-
-
So far it has been a solid week with build 5472 of Vista. All previous builds had not lasted this long – the previous record being held by beta two of two days before frustrations drove me to yank it out and replace it with XP SP2. There are still some minor inconveniences, but all in all it is running fabulously. There is quite an improvement in overall speed of responsiveness in the OS in general as well as in IE7. More programs work well with it, although my iPod cannot get its firmware updated. iTunes works great though. Hopefully Zune will allow me to kick Apple to the curb for good. WMP 11 is still a disappointment thought. I get an error every time I try to play DRM’d music on the laptop purchased from MSN music when I was running XP. My Nortel Contivity VPN client finally works (although only with a manual configuration – not an automatically packaged one) as does my Verizon EVDO card. Next up: see how Virtual PC runs on it while I kick the tires on Exchange Server 2007 beta 2.
I am off on vacation so posting will be light in the coming week …
-
-
I took a dim view of one of Mary Jo’s blog posts a while back where she questioned the fact that there was no time line available for the successor to Vista – despite the fact that Vista hasn't even been released yet – or despite the fact that she and the press crucify Microsoft when they then announce any delay to that time line.
Now its more of the same. MySpace.com recently suffered a service outage due to a power failure in the area where its data center is located. Enter today’s article: “Who's to Blame for Microsoft Customer MySpace's Outage?” Before you read it, you just know the tenor of the article. And I can even see (although not agree with) her trying to suggest it could have been a flaw in Microsoft’s SQL Server software responsible for the outage – since as she points out, MySpace.com was one of the first large customers to deploy SQL Server 2005. But to go on and then suggest that Microsoft should have had a hand in making sure that MySpace.com’s business continuity plan was sufficient – or even existed – is crazy. To quote a Microsoft representative from the article “neither [fail over or mirroring] of those technologies is provided by default, and it was up to individual customers how, when and if to make use of them.”
-
-
I will post a more comprehensive review tonight but the early indication is a big thumbs up! A lot of the nits I complained about in Beta 2 have been fixed and the “fit and finish” continues to improve. Here is a quick screenshot and look for more details tonight. Seacrest out!
-
-
I hadn't seen this one before – Google Labs Web Accelerator. So they’re a proxy now as well …
How does Google Web Accelerator work?
Google Web Accelerator uses various strategies to make your web pages load faster, including:
- Sending your page requests through Google machines dedicated to handling Google Web Accelerator traffic.
- Storing copies of frequently looked at pages to make them quickly accessible.
- Downloading only the updates if a web page has changed slightly since you last viewed it.
- Prefetching certain pages onto your computer in advance.
- Managing your Internet connection to reduce delays.
- Compressing data before sending it to your computer.
-
-
I am pleased to announce the first meeting of the Southern Ohio Exchange Users Group! This has been a long time in the making and I know it is something the area IT Pros will enjoy and get a lot out of.
The inaugural meeting is set for September 12th and check-in and welcome is at 6:15 with the meeting kicking off at 6:30pm. It will run to 8:30pm. Food and drink will be graciously provided by Microsoft.
The meeting will be held at the Cincinnati area Microsoft offices located in Mason. The registration link will provide an address and directions. We will have 3 speakers including myself, Matt Hester and Chris Reinhold. Matt Hester is a wonderful Microsoft TechNet Presenter. If you have been to any TechNet events in the Ohio area I am sure you are familiar with him. Chris is a Microsoft Security Technical Solutions Pro and will be discussing Antigen and related messaging hygiene topics. Please pass this on to any other IT Pros you know who may be interested in attending! I look forward to seeing everyone there. Questions can be directed to me via the contact link on this blog page or at the SOEUG website (more content to come there as we move on).
-
-
From the Microsoft TechNet Security newsletter! For more detail on each item, read the full post here from an article by Sean Deuby. The enlightening tidbits below are my own two cents …
1. Document What You Have – you will forget it or leave the company!
2. Control Your Administration – a solid foundation makes everything more secure.
3. Limit the Number of Administrators – the fewer the chefs the better the dish.
4. Test Group Policy Settings – it does what you wanted it to do, right?
5. Use Separate Administrative Accounts – dang, that Trojan went from my desktop to the domain controller!
6. Restrict Elevated Built-In Groups – GPO restricted groups are great at making sure the local admin group membership stays as you intended.
7. Use a Dedicated Terminal Server for Administration – I hadn't been exposed to this idea before but it is a good one.
8. Disable Guest and Rename Administrator – we all do this, right?
9. Limit Access to the Administrator Account – say no more.
10. Watch the DSRM Password – local operators can copy your ntds.dit and then your AD is mine …
11. Enforce Strong Password Rules – does this need explaining?
12. Protect the Service Account’s Password – more great advice for managing with OUs.
13. Make Sure that Each DC is Physically Secure – if I have physical access to your AD it is mine!
14. Minimize Unnecessary Services and Open Ports – reduce your attack surface at every opportunity.
15. Make the DC Time Source Secure – time impacts authentication.
16. Audit Important Events – does your company get audited? How will you know what is happening to your servers?
17. Use IPsec – keeps the bad traffic away from your domain controllers. Think Trojans and malware.
18. Don’t Store LAN Manager Hash Values
19. Don’t Forget Your Business Practices
-
-
GamerScoreChart converts your XBox GamerScore in to a chart that updates itself over time with the history of your score. You can also add it as a URL link or as a flair to your webpage or blog. Here is an example with my GamerScore.
And of course, my Xbox continues to blog about me – and complain a lot too! Its very funny and I actually found myself making time to play out of guilt!
-
-
I was reading a post at the SunBelt Blog about Agnitum’s review of Microsoft’s Windows OneCare. Other than to say that the Agnitum crew is highly respected, Alex was basically passing on their findings. It should be noted that both SunBelt and Agnitum make firewall products of their own. This obviously gives them expertise in the space, however, I cannot quite help but read into the comments knowing they sell a competing product. Does this mean that the competition shouldn’t review the performance of your product? Not necessarily. Just keep it in mind. Some of the "findings" are quite subjective! Here are the comments I had an issue with:
-
By default, OneCare firewall is set to address programs in an automatic mode – every program access is managed through the Microsoft-created and supplied application behavior policy. Programs that are allowed to connect to the Internet are included in that policy and the firewall simply lets them connect without restriction. The problem with this policy is that it covers a very limited number of applications, so the user is forever having to respond to notifications from other quite legitimate programs as they attempt to access the Internet. Another weakness of this approach is that, no matter whether the firewall is in automatic or user-definable access mode, it first blocks the application from accessing the Internet and then asks whether the program should be permitted to access the Internet on subsequent occasions. What this means is that a legitimate program soliciting first-time access to the Internet, in our case an IM chat program, cannot connect to the Internet; after a brief delay, a message to this effect appeared on the screen. It’s really not very user friendly to deny connections to programs accessing the Internet for the first time, and it limits the program’s functionality until a restart restores programs’ operations to a normal state. The way unknown programs are treated by the firewall leaves users with the impression that every application is presumed guilty - by being blocked - until proven otherwise.
-
Apparently Agnitum isn't bothered by a firewall that lets programs automatically connect to the interned - it doesn’t like that it lets so few of them do this out of the box! Should Microsoft decide in advance which programs you do and don’t want connecting to the Internet? They then go on to suggest that the firewall should allow unknown programs to connect to the Internet and then ask if you want to allow it or not. That it is a monumental inconvenience to re-connect that IM client after it has been initially blocked from the Internet! Hmmm, answer yes and then click on sign-in again. Seems easy enough … and yes, from a security standpoint, every application should be presumed guilty. That definition is wholly subjective when it comes to an average person's computer integrity.
- The implications of this poor performance are far-reaching: any competent piece of malware would have no problem stealing data from a PC ‘protected’ by OneCare, and the firewall uttered not a single peep to prevent this from happening. This is a pretty serious shortcoming, since one of the primary functions of a firewall is to protect against unauthorized program connections – both incoming and outgoing; OneCare on this basis does not even meet the minimum requirements for an effective firewall.
-
Without examining the testing methodology used I cannot speak to these results other than to take them at face value. I can say that for the past year since beta testing began, I have run Windows OneCare in its various builds on about 10 different computers and none of them have suffered from an attack or an infection. I could just be lucky; but the odds are against me.
- The OneCare firewall is so basic that it doesn’t even provide for the creation of advanced application access rules – you can either allow an application to access the Internet or deny it. You cannot make a rule, that, for example, would enable Internet Explorer to access some websites and not others (on the basis of IP address, for example). Nor can you specify, for example, time-based access permissions and apply advanced access parameters to the way applications are allowed to connect to the Internet, such as stipulating trusted access ports and protocols for a particular application
-
As Agnitum pointed out, the audience for this security product is "ordinary users" and "consumers." In the IT world, this group is generally not considered technically savvy (though many are). Hence, I would not add a slew of advanced firewall features for a person to potentially misconfigure. They can either inadvertently configure their computer to be wide-open or shut it down altogether. Keeping it simple is a benefit in a lot of instances.
My view (based on over a year working with the product) is that it is a solid option for consumer computers that don’t require (or want) a complex personal firewall - just one that does the basic job well. Out of the box the software runs smoothly, updates reliably and even provides backup and restore options to protect user data. Integrated Windows Defender anti-spyware software also aides in combating another prevalent Internet pain - spy and malware. It has an interface that is easy to understand and follow for the average computer user. The price point is also nice - roughly $39 a year to protect 3 computers. If you have multiple computers in your household, this is great news!
-
-
I have been continuing my testing with the latest build of Vista, 5456 and I stumbled upon something amazing. It was new to me; and it amazes me how many new things I find in each successive build. This enhanced resource manager provides a wealth of detail beyond what are used to with the Task Manager. You can view:
- CPU, Disk, Memory and Network utilization
- Details on each down to specific process utilization
- Process PID, hard faults, Commits and shareable\private memory
Give it a look!
-
-
I got this curious option when installing the latest beta for Windows Media Player 11. Apparently I have the option to blank. I thought it was funny so I submitted it for your amusement. Note to the WMP 11 beta team – you have a bug … I also find it performs sluggishly in comparison to WMP 10. Accessing the URGE music service via WMP 11 I also find hit and miss. I will get a lot of hangs and freezes as well as issues signing in with my passport.