Tag: Technology

One stop PowerShell script to setup Prometheus, Grafana and Windows Exporter on Windows Machine

After setting up Prometheus, Grafana over Linux host, I was approached for similar setup over Windows. That had separate set of challenges since Prometheus and Grafana projects, despite of requests in last couple of years, are not yet compatible with Microsoft Service Framework. Even official documentation proposes solution via nssm, which is another OSS project (in a way).

Though I would have created similar step by step doc for Windows, thought to do better this time and almost half day work brought us a PowerShell script, which can download almost all the latest packages (except nssm, which is not github hosted) and then proceed to configure them on the same machine. Functions to download and create services are created in a way that select set of package can be downloaded or installed as putting everything on the same server may not be good idea.

This is still not ready for production use as there might be random quirks but here we do with the complete script, which has an experiment Prometheus configuration function as well.

Continue reading “One stop PowerShell script to setup Prometheus, Grafana and Windows Exporter on Windows Machine”
Advertisement

Monitoring IT Infra with Prometheus and Grafana – Part 3

In last post, we created Dashboards for Linux nodes monitoring. Please note, Linux and Windows are not only things which can be monitored but would leave that part to figure you out in case if you have any use case.

Let’s talk about creating a Windows summary dashboard this time like below one. It’s for just one node but it would keep on scaling as more nodes added in Prometheus target config.

Continue reading “Monitoring IT Infra with Prometheus and Grafana – Part 3”

PowerShell: Script for patching Domain Servers remotely

In line with the last post on File Server inventory, here comes the another script to perform patching for Domain Servers from a remote machine.

PowerShell already has methods to perform patching on any server, where we can list what all patches are available and create a downloader to download and install them all, but a limitation to the capability is, the same can not be done remotely. As a workaround for that, we would be creating schedule task on the remote machine via the script and performing the patching via triggering that schedule task.

It would involve two scripts InstallPatches.ps1 and PatchServer.ps1, whose code I would be listing below. It would make use of c:\temp directory and would be keeping logs and scripts in the same location. Also we would need any shared location, where we would keep a copy of InstallPatches.ps1, which then would be copied dynamically over the servers during patching. I have kept script source path as “\\ABCXYZ\sources\installpatches.ps1” while it can be changed as per your environment.

Continue reading “PowerShell: Script for patching Domain Servers remotely”

PowerShell: File Share inventory of all File Servers

Managing a large infra never happens to be easy without right kind of tools and tools usually come with cost. In past Unix users used to taunt Windows users on this point as they used to enjoy many open source products and scripts which Windows users weren’t privy of. Things changed a lot since PowerShell.

Presenting you a script to have a size and permission inventory of all your shares on all file servers. Below would be the pre-requisites:

1. Names of all file servers.
2. All the file servers should have WinRM enabled (Windows 2012 servers have it on by default and for Windows 2008, winrm quickconfig may do the trick).
3. Obviously Local Administrator permissions on all File Servers, which should have permissions on shares as well.

After that just change the variable $RemoteComputers value with the name of file servers in place of dummy values placed in form of array right now. That’s it.

This script lists names of all servers (provided by you), shares on them, NTFS permissions, Size in MB, Last modified date and Last accessed date.

Continue reading “PowerShell: File Share inventory of all File Servers”

What is NFC and do we have enough reasons to excited about it?

[tweetmeme source=”nkumar_” only_single=”false”]

A discussion has started that if Google CEO Eric Schmidt’s announcement on Monday about NFC with Nexus S was a shot that Nokia should have taken many days before and if this is again a marketing failure from Nokia part. Is this a sign of weak confidence to attract vendors or the major market of Nokia (not Europe and west but Asian continent) is not ready yet to come strong on NFC?

Let’s take a look over the technology first …

What is Near Field Communication (NFC)?

As per Wiki article

Near Field Communication or NFC, is a short-range high frequency wireless communication technology which enables the exchange of data between devices over about a 10 centimeter (around 4 inches) distance.The technology is a simple extension of the ISO/IEC 14443 proximity-card standard (proximity card, RFID) that combines the interface of a smartcard and a reader into a single device. An NFC device can communicate with both existing ISO/IEC 14443 smartcards and readers, as well as with other NFC devices, and is thereby compatible with existing contactless infrastructure already in use for public transportation and payment.

NFC is primarily aimed at usage in mobile phones.

nfc

A patent licensing program for NFC is currently under development by Via Licensing Corporation, an independent subsidiary of Dolby Laboratories, while a Public, platform independent Near Field Communication (NFC) library is released under the free GNU Lesser General Public License by the name libnfc.

Existing usages in India

The same technology been under trial across the world in many areas since last seven years (even in India Delta Technologies and Citi Tap and Pay – Citibank India trialing it). Many mobile payment technologies making use of it across world including Nokia and Samsung as of now. Even VISA and MasterCard also working on it at some places.

Applications of NFC

The applications of the such a technology are plenty like Electronic ticketing, Electronic money, Travel cards, Identity documents, Mobile commerce and Electronic keys etc. Exciting for many, as it will make the life even more easier as your smart phone will be one device for all your needs, movies, internet browsing, navigation, music and now even used as a credit card or debit card.

How is it different from already popular Bluetooth technology? Limitations ..

Disadvantages over Bluetooth

  1. Lesser data transfer speeds (max 848 kbps)
  2. Shorter range (max 20 cm) than Bluetooth technology.
  3. Upcoming Bluetooth 4.0 low energy protocol will be consuming even lower power than NFC as of now
  4. NFC alone does not ensure secure communications is vulnerable to data modifications. Applications have to use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel.

Advantages over Bluetooth

  1. Almost instant connection (around 1/10 seconds) in comparison to pairing procedure of Bluetooth
  2. Low power consumption and could work (alternatively) even when one of the device is powerless
  3. NFC is compatible with existing passive RFID (13.56 MHz ISO/IEC 18000-3) infrastructures
  4. Shorter range makes it suitable for crowded area with high interferences

Not sure, if I am concluding right, but then rather than the tech itself, what’s being stressed as advantage of  NFC is the already existing infrastructure for that. I wish to remind people that NFC is not being used in secure payment methods yet, secure means encrypted ones and is very much hack-able.

In other practical limitations, it’s the requirement for compatibility with legacy deployments, including payment systems such as MiFare (used by London’s Oyster cards) which operate at 13.56MHz. MiFare and it’s ilk work over very short ranges, typically a few centimetres, and can be powered by current induced by the reader. NFC, by necessity, shares those capabilities so will operate even if the phone’s battery is dead, but that also means the transmitting at very low power, far too low to break out of a phone casing. This therefore forces NFC to rely on an external antenna to operate.

Why NFC is still half baked technology when it comes to financial usages?

The most dangerous aspects of NFC, which is being skipped while talking about easy financial applications are related to security and unfortunately most of them still open, which puts a big question mark on implementation of such a technology in financial domain at least. This been a kind of dead technology for this domain since years due to some serious limitations. Most of them were mentioned in a paper long back, PDF link here, worth reading once, mentioning a few of them here in my words…

  • Lost property
    The biggest threat to this technology is the simplest phenomenon, loosing your cell. Against the common PIN security mechanisms, NFC one is a PIN-less method, means once someone else gets his hands on your lost phone, there will be no stopping misuse of the same till you get your account cancelled from carrier. Obviously, software running on top will come up with some solution to this.
  • Eavesdropping
    There are already many methods to intercept the communication between two devices over NFC. An Open source device which is able to eavesdrop passive and active NFC communications is the Proxmark instrument.
  • Data modification/ destruction
    Data destruction is relatively easy to realize, while by complex measures one can even modify the bits of data. Though there are methods that an NFC device could employ to avoid such threats and possibilities.
  • Relay attack
    Because NFC devices are usually also implementing ISO/IEC 14443 functionality, the relay attack described are also feasible on NFC. For this attack the adversary has to forward the request of the reader to the victim and relay back its answer to the reader in real time, in order to carry out a task pretending to be the owner of the victim’s smart card. One of libnfc code examples demonstrates a relay attack using only two stock commercial NFC devices.
  • Walk off
    Once lawfully opened access to secure function or data is usually protected with time out closing on pausing the usage. Modern attack concepts may interfere despite the intention to shut down access when the user turns inactive. The distance of a successful attacker to the locus of lawfully granted access is not addressed with any of the described concepts of NFC.

 

Nokia and NFC

121057286

I was like big time surprised, when I came to know that my oldest handset Nokia 3220 had NFC back in 2004. It was actually the first commercial product including NFC that shows that Nokia is always unbeatable when it comes to adopting the latest tech and bringing to the world.

Nokia was an early backer of NFC and co-founded the NFC Forum in 2004 with the technology’s creators, Philips Semiconductors and Sony Corp. Nokia had earlier introduced four NFC models, the 3220 and companion 5140, the 6131 and the 3G 6216. These phones have accounted for more than half of NFC trials and other NFC projects held since 2005, NFC Times estimates, (see Project Database) and were some of the few available for sale.

Recently in February 2010, they were about to come up with Nokia 6216 model, which was going to be the first NFC SIM phone ever came to market and it was even notified to leading operators, but later on the idea got cancelled.

There is still a pressure from operators to bring this tech early on handset. Not from Nokia, but some of experts even say that built-in NFC inside the SIM cards would be more reasonable than a specialized phone, if the carrier really care about it.

Is NFC gonna pull the market?

While there was much talk about NFC in tech world since long, its sure been Google CEO, who should be credited for bringing it in lime light again, which was fading since Nokia delayed the commercial implementation. But what more turns the technology gonna take?

Definitely, the technology is not about the hardware only due to its current unsecure nature and sure it remains a question that should the big tech leaders put money behind this project, when it will still rely on software implementations or should look over other alternatives like China is trying with their own RF SIMs. 

Pushing NFC Technology on big scales is a risk that was once taken by Nokia in 2003, when they co-founded the NFC forum, but still after 7 years of trials across the world, we don’t see much momentum behind the technology in comparison the development in other wireless technologies like Bluetooth etc. While Nokia still taking risk around their once founded Symbian Forum, sure it stands a hard question that they should take the same risk of pushing NFC on big scales.

I don’t think that Nokia is wrong on it

I think Nokia gonna be silently putting NFC chips in all of its upcoming models and will be observing other big movements like Google’s move. Whenever they find the infra in place, they will be ready to go without doing anything as hardware will be already in place and just a software update and some negotiations will make it. Simple reasoning is Nokia can’t stand behind the name of a failures, while Google is used to face many like their Wave, Buzz etc.

What you think on it? Please tell

photo of Nitish KumarNitish Kumar

 
 

Digg This

A Step by Step Guide about Spiceworks

[tweetmeme source=”mrnitishkumar” only_single=”false”]

Wrote twice about Spiceworks, once for just introducing and once for showing a preview of upcoming Spiceworks 5.0. But I always thought that there is a vacuum, when we try to find some proper book over this great IT tool. The only resource is their very active users forum (really serves the purpose in superb way), which sure does the job, but I thought there must be something out there like step by step as well. Why to just think, when I could come up with one of my own? Here I am with a step to step guide about Spiceworks.

Introduction

Spiceworks provides a free systems management, inventory, and helpdesk software application, Spiceworks IT Desktop, designed for network administrators working in small- to medium-sized businesses.

Spiceworks IT Desktop is used to inventory, monitor, manage and report on software and hardware assets. It also includes an integrated help desk system. Spiceworks runs on Microsoft Windows and discovers Windows, UNIX, Linux and Mac OS X machines along with other IP-addressable devices such as routers, VOIP phones, printers, etc.

Spiceworks is an adware and is written in Ruby on Rails, It’s not a complete and detailed Monitoring Solution like Zabbix as of now, but it covers other aspects of your IT management that Zabbix left, in a powerful way like Inventory, events reporting like installations/ updates and complete out-of-the-box-Helpdesk segment.

What are the main features available with Spiceworks?

Here is feature list:

1. Scan SNMP Devices
2. Linux Scanning via an SSH login
3. Scan Windows Devices via WMI
4. Ability to manage your software licenses
5. Alerts on customizable definitions (eg machines with no anti-virus or low printer toner)
6. Software automatically categorizes machines into groups. eg Laptops, servers, routers etc
7. Ability to define custom devices
8. Ability to compare one machine with another
9. Ability to manage services on remote machines
10. Plugins
11. Reports
12. Network Map (Beta)
13. Helpdesk with user portal


For whom Spiceworks is designed for?

Spiceworks IT Desktop is designed for

  • IT Pros who have admin rights on their network.
  • Organizations with less than 1,000 devices on their network. It will work with more but it won’t be as fast.
  • Running on a PC. It discovers Windows, OS X, Linux and UNIX but you need to run it from only one PC on your network (which might be even just a desktop with provided resource requirements).

Advantages of Spiceworks:

Though Spiceworks integration with active directory is still a work in progress from Spiceworks community end and complete performance monitoring like Zabbix or NagiOS is not available with Spiceworks, but there are two areas, where Spiceworks is very useful for our scenario.

1. Inventory of Systems: With the changing requirements and movement of systems, it’s a hard and purely manual work to keep track of updated inventory of workstations with us in some particular campaigns as earlier it involved going PC to PC and collecting detailed profiles of workstations.

Spiceworks solves the same issue with collecting the system related info like Serial number, MAC Address, RAM, HDD, Processor, Product Keys etc from a centralized location. Though the setup requires specific changes in system firewalls, but it works for covering almost all the workstation with little troubleshooting skills. Most favorable thing is, it doesn’t works on agent-less way means it could start it work without affecting current existing scenario and without installing anything on production machines that might raise issues for any compliance.

2. Web Based Helpdesk Solution: Centralized helpdesk is a proven resource to keep the cost and quality of support optimized and after searching a lot of open source Helpdesk solutions for a web based helpdesk solution, there was no satisfactory solution matching our requirements. Most of the solutions out in market assume an IT Helpdesk person logging and assigning calls after receiving telephonic or mail based complaints as that’s a standard in most of the places.

Spiceworks was only available for free solution that provides a very flexible and customizable Helpdesk solution that could address most of the needs in our environment with continuous learning and efforts to improve it.

Installation procedure and requirements:

The Spiceworks software as a less than 25 Mb download file (as of now) could be downloaded from the www.spiceworks.com. The same executable is inclusive of all basic requirements for Spiceworks that includes the SQLite database for storing settings-n-stats and Apache web server (need to check if installations already there to avoid conflicts).

System Requirements

1. Windows XP Pro SP2, Windows Vista, Windows 7, Windows 2003 Server SP1, SP2 and R2, & Windows 2008 Server

2. 1.0 GHz Pentium III class processor

3. Minimum 1.0 GB RAM (Notice that this one is trickier as it has to cover a lot of aspects)

Browser Requirements

  • Firefox 3.0 – 3.5
  • Internet Explorer 7.0 – 8.0
  • Google Chrome

As its not always the case that you get a fresh server to install a new application, one should worry about two things with installing any of the web solution, first if its going to take the default http port 80 and if the database its going to use, already exists on the same server, you are going to install SpiceWorks IT Desktop.

Thankfully, Spiceworks goes well about both the cases. It takes port 9675 (Of course, choice is yours) for HTTP and the database used is not MySQL, but is a SQLite database.

~24 M of installation take a little while to install and greet you with a couple of questions about your network like range of IP Addresses to scan, various Windows username/ passwords details possibly across your network, ssh credentials and you are ready to scan your network for finding devices. As the very first step, it asks you to get registered with Spiceworks, which would be your one point help system and integration of your account with web resources.

There are also services related requirements on client side like WMI related services should be in running mode and firewall should not be blocking Spiceworks access. File and Printer sharing service and Remote Registry Service running on clients are the other main requirements for Spiceworks.

Working with Spiceworks:

There are two portions of the jobs that Spiceworks does in our environment and below is the details:

Inventory: The very first step to start with Spiceworks is running a Network scan from settings options. The following will be required inputs for the same:

1. It will require the credentials like Administrator passwords that are allowed to access registry of the clients and active directory info, SSH logins etc. Many times, it also requires to give local administrator auths than domain one.

2. Define the network range to scan. This has to be chosen systematically because scanning extra IPs increases overhead over Spiceworks and thus affecting other things.

3. After scanning, there must be many device mentioned in Inventory section and may be few reporting errors while scanning, which will be needed to sorted.

4. Once done with scanning all and sorting out error, you can always take a very flexible and customizable excel based inventory report based on almost every accessible info.

Helpdesk:

You have to go through http://<Server_IP&gt;:9675/user_portal to design the portal as per requirements and design preferences. For adding custom fields, there are plenty of options at the advanced setting page http://<Server_IP&gt;:9675/settings/advanced. For additional and useful customizations, there are many extensions and plugins available like we are making use of following plugins.

1. My Ticket Rules
2. My Ticket Views
3. Helpdesk only User Roles
4. Ticket Auto-Assign

After the required customizations, you can navigate to http://<Server_IP&gt;:9675/tickets for tickets being displayed there with filters like Open Tickets, Closed Tickets, Unassigned Ticket etc.

Now you have two ways; either let IT Staff lock the complaints themselves with details or even pass the responsibility to actual users themselves via portal (http://<Server_IP&gt;:9675/portal) that could be flexibly customized through (http://<Server_IP&gt;:9675/user_portal).

There are other options available with Helpdesk like Active Directory auth, so that clients could make use of their normal domain login to login into Helpdesk and many minor options in advanced pro configurations to suit the needs.

Backing up configuration:

For backing up the configuration, the settings page is on http://<Server_IP&gt;:9675/settings/backup, which defines the location for the backup and also option to schedule the backup on daily, weekly or monthly basis.

You can set it at automatic, which create a job in Windows Scheduled Tasks that will make use of the command Spiceworks.exe backup, where the exe is located at

C:\Program Files\Spiceworks\bin

The backup job creates zip files in C:\Program Files\Spiceworks\backup folder (by default) in the format

spiceworks-backup-[Vversionnumber]-[YYYY-MM-DD].zip

Restoring Spiceworks data:

There are following steps involved in restoring Spiceworks from the backup done in above way:

  • Right-click system tray and select exit (or stop the service if running as a service)
  • Verify that all Spiceworks* processes are no longer running
  • Delete the db and data directories in the Spiceworks installation folder
  • Copy the db and data folders into the Spiceworks installation folder
  • Start Spiceworks

Moving your Spiceworks installation to a new computer

If you’d like to move Spiceworks from one machine to another, the following steps will work for you:

  • Download and run Spiceworks installer on the target machine
  • Important: Use the same installation directory and port as the original installation
  • Do not complete the registration process
  • Follow the steps above to copy the data and db directories into the new installation

Troubleshooting:

Problem 1: Spiceworks not starting, unable to access.

Solution: Spiceworks is proactive over such issues and updates are smooth at 90% occasions, so in most of the scenario re-installation of Spiceworks from the same exe will restore the configurations without any loss of info, which is most clean way than messing up with the configs.

Problem 2: Scanning errors for workstations.

Solution: There might be many reasons for the same like WMI services not enabled, remote registry not enabled, auths wrong or firewall denying the access. If everything is proper then running the following batch instruction should resolve the issue in most of the cases.

Net Stop WinMgmt /y
sc sdset winmgmt "D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
Net Start WinMgmt

The above commands basically set proper permissions on WMI Management Service of the client PC and restarts the WMI Management Service. It works in most of the cases, if all above precautions are taken.

One can make a batch file to run on problem PCs locally or remotely via using XCMD application to access the command prompt of the remote PC from a central location.

Problem 3: User not able to login into Helpdesk. Login failed.

Solution: This may happen due to two reasons:

1. The user has no read permissions on the Spiceworks folder of the server

2. The user’s LAN ID is restricted to login on some specific workstation and so denied login over other workstations.

Solution for the first is to provide read permissions to authenticated users on the following folder

C:\Program Files\Spiceworks

Solution for the second is to adding Server’s name in Logon To field of problematic LAN ID.

So, this is just a naive guide from my side, but I hope that it will help the people, who wants to know, wants to start with Spiceworks. Welcome friends.. let’s spice up the IT.

photo of Nitish KumarNitish Kumar

 
 
 

Restricting Browsing with Mozilla Firefox for Business Scenario

[tweetmeme source=”mrnitishkumar” only_single=”false”]

Its been long that I kept on thinking over starting a series on System admin tips & tricks that will not only facilitate my colleagues on workplace, but also for people looking out for a systematic dummies\ scratch level info in the same era.  But as these technologies and the way most of the workplaces are, it remained a due always …. from my side..

I already have written a number of dummies posts about some of the important elements related to System administration in corporate scenario like Windows Deployment Services, robust, systematic yet simplest approach over Squid Proxy Server and it reporting and Zabbix Mentoring Server.

Today I am here to share some tips that I learned through a very knowledgeable resource; Locking down Mozilla Firefox Browser …

Why lock down? What are the dangers?

Some might question that why I am talking about locking down Firefox. but my friends in corporate scenario might well understand that some security domains require you to lock things down up to a level that may enable you only to function as much required, not more than that.

Probably a reason that corporate love Microsoft technologies, is giving the administrator proper and well documented controls over the behavior of every aspect of systems throughout the organization via one or a few centralized servers. The method used is group policy; a set of rules which control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications and users’ settings in an Active Directory environment.

browser-wars

But as you all know, this is not same with third party apps like Firefox, Chrome or Opera. In fact, Chrome and Opera could be ruled out on Business scenario due to some very know issues and that leaves with Mozilla Firefox that been very stable about speed and various ASP .Net based CRMs (very specially for Linux based dialers). If you have a Dialer Scenario on your workplace (BPOs, IPOs), then sure its a read for you as you know that why to lock down Firefox.

danger

Now, coming over dangers …

You don’t want that the agent sitting with an opened CRM may be able to copy-paste something over somewhere. You might have restricted Notepad, WordPad, Office etc and might have restricted Internet as well, but there will always be ways, as you can’t control elements of Mozilla Firefox like you been able to manage Internet Explorer.

Flaws are many for business scenario .. I am taking count of just three …

  1. If you type c:\ in Firefox’s address bar, then it redirects you to file:///c:/ and displays all the content of C:\ drive. No matters you restricted the drive access from your Domain’s Group policy. It might be scary news for any security admin, but let me tell you, its the same with Opera and Chrome as well.
    Files
  2. You can’t control history setting, auto complete in forms and minor things like that.
  3. You can’t control opening source code of some page as that doesn’t open up in Notepad or something that could have been blocked and opens up in Firefox’s own reader.

What can you do about it? How to start? What practices to be followed?

Before starting, let me tell you one thing. Its not going to be some centralized management like you have in case of Internet Explorer, but you can have your ways, only if you use standard build all over and restrict user rights for installing and even updating anything.

You will create a standard build by installing updated Firefox with required add-ons and then distribute the same folder all over by replacing existing Install folder in program files.

 

The steps to restricting Access to Local Drives

First install updated Mozilla Firefox somewhere and then perform the following over the same.

  1. Open "c:\program files\mozilla firefox\chrome\browser.jar" in a zip program
  2. Browse to "content\browser" and extract "browser.js"
  3. Open "browser.js" in a text editor
    ( Note Notepad loses the formating, so open "browser.js" in firefox, select all, copy to notepad. >right click on .jar file > open with 7zip)
  4. Go to browser.js and drag it to the desktop. then drag the file from the desktop into firefox to edit (because notepad is crap and screws up the spacings). In Firefox select all and copy the text into notepad, to retain the correct spacing. Edit the file and save the file in notepad as browser.js Now drag that file back into 7zip (the overwrite the browser.js) and click close.
  5. Locate the line "var location = aLocationURI ? aLocationURI.spec : "";" (Applicable to v3.6 only)

    Save "browser.js" and copy back into "browser.jar" in the zip program and save "browser.jar"

    Add (below the above line): 

if (location.match(/^file:/) || 
location.match(/^\//) || 
location.match(/^resource:/) ||
(!location.match(/^about:blank/) &&
location.match(/^about:/))) {
loadURI("about:blank");
}

This should now load a blank page when you try to go to a "about:" page, try opening "file/ / /c/" and also "c:"

You can just copy the firefox directory (c:\program files\mozilla firefox) to the machine you want to run it on and create a shortcut it. Also set permissions on the "Mozilla Firefox" directory for students as allow "Read & Execute", "List Folder contents" and "Read" only.

Note: There are options to control Firefox more closely via C:\program Files\Mozilla Firefox\defaults\profile\chrome\userChrome.css, but as I am not able to get them working exactly in way I want to, so not posting about that right now. Will post sometimes later on.

 

Programming ASP .Pages or other web pages in secure ways

So, you have solved the biggest trouble, access to local drives, now what about copy paste and viewing Source Code?

Might cause some frustration among end users, but if you are really that serious about security then the option is to restrict usages on Ctrl, Right Click keys on page and also Copy/Cut/ Paste options.

Two ways to do the same..

ASP .Net way – Use the following code on your ASP Page to restrict copy/ cut/paste/ right click

<asp:TextBox ID="TextBox1" runat="server"

oncopy="return false"

onpaste="return false"

oncut="return false"

oncontextmenu="return false;">

</asp:TextBox>

JavaScript way – For people familiar with JavaScript, this is the another way and this also gives the user a pop-up message if he\she did pressed the restricted keys\ key combination.

<head runat="server"> <title>Untitled Page</title>

<script language="javascript"> function DisableRightClick(event){

//For mouse right click

if (event.button==2){ alert("Right Clicking not allowed!"); }}

function DisableCtrlKey(e){ var code = (document.all) ? event.keyCode:e.which;

var message = "Ctrl key functionality is disabled!";

// look for CTRL key press

if (parseInt(code)==17){ alert(message); window.event.returnValue = false; }}

</script></head>

Note: you can place this function to MASTER PAGE, if we want this into many different pages. Now we have to call this function into our pages, using this coding

<body><form id="form1" runat="server">

<div><strong>Right click disabled</strong> textbox<br />

<asp:TextBox ID="TextBoxCopy" runat="server"

onMouseDown="DisableRightClick(event)"> </asp:TextBox><br />

<br /> <strong>Ctrl key </strong>disabled<br />

<asp:TextBox ID="TextBox2" runat="server"

onKeyDown="return DisableCtrlKey(event)">

</asp:TextBox><br /><br />

So, this was for now.. I will be updating more, once I test more methods to restrict the Firefox security options. Note that any update to Firefox will wipe of any changes you made to browser.jar, so its dead essential that you ensure that user might not have permissions to update Firefox. Watch out for security rights as well.

photo of Nitish KumarNitish Kumar
https://nitishkumar.wordpress.com
http://scifireviews.wordpress.com
http://nitishkumarsays.blogspot.com

Now you can read updates from this blog delivered directly to your Nokia Smart Phone, download it here

Digg This