Okay when they build a security listserve for ya… you know it’s beginning to be a target…


The Focus-Apple mailing list discusses security involving hardware and software produced by Apple or that runs on Apple platforms.  Discussion may include security assessment, planning, and implementation for Apple technologies. This list is meant as an aid to network and systems administrators and security professionals who are responsible for implementing, reviewing and ensuring the security of their Apple hosts and applications.

What is appropriate content?

– Discussion of securing Apple hosts in various networked environments, including but not limited to integration with Active Directory or LDAP-based networks.
– Discussion of securing Apple hardware devices such as Airport base stations using wireless technology.
– Experiences in securing specific Apple technologies that would prove valuable to share with the community.
– “How-to” questions surrounding the assessment, implementation, or configuration of Apple technologies, as they relate to security concerns.
– Discussion of tools and/or products that may assist in auditing, securing, and/or patching Apple technologies.
– Follow-up discussion of Apple-related vulnerabilities as it relates to questions about identifying and securing vulnerable hosts and applications.

What is inappropriate content?

– Announcement of security vulnerabilities. (Post this information to Bugtraq)
– Product advertisements.
– Discussion of non-Apple related issues.
– Non-computer/network security related material.
– Discussion of forthcoming product rumours.

How do I subscribe?

Send an email message to
focus-apple@securityfocus.com.  The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

So I’m rebuilding an OEM machine… and feeding it the drivers because the OS does not see the NIC card from the Dell site …  and I realize that not only can’t this machine not see the nic cards.. the C: drive isn’t a C: drive.

Now THAT is annoying, isn’t it?  That whenever there’s a zip drive it picks that up as a C: drive instead of the read drive.. so now my C.. is my E… arrrrggghhh.. I’ll have to fix that.. as the Dell drivers keep trying to install to a C drive that isn’t there.  Normally I unplug the zip but I forgot to do that this time….

hmmm won’t even load up the nic drivers…okay back to the Dell website to see what other drivers are available.


915343 – Buffer Overrun error may occur when CRM 3.0 is installed on Microsoft Small Business Server 2003

Okay so the hotfix I was attempting to call for last night… I got today… and while I’m not running CRM 3.0.. I wanted to see if the patch was available via the “call PSS/CSS, hit the button for hotfixes and get it sent to you for free” and sure ’nuff…. it was.

So if you are a CRM’er running on SBS and you’ve seen this issue about a “buffer overrun” on your system, know that this is not a ‘regression tested patch’ and ensure you have a backup and try it in a test network first..but you can call the ITPro support number and get this hotfix…I call US (800) 936-4900 but call whatever number is appropriate for your area.  Furthermore due to the “after hours IT Pro” support having a business after hours 24/7 world wide feature now, you “should” be able to get hotfixes 24/7.. I say “Should” because Mariette is supposed to be able but none of us could find the appropriate number for her to call in the Netherlands that would give her the hotfix….

..and we spotted this hotfix by an answer posted to Kathy’s question about BufferOverrun in the Managed Partner newsgroups… SEE why we say you need to be a MS Partner if you are selling SBS boxes?

… so I’m calling for a hotfix.. and I’m insanely calling on a Monday late night…and I’ve yet to talk to a human yet just to tell them all I want is a hotfix…. so far I’m starting to memorize “Do you know there are free technical events in my area?”  Visit www.technetbriefings.com

…and yes I do know about the Microsoft support lifecycle web site. … but thanks for asking nonetheless…  http://support.microsoft.com/lifecycle

I still say there has to be an easier way (and certainly more automated) way to get hotfixes….I’ve been on hold for 40 minutes now….and so far me and the Microsoft lady are becoming fast friends..

Yes, thank you I do know about the technet events thank you very much….you said that before you know…

..and yes.. I know about the lifecycle too.. you said that about 2 minutes ago you know.. we talked about this before (how quickly she forgets that we just had this conversation).

..oh yeah.. visit www.microsoft.com/protect and perform the steps there to project your computer’s security…

Ma’am.. look.. yes.. I know about Technet… you told me that like 2 minutes ago… um…can we try some other part of the Microsoft web site?

Yes, truly I know about the free Technet events….you just told me that 2 minutes ago….you know I’m really getting concerned about this short term memory loss issue you are having…are you feeling okay..because I’m really getting concerned that you can’t remember what we chatted about not a minute ago…

oh yes.. I know about the lifecycle site…..remember.. we discussed this….you sure you are feeling okay?  We discussed this.. remember?

.. she’s gotta be a real lady… wonder if she’s got kids… wonder if she runs a Microsoft computer…..

truly ma’am… I know about technet.. you know I really think you need to take a break here.. this short term memory loss is truly concerning me now…

(in all seriousness.. I think I’m going to give up for tonight…getting the hotfix for KB915343 will just have to wait for tomorrow…and yes 915343 is a real hotfix..just not yet publically posted yet…)


In the newsgroups over the weekend… a thread about RWW came up …and I wanted to visually show everyone the difference between when you log into Remote Web Workplace as a domain admin (Which you should ensure that you set up an additional admin account and use this when remoting in just to be paranoid) and what it looks like when you log in as a user.

 …with a VPN, a user can access only the designated shares on a
server. With RWW, a user can gain full and unrestricted access to a
server, as though they are sitting next to it. That’s what remote
server management is about, after all.

Click here to see the difference.

With RWW the user only gains access to their desktop or Terminal server and from there it’s only the parts of the server that you want them to have.  It’s no different than the rights you are setting up inside the firm. Now as Les said, it can be edited to be a smidge more granular.. for example the view that you see of the “user” there is an uber user that has rights to view the more “adminish” things like the Server reports.

But for anyone who thinks that Remote Web Workplace gives you any more rights to a server that the user has now… as you can see there.. that’s incorrect.  In my office the only “server” I see is the “Application Server” aka the Terminal Server box sitting next to the SBS box.

Remote access can be done in many ways.. but sometimes the biggest hurdle of remote access is finding the right blend of rights, access, benefits and security.  Understand the advantages and disadvantages of each.

Not fully understanding is a disservice to your clientele.


Okay so I’m dying to show folks my … uh… oh I can’t say it…this is going to drive me insane to keep it secret until the middle of June of what those “Tech Ed” inspired shirts look like… but I can show you these Tshirts that I’ve put together in the meantime ……



Now this only makes sense if you read this….

Killed By Microsoft Bob:

..and for the record.. it runs on XP…..I have a copy of it…and this ‘is not’ the other image that I’m having Curtis work on … just wait until you see that one….

..okay so I had this logo done by Curtis at Curtoons.com and well.. it turned out reallllly cute.  You see they are … oh rats … I can’t tell you that because that will give the secret away.  And I will put the link up here after the rest of the gang see the shirt logo…but I can’t yet… oh but it really is soooooo cute.

But the process was really cool.. I entered the information of what I had in mind… gave him the time frame… and he asked for a deposit via paypal.. and then sent back the “proofs” today… and it did turn out really cute.

Oh this will drive me crazy keeping this to myself…. see I want the shirts in time for TechEd so that I can wear them (and give one to Jeff Middleton who is speaking there on SBS “myths” of disaster). 

…now the question is.. can I hold out and not blog about it and put the link up for the …. oh I can’t tell you what’s on the shirts as that will give it away…..

But truly.. if you ever want a cute, fun, corporate logo that is part Pixar and part Disney.. I’d highly recommend Curtis’ work.

… just wait until you see my next commission that he’s doing… it’s a … oh shoot … I can’t tell you….it’s a surprise… man this is worse then keeping Microsoft NDA secrets… this is going to drive me crazy… I can just tell…..


Tolerance.  Acceptance.

You know I try not to be too political in the blog.. I mean it’s supposed to be for tech notes and what not… but this weekend is the American holiday of Memorial Day where we pay tribute to Veterans of American Wars…and on the TV they’ve got several themed movies playing today.  One of them reminded me of community.

Today on the television I watched a movie that wasn’t about paying tribute to veterans at all.  It was about a Paperclip.  A Paperclip Project.


…and in my typical one track mind … it reminds me that tolerance in any community is a good thing.  A very good thing.  And it’s something that we need to remember in all of our communities.. the ones we live in… the ones we work in….. and especially our online ones.

I’m going to go find me a paperclip and remind myself to try to ensure that my online community and all of the communities that I live in are ones that remember the lesson of the PaperClip.   

“We can change the world”


I have installed an interesting application – BlogJet. It’s a cool Windows client for my blog tool (as well as for other tools). Get your copy here: http://blogjet.com

“Computers are incredibly fast, accurate and stupid; humans are incredibly slow, inaccurate and brilliant; together they are powerful beyond imagination.” — Albert Einstein

Yes.. I am in fact testing the Blog jet posting to see if it works… bear with me