have enough memory, consider increasing the limit. If memory is limited and large entries are crowding out smaller ones, it might be helpful to lower the limit.

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\UriScavengerPeriod (REG_DWORD) | Suggested: 600 Decimal

The HTTP.sys cache is periodically scanned by a scavenger, and entries that are not accessed between scavenger scans are removed. Setting the scavenger period to a high value reduces the number of scavenger scans. However, the cache memory usage might increase because older, less frequently accessed entries can remain in the cache. Setting the period too low causes more frequent scavenger scans, and it can result in too many flushes and cache churn.


Other registry entries to take note of:

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\UriEnableCache (REG_DWORD)

A non-zero value enables the kernel-mode response and fragment caching. For most workloads, the cache should remain enabled. Consider disabling the cache if you expect a very low response and fragment caching.

HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\UriMaxCacheMegabyteCount (REG_DWORD)

A non-zero value that specifies the maximum memory that is available to the kernel-mode cache. The default value, 0, enables the system to automatically adjust how much memory is available to the cache.

Note Specifying the size sets only the maximum, and the system might not let the cache grow to the maximum set size.


Taking a step past general SEO campaigns: Organic Online Marketing (OOM)

When simple content and keyword changes just aren't enough then you know its time to step up your game for client acquisition. One could write a whole book in the process but lets just keep this simple.

Organic Online Marketing (OOM)

  1. The first step to proper OOM is to create valuable content for your website so search engines will index your online presence with specifically targeted language. With every new properly written article or content piece, you've increased your online presence and keyword quality scores.  
  2. In addition to quality content such as case studies, practice areas and how to pages; adding relevant photos and video will add additional value to your web presence. This is essential to help convey to your clients the professionalism and knowledge your company has on the topic, leading to a higher conversion of the potential clients that visit your online presence. 
  3. Clients now recognize the value in additional functionality; such as secure user areas for communication, helpdesk, FaQ, chat, online diagnostics, tools or other such features; over a "simple website" with a list of services and a form of contact. 

Call 507 536-9556 if you're looking to take your web presence to the next level and I will be happy to discuss with you how your web presence can rise to the top of this ever changing marketing venue. Our clients generally see a 7/1 ROI from marketing campaigns created and managed by us.

Shawn Hyde is the Owner of Area51.mn, a Minnesota based IT, Internet marketing and design firm founded in 1998.