meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

Wednesday, January 31, 2007

Put Skype's security risks into perspective

By Brent Huston, MicroSolved

Skype tends to bring out the extremes in the security community. They tend to hate Skype or love it. Few stand in the middle. While Skype use can create quite a bit of traffic on the network, and allow unmanaged inside to outside communications, it is hardly a high-risk application. Why the fear?

Thursday, January 25, 2007

Unix Tip: Shells and search order

By Sandra Henry-Stocker

It's easy to take the Unix command line for granted. That is, it's easy to get used to typing in commands and getting responses without thinking very much about how the system determines what command to run. Some of the commands we type are binary files that are part of the OS, some are scripts, some are shell built-ins and some are aliases that are configured into our accounts. Still others may be shell routines. The order that Unix systems use in evaluating the commands we enter is not solely dependent on our PATH variables. Instead, the search order follows a predefined order. If you happen to have a script that has the same name as a Unix command, an alias and a shell routine or built-in, for example, how do you know which one you will end up executing when you press the return key?

Read the full article here.

Wednesday, January 24, 2007

Storage Tip: The role of data protection in governance

By David Hill, Mesabi Group

You have to come to grips with trying to understand the impact of the changes to the Federal Rules of Civil Procedure (FRCP). One way of helping you do this is to organize your thinking around how the changes relate to the need for data protection. Here's what you need to know.

Tuesday, January 23, 2007

Windows Tip: Preventing removal from a domain

By Mitch Tulloch, MTIT Enterprises

By default, any authenticated users on an Active Directory-based network can add a Windows XP workstation to a domain. In fact, they can create up to ten computer accounts in the domain if they want to. As an administrator, you can use Group Policy to manage who in your organization has the right to join workstations to the domain by configuring the Add Workstations To Domain policy setting, which is found under Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignments.

Here's how to configure this setting.

Monday, January 22, 2007

Windows Tip: Troubleshooting group policy in Windows Vista

By Mitch Tulloch, MTIT Enterprises

Group Policy is a key technology for managing computers on Windows-based networks where Active Directory is deployed. But Group Policy has been considerably enhanced in Windows Vista, and also in the soon-to-come Windows Server Code-Name "Longhorn." And of course, changes mean more learning for those who are going to administer these platforms, so this tip deals with one of these changes, namely how to troubleshoot Group Policy processing in Windows Vista.

Friday, January 19, 2007

Unix Tip: NFS mounts and Solaris 10 problem

By Sandra Henry-Stocker

I hadn't seen a stale NFS file handle for more than a decade, so this mount error surprised me.

Read full article

Wednesday, January 17, 2007

SOA inflating CIO pay

By James Gaskin, ITworld.com

Want to move up? Talk your company into launching a SOA (Service
Oriented Architecture) project. If SOA drives your department already,
jump on that project.

Read full article

Friday, January 12, 2007

Unix Tip: Recovering control of a firmware password protected system

By Sandra Henry-Stocker

Firmware passwords can be a very useful security measure when you need to keep systems stable in spite of the fact that they may be exposed to unauthorized individuals, but they can also present a time-consuming challenge if you acquire such a system and don't know the password that was set or if you forget. Having recently purchased some used Sun systems off eBay, I quickly discovered that one of the systems had been configured with a firmware password that the seller didn't know, so I was forced to find a way to overcome this security setting before I could attempt to take control of the system and reinstall it.

Read the full article here:

Wednesday, January 10, 2007

Storage Tip: The legal burden of inaccessible data

By David Hill, Mesabi Group

When you start to understand the implications of what is necessary to bring your company in line with the changes of the Federal Rules of Civil Procedure (FRCP) as they impact the process of e-discovery for civil litigation in the U.S. court system, you may recognize the large gap between what your company can do now and what it needs to do. For example, your enterprise must:

* Organize and classify all data relevant for the purposes of e-discovery
* Keep track of where your data is at all times, including on backup tapes
* Put in place a comprehensive data retention policy
* Ensure both the survival (no destruction) and integrity (no alteration or mutilation) to prevent spoliation (which is the destruction, alteration, or mutilation of evidence").

Read the full article.

Friday, January 05, 2007

Unix Tip: Firmware passwords and the OpenBoot prompt

By Sandra Henry-Stocker, ITworld.com

A firmware password secures a system against unauthorized changes at the ok prompt. If you don't have a firmware password set, anyone with access to your system's console can modify your OpenBoot parameters. If you do have a firmware password set, be careful not to forget it or even you may not be able to boot your system. With a restrictive security setting, accessing a system can be very difficult.

Read the full article here.

Thursday, January 04, 2007

Windows Tip: VPN and domain authentication

By Mitch Tulloch, MTIT Enterprises

If your enterprise has multiple small offices but only one domain controller at each office, how will users at one of your sites log on if their domain controller goes down? One common approach is to have users make a VPN connection to one of the other offices using PPPoE over DSL and authenticate with the domain controller there.

Read the full article.