Monthly Archives: June 2012

A new found love for Microsoft Small Business Server

I have always loved, supported and championed the Microsoft SBS product. I have worked with it since SBS 4.0 and always appreciated it.
I have installed every version of it and had a hand in some aspects of making it a better product.

Whilst I was a Microsoft MVP, I visited Redmond many times and had many discussions with the SBS project team.
I witnessed first hand the battles the project team had, getting simple things like the Exchange 2003 16Gb limit lifted.
The enterprise teams did not take too nicely to the SBS product. They did not understand it and did not want their product in the suite.
They saw no reason to integrate with it and no reason to give big features, at a small cost within the SBS suite. They did not want to cheapen their product.

I saw Microsoft ISA server ripped from the product in SBS 2008. I saw the SBS team stressed and I saw the product change.
As an old School Microsoft Small Business Specialist and a winner of the SMB150 for 2012, I thought I still loved SBS server.

Unfortunately, I got so used to the path SBS took and so used to the product, I lost a love for what the SBS project team does and what the product delivers.
I was a zombie and simply went through the motions and installed/setup SBS and then moved on.

Recently a project has reawakened my love for SBS. I had to do an enterprise installation.

The projects needs 2x Domain controllers, SharePoint Foundation server 2010, Exchange 2010 server, Threat Management Gateway (ISA), a DMZ (Perimeter network), an Exchange Edge Transport server, a Microsoft 2008 Web server, A SQL server, 3 or more Windows Enterprise servers in a load balanced/fault tolerant Remote Desktop server farm, a Wsus server, backup server (That images each server and creates Hyper V virtual machines) and much more.

We in SBS land are truly blessed. The Integration of Exchange, Window server (In Domain controller mode), file/print, Wsus, SharePoint Foundation server and more, all using blessed wizards.
No need to download prerequisites, manually install, add features/roles, make decisions or worry about all the tools integrating together and playing nicely.
Who needs to setup the finer details of email policies, Hub transports, IIS, Certificates, Wsus Policies and SharePoint? Not me. 

This is where the Wizards in SBS are truly wizardry. They make things simple. Sure I can manually configure DNS, DHCP and setup users in the Active Directory.
I can setup the network settings and even install Wsus. I can setup and configure SharePoint Foundation server. Or can I?
Using my knowledge of SBS, I can’t. I did not know that it can’t have it’s database on a domain controller. I did not know it was recommended to be on 2, maybe three servers.
The SBS project team must have worked incredibly hard to setup SharePoint Foundation on the same box as Active Directory and Exchange 2010.
Did you know Exchange should not be on a domain controller? I knew all this but had slowly forgotten and dismissed it.

Someone in the SBS team had to convince someone on the Exchange team to let them have their product installed on a domain controller. Convince them to allow SBS to have the Exchange product amongst it’s features. Then the hard work began. Someone had to setup wizards and an environment to tie it all in together and make it work for you and I, in a simple way.
Someone had to setup Remote Web Workplace, Wsus, Outlook Web Access and all the other Web based tools, onto the SBS IIS server.
Someone had to tie it all together and make it work.

In my current scenario. That is me. I am setting up this enterprise installation and I am downloading the prerequisites. I am tying everything together and I am finding all the dead ends.
I am doing the research. I am struggling with the different route tables and TMG firewall rules. I am taking many, many hours to setup something that would be over and done in much less time if this was SBS.

The SBS team have gone where we do not need to go. They have made it easy for us.They have given us something that works and is reproducible every time.
They have done loads of hard work so you do not have to.

So, now I need to stop taking SBS for granted. I need to understand where SBS comes from and what it really is. I have fallen in love with SBS all over again.

Windows 8 – Preliminary list of Security improvements

Windows 8 will provide further security improvements and a preliminary list is noted below:

How Windows 8 Beefs Up Security http://www.securitynewsdaily.com/2008-windows-8-security.html

QUOTE:  Windows 8 promises to be much more secure than Windows 7 — so much so that some users might not like it.  Chris Valasek, a researcher with the San Francisco security firm Coverity, has been playing with the developer preview version of Windows 8 since last fall.  He told the British tech blog the Register that while the internal structure is not too different from that of Windows 7, there are a few new features that will nonetheless beef up Windows 8′s security considerably.

App store – New Windows 8 Apps will be contained by a much more restrictive security sandbox

Internet Explorer 10 — Locking down the browser with improved Flash & Java protection and other safeguards

Secure Boot — It means that all installed operating systems, whether on a hard drive or on an optical drive, will be checked for digital certificates of authenticity before they’re allowed to start the machine.

Windows Defender — Windows 8 will have a Microsoft first — a built-in anti-virus software installation

DSNChanger Malware – FBI will take infected PCs offline on 07/09/2012

In about 10 days, the FBI will carry out another stage of malware cleanup as noted below

DSNChanger Malware – FBI will take infected PCs offline on 07/09/2012 http://www.securitynewsdaily.com/2030-dnschanger-deadline.html

DNS-CHANGER MALWARE test site (if you see RED your PC may be infected … GREEN indicates no infection is present)
http://dns-ok.us/

QUOTE: In 10 days, there’s a chance you will not be able to access the Internet on your personal computer. No email, no Facebook, no Google, no Twitter — nothing.  This potentially dire situation is due to the nasty DNSChanger Trojan, and the fateful date of July 9, on which the FBI is set to take all computers still infected with the malware offline for good. 

Launched by Estonian cybercriminals, the DNSChanger malware infected Windows PCs, Macs and routers across the world and enabled the crooks to hijack victims’ Web traffic and reroute it to rigged sites. After the FBI, in “Operation Ghost Click,” busted the criminals last November, the FBI set up surrogate servers to keep the computers infected with the Trojan temporarily online so users could clean them.

But on July 9, those surrogate servers are coming down.  In his Krebs on Security blog, researcher Brian Krebs cites a statistic from the DNSChanger Working Group, which estimates that more than 300,000 computers are still infected with the malware.

NMAP 6.01 Security Scanner Release

NMAP is an excellent network vulnerabilty assessment tool and a new version is now available:

http://nmap.org/download.html

QUOTE: Nmap 6.01 source code and binary packages for Linux, Windows, and Mac are available at:

Here are the changes in 6.01:

o [Zenmap] Fixed a hang that would occur on Mac OS X 10.7. A symptom of the hang was this message in the system console: 

o [Zenmap] Fixed a crash that happened when activating the host filter.   

o Fixed an error that occurred when scanning certain addresses like 192.168.0.0 on Windows XP:   

o Fixed a bug that caused Nmap to fail to find any network interface when   at least one of them is in the monitor mode. o Fixed the greppable output of hosts that time-out

o [Zenmap] Updated the version of Python used to build the Windows release from 2.7.1 to 2.7.3 to remove a false-positive security alarm flagged by tools such as Secunia PSI.

Microsoft Security Essentials – New Pre-Release version

As with any beta version, please be careful and technical skills should be in place to uninstall or troubleshoot potential issues.  During first few days of testing, no issues have been discovered and it installed cleanly.

Microsoft Security Essentials – New Pre-Release version http://www.microsoft.com/en-us/download/details.aspx?id=29942

QUOTE: As a Microsoft Security Essentials Prerelease user, you will have the opportunity to explore and test new builds of Microsoft Security Essentials before they are publically available and provide feedback to Microsoft. Your feedback helps Microsoft to make its software and services the best that they can be. As a Microsoft Security Essentials Prerelease user, Microsoft Security Essentials updates will automatically be installed on your computer through Microsoft Updates.

Want to learn about cryptography? I know where.

image

 Take notice: My new feed address is now http://feed.feedcat.net/806052. Please re-subscribe.

Do you have some spare time and want to know how cryptography works? What is the most secure cipher? And why λ is always more than ε… Well, the latter is not true =)
Anyhow, there is a place where you can learn more about cryptography for free. Stanford University provides such a course for free at https://www.coursera.org/#course/crypto. I’m at the second week now, and already tampered one cipher text and know how decrypted another (it’s not that tricky, but very time consuming).

So welcome to the world of knowledge Winking smile

Internet Explorer Settings – How to reset this for your PC

Below is a “how to reset link” for Internet Explorer that includes a special FixIT tool from Microsoft.  Occasionally this environment might become damaged and this allows a reset back to initial default settings.

Internet Explorer Settings – How to reset this for your PC
http://support.microsoft.com/kb/923737

Windows Update – How to reset this for your PC

Below is a “how to reset link” for Windows Update that includes a special FixIT tool from Microsoft.  Occasionally this environment might become damaged and this allows a reset back to initial default settings.

How to Reset Windows Update http://support.microsoft.com/kb/910339

RSA SecurID 800 Tokens – New attack could reveal keys in about 15 minutes

While this POC attack and research paper are complex and highly mathematical in nature, further developments should be closely watched.

RSA SecurID 800 Tokens – New attack could reveal keys in about 15 minutes http://arstechnica.com/security/2012/06/securid-crypto-attack-steals-keys/

QUOTE:  Scientists have devised an attack that takes only minutes to steal the sensitive cryptographic keys stored on a raft of hardened security devices that corporations and government organizations use to access networks, encrypt hard drives, and digitally sign e-mails.  The exploit, described in a paper to be presented at the CRYPTO 2012 conference in August, requires just 13 minutes to extract a secret key from RSA’s SecurID 800, which company marketers hold out as a secure way for employees to store credentials needed to access confidential virtual private networks, corporate domains, and other sensitive environments. The attack also works against other widely used devices, including the electronic identification cards the government of Estonia requires all citizens 15 years or older to carry, as well as tokens made by a variety of other companies.

The latest research comes after RSA warned last year that the effectiveness of the SecurID system its customers use to secure corporate and governmental networks was compromised after hackers broke into RSA networks and stole confidential information concerning the two-factor authentication product. Not long after that, military contractor Lockheed Martin revealed a breach it said was aided by the theft of that confidential RSA data.

Best Practices – Wireless Safety while traveling

The Security News Daily shares some valuable tips to be careful with sites you connect to, as well as performing e-commerce activity while on the road.  Sites that you connect to may not be well secured and you should avoid banking, internet purchases, and even email if you are not sure of the overall safety of the site hosting internet services.

How to Keep Your Wi-Fi Safe While Traveling http://www.securitynewsdaily.com/2009-wi-fi-safe-traveling.html

QUOTE:  But before you get too relaxed, beware. Lurking on that public Wi-Fi network you’re using might be identity thieves and account hackers who are waiting to pounce on your information.  “If you are logged in and it’s not secure, pretty much everything that travels over the air is vulnerable,” said Chris DePuy, vice president at the Dell’Oro Group, a market research firm in Redwood City, Calif.

Security News Daily – How to secure Wireless home network http://www.securitynewsdaily.com/how-to-secure-home-wireless-network-0816/

Recent Comments