Yearly Archives: 2005

Microsoft AntiSpyware – Spyware Definitions 5789

Update via MS Anti-Spyware.

MSAS >Help >About Microsoft Wondows AntiSpyware > click Diagnostic button. 
Definitions Increment Version: 142/142
Definitions ThreatAuditThreatData: 1345263
Definitions ThreatAuditScanData: 2963894
Definitions DeterminationData: 745158


Exchange 12 en 64 bit

El grupo de producto de Exchange en su blog han sacado un articulo interesenta como mas informacion y especificaciones del porque la proxima version estará disponible solo en 64.

Esta noticia fue dada en el IT Forum de Barcelona.


Charly Dinapoli | MCSE 2003 Messaging | Microsoft Exchange MVP


Exchange 12 Roles

Hola les dejo un excelente link con un articulo que habla de Roles de Exchange 12.


Charly Dinapoli | MCSE 2003 Messaging | Microsoft Exchange MVP

Happy New Year!

Wish you all a happy 2006! :)

Buon Anno!

Con l’avvicinarsi dell’ora 0 vorrei auguare a tutti un buon e felice 2006!

SpyBot Definition File Update 30.12.05

SpyBot Definition File Update 30.12.05
Details of the added/improved protection:
+ Connect MFC Application ++ I-Dialer
+ HotsearchBar(2) + CoolWWWSearch.SearchAssistant(7) ++ KeywordHijacker + ShopAtHome + MaxSearch + CoolWWWSearch.Feat2Installer(5) + CoolWWWSearch.Service(5) + CoolWWWSearch.Feat2DLL(5) + CoolWWWSearch.Homesearch
+ SpyTrooper + SpyAxe ++ SpyGuard + Smitfraud-C. + DyFuCA.InternetOptimizer + ConsumerAlertSystem + ABetterInternet + WinFixer2005 + Adware.Webext + Pacimedia + Hyperlinker + SurfSideKick + AproposMedia + Command Service + Virtual Bouncer + BookedSpace ++ URL_Spy + E2Give + MediaMotor + Deskwizz
++ SpyFighter(2)
+ Targetsaver + PurityScan
++ EasyTool.ADTrojan ++ Poebot.FakeWindowsLogon ++ Formulario2006 ++ ChameleonSearch + Delfin Project
Total: 295828 fingerprints in 34384 rules for 1788 products.
NOTE: Choose the download mirror site closest to you!
If you receive error messages such as “bad checksum” it is due to heavy server traffic.
Wait until later or tomorrow to avoid disappointment.

Don’t forget to re-immunize SpyBot once the new definitions are applied!
Installation of the IE-Spyad list may disable some protections in SpyBot
S&D and SpywareBlaster.
Please check them and re-enable protections!

Security360 Preview: Building a Multi-layered Approach to E-mail Security

Microsoft has released a new webcast for E-mail Security in their web site.

This month’s live Security360 Webcast takes place Tuesday, Dec. 20. More details can be found at

Workaround if OWA requires domain name for logon

Recently I installed Exchange 2003 SP2 on an SBS server that did NOT have SBS SP1 on it. After installing the Exchange service pack, remote users could not logon just using their username. They had to include the domain name as well — format: domainusername. I tried running the KB 832539 fix that came out after SBS SP1, but it would not run, saying it could not find Exchange 2003 SP1.

If you have a similar situation, here is the workaround that will allow a user to login to OWA by just using their username:

1. Start up IIS
2. Under the Default Web Site locate the Exchange virtual directory (the one labeled Exchange, not the ExchWeb one)
3. Right click on the Exchange virtual directory and click on Properties
4. Go to the Directory Security tab
5. Click EDIT in the Authentication and Access Control section
6. The default domain name field will currently contain a single slash:
7. Replace the single with the Netbios Domain name* of your SBS server and OK the changes
8. Then stop and restart the Default Web site

* If you are not sure of the Netbios domain name of your server, go to AD Users & Computers, then right click on your server name, and click Properties. Your Netbios domain name is listed in the Pre-Windows 2000 domain name field.

Just because it is funny.

I saw this as someone’s signiture in the forums.



I jsut thought that was funny.


Credit: bakgunner 911

WMF : La video

VoilĂ  une Ă©difiante vidĂ©o sur l’exploitation de la faille WMF.

Source : websensesecuritylabs

Microsoft Security Advisory (Applies to fully patched x64 Edition!)

Microsoft Security Advisory (912840)

Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.

Microsoft has released an updated security bulletin, MS06-001, for this. You can download the x64 version at:

Blog updated to reflect the released patch.

Threats and Countermeasures

Updated: December 27, 2005

Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP

The Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft® Windows® operating systems.
This guide is a companion to two other Microsoft publications: The Windows Server 2003 Security Guide, and the Windows XP Security Guide.

More information:
Microsoft TechNet

New year’s reading (aka weekend reading)

This is the last reading list of the year and  probably the last post, so I would like to wish to all of my readers, a happy new year of 2k6.

Hyundai Getz <> BMW Sports Series

Got a Slashdot link today to a Builder article by Steve Turvey comparing databases for small companies. By the time I got to the paragraph that said: “SQL Server Express is one of two free databases we tested and is actually Microsoft’s replacement for its earlier free offering the Microsoft Desktop Engine (MSDE) which was based on the old Access technology. “, I was groaning. The MSDE is very close to Express, is a version of SQL Server 2000 and a long way from Access. That’s just nonsense.

It then goes on to mix up concepts of numbers of connected users vs numbers of users of a web site, etc. etc., totally ignoring concepts like connection pooling.

He then later draws the conclusion that “There is no denying that SQL Server Express is the weakest of the databases in this group” (without justifying why) and then goes on to talk about it being expensive to upgrade to standard edition (completely ignoring workgroup edition which is targeted at enterprises like the target of the article and ignoring Small Business Server premium edition which also would target this area). He also never even justifies this “expensive” claim, even though he then goes on to compare it with software that costs $39,000 odd. SQL Server Standard Edition sure doesn’t cost anything like that and Workgroup Edition owns the low-end (but not free) territory now.

The most common use of SQL Express is an embedded database with an application. Unlike MySQL which is endlessly described as free but isn’t really, Express really is free. MySQL is only free for companies pulling it down themselves for their own use. If it’s shipped with an app, the person writing the app is meant to license it. That isn’t free.

In the summary pane, Express is described using words like “limited” or “very limited” or “good features set” whereas MySQL is described with words like “brilliant” and as having a “very strong feature set”. I’d love to see the basis on which the feature set of Express could ever be described as “good” with MySQL described as much stronger. Not on the planet I live on. The feature set in Express is “stunning” compared to MySQL, on any rational assessment.

I love the comments like “While version 4.x of MySQL did not trap data input errors, for example alpha characters in a date field, and only issued “warnings”, version 5 now has a strict mode that rolls back the transaction if a violation is encountered.”. What a novel idea! I suppose we can ignore all the other nonsense like accepting the 31st February as a valid date, etc. I’m told that’s not a bug because they’ve documented how it works. And endless other examples at:

I’m also struggling with both of them being described as having a “very good user interface”. Sorry, but there’s no comparison whatsoever between the tools that come with MySQL and the cut-down version of SQL Server Management Studio for Express.

Steve then proceeds to compare Express to Oracle 10g, which costs over $19,000 AUD. Guess what? The Oracle version is superior. What a surprise. Why wasn’t this compared to a relevant SQL Server edition instead? My step-daughter’s Hyundai Getz isn’t much of a comparison to my neighbour’s latest BMW either but she’s never felt the need to compare them. And wasn’t the article meant to be comparing performance on 2 processor boxes? Doesn’t the Oracle license cost jump up to much higher figures (like over $30,000) because of the way they count “processors”?

In the DB2 section, he offers golden nuggets like “While DB2’s 512GB per table may appear a little small when compared with MySQL’s 64TB for example…” Again, on what planet is that an issue? The target comparison was for “a relatively small e-commerce company with less than 200 employees. The company sells DVDs and books over the Internet and will initially have around 1000 customers and an online inventory of 50,000 items.” Hard to imagine them blowing out a 512GB table here, well not in the near future at least…

And again in the DB2 section, poor old Express (free) is being compared to a database server that’s $8106 AUD per processor.

On the specifications page, there are just endless errors. Simple example: MySQL is listed as having FULLTEXT indexes and Express is listed without them. However, full-text indexing is supported on Express and it’s far superior.

Anyway, couldn’t just let this one go through to the keeper without comment.

Reporting Services Book

Yesterday I read Anthony Mann’s book “The Rational Guide to SQL Reporting Services“. I quite enjoyed it. Although it’s brief, I like the short punchy style of this series of books. They just tell you the main things you need to know to get started with a topic and at a pretty low cost. The last Rational Guide I read was Roger Wolter’s Service Broker book, although it had more meat in it.

Anyway, Recommended if you want a short sharp introduction to SQL Reporting Services!

Commentaires, le retour

C’Ă©tait “juste” un problème avec le “skin” du blog

Celui-ci ne me plait pas trop, mais je devrais pouvoir changer 2 ou 3 dĂ©tails bientĂ´t…

En attendant, vous n’aurez plus d’erreurs en postant un commentaire.   ;-)

Make lots of money within 45 days

Source: click here

Merry Christmas, I get an email last night promising me I’d be making within 45 days $3500 to $5500 monthly. All I need to do is exactly as the email says. And I’ll know exactly what I’m getting into with no pre-enrollment stage fee. Signed, some guy named Robert Chin. Hey, I might be one of the lucky 200 people able to participate in this program after they ask me some private confidential information like how much the family household income is, how many children we have, what are social security numbers are, right on down to how much hair I have on my pinky toe.

So lets take a look at this first snapshot which starts off the email under Outlook Express:

[click to enlarge]

So how did I get infected in the first place?

Coming to the end of 2005 we’ve observed many folks get infected. Tony Klein has written the de facto answer to the question:

So how did I get infected in the first place?

Bullet number 1: Watch what you download!
“Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself. If you insist on using a P2P program, please read This Article written by Mike Healan of fame. It is an updated and comprehensive article that gives in-depth detail about which P2P programs are “safe” to use.”

Bullet number 2: “2.) Go to IE > Tools > Windows Update > Product Updates, and install ALL High-Priority Security Updates listed. If you’re running Windows XP, that of course includes the Service Pack 2! If you suspect your computer is infected with Malware of any type, we advise you to not install SP2 if you don’t already have it. You can post a HijackThis log on our Forums to get free Expert help cleaning your machine. Once you are sure you have a clean system, it is highly recommended to install SP2 to help prevent against future infections.

It’s important to always keep current with the latest security fixes from Microsoft. Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers. ”

This is just a teaser. For the full text, visit So how did I get infected in the first place?. Also be sure to check out our own Malware Removal and Prevention procedure. Learn how to distance yourself from malware.

The Media Center Show #39 – Awards

Media Center Show #39
| 29th December 2005 (1hour 19mins 50secs) MP3
– 27.4MB (Download Here)

week Ian Dixon hosted The
Media Center Award Show with Thomas Hawk.  Both of them review the winners and have some
special guests joining them (including me!). 
A big thanks to Orb Networks
for supporting the awards and supporting the show in 2005.

Now, for the two that I covered….

Winner – Best
Enthusiasts Media
Center Blog

Thanks to everyone who voted in the Media Show Awards!  I’m happy to say that my blog won the award
for “Best Enthusiast
Media Center
.  I would like to thank Thomas Hawk, Ed Bott, and Tim Coyle for also running great
blogs.  Since we all pick up so many
different posts from each other (part of what blogging is all about), no one
would have been able to win this award without all of us blogging!  Thank you to all won voted and to the
excellent competition in this specific category.

Winner – Best Community Resource

Again, thanks to everyone who voted in the Media Show
Awards!  I’m very happy to say that The Green Button has won the award
for “Best Community Resource”.  I know that we have had some apparent
issues that need to be fixed, and I promise that 2006 will bring a much need upgrade
to The Green Button.  Thank you for everyone who voted in the Media
Center Show Awards and thanks to all the competition.

var dc_UnitID = 14;
var dc_PublisherID = 11967;
var dc_AdLinkColor = ‘6699cc';
var dc_adprod=’ADL';

WMF : des infos

Le billet prĂ©cĂ©dent Ă©tant complètement “dĂ©passĂ©”, j’ai prĂ©fĂ©rĂ© en recrĂ©er un nouveau…

La faille WMF/SHIMGVW.DLL fait maintenant l’objet d’un bulletin d’alerte Microsoft.

L’action recommandĂ©e est radicale : dĂ©-enregistrer la DLL coupable du système Ă  l’aide de la commande suivante passĂ©e dans DĂ©marrer > ExĂ©cuter :

regsvr32 /u shimgvw.dll

Cette commande va produire des effets secondaires. Les plus notables sont l’arrĂŞt du fonctionnement de l’aperçu des images et tĂ©lĂ©copies, la perte de l’affichage des miniatures ainsi que la perte de la fonctionnalitĂ© “pellicule” dans les dossiers d’images.

La commande inverse est :

regsvr32 shimgvw.dll

Evidemment, elle rĂ©active la faille en question et ne sera (peut-ĂŞtre) Ă  appliquer qu’une fois le patch sorti.

Pour les techniciens, des infos sont disponibles sur le blog de F-Secure.

Recent Comments