Reinsel Kuntz Lesher, LLP

Outline Overview netstat -an (-ano will give the PID) ftp

bin mget mput

telnet telnet bobm.us 25

helo mail from:name@address rcpt to:enduser@address data

attrib +h +r +s

subst /d

net view tree ipconfig/flushdns systeminfo

uptime computer model and s/n Nics

dir search dir win*/s/p

Snagit Samurize

Applications I carry on a USB Stick Applications I have installed All are free or FOSS

Opens most zip archives Very Small Nice shell integration Better compression Tar / tgz in windows

Displays Information about CPU / Memory http://www.cpuid.com/cpuz.php Very Small No Installer / Portable Can check DIMM Size

Displays Information about Graphics Cards

http://www.techpowerup.com/gpuz/ Very Small No Installer / Portable Can check video memory

Very small (15k) Portable Only need MAC Address http://www.nyxbull.com/

Portable Auto – Updates Kills rootkits to allow other software to

run http://combofix.org/

Wireless Network Sniffing Windows 7 Compatible http://www.metageek.net/products/inssi

der Display SSID Display S/N

Network Scanner Shows open ports on remote systems www.insecure.org

Provided free from sysinternals http://technet.microsoft.com/en-us/sysi

nternals/bb896653.aspx Lets you see image path Advanced views Portable

Ability to do photo retouching and layers freely

Small Footprint http://www.paint.net/

Color codes tags for many formats http://notepad-plus.sourceforge.net/

uk/site.htm Tabbed display Side by side views

http://www.microsoft.com/genuine/selfhelp/PKUInstructions.aspx

Windows XP Change Keys Easy

Allows recovery of product keys http://magicaljellybean.com/keyfinder/ Small & Portable

Disk Cleanup on Steroids Cleans up all sorts of temp files Registry Cleaner Auto-Start Checking www.ccleaner.com

Easily clip small parts of the screen Save to multiple file formats

http://isorecorder.alexfeinman.com/ Allows for burning of ISO images easy Small install Windows XP

I am *always* looking for new tools!

Two technologies that can be used to manage

Free Drop in replacement for cmd prompt

Powershell 2.0   Requirements                 -Windows Management Framework

(Includes)                                 -Windows Remote Management                                 -Windows Powershell 2.0                                 -Background Intelligent Transfer

Service (BITS) 4.0   The powershell team added approx. 100 new

cmdlets

  On systems that you want to remotely execute powershell commands

without interfacing WMI, you need to enable WinRM through powershell.  To do this, run the following command:

  Enable-psremoting   To disable run:   Disable-psremoting   To run a command on a remote machine that is fully running and

accepting WinRM access, you can use the invoke cmdlet to execute scripts and/or commands like the following:

  Invoke-Command –ComputerName “Remote PC” –ScriptBlock {get-

hotfix}

Also, you can download the Quest AD cmdlets from the following site http://www.quest.com/powershell/activeroles-server.aspx which will allow you to query AD for specific objects and/or attributes.

  For example, in your default Powershell profile script, you need to add the

following………………….”Add-PSSnapin Quest.ActiveRoles.ADManagement” to the top of your profile script before you run any commands.

  Then you can create a function similar to the following………..       \\creates the command to run from the shell   function ext ($user) {                 $user = read-host "Enter Part of Name or extension"                 $final = "*$user*"                 get-qaduser -DisplayName "$final" | select DisplayName }

Network Inventory Network Management Ticketing System Custom email notifications