Build a low budget computer meant for 24/7 operation.

Sometimes you need a machine you can trust to be on for many days at a time. But you're not looking to invest into a server grade build, nor do you need exceptional performance. Let's say it's supposed to run a script or a process, constantly. For example - a DVR server.
In this case you need to optimize your configuration for durability. So to start - we need a nice ventilated chassis. If budget is not unlimited, then a basic well ventilated chassis will do.

Motherboard - We need the motherboard as cheap and as durable for the price as possible. So a good idea is to look through motherboard vendor lineups - go to the cheapest model and then raise the bar till you reach a model with all solid capacitors. For example - currently (end of 2014) Asus has the H81 series motherboards, and one of the cheapest is H81M-K. It however does not have all solid capacitors, so if we take the next model, right above this one - it will be H81M-A - which does offer an all solid capacitor configuration, and is only slightly more expensive.

CPU - if you're not looking for high performance, I would suggest a simple Intel CPU, such as currently Haswell based Pentium Dual core series. They are cheap and bear the Intel quality standard.
You can also go with a T series Intel CPU which consumes the least power.

RAM - again something that is of acceptable quality but not gamer grade. A built in heat-sink is always a plus. As an example - Corsair CMV4GX3M1A1600C11

Hard Drive - This is where you need to invest a bit more into a drive made for 24/7 operation, such as Western Digital Caviar Red made for RAID, NAS and 24 hour operation. Similar models from other manufacturers include Seagate Surveillance HDD or Toshiba High Durability Specialty drives.

PSU - A great way to provide stable power to a long running machine is to go with a good power supply unit that you can trust. Some even come with a built in surge protector. Also make sure you get a PSU with an 80Plus rating, which means it wastes less power. A good example of an affordable 80Plus PSU is Corsair VS350

Asus H81M-K network disconnections - solved.

You are experiencing random Ethernet problems on a machine based on this motherboard, i.e - disconnections (cable unplugged even though it's plugged in, cable not detected as plugged in), limited connectivity, or sometimes even the connection seems stable (network cable recognized, IP address is correct) - there are still internet connection or LAN connection issues. The reason may be related the faulty NIC driver that comes with this motherboard.

The best way to stabilize your on-board NIC (Realtek PCIe GBE Family Controller) performance is to downloaded the latest driver from Asus, and after it's installed do the following:

• Go into Device Manager and double click your NIC card in the list of devices.
• In the Power Management tab - untick the "Allow the computer to turn off this device to save power" option.
• In the Advanced tab - Disable "Energy Effecient Ethernet" and "Green Ethernet"

This works for other motherboards that share the Realtek PCIe GBE Family Controller.

Optimize QNAP NAS security

In this post I will talk about tweaking your QNAP NAS device to be more secure than it's configured by default.
I'm going to assume that the main settings of user and folder structure have been configured at this point, and you're good to go, but you'd like to maximize security for the NAS using the built in features.

As a side note - I am using QOS firmware version 4.1.0 to demonstrate the features depicted in this post.

Let's start by enabling SSL for the web management console of the NAS.

You can force secure connection so there would be no other way but to connect securely to the web console, but if something goes wrong (with the SSL certificate) - you may not be able to log onto the web console. So pick the right option for yourself.
By default, the NAS will use a self generated SSL certificate, it is also possible to upload and utilize a third party SSL certificate, which can come from a verified provider.
The certificate and the private key both can be uploaded inside the Security > Certificate & Private Key tab.

Now we can set up email alerting. I believe that email alerts are a very practical way of staying up to date on server's health and security issues. This can be done under the Notification section, First set up the SMTP server, I suggest using Gmail, as its configuration is already built into the console, and Gmail provides a very stable and free email service, so if you don't already use Gmail, you may want to create an account specifically for this server alerting system. Put in your Gmail address and password, and hit the "Send a Test Email" button to see if you can receive email alerts from the server. If you can't - your network hardware maybe blocking it. so it's something you should look into. Open outbound SMTP SSL ports in your router/gateway, for example.
Once the test email arrives, you need to set the server to send you email alerts to your preferred email address, this is done in the Alert Notification tab.
Check the "Send system error alert by: Email" and "Send system warning alert by: Email", and make sure to enter your target email address(es) under "Email Notification Settings". If you don't set this up - you will not receive alerts to your email address.
Once done, hit the Apply All button on the bottom of the page.

Now, I should mention that if your NAS server is planned to be accessible remotely - be it via VPN, FTP, or you would simply like to remotely administer it using the web console - there will be constant hack attempts coming from the Internet. Most of the time these are not targeted at your server specifically but rather automated by certain malicious machines online to try and guess the username and password of a NAS or any other protected machine that is accessible remotely. So to get rid of that potential threat to the data and stability of your NAS we need to set the server to automatically ban or block IPs that are trying to hack your device. The feature that controls this is located under Network Access Protection inside the Security section of the web console.

First tick the box "Enable Network Access Protection", and then configure protocols for which the server will monitor access attempts and react accordingly.
I usually prefer setting the connection methods shown in the screen-grab. Note that SAMBA and AFP are not monitored as they are local connection types and may interfere with your users' access stability. You don't have to block the offending IPs forever, you can just ban their access temporarily, but I see no reason to do that as they will continue right on trying to penetrate your network after they are unblocked.
Once done, make sure to hit Apply or Apply All.
This feature was introduced after version 3.8.0 so if your NAS is running an older firmware version - maybe it is time to update.

Another important issue to consider is evaluating the connection methods that are open in your NAS.
If you don't plan to administer the NAS via SSH - do turn it off, because a lot of hack attempts will come via SSH. SSH is enabled by default, so it may be a good idea to turn it off to raise the level of security.
To disable SSH and/or FTP, go into the Network Services section and disable the unnecessary connection methods.

Finally, you may want to enable logging of file usage on your NAS. This can also tell you about internal users' actions in detail, as well as log incoming hack attempts. This is done in System Connection Logs under System Logs. Click the Options button and check all of the connection methods relevant to your situation. Make sure to check SAMBA to monitor the local users' connections. Once your log fills up to 10,000 events - you can automatically dump it into a CSV file onto one of the shared folders. You can create a protected log folder that only you as the admin have the access to, and point the CSV file creation there.

It is worth mentioning that QNAP NAS comes with an internal antivirus feature that is disabled by default, so if you want the NAS to scan the files that it hosts you can enable the Antivirus application (located under the Applications section on the bottom of the console), you can schedule scan jobs and automatic definition updates here as well.

New USB devices or existing devices stop working in Windows 7/8

Recently I started noticing a widespread problem with certain machines not being able to accept new USB devices or they would have certain existing devices stop working (driver-wise). This may be related to a certain PUP called SafetyNut that is a subapplication that comes with Ask.fm toolbar.

If you are unable to use any new USB devices that your computer hasn't recognized before, or suddenly things like your lan or w-lan card stop working and have a driver problem inside the device manager - it may be due to the aforementioned problem.

The simple way to resolve this is to uninstall the Ask.fm toolbar.

A more thorough solution would be to run a malware cleaner, and disable the SafetyNut service (yes it actually runs as a service, which is recognized as a malicious service), clean the discovered PUPs and uninstall the Ask.fm toolbar.

Windows Update error 80246002

This error started appearing in Windows 7 a few days ago, some say due to the update KB2982791 (unconfirmed yet).

If you were affected by this error - here's how to fix it (so far).

First of all - what doesn't work:

• Uninstalling the KB2982791 update.
• Deleting the SoftwareDistribution folder contents inside the Windows folder (this used to work for me in previous Windows Update errors).
• Renaming the Download subfolder of the SoftwareDistribution folder.
• Restoring the system to an earlier state may not fix this problem.
• Running the Windows Update Troubleshooter may not fix this problem.
• Applying the KB947821 patch may not fix this problem.

What does work (confirmed by many cases, including my own experience with this error):

You need to manually set the DNS addresses (of a well known public DNS server, such as Google DNS) for your network connection to successfully get rid of the update error. 

1. Go to Network and Sharing center inside Control Panel.

2. Click "Change Adapter Settings" on the left side pane. 

3. Right click the network connection you're currently using to be connected to the internet.

4. Choose Properties.

5. Double click "Internet Protocol Version 4 (Tcp/IPv4)"

6. Change "Obtain DNS Server Address automatically" to "Use the following DNS server addresses" - enter 8.8.8.8 as Preferred DNS server, and 8.8.4.4 as Alternate DNS server.

7. OK all of the windows. 

8. Now either restart the machine and check your updates again, or run the ipconfig /flushdns command inside the command prompt in elevated mode.

After this procedure - Windows Update should start searching for updates, it will take a while, so be patient. Eventually you will be presented either with more updates, or the statement that there are no newer updates.

OneDrive for Business doesn't sync - solved.

Is your OneDrive folder not syncing anymore? Do you get sync errors that won't go away? Do all of the files in the sync folder have a red X on them? If so - here are the answers.

Sometimes you copy a large amount of data into your OneDrive sync folder or you make a drastic change in the folder structure (taking all of the main folders and putting them into one subfolder, for example) - this may lead to major sync problems.

What doesn't work:

Stopping - restarting sync, syncing a new folder, deleting everything in your sync folder and then hoping it would resync, deleting everything on the server and hoping it would resync from your pc folder, running the "repair" function of the OneDrive desktop software, uninstalling and reinstalling OneDrive.

If you've done all of the above and still no luck, read on.
The only solution I've found so far is doing the procedure below (recommended by MS support team) and it actually works.

Important! Make sure that your server-side copy of your files is up to date, because you will lose all of the local data from your computer's Sync folder and your computer will then resync from the server.
If it's not up to date, then backup the data in your sync folder, just in case.

1. Right click on the Windows status bar, select Start Task Manager, and get a list of running processes as follows:
If you’re running Windows 7: Select the Processes tab.If you’re running Windows 8: Select More Details in the bottom left and then select the Details tab.

2. Verify that none of the following processes are running:
groove.exe
msosync.exe
msouc.exe
winword.exe
excel.exe
powerpnt.exe

3. If any of the above processes are running, stop the process by right-clicking it and selecting End Process.

4. Give yourself an administrator role as follows:If you’re running Windows 7: Click the start button and type cmd in the search bar. When cmd.exe appears in the results, right-click it and select Run as Administrator.If you’re running Windows 8: Drag your mouse to the bottom left corner of the screen, right click on the Start icon that appears, and then select Command Prompt (Admin).

5. At the command prompt, delete the Office file cache and Spw folders by issuing four commands as follows:
a. Type this and then press the Enter key:
cd %USERPROFILE%\AppData\Local\Microsoft\Office\15.0\ 
b. Type this and then press the Enter key:
rmdir OfficeFileCache /s 
c. Type this and then press the Enter key:
cd %USERPROFILE%\AppData\Local\Microsoft\Office\  
d. Type this and then press the Enter key:
rmdir Spw /s

6. If you get an error when executing either rmdir command (steps b or d), one of the .exe processes is probably still running. Correct the problem by returning to the Task Manager (step 2), stopping the processes, and then removing the directories as described previously.

7. Start the OneDrive for Business client and re-sync the library.

Sync files remotely to a QNAP NAS

Sync your files remotely to a QNAP drive, wherever you are.

I work a lot with QNAP NAS drives and I enjoy the stable remote access that they provide, be it remote administration and management, or data access.
Here I will be talking about setting up your very own cloud service on your QNAP NAS drive, that will function just like Google Drive or MS Onedrive. It does take some major setting up to do, but after that - things should run smoothly.

In this scenario user data has to be available at all times and synced whenever there's an internet connection available, all data goes to the QNAP drive remotely (this provides backup and data administration by others).
We need our remote folders to be able to let us use Offline Files. So we need to set up a VPN service on the QNAP. If not the use of Offline Files (and the whole point of syncing files that are always available) - it would have been easier to simply run an FTP service from the QNAP drive, which requires less effort. But the Offline Files feature would demand that the QNAP folders be available as if we're accessing them through a LAN - hence the VPN service.

Official QNAP VPN setup instructions are found HERE.

QNAP server-side settings:

• Inside the QNAP web console, head over to Applications > VPN Service.
• You should first forward the necessary VPN ports using the Auto Router Configuration.
• QNAP provides a kind of DDNS called MyQnapCloud which gives you a free dynamic DNS if your server's public IP isn't static. You can also configure the VPN in an easy way using the myQNAPcloud feature inside the Qsync under Network Services.
• Inside Applications>VPN Service> VPN Server Settings - Check the "Enable PPTP VPN server"
• Important! Under the "VPN Client IP Pool" set the IP range, make sure you use a unique IP range not commonly used because you wouldn't want the VPN IP to clash with the local network IP of the client computer.

Client-side (Windows 7/Windows 8/Windows 8.1) settings:

• You can install the myQNAPcloud Connect utility which will build the VPN dialup connection for you, or you can manually set it up yourself. I simply installed the utility to let it setup the VPN connection and then removed the utility from start up. The utility is simple, however it will not automatically connect your VPN if you're on a wifi network, and it will not automatically reconnect if the internet connection was disrupted. We are going to fix this flaw by doing some manual settings and powershell scripting.
• In case you decide to build the VPN dialup connection yourself - here are the settings:

1. Inside Network and Sharing Center click "Set up a new connection or Network",

2. Choose "Connect to a workplace"

3. Choose "Use my Internet connection (VPN)"

4. Inside Internet address - insert the public IP of the network on which your NAS is located. Or if you have a DDNS by QNAP or third party - put it here. 

5. Check "Don't connect now..."

6. Insert your VPN username and password (usually it's the main NAS admin by default, but you can add VPN users inside the QNAP VPN Service page inside the web console)

7. Click Create but don't connect yet. Click Close.

8. Inside Network and Sharing center click on "Change Adapter settings".

9. Right click your newly created VPN connection icon and choose Properties.

10. Under the Security tab - make sure Type of VPN is PPTP, Data Encrytpion is set to Optional, and protocols PAP, CHAP and MS-CHAP v2 are enabled. 

11. Under the Networking tab - make sure that only IPv4 is checked, double click on it, choose Advanced, and uncheck the "Use the Default Gateway on remote network" to not use the gateway of the VPN for your internet traffic. 

12. OK all of the windows of the connection properties. 

Now we will write a Powershell script that will run in the background and check for connection drops and reconnect if necessary. 

• First let's create a folder on the C: drive and call it Script.
• Let's create a file in that folder and call it vpn.ps1
• Inside the file let's put the following code (using Notepad or another text editor):

$ip = "10.0.20.10"
$result = gwmi -query "SELECT * FROM Win32_PingStatus WHERE Address = '$ip'"
if ($result.StatusCode -eq 0) {
 Write-Host "$ip is up."
}
else{
 Write-Host "$ip is down."
 Write-Host "Disconnecting..."
 rasdial.exe YourVPN /DISCONNECT Write-Host "Connecting..."
 rasdial.exe YourVPN vpnUsername vpnPassword12345 
}

Make sure you put in the correct IP of the NAS (first line of the script) while it's inside the VPN. If your VPN IP pool starts from say 10.0.10.2 that means the server address is 10.0.10.1

Also make sure that after rasdial.exe you put the name of your VPN dial-up connection, its username and password (where it's stated).

Now we fire up powershell (just type powershell inside the Start menu search and run it in elevated mode), and we need to set it to accept running scripts. First, lets run this command:

get-executionpolicy

If the answer is "Restricted", run this command:

set-executionpolicy unrestricted

This will ask you to confirm, press Y.

After this is done, all that's left is setting up the task scheduler to run this script.

Inside Task Scheduler create a New Task, make sure that it runs with highest privileges and with the user logged on or not. The Trigger should be at Startup, Repeat the task every 5 minutes. Under Actions leave it as Start a program, point the path to C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
add an argument to run the script:
-File C:\Script\vpn.ps1

For the method of a stable VPN connection I used the tutorial posted here.

Now, after we're done setting up a stable VPN connection - it's time to enable Offline Files. (Offline Files are available only on Professional, Ultimate and Enterprise versions of Windows)
Browse to your server using its VPN IP, find the folder you'd like to sync, right click it and choose "always available offline" . It is best to create a mapped drive for this folder, so it's easily accessible when offline. Also make sure no one else is using this shared folder because sync conflicts may happen.
In Windows 8 Pro you might first have to enable Offline Files by going to Control Panel > Sync Center, click on Manage Offline Files, and then Enable Offline Files.