Monthly Archives: October 2007

I am a spoiled SBSer

Lately I’ve been doing some work in Win2k8 RC0 and when you work on “big server” platforms, you forget all the little things that you take for granted on SBS that .. are just there.  When you fire up Win2k8 Enterprise and look in the group policy management console, the first thing you will notice that it’s a blank slate.  And I do mean a blank slate. 


Now while some would say “Oh this is cool as i can set it up the way I want to”, I’d argue that there are efficiencies because I’m not having to reinvent the wheel.


Firewall policies for Vista and XP are preconfigured.


WSUS policies in place already. 


The foundations are built for you.


And I strongly feel that if SBS ‘fits’ the small business, you are doing them a disservice if you choose the regular server platform.


Does it fit in all places?  No. But when it does..and you don’t install it.. man you are doing a client a disservice.

The patch for social engineering

I buy a Mac Mini and a Social Engineered Trojan hits the news…



 


But the story at http://www.incidents.org/diary.html?storyid=3595 points out that Social Engineering is the hardest one to patch for and the threat is now on the Mac platform as well. 


All you have to do is entice me enough to think it’s a normal app that I want to install and you have me nailed. That’s not hard to do these days.

The Halloween duty tonight

Well here I am… with the laptop on wireless… I’m sitting in the living room with sounds of “Trick or Treat” wafting down the street where I live.   This year is the first year of the “daylight” Halloween ..where 5 p.m. was still light because we haven’t moved to daylight savings yet.


So far we’ve had more kids ..either due to the time difference …or the fact that the weather this year is very mild. 


Based on my unofficial candy count… I think we’ve had about 125 or so kids, teenagers tonight…. and I think I hear some more coming up..

Halloween malware – watch out

According to http://www.maxmind.com/app/locate_ip the IP of 199.239.30.126 is out of Denver Colorado


It’s also using an Outlook Express is now a spammer of this maware:  http://isc.sans.org/diary.html?storyid=3591



That’s outlook 5.5..that’s an old version to boot.

MAC users are being targeted in a porn trojan social engineering attack

Source: http://www.theregister.co.uk/2007/10/31/in_the_wild_osx_trojan/

Miscreants have released a sophisticated Trojan into the wild that targets Mac users, according to Intego, a company that markets security software that runs on OS X.

The malicious Trojan, dubbed OSX.RSPlug.A, is making the rounds on several porn websites. When Mac users try to view some videos, the site feeds them a page that says QuickTime is unable to play the file unless a special codec is installed first. If the user proceeds, a form of DNSChanger is installed that hijacks some web requests sent to eBay, PayPal and some banking websites, according to this write-up <
http://www.intego.com/news/ism0705.asp> from Intego.

“The noteworthy part is that someone is targeting the [Mac] OS,” said Randy Abrams, a security researcher at antivirus software provider Eset. “This may mean that the OS is beginning to gain enough users to be attractive to attackers.”

The Trojan installs a root crontrab that makes minute-by-minute queries to check that the doctored DNS server is still active. The websites offer different versions of the malware, most likely to tailor web spoofing to the victim’s particular country. There is no way for victims running 10.4 to see the changed DNS server in the OS X GUI. In 10.5, the DNS server is visible in the Advanced Network preferences, but the added servers are dimmed and can’t be removed manually.

Apple PR representatives didn’t respond to an email seeking comment for this story.

A barrage of spam posted to Mac forums invites readers to visit the malicious websites. The Trojan requires victims to enter the administrative password for their machine, a factor that is likely to mitigate the risk somewhat. Then again, Windows users have for years been tricked into installing malware <
http://www.theregister.com/2007/10/19/return_of_trojan_bayrob/> that can wreak havoc on their PCs. We see no evidence that Mac users are any less resilient to social-engineering attacks.

 

Which Exchange Server 2007 Server Cluster Type Should I use, CCR or SCC?

This is becoming a pretty common question in my Exchange classes. Which should I use? Why one over the other?


My current recommendation is to use CCR whenever possible vs. SCC. Why? I am glad you asked that question.


High Availability, see my definition here, is all about risk mitigation. What we should be doing is identifying risks to our important/critical applications and finding ways to eliminate or at least mitigate the risks where economically feasible.


One of the major risks that I see with Exchange Server 2007, as well as previous versions of Exchange, is losing my production database because of a disk failure or my database becoming corrupted. In the case of a disk failure, I would normally restore my database, but that takes time, and very few people want to run a dial tone database while they recover. So, two Exchange Server 2007 technologies provide some protection against a lost database drive or a corrupted database. One is Local Continuous Replication (LCR). LCR, however, is a single server technology and does not provide the risk mitigation against an entire server loss that a cluster can provide. The second technology is to use Cluster Continuous Replication (CCR). CCR provides the one extra piece that a Single Copy Cluster (SCC) does not: it provides for loss of the database disk or corruption of the database.


Since CCR does not do a block by block copy like a SAN replication utility might, the likelihood of corruption passing from the production database to the passive copy is extremely low. Remember, the passive copy is receiving transactions and having them applied to the database much like the production database. Corruption is not copied in such an environment.


Of course, we can’t forget that by using CCR, we also can eliminate the need for a SAN, which is a huge cost savings.


So, add the increased risk mitigation and elimination of the SAN requirement for high availability and you can see that CCR is a vast improvement over SCC.

IMPORTANT UPDATE: Visual Studio 2008 Beta 2 Virtual PC (VPC) images to expire on Nov 1st.

Hi everyone, We know many of you have been testing the Visual Studio 2008 Beta 2 VPC images, http://msdn2.microsoft.com/en-us/vstudio/default.aspx . It has been brought to our attention that the current…(read more

Data Protection Manager 2007 Storage Calculator


Hello folks,

The DPM Team has released a DPM 2007 Storage Calculator for Exchange Server.

Read more at source: http://blogs.technet.com/dpm/archive/2007/10/31/data-protection-manager-2007-storage-calculator.aspx

Best Regards,
Anderson Patricio

Technorati : ,
Del.icio.us : ,
Ice Rocket : ,

Sony XL1 200-Disc Changer/Recorder on Sale – $99

Get it while they are hot.  My guess is Sony is getting rid of their stock, and this will most likely be a discounted product in the upcoming months.  At $99, there is no question that there is no money to be made selling PC-based DVD changers to such a small market, especially when use is limited to the local PC and not over Media Center Extenders.  The only other possibility is a Blu-ray version replacing this in the future, since it is Sony you can’t count that out.

Developing custom Workflow activities

On November 22nd I will be presenting an evening session on developing custom workflow activities for the .NED user group in the Netherlands.

During this session I will show you why you would want to do so in the first place, after all there are lots of standard activities to choose from. And once you get into developing custom activities there are lots of do’s and don’ts to keep in mind. And some might not be all that obvious during development if you are new to WF.

Keep an eye out on the website http://www.dotned.nl for more details about the location and exact starting time.

See you there [:)]

Recent Comments

Archives