Wednesday, May 20, 2015

Can not open Checkpoint firewall SmartDashboard due to wrong rule



There may be a time where you install the wrong policy onto a Check Point Firewall. This can block your connections, and screw which traffic is allowed through the firewall.
In order to fix it, open the firewall console and perform the following steps:

These steps will show you how to remove and reinstall the correct policy via the CLI on the manager (SCS),
  1. First of all we look at the policy history, so we can find out the name of the policy we need to reinstall. 
fw stat -l [firewall ip]
  2. Next we remove the security policy from the firewall.
fwm unload [fwname]
  Now you may open the Firewall SmartDashBoard, examine the wrote configuration \ or the fault rule, change it and install the new policy.

Source:
https://www.fir3net.com/Firewalls/Check-Point/checkpoint-ive-pushed-the-wrong-policy.html




Sunday, May 17, 2015

Clean Up the WinSxS Folder



  1. At an elevated command prompt, run the following command:
    Net Stop WUAUSERV
  2. Delete the contents of the %windir%\softwaredistribution\download folder.
  3. At an elevated command prompt, run the following command:
    Net Start WUAUSERV

for windows 8.1


The following command will uninstall all previous versions of components without the scheduled task’s 30-day grace period:
DISM.exe /online /Cleanup-Image /StartComponentCleanup
The following command will remove files needed for uninstallation of service packs. You won’t be able to uninstall any currently installed service packs after running this command:
DISM.exe /online /Cleanup-Image /SPSuperseded
The following command will remove all old versions of every component. You won’t be able to uninstall any currently installed service packs or updates after this completes:
DISM.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase

Monday, May 11, 2015

Clean up windows 7

Hi

In some cases, windows OS hard drive is getting full with no reason, below find some use cases and how to handle them:

The first step would be diagnostic the hard drive, highly recommended tool is "WinDirStat" which can be download from here > “WinDirStat

After you have found all the huge video, music and pst files, you hard drive is still full ? great, go on to the next step.

Here are some path which may contain a LOT of waste hard drive space, I'll explain what is all about and how to clean it, please note that the sizes mentioned below based on my experience, you may get different sizes,


Path:
c:\windows\installer
c:\windows\winsxs

What is it?
Windows uninstall information
Windows update / service packs data information

Size:
~10GB
~15GB

Safe to delete?
Yes, but not manually

What should I do?
1. Install KB2852386 from here 

2. Open CMD as administrator and run the followings:
dism /online /cleanup-image /spsuperseded

3. open Noteped, past the following text into it, and save it as "FILENAME.REG"
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Content Indexer Cleaner]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Downloaded Program Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Internet Cache Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Memory Dump Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Offline Pages Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Old ChkDsk Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Previous Installations]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Recycle Bin]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Service Pack Cleanup]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Setup Log Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\System error memory dump files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\System error minidump files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Setup Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Thumbnail Cache]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Update Cleanup]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Upgrade Discarded Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting Archive Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting Queue Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting System Archive Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting System Queue Files]"StateFlags0100"=dword:00000002[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Upgrade Log Files]"StateFlags0100"=dword:00000002



4. Execute FILENAME.REG registry file

5. Open CMD as administrator and run:
 cleanmgr /sagerun:100




Path:
C:\Users\USERNAME\AppData\Local\Microsoft\OneNote\14.0\OneNoteOfflineCache_Files
C:\Users\USERNAME\AppData\Local\Microsoft\OneNote\15.0\OneNoteOfflineCache_Files

What is it?
Microsoft OneNote cache files

Size:
~3GB

Safe to delete?
yes, can be reduced or moved

What should I do?
To reduce size: open OneNote > options > save & backup and click “Optimize all Files now”.
To move the files to another drive, click “Modify”.




Path:
C:\$Recycle.Bin

What is it?
Recycle Bin

Size:
~5GB

Safe to delete?
Yes

What should I do?
Change the folder view setting to show protected operating system files, open “C:\$Recycle.Bin” and delete it content by using “SHIFT+DELETE”.



Path:
C:\pagefile.sys

What is it?
Windows Page file

Size:
~4GB

Safe to delete?
No, Can be moved to another drive or reduced 

What should I do?

  1. Open System by clicking the Start button Picture of the Start button, right-clicking Computer, and then clicking Properties.
  2. In the left pane, click Advanced system settings. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  3. On the Advanced tab, under Performance, click Settings.
  4. Click the Advanced tab, and then, under Virtual memory, click Change.
  5. Clear the Automatically manage paging file size for all drives check box.
  6. Under Drive [Volume Label], click the drive that contains the paging file you want to change.
  7. Click Custom size, type a new size in megabytes in the Initial size (MB) or Maximum size (MB) box, click Set, and then click OK.