meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

Thursday, September 28, 2006

Windows Tip: File sharing in Windows Vista

By Mitch Tulloch, MTIT Enterprises

One of the biggest gripes over the years about file sharing on Microsoft Windows platforms is that users can see files and folders on a network share even if they don't have permission to open those folders or read the files. Since business environments often give files and folders meaningful names like StrategiesForBustingTheUnion or DoNotLetAuditorsSeeThisSpreadsheet.xls or QuickSellYourStockOurCEOisLeaving.doc, this limitation allowed a degree of information leakage that most companies would rather (cough cough) not allow to happen.

The good news is that with Service Pack 1 for Windows Server 2003, a new feature called Access-Based Enumeration (ABE) has been added to how file sharing works on Windows platforms. By installing and enabling ABE on a Windows Server 2003 SP1 or R2 file server, users on Windows XP desktops will only be able to see files and folders if they actually have permission to access them. I recently wrote an article for WindowsNetworking.com that explains how to implement this feature and lists a few gotchas you need to be aware of.

Read the full Tip here

Wednesday, September 27, 2006

Storage Tip: A hardware approach to storage security

By David Hill, Mesabi Group

The Trusted Computing Group storage working group is working on specifications that manufacturers can use to create trusted platform module-like functionality on storage devices, notably hard disk drives, and high-end flash memory devices. A hard disk is a closed system. Disk drives are intelligent in that they have custom controllers, which have a processor and hidden system memory. Intelligent disk drives have firmware that is not alterable by unauthorized third parties, which means that the bad guys cannot get inside to do damage.

Read the full article here

Tuesday, September 26, 2006

Security Tip: Keep a lookout for toll call fraud

By Brent Huston, MicroSolved, Inc.

Toll call fraud is a serious concern for organizations today. The FBI and FCC estimate that more than 4 billion dollars are lost each year due to the problem. As information security folks, we are often so focused on the computer networks and threats against them that we tend to forget that the phone system could be used to hurt us too. Avoid toll fraud by watching for these things.

Friday, September 22, 2006

Windows Tip: File sharing in Windows Vista

By Mitch Tulloch, MTIT Enterprises

One of the biggest gripes over the years about file sharing on Microsoft Windows platforms is that users can see files and folders on a network share even if they don't have permission to open those folders or read the files. The good news is that with Service Pack 1 for Windows Server 2003, a new feature called Access-Based Enumeration (ABE) has been added to how file sharing works on Windows platforms. Read the full Tip here.

Thursday, September 21, 2006

Unix Tip: Using pscp to copy files securely

By Sandra Henry-Stocker

Many people who use PuTTY to make secure connections between Windows desktops and Unix servers are unaware that PuTTY also provides a tool for securely moving files between the two platforms. The reason for this oversight is that, while PuTTY provides a terminal-like window on its users desktops, the pscp command (PuTTY's scp command) that PuTTY provides for moving files has to be run from the command line.

If you use PuTTY on a Windows box to connect to your Unix systems, here's what you have to do to use the pscp command.

Wednesday, September 20, 2006

Application Error Handling: Tips for Avoiding Death by a Thousand Cuts

By Bryan Sullivan and Billy Hoffman, SPI Dynamics

When an application error occurs, whether due to user input or an internal function, software developers want to present an error message that will help the end user correct the problem. But by providing overly detailed application error messages, you can actually be opening your site to hackers. Sometimes, it is a seemingly innocuous piece of information in an application error message that provides an attacker with the last bit of information he needs to launch a devastating attack.

Here are some practical tips for ensuring that you're providing the right amount of information to the right people.

Tuesday, September 19, 2006

Storage Tip: Rules for differentiating between operational and disaster recovery

By David Hill, Mesabi Group

Differentiating between operational recovery and disaster recovery is not always clear-cut. Fortunately, most problems are operational problems not disaster recovery problems. Here are some guidelines for when a failover to a remote site is an operational recovery problem and not a disaster recovery problem.

Read the full article here

Monday, September 18, 2006

Windows Tip: Resolving IP address conflicts

By Mitch Tulloch, MTIT Enterprises

A basic but often hard to troubleshoot issue that can arise on a TCP/IP network is an IP address conflict. This occurs when two computers on a network are assigned the same IP address, and this situation can arise in three different ways. First, you might misconfigure your network by manually assigning two computers the same static IP address. This is a common occurrence on smaller networks especially when computers are in a workgroup not a domain. Second, a
DHCP server on your network might assign an address to a client computer that conflicts with a static IP address assigned to some other network device such as a router or printer. And third, if you have two DHCP servers on the same subnet that have overlapping scopes, you're likely to get client computers with duplicate addresses.

What I've discovered is that troubleshooting these situations not only requires clear thinking but sharp eyesight as well. For example...

Read the full article here

Friday, September 15, 2006

Security Tip: How spammers identify their targets

By Brent Huston, MicroSolved, Inc.

I spent some time the last few weeks looking at spam and learning about how it is created and how it spreads. What I found was a very interesting and clever process that would-be spammers use to identify targets.

Read the full article here

Wednesday, September 13, 2006

Storage Tip: Accept no imitation when shopping for ILM

By David Hill, Mesabi Group

Do not accept any simple substitutes or imitations that work only on blocks when searching for an information lifecycle management solution.

Read the full article here

Tuesday, September 12, 2006

Security Tip: Six sensible steps to keep disaster recovery real

Most companies shouldn't have to replicate every piece of data to protect their business from the next cataclysmic event. Nor should they necessarily have to cough up millions for a mirror site that traces every network transaction. And let's face it, catastrophes are extremely rare. Be that as it may, enterprises are increasingly being held accountable for their data and prudence points to being prepared. Three experts weigh in on the most commonly overlooked elements in today's disaster recovery plans. Just in case.

Read the full article here

Monday, September 11, 2006

Windows Tip: Remotely changing the default script host

By Mitch Tulloch, MTIT Enterprises

By default, Windows computers have Wscript.exe configured as their default script host instead of Cscript. The difference between these two script hosts is mainly evident when your script generates some kind of output. For example, if Wscript.exe is your default host, then your script output is windowed and is displayed as a series of popup dialog boxes. But if Cscript.exe is your default host, then your script output is displayed within the command prompt window in which
your script is running.

Now if you are an enterprise admin who has started developing your logon scripts using VBScript (.vbs files) instead of the old batch language (.bat files) you must pay attention to this matter of which default script host is configured on your users' computers. For example, say you write the following simple logon script that maps a drive...

Read the full article here

Friday, September 08, 2006

Unix Tip: The perfect crash: Planning after the disaster

By Sandra Henry-Stocker, ITworld.com

Sadly, it is in the aftermath of a big network crash that some of us do our clearest thinking about what we should have done before the disaster struck. We might learn that, even with a powerful UPS, we can find ourselves in a situation in which a sudden loss of power leaves our computer center in the dark, our servers and networking equipment in unknown condition and us with a big problem to solve. How do we get our systems back online with some semblance of control and efficiency when we're not sure what we're starting with?

First, let's look at one scenario that could leave us in the dark. A loss of power that occurs when a UPS is in bypass (maintenance) mode will leave us nearly as unprotected as if we had no UPS at all. Alternately, if our UPS runs out of battery power after a blackout has lasted for an hour or two, we could lose power abruptly. If we are not set up with automated shutdown software, a UPS may extend the time we have before our systems crash, but will not prevent them from
crashing.

Read the full article here

Thursday, September 07, 2006

Windows Tip: Scripting multiple Outlook windows

By Mitch Tulloch, MTIT Enterprises

Most knowledge workers in enterprise environments live by Microsoft Outlook. Email is so important for today's businesses that getting the most out of using Outlook is essential for job effectiveness.

One complaint I used to have about Outlook 2003 was that I could only open one copy of the program at a time. Double-click on the Outlook shortcut on the desktop, and an Outlook window opens. Double-click on the same shortcut again and nothing happens. This frustrates me because I could manage my email more efficiently if I could have multiple Outlook windows open, one displaying my general Inbox, another my Urgent folder where I route mail that's flagged as important, another my folder where I route mail for a big project I'm working on, and so on. It's great to be able to create rules in Outlook that will route incoming messages to whatever folders they should be directed, but I'd like to have these folders always visible on my desktop so I can easily see new messages arriving in each folder.

Read the full article here

Storage Tip: Look at virtualization implementation before you buy

By David Hill, Mesabi Group

You must look at the specific implementation of virtualization in a product and not just buy because of virtualization. But generally having virtualization is a virtue.

Read the full article here

Wednesday, September 06, 2006

Unix Tip: Managing line termination differences in text files

By Sandra Henry-Stocker

Most every Unix sysadmin has run smack into line ending incompatibilities from time to time. The most common problem is the appearance of ^M characters at the ends of lines in text files that were built for or on Windows systems. Text files often end up with the pesky ^M characters when they're transferred from one system to another using scp or ftp in binary (byte-by-byte) mode instead of ASCII mode.

For many applications, the extra ^M characters cause no problems whatsoever. If you have a configuration file that includes these characters, the software that reads the file may not notice or balk. The ^M characters at the end of shebang lines, on the other hand, can confuse Unix systems. The string #!/bin/bash^M, after all, doesn't exactly match what the system needs to identify /bin/bash as the appropriate shell to process the file's contents. Try to execute a script that looks like this in vi and you'll end up with a "./shoplist: No such file or directory" error:

Read the full article here