Binary Trade | Casino Live Online

Part 2: Tools & Info for Sysadmins - Mega List of Tips, Tools, Books, Blogs & More

(continued from part 1)
Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.
IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.
RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."
Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.
Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.
exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab describes it as "'ls' on steroids, written in Rust."
rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."
Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.
LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."
aria2 is a lightweight multi-source command-line download utility that supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. It can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Recommended by jftuga, who appreciates it as a "cross-platform command line downloader (similar to wget or curl), but with the -x option can run a segmented download of a single file to increase throughput."
Free Services
Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."
Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a serverouter with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."
Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."
JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!
ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.
Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."
Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!
ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."
Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!
Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.
Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years."
Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."
EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.
Hardening Guides
CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."
Podcasts
Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.
This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon.
Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.
Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."
The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.
The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.
Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.
The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."
Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."
Books
System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance.
Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.
Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.
Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.
Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.
The Practice of System and Network Administration, 3rd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.
Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.
Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more.
DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"
Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.
Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.
Tips
Here are a couple handy Windows shortcuts:
Here's a shortcut for a 4-pane explorer in Windows without installing 3rd-party software:
(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.
Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."
This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."
Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."
To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. Thanks to abeeftaco for this one!
Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser. Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."
Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page. Thanks to wpierre for this one!
This tip comes from anynonus, as something that daily that saves a few clicks: "Running a program with ctrl + shift + enter from start menu will start it as administrator (alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"
Building on our PowerShell resources, we received the following suggestion from halbaradkenafin: aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
Keyboard shortcut: If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin. Thanks go to Polymira for this one.
Remote Server Tip: "Critical advice. When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself. This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time." Thanks go to FrigidNox for the tip!
Websites
Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.
Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.
High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.
Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub.com. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."
SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."
Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."
A Slack Channel
Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.
Blogs
KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.
The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.
An Infosec Slideshow
This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."
Tech Tutorials
Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.
The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.
SysAdmin Humor
Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!
Have a fantastic week and as usual, let me know any comments or suggestions.
u/crispyducks
submitted by crispyducks to sysadmin [link] [comments]

bones' word wall - "it's called word wall for a reason" edition

greetings, i'm bones, the aggro/midrange player of TESL and i have a few things i wanna talk about. They directly correspond to, like, practically every complaint i hear recently, especially in relation to gameplay. It's worth noting that some of these can't be blamed on our current developers, Sparkypants, because they come from darker times of neglected client, so don't go shopping for pitchforks for the amount of stuff that'll be covered in this post, but with that said, let's go through this stuff, one by one.
I want to divide this post into 3 sections:
  1. Client design (where i'll also put UI related nitpicks because there's a few of them)
  2. Core mechanics design
  3. Card design
i'll make the subsection names pretty bold so if you're interested in only one specific part feel free to scroll down to the section of your choice
starting with

1. CLIENT DESIGN

I can't say anything objective about aesthetics - to each their own. Personally, the game looks much better now than it did in the old client. Loading times have been overall much shorter and that applies both to transitions between menus and switching pages in collection. Clickables on the board, while completely unnecesary, are a nice addition to the overall "feel" the game gives. The way cards look now in comparison to the old client are, again, a subjective matter, but I've grown to like them quite much, especially things like Premium Legendary Guards, they look stunning on the board. Long story short, the game LOOKS damn fine, at the very least for me. That includes the animations that cards have.
However, the speed of these animations, not all of them - mostly ones that occur multiple times per turn, depending on the deck, like Fifth Legion TraineBruma Armorer buffs on creatures played in quick succession, Bruma ProfiteeNecromancer's Amulet in similar instances, Galyn/Ungolim/Therana shuffling cards to the deck, Relentless Raider dagger (in Wispraider), cost reduction animation (for abomination scout and leafwater OTKs), Piercing Twilight banish (control decks), even something as recent as multiple instances of Training Grounds - is abysmally slow, they make the whole game feel like it's covered in some gluey substance or, in case of the new playmat, that the action takes place underwater. I know that devs are aware of it, because it's been pointed at several (dozen) times already and in Patch 2.7 they have taken a step towards fixing it - namely buffs/heals happening for cards that summon multiple creatures occur at the same time. Baby step in what to us feels like an easy solution (just replicate what was happening on direwolf's client), however i can't discredit a step being taken. Some of the decks are practically unplayable on the ranked ladder because of the animation speed, like the old terror called Nix-ox Telvanni. Figured I'd put it here mostly to keep everything I hold against the game altogether contained in one spot.
Then there comes the issue of when a card becomes interactible (for a lack of better word). By which I don't mean how good the card is, but rather the timing in between what occurs in the game. Here are two examples that I know of to illustrate the issue better:
In first case the problem is minimal, but there is a tiny chance to screw you over. In second case, it's actually pretty big, because that and animation speed makes this OTK (and many others) much slower.
Amongst other things that devs know is the issue of not being able to check your discard with a selection box present (like the one Mudcrab Merchant, Merchant's Camel, Indoril Mastermind, etc. give) which is pretty important for control decks, especially considering deck tracker is still absent. But while we're at clicking discard pile icons... How about being able to click the Deck icon to see what's in your deck? An option to view your deck is already there in Laaneth, so I can't imagine there's too much coding that needs to be done to actually implement being able to view your deck's contents.
Halfway through Heroes of Skyrim, for some reason we got buttons to remove and copy a deck in the collection menu... while simuntaneously the same options were taken away from the specific deck's menu. It's a very tiny thing, but I reckon it'd be nifty to have deck code, copying and removing deck button somewhere on the deck screen as well. By no means a high priority thing, but i thought i'd mention it nevertheless.
There have been personal issues with TESL i've been facing on both Steam and Mobile clients. On steam the game slows down a LOT just before the game starts, while server registers i'm in a game. This causes me to, often, miss mulligans. It's more likely to be on my end, but no clue what causes it. On mobile, when building a deck, clicking on an attribute once only highlights said attribute for some reason. Again, nitpicks, but I want everything gathered in one spot.
This is something that I'd call more of a wishful thinking than an actual complaint - Something as simple as being able to highlight (just to keep tabs on it) a card in opponent's hand, without revealing it obviously. This would be helpful with things like remembering Galyn target, a card that Thieves Guild Shadowfoot stole or just keeping a tabs on Tome from Daggerfall Mage or Dagger from Crown Quartermaster. With this inclusion, an option to sort cards in your hand would become available. Necessary? Nah. Priority? Fuck no. Would it be welcome? Maybe? Idk, that's more like a personal suggestion.
I feel like there should be more options for friendly matches. Since there's no reward for winning or losing them (at least not in any internal way), these would be very welcome for customization - Picking lane effects, who gets the ring when challenging, some sort of toggle for an option that allows you to draw specific cards to make testing interactions or bugs far easier, something that lets a player (or both players) see both hands to make coaching/explaining much less of a hassle in a stress-free environment - just to name a few things that come to mind.
Last, but not least, very undertalked issue. Logs. They are very uninformative. I don't think I've ever seen worse logs, sorry guys. Being limited to only 8 last events, which includes minor things like a buff happening is seriously terrible. Not only does it keep information away from each player, it comes with incredibly small amount of information. For example, when your opponent plays an item, you don't get the information whether it's from their deck or was it an item obtained via Gardener's Harvest. Another example is the card Shadowfoot stole - because it's not a copy generated by anything, logs leave no indication about the card's origin. But that's not all the issues this uninformative log causes - bug reports are much harder to actually verify! We're not ideal, we sometimes misremember things. Or sometimes things can't be logically explained. Take this for example - I somehow kept the ward on a creature after attacking with it. I have no bloody idea how did that happened and logs only tell you as much as you can see - Ordinator was placed down and opponent passed the turn, then I equipped Battlemace on Wardcrafter, swung into the Ordinator and was left with a 6/1 with Ward.
Keep in mind, I don't even wanna mention things like Decktracker and such. They'll be there when they'll be there. However, there's something that rubs me the wrong way about... Tournament Mode. You know, this thing. It's been 9 months since we've seen these two teasers, but ever since that it's been radio silence about Tournament Mode. I can understand priorities like honing the client and stabilizing expansion releases, but to tease something that community has anticipated for a good while and not have anything to show to us other than "we're working on it" is really a big let down that is worth pointing out. On a similar note, we really could use Gauntlets and Chaos Arena. Not only because they add tons of variety to the gameplay, but... um, i'll mention why a bit later.
I know I pointed fingers at plenty of issues, but this is still tons better than what direwolf offered, because we see improvements to the client done at a much faster rate, so kudos to the team and here's to hoping that whatever problems we have with the game right now are going to get solved relatively fast. So far I can't say the quality of the client has disappointed me. In contrary to...

2. CORE MECHANICS DESIGN

TESL's main stand-out mechanics are rather easy to spot. Let's go over them one by one:
One a field line, the other's covered in shadows. At the point of me writing this, there are only three (soon to be four HOPEFULLY) means for someone to actually play around with more lane conditions than the default two. These being Solo Arena, Story Mode and recently added Syl, Duchess of Dementia and Thadon, Duke of Mania. With how fresh in our collection these two cards are, I'm fairly certain Sparkypants will start slowly introducing more intricate lane conditions or maybe possibly using some of the existing ones. Here you can find all the conditions available in game, in case you're curious.
With two lanes come options to move between them. This, I'd say, is one thing that TESL nails. Moving is a strong mechanic and cards that enable the move are similarly potent. If a moving card isn't utilized, it's most likely due to the card itself, not because of it having means to move - Riverhold Escort, for example, isn't played because you want your guards, for the most part, to protect the lane they're in. Cliff Strider's problem is its text that prevents it from ever going face, etc. If there was one problem someone could point out with moving mechanic, it'd probably be a very small pool of cards (a total of 1!) that lets you move opponent's cards. That, however, is probably even stronger in a vacuum and should be made extremely carefully. So yeah, overall, kudos to design team, past and current (Mad Dash is very, very good as a 1-of surprise card).
Strictly attacking between lanes seems to be kept to minimum, which is fine - the lanes are there for a reason, elevating in-between lane combat to a much higher power level is a cool idea. However, there's also... idk how do I put it better, attacking creatures not strictly? This exists in two forms. Since this part is about mechanics, i'm going to focus on only one of these here - Battle. Battle allows the creature with it to trade blows with any single one of the enemy creatures on the board. Until very recently, Battle was... actually kept in a rather nice state - cards with it saw either very limited play in some decks (Ashlander Zealot in Doomcrag, Fighters Guild Steward in Rage Warrior shortly before Isle of Madness) or were solid arena picks (Cliff Hunter, Skyborn Dragon). Some were incredibly unique, like Dragon Aspect, where you battle with your face! Had we kept it that way, no one would probably notice an issue with this mechanic - it allows a creature that has just been placed on the board to instantly attack. This includes the health it gains from its Drain, any Slay effects, Breakthrough damage, and so forth. Until Isle Battle was strong, but its strength was kept on cards that required plenty of work put in to dish out results or weren't strong in a vacuum.
Then Squish the Wimpy happened.
That card is what happens when you don't realize how powerful giving any card Charge and Bushwhack effect is. And, let's be honest, it's not exactly it - you can't battle your opponent's face - but even that has workarounds nowadays, like Flesh Atronach OTK. Between Flesh Atronach OTK (cards needed in it aren't necessarily always useful, but Squish is never really bad and Flesh Atronach can be brought back from Discard Pile with Odirniran Necromancer if need be) and the amount of ways you can use Squish in Rage/Ramp Warrior (from just removing creatures, to ramping while removing creatures, to healing and stealing creatures, just healing, dishing out insane damage with breakthrough, etc.) this card elevated Battle onto godlike status. However, if you take a gander at how good Battle was prior to Isle and how good it is now, it's easy to figure out that the culprit is one very strong and flexible card that gives interaction to a class with no interaction prior to this. Because of how much power this action carries, I don't think keeping its text the way it is and just fiddling with cost is going to make it any less powerful - even Duel Atop the World, which costs 5 magicka more and its only difference is +3/+3 to the target of the action, has seen some fringe play, mostly in decks that also ran Morag Tong Nightblade.
There's one more big thing that happens between lanes that, at least I, didn't put too much attention in when looking at mechanics. Summon effects. We don't have too many cards whose summon effects affecting opponent's cards are limited to the lane they're played in (Skaven, Tiny Dragon, Cradlecrush Giant, Knight of Order, Giant Snake, Sanctuary Pet, Belligerent Giant, Mantikora... total comes to maybe 20 cards at best) and... I'd say that's not really a good thing. I think more creatures should have its summon effects limited to the lane they're played in, both positively and negatively, however, quite frankly, I have no idea how to approach that kind of balance change for all of the cards in the game, so I'm going to refrain from in depth means of changing this. My only idea was changing Camonna Tong Heavy's Plot effect to affect the whole board, given how little play he sees. But yeah, Summon effects have gotten sort of problematic, with their instant value that's only stoppable by "silver bullet" cards. More on these later.
If utilizing two lanes in card design would get a B- from me, then utilizing Runes would get an E-. Sure, there are some interesting cards that even to this day some of the best players can't quite agree on (Wilds Incarnate being the best one), for the most part anything that isn't a Prophecy and does something with Runes themselves was very mediocre. Morokei in Singleton decks is a great card, but... it's also a Singleton card. That's not gonna bring you tons of playability. He's gonna be an auto-include in Singleton decks, but Singleton decks aren't going to top the tierlist because of built in increased variance and an unsufficient reward for gimping your deck (only three singleton cards). Mechanical Heart is the other card that brings back a rune, but it's also relatively easy to deal with, a huge tempo loss on play and unique legendary, meaning only a singular card in 50 or 75 of them in your deck. The fact that Runes have been this unexplored for the longest time is a sin, especially because coming up with things to do with them is actually very simple and straightforward.
The list really does go on. Even on this list alone you could probably make a split for offensive and defensive options.
The reason I gave Rune-related mechanics E- and not F is completely on the cards that reward you for breaking a rune - These I find for the most part very well done. Simply put, high risk, high reward cards that present a fair deckbuilding challenge to the ones willing to take it. Playing with these cards is also handled really well - they are prime targets for removal with their low health or other vulnerabilities, so it's quite easy to punish playing, for example Haafingar Marauder or Relentless Raider at a wrong moment.
This sentiment doesn't quite extend to Beast Form. By themselves, most of these cards are alright, similarly to how "rune break" cards perform. However, with Companion Harbringer and Skyforge, there was a clear attempt at introducing something ala' a Werewolf deck or a Beast Form deck. Without alternative means of destroying opponent's runes, there's not much reason to go full werewolf, sadly, and without Beast Form these cards are nothing more than understatted creatures with no weight on them. Similarly to other very fringe and not played mechanics, only the most swingy of representants see play, like Circle Initiate (for very average statline at its cost and Prophecy tag), Aela's Huntmate (draw) and Whiterun Protector (just a solid body in a midrange deck post-Beast Form). Still, probably more blame lies on underutilizing means of breaking runes rather than Companions themselves.
So let's talk Prophecies... However, not in the way people would probably think about them. Instead of trying to describe in my own words how do they feel, I'll try and draw links between them and mechanics in two other, seemingly completely different games - Team Fortress 2 and Wargroove, starting with the former Between Prophecies and Critical Hits, there's plenty of similarities.
So in TF2 Critical Hits are Random. Matter of fact, they are very similar in its randomness to Prophecies in TESL in that you can technically influence the percentage (in TF2 by dishing out damage, in TESL by... adding more Prophecy cards to your deck), but regardless of percentage, you can go several seconds with nothing but crits or you can never see a critical hit in the round. Random critical hits remove a lot of decision making from the player, as this little tidbit styled after Pokemon battle explains really well, lasts about 3 minutes tops. Now, TESL doesn't have it quite as terrible, because the "critical hit" that happens does actually end up teaching you the essentials of when to play your cards, the ordering of your actions and whatnot, however what holds true in both cases is that it feels just as bad to die to a random critical hit as it is to losing to a random Prophecy that stops your lethal. I think these Prophecies in particular are the biggest offenders - things that create insane swings capable of changing not only the way you play out the remainder of your turn, but flip the entire game upside down essentially. Your Cloudrest Illusionists, Mystic Dragons (at least early game), Lightning Bolts, Piercing Javelins, Shrieking Harpies, Golden Initiates (to an extent) and many others all affect the game state significantly the moment they are played. Again, you can (and you should) play with a possibility of these cards popping in on your turn in the back of your head, and admittedly aren't executed in the worst way because you are capable of playing around them, however losing to one of the big prophecies from first rune or dying to a prophecy lightning bolt don't feel fun, matter of fact they're pretty frustrating to lose to.
Then there's Wargroove, one of the recent games, turn based strategy (if you liked Advance Wars I highly recommend you pick Wargroove up!). The reason I'm mentioning this game is its way of handling critical hits. Instead of bigger and smaller random percentages, which no doubt would end up being frustrating to deal with, the game has conditional critical hits. For example, your cheapest infantry unit only does critical hit when the army's general is standing on a tile next to that unit. This adds a lot of depth to the gameplay and feels very rewarding to pull off successfully. As for TESL, I don't know how could you introduce something that gives you similar feeling - whether introducing conditions that one must meet in order to be able to play the card for free or just making it so that when the conditions are met that one card is guaranteed to appear during the breaking of your next rune. Maybe there's a way to somehow utilize leftover magicka from your last turn during opponent's turn. I want to just present how other games handled something that's widely considered frustrating. The details of execution I'd rather leave to card designers.
I'll explain my last pet peeve with rune-related mechanics in next sub-chapter. Conveniently, we're done with what TESL does differently to other card games, so let's move on to:
First of all, I have nothing against your Treasure Hunts, Exalts, Betrays, Assembles and the like, however I can't help but feel that all of the "new mechanics" are only here to make expansions sound better. Whenever a big release was coming to TESL, be it a story or a new set, one of the main advertising points were new mechanics. They were one of the first things we heard about the set as well, for example in case of Houses of Morrowind, for which the very first announcement covered Rally, Plot, Exalt, Betray and "5 power or more" condition. Then there was nothing new that came for these mechanics. The reason this makes me miffed a bit is twofold:
  1. We could've gotten mechanics that no other game but TESL can pull, especially anything involving Runes.
  2. If the mechanics I mentioned in the first point are too complicated to just introduce, then at least take proper care of the things you do introduce.
Things like Factotums, Beast Form, Shouts, Exalt all are probably around a card or two away from being very much viable. I don't see much reason to keep them hanging. Treasure Hunts and Rally desperately crave for more, at least from Constructed point of view. Ironically, I think the most recent monthly card, Training Grounds, together with Ring of Lordship, are... perhaps not viable, but definitely a step in the right direction, especially compared to Singleton. These two present specific deckbuilding challenges that grant you plenty of cool perks and flashy plays should you overcome them. Not only that, playing against decks built with these two cards doesn't feel unfair, because you can see the synergy coming if you're observant enough.
I'm not sure, however, what to think about Supports and Support Removal. This interaction feels very binary and, similarly to prophecies, not really fun for either side of the interaction. You're going to feel just as bad when your opponent has a few supports on their side of the board that you can't deal with as you'd feel when your freshly played support you didn't quite reap benefits from gets instantly removed by Dushnikh Yal Archer, Shadowfen Priest or Edict of Azura. I'm not sure how can this be designed in a better, more fair for both sides, way - perhaps make it so that supports have health, but can be targetted with creatures to deal 1 damage to them if guards aren't on the way, while reducing the support's cost all around, dunno really.
Other mechanics that we had since the dawn of TESL time, namely Pilfer, Slay and Last Gasp, have been for the most part kept safely tame. Last Gasp has maybe two problematic cards at best (Haunting Spirit and Balmora Spymaster, for different reasons), but at the same time I can't help but feel that the whole Last Gasp bundle is being really overlooked by all of us. Pilfer is kept at VERY safe levels, probably because of how dedicated Tier 1 Pilfer deck would negatively affect newer players - they'd feel cheated by the Master of Thieves combo, which to them would have no counterplay what so ever, especially if another card that gives any creature pilfer gets printed for Monk. Finally, Slay in a vacuum is also more or less fine, but in tandem with Squish the Wimpy and battle tricks like Sword of the Inferno, Archer's Gambit and Crusader's Crossbow starts raising a few issues, the last three specifically with creatures that have both a Slay effect and Lethal. I also think that Slay and Drain shouldn't affect your own creatures if you end up killing them with Unstoppable Rage or any of the pings mentioned above. The possibility to turn one lane with one big creature in it into almost 30 health or an OTK in one turn is rather disgusting, especially the latter, since you can just place Child of Hircine in shadow lane against an empty board and use your next turn to add a Brotherhood Sanctuary and a bunch of Firebrands, Rage and attack a total of 7 times.
There's also this elephant in the room... you know, Tricolors. What initially was perceived as a fun little gimmick (after all, why give up consistency for increased variance?) turned out to be the most viable way of building your decks. The results speak for themselves. Turns out that increased variance isn't really an issue for the tricolor player, because of several things:
Practically every possible group of people, Timmys, Johnnys, Spikes and everyone in between, have at least a few people admitting that the introduction of tricolor decks changed the game for worse for various reasons. The stats we have are definitely in favor of their strength. But at the same time there's a group of people who consider tricolor fun and different enough, which is perfectly fair. There isn't a lot i can think of in terms of solutions - rotating tricolors out first would need to happen, because honestly the design itself requires plenty of tweaking to make the games with it fun and that's not really something i know how to achieve. All of different solutions i've heard haven't really been elegant. But yeah, following rotating out the tricolor I'd either make an expanded queue for ranked/casual or run some tricolor gauntlets, should they make a comeback.
don't think there's tons of things to say about specific cards that I feel like should be adjusted or cards whose design philosophy ought to be changed, but i still feel like giving 'em a section of their own.

3. CARD DESIGN

Starting off with something that was already talked to death by other people, most notably mr Ian Bits in his video here, namely heavy RNG cards. Now, it's understandable why are they made - giving fun to Timmys and some Johnnys, but i don't think power level of some of them is in the right spot. Biggest offenders of course being Suran Pawnbroker, Mudcrab Merchant and Manic Jack/Mutation (although i feel like Barilzar's Tinkering and Desperate Conjuring are also worth looking at). Still, this issue is explained in the video I linked far better than I would be ever able to explain it. There is, however, other type of rng cards that i feel like wasn't mentioned and is arguably a problem of similar size - Ring cards. By that I mean cards that are extraordinarily good on curve, but only with ring. When played without ring on curve, these cards have a lot more answers than with ring. Pre-nerf Goblin Skulk was very much a ring card, but even currently we have Cornerclub Gambler, Fifth Legion Trainer, Mournhold Traitor, Withered Hand Cultist to an extend belongs there too, East Empire Crafter has potential to land in this spot soon, although on a much smaller scale. Granted, when playing against control decks a lot of these become non-issues, as they have sufficient amount of early game removal to be able to deal with them swiftly, but for aggro mirrors these may as well be winrate swings.
For all the things bad about Mudcrab Merchant there's one positive - Crabo has let us play more than one 1 drop that still holds its value during mid-game. I'd say this is worth looking at closer, because if there's something to fix the issue of Ring of Magicka in Aggro mirrors, it's decently powered 1 magicka creatures. Currently 1 drops fall into one of these categories:
Even in the last category, only some decks really want these cards over others at a different point of the curve. Giving people a tad more incentive to go for Scroll Seeker or Karthspire Scout could potentially improve the means of fighting in Aggro mirrors or maybe bring back Midrange out of the sorry state it's been in.
Endurance in its current state from aggressive point of view is an ideal color - comes with a lot of overstatted creatures, perfectly pairing up with other colors, either with enabling plenty of trades or supplementing big bodies with smaller, but Warded bodies (Willpower and Intelligence) or with buffing these creatures even further and abusing movement (Strength and Agility). At this point of time we're like 99% sure that Catapult will receive a nerf, if anything then because of community issues with the big body, now made much harder to punish with Skinned Hound, but to ignore Haunting Spirit, Young Mammoth, Dragontail Savior, Corrupted Shade and Bleakcoast Troll would be similarly unwise. The problem is, I suppose, in the fact that it's really hard to balance something out regarding these 5 cards without wrecking Endurance. I have faith that our card designers will be able to overcome the difficulties currently caused by this attribute.
On the other side of the board we have cyclers and recyclers. Granted, it's safe to say that in a vacuum cards like Merchant's Camel or Indoril Mastermind are, for the most part, fine as is. Enter houses and Odirniran Necromancer, however, and we end up with cards that absolutely neglect the negatives of tricolors (reducing the increased variance) and, because of constant milling, allow these decks to find an answer to opponent's gameplan much more reliably while simuntaneously progressing forward with the board state. Don't get me wrong, it's not a problem that's only restricted to control - cards like pre-nerf Ash Berserker and Cornerclub Gambler should land here just as well. The amount of milling we have is one of the likely reasons the meta is in its extremes - it's either extreme aggro, extreme control or extreme swings/cycle. The solution sort of comes naturally - slow down! Less mill makes for a smarter game to play for both players.
The second part of "Indirect card combat" that we call pings, also belongs here. However, by that I don't necessarily mean actions that just deal damage, like Firebolt, Rapid Shot, etc. These are necessary, fair and harmless. The only problematic cards are Archer's Gambit, Sword of the Inferno, Crusader's Crossbow and Unstoppable Rage. The first two, even at their low cost of 2 magicka, are almost always used on lethal creatures to act as a hard removal with benefits - in case of Archer's Gambit it's the ability to trade the lethal creature into an enemy creature on the same lane and potentially reap benefits from Astrid's effect, for Sword it's proccing Slay twice (on enemy creature and on itself), especially on lethal creatures, on top of just being able to remove two creatures with one so long as the wielder has 3 or more health. Crossbow feels the least problematic of all of these, mostly due to its cost, but also due to lane limitations - in Shadow Lane you can't quite always deal with two creatures at the same time, due to cover. It also doesn't give Guard to the wielder, so it doesn't force 2 for 1s with benefits. Unstoppable Rage is a whole different story. It's perfectly fine as a lane clear, but becomes unfun to play against when paired with a Drain creature or a creature with Slay effect, mostly due to these two things proccing off your own creatures too. This results in even 50+ health swings on top of the lane clear. Of course, there's a difference between feeling bad and being badly designed - I don't think the card itself is problematic, you can play smart to deal with Rage for the most part, but I can't deny its demotivating effect.
Finally, there's silver bullet cards. You know, ones that are useless for all but one matchups - Grummite Magus, Memory Wraith, Piercing Twilight and Cast into Time (sort of, they're helpful everywhere to an extent), Garnag, Bedeviling Scamp and Withered Hand Cultist. These ones are probably the things I hate the most about card design. We're playing a Card Game. You can eliminate the problems by tweaking cards or card interactions in order to help players make punishing certain plays easier. Printing a card that answers the problem for you is an insult to card player's intelligence. It's the equivalent of giving a worse of two chess players an extra handicap piece that can move on any tile of the chessboard - why improve your play, when you can just play an easier game? If your goal is to welcome more casual players easily with these cards, then consider making something along the lines of an advanced tutorial. These could be a series of puzzles for free that any player can partake that would teach them the most important essentials of playing smart and playing to win. Not only that, these would play well into a marketing strategy - you can then direct someone done with advanced tutorial to the store, where he can find more puzzle bundles. It's really worth putting more effort into the game than just creating an easy answer for a card - it makes for a more compelling card game, a more satisfying esperience when you do overcome this one strategy you had troubles with in the past. Don't take this joy away from new players by giving them the middle finger card. Please. And if you're truly set on introducing hate cards to the game, at least split them into several smaller cards that affect different aspects of an archetype. Cultist, for example, should probably receive a big nerf in tandem with introducing cards that affect Summon effects, ability to be shackled, damaged by lethal creatures, affected by actions, etc.
The very last thing I wanted to mention, more as a closing note, is the speed of making changes. Hearthstone recently went on to create drastic changes to the card game, mostly in the amount of nerfs/buffs but also in changing the base set. I mentioned a lot of things in this word wall of mine and I believe introducing even half of them from section 2 and 3 would greatly increase the quality of gameplay TESL definitely deserves. But in order to get there, serious changes need to be made, for we've kinda dwelled a bit too far into some of these problems. For an example of a game that undergoes gigantic changes with every patch to keep the experience fresh and enjoyable, look no further than Dota 2. The game has balance patches which are about as long as half of this article of mine, affecting various little tidbits of gameplay. While TESL by no means has as many gameplay intricacies, it still has cost, attack, health, card text, starting hand, interactions, etc. This game has tons of potential for really compelling games across all kinds of players and between all kinds of players, but a serious amount of effort and dedication needs to be put in in order for us to get there. Passion is what got us some of the all-time great games in the past, like Chrono Trigger, for example.
But I direct this not only to design team and developers at Sparkypants, but to each of you reading this. First of all, thanks for making it to the end. I hope I didn't cause ya to fall asleep. I also hope that what you read helped you understand that not all of the enjoyable things are really good for the game and that, vice versa, there are still tons more enjoyable things to TESL that we haven't gotten yet. I don't expect for you to agree with all that I have written here - we're all humans (hopefully) and we're going to have our different points of view and different preferences. I encourage you to discuss things in the comments, for fruitful conversations help immensely in more means than one. If you come up with an idea to fix things better - post it! Sparkypants devs have been reading our feedback much more often than Direwolf devs and we should seize the opportunity to hopefully change the game for the better. In the end, if you've made it to the end, I'm rather certain that you do love this game. If a piece that takes almost the entirety of symbols on reddit is any indication, so do I. Regardless of how cheesy it sounds, this love for the game and this passion is what will make the game a better experience, and, eventually, us - better players. Whether you're a fun-loving person who cherishes all of the huge flashy plays above everything else (Timmy), a guy/gal whose primary interests lie in deconstructing the game's interactions and trying to discover more of the interesting combinations, treating the game like a box of Legos (Johnny) or you want to be the very best at everything the game offers and for your game sense and game knowledge to thrive (Spike), in the end we're all a part of this big family.
thanks and goodbye
submitted by Brassrain to elderscrollslegends [link] [comments]

List of AMA answers Hero Design and Balance.

EDIT: Formatting.
submitted by GojiTBs to heroesofthestorm [link] [comments]

Tools & Info for MSPs #2 - Mega List of Tips, Tools, Books, Blogs & More

(continued from part #1)
Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.
IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.
RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."
Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.
Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.
exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab describes it as "'ls' on steroids, written in Rust."
rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."
Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.
LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."
aria2 is a lightweight multi-source command-line download utility that supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. It can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Recommended by jftuga, who appreciates it as a "cross-platform command line downloader (similar to wget or curl), but with the -x option can run a segmented download of a single file to increase throughput."
Free Services
Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."
Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a serverouter with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."
Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."
JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!
ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.
Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."
Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!
ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."
Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!
Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.
Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years."
Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."
EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.
Hardening Guides
CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."
Podcasts
Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.
This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon.
Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.
Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."
The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.
The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.
Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.
The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."
Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."
Books
System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance.
Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.
Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.
Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.
Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.
The Practice of System and Network Administration, 3rd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.
Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.
Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more.
DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"
Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.
Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.
Tips
Here are a couple handy Windows shortcuts:
Here's a shortcut for a 4-pane explorer in Windows without installing 3rd-party software:
(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.
Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."
This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."
Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."
To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. Thanks to abeeftaco for this one!
Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser. Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."
Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page. Thanks to wpierre for this one!
This tip comes from anynonus, as something that daily that saves a few clicks: "Running a program with ctrl + shift + enter from start menu will start it as administrator (alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"
Building on our PowerShell resources, we received the following suggestion from halbaradkenafin: aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
Keyboard shortcut: If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin. Thanks go to Polymira for this one.
Remote Server Tip: "Critical advice. When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself. This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time." Thanks go to FrigidNox for the tip!
Websites
Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.
Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.
High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.
Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub.com. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."
SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."
Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."
A Slack Channel
Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.
Blogs
KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.
The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.
An Infosec Slideshow
This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."
Tech Tutorials
Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.
The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.
SysAdmin Humor
Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!
Have a fantastic week and as usual, let me know any comments.
Graham | CEO | EveryCloud
Fyi - I've set up a subreddit /itprotuesday, where we feature / encourage posts of some additional tools, tips etc. throughout the week. Pop over and subscribe if you’re interested.
submitted by crispyducks to msp [link] [comments]

IT Pro Tuesday #64 (part 2) - Mega List of Tips, Tools, Books, Blogs & More

(continued from part 1)
Captura is a flexible tool for capturing your screen, audio, cursor, mouse clicks and keystrokes. Features include mixing audio recorded from microphone and speaker output, command-line interface, and configurable hotkeys. Thanks to jantari for the recommedation.
Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.
IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.
RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."
Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.
Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.
exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab describes it as "'ls' on steroids, written in Rust."
rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."
Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.
LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."
aria2 is a lightweight multi-source command-line download utility that supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. It can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Recommended by jftuga, who appreciates it as a "cross-platform command line downloader (similar to wget or curl), but with the -x option can run a segmented download of a single file to increase throughput."
Free Services
Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."
Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a serverouter with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."
Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."
JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!
ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.
Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."
Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!
ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."
Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!
Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.
Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years."
Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."
EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.
Hardening Guides
CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."
Podcasts
Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.
This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon.
Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.
Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."
The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.
The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.
Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.
The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."
Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."
Books
System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance.
Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.
Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.
Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.
Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.
The Practice of System and Network Administration, 3rd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.
Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.
Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more.
DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"
Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.
Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.
Tips
Here are a couple handy Windows shortcuts:
Here's a shortcut for a 4-pane explorer in Windows without installing 3rd-party software:
(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.
Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."
This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."
Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."
To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. Thanks to abeeftaco for this one!
Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser. Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."
Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page. Thanks to wpierre for this one!
This tip comes from anynonus, as something that daily that saves a few clicks: "Running a program with ctrl + shift + enter from start menu will start it as administrator (alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"
Building on our PowerShell resources, we received the following suggestion from halbaradkenafin: aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
Keyboard shortcut: If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin. Thanks go to Polymira for this one.
Remote Server Tip: "Critical advice. When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself. This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time." Thanks go to FrigidNox for the tip!
Websites
Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.
Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.
High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.
Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub.com. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."
SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."
Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."
A Slack Channel
Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.
Blogs
KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.
The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.
An Infosec Slideshow
This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."
Tech Tutorials
Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.
The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.
SysAdmin Humor
Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!
Have a fantastic week and as usual, let me know any comments.
Graham | CEO | EveryCloud
submitted by crispyducks to ITProTuesday [link] [comments]

Binary Options Explained - Can You Really Make Money With Binary Options? Binary Options Basics For Beginners Trading Binary Options Beginners Training To $500 Per Hour Trading Binary Options Binary Options Trading  EASY STRATEGY for beginners How to Make Money Online ~ Binary Options Trading Tutorial

Learn Binary (The Easy Way) 01000001 00000001: So a while ago I wanted to learn binary. Binary is the way a computer holds information, the 1's and 0's. I thought it was cool, and that it would be worth learning. It is WELL worth learning and it is very simple to learn.What I am showing you in... Learn to Trade Options for FREE Learning with Option Alpha for only 30 minutes a day can teach you the skills needed to place smarter, more profitable trades. 20 Video Lessons We all know that many traders like to use martingale in their binary options trading, as it is in fact an easy way to trade. However, we also know that martingale is also the culprit behind many “blown” accounts out there. While it isn’t the most efficient or safest way to trade, sometimes it is an approach you might want to take. United Kingdom About Youtuber Decisive Trading has one simple aim - to produce independent, successful traders. Learning to trade does not need to be difficult. By following a well laid out, simple trading plan with a constant focus on self-improvement, you too can experience the fantastic opportunities provided by trading CFDs and Spread Betting as a hobby or as an income source. Binary options provide a way to trade markets with capped risk and capped profit potential, based on a yes or no proposition. Let's take the following question as an example: Will the price of

[index] [23929] [10723] [21173] [4446] [15880] [5899] [14623] [12443] [13241] [19152]

Binary Options Explained - Can You Really Make Money With Binary Options?

Known for being able to teach anyone to trade in 60 minutes or less, Markus Heitkoetter with Rockwell Trading has taught over 360,000 traders worldwide and has appeared on CBS, FOX, NBC, ABC and more. The Best Binary Options Trading Strategy - Here's how I trade Binary Options - Duration: 15:46. Markus Heitkoetter 13,547 views. 15:46. 99% winning strategyiq option strategy 2020 ... In this video I will teach you how to trade successfully with engulfing pattern. This best binary options strategy can be used in IQ Options and Olymp Trade. Official Website: Lesson One - in this video I teach people how to place binary options trades and show them step-by-step. I cover almost all of the basics and make sure that new binary options traders and ... My channel was created for those who want to watch me trade on binary options and earn money. You can also start trading with me, using my strategy for trading binary options from the video.

Flag Counter