I pressed the folks at bluecoat to give us details on why windows-noob was being blocked. “I need it to do my job and it has been blocked for a month!,” I said and if it is just because it is hosting scripts that might look dodgy, then that is to be expected. Lots of client management scripts can appear to be “hacker tools” to heuristic scans. Meanwhile, I’ve discovered the wifi in the office next to mine doesn’t go through a proxy, so if I take a laptop and sit right next to the wall in my office I can access windows-noob and myitforum. It is pretty inconvenient, but worth it.
This is the direct response we got from bluecoat on Wed Dec 4th about Windows-Noob. – they did not respond to us regarding MyItForum. After review, this domain has been redirecting/referring to a known exploit kit domain, smartfenia[.]com. Traffic for this has been happening for the last week and is current (within the last 24 hours). The MO of this attack is that a malicious injected script has been placed somewhere on this site. I am unable to identify exactly where. The current rating will be maintained until this behavior ends. Thank you for your submission. I don’t know anything about web hosting so I don’t know if that information is useful, accurate, or relevant to you. If we start blocking every site that LINKS to a bad site, well there is not going to be much left on the internet. It is a “web” after all. From: [email protected] [mailto:[email protected]] On Behalf Of Niall Brady Sent: Thursday, December 03, 2015 11:56 PM To: [email protected]; Rod Trent Subject: Re: [MDT-OSD] persistent Pre-TS action in WinPE? thanks Rod for that info, I did request more info several times previously but did not get that snippet of info, however i will now run with it and update this thread once i know more, i do appreciate that info! On Fri, Dec 4, 2015 at 12:49 AM, Rod Trent <[email protected]<mailto:[email protected]>> wrote: Actually, there’s more to it and not necessarily due to out of date plugins. Google changed its criteria recently on the “safeness” of downloadable scripts – which myITforum has supplied for the last 15 years for IT folks . A lot of those proxy protector sites pull information from Google to update their own service. Until Google updates, the won’t update. So the issue is with Google. We’re actively working on it, but, Niall, you might also check to ensure you fit Google’s criteria. From: Niall Brady Sent: Thursday, December 3, 2015 5:57 PM To: [email protected]<mailto:[email protected]> Subject: Re: [MDT-OSD] persistent Pre-TS action in WinPE? no problem Todd, glad to have helped finally, as regards windows-noob being blocked or comprimised, it's a farce, it all stems from myitforum.com<http://myitforum.com> having had wordpress plugins that were out of date, as a result that site (myitforum) got blacklisted, and in turn as i had 11 links back to myitforum.com<http://myitforum.com>, amazingly windows-noob.com<http://windows-noob.com> got blacklisted. yes you read it right, windows-noob was blacklisted because of out of date plugins on myitforum.com<http://myitforum.com>. sadly, those proxy protector sites that blacklisted windows-noob aren't that clever at updating their cached results, so even though i removed the links about two weeks ago, my site still remains blacklisted, even at the company i work for. i'm really not impressed by that at all. :( On Thu, Dec 3, 2015 at 11:44 PM, Miller, Todd <[email protected]<mailto:[email protected]>> wrote: Niall --- thank you very much for this tip. I have all kinds of other ideas on how to use this. Your post at www.windows-noob.com<http://www.windows-noob.com> was easy to follow and worked great. I got it right on the first try! which is great because updating the WinPE boot image is quite a task to have to iterate with tweaks/changes/typos over and over. In my opinion Microsoft’s field guide for OSD 802.1x implementation should be updated to include this method to re-establish an 802.1x connection during WinPE phases. It looks like I will have to neither retire early nor take a long vacation ☺ From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Niall Brady Sent: Wednesday, December 02, 2015 11:58 AM To: [email protected]<mailto:[email protected]> Subject: Re: [MDT-OSD] persistent Pre-TS action in WinPE? Have a look at checkfornetwork and storage on windows noob, it runs before sny prestarts via a reg hack Sent from my phone, please excuse any typo's as a result. On 02 Dec 2015, at 18:21, Miller, Todd <[email protected]<mailto:[email protected]>> wrote: I am interested in running a pre-TaskSequence routine every time my clients boot into WinPE during a task sequence. What is the best way to accomplish this? I’m not talking about a pre-execution hook which only runs on first WinPE boot. I have added a command to unattend.xml on the WinPE image and it works great for the first boot onto the WinPE OS, but when the TS engine stages the Boot Image onto the disk for subsequent PE reboots, it overrides that function with its own WinPEUnattend.xml Is there a way for me to insert anything in front of the Task Sequence engine to run before the Task sequence takes over? I want to use this to attach to our 802.1x network, but it could be used to re-establish DART or any of number of things. Of course I can insert items in the task sequence after every “Reboot” item to re-establish the network, but it would be much better if I could just make that happen at every reboot. Putting those in the TS itself sub-optimal since there is a long delay at each TS startup if the network is not available. Is there any way to insert my own code into the WinPE start for all the staged PE reboots? I have started re-look at OSDInjection.xml as I used that previously to write a custom smsts.ini file to my WinPE boot images. It doesn’t appear that winpeshl.ini is listed in OSDInjection.xml so some other process is creating that file? I think my best hope is to use this process to inject the necessary 802.1x files into the WINPE image using the standard means for extra files and then use osdinjection.xml to figure out how to modify the WinPE startup process. Just not sure which ini file I need to inject/modify that can survive both the WinPE build process and the TS WinPE staging process. I think the console even overwrites the WinPESHL.ini file if I use OSDInjection.xml to write a custom one. Ugh! I really could use a way to inject a network startup process into the WinPE boot process - not only to establish 802.1x connections but I think others could use it to establish VPN early in the WinPE boot process as well. (Please --- I’m not interested in bypassing 802.1x in other obvious ways like having build benches with 802.1x disabled ports or using MAC whitelisted devices to bypass 802.1x auth… I know about those options and am using them already. We want to get away from whitelisted USB Ethernet adapters for deskside re-deploys) Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________
