Using Domain Controller Virtual Machines: "Virtual Server is a Microsoft Windows-based server application that is optimized to provide virtualization of Windows Server operating systems concurrently on a single physical server. In combination with the Windows Server 2003 operating system, Virtual Server provides a platform for implementing domain controllers in virtual machines. With this platform, you can install multiple Windows Server 2003 or Windows 2000 Server domain controllers in separate virtual machines on a single physical server. In this way, you can host multiple domains, multiple domain controllers for the same domain, or even multiple forests on one physical server that is running a single operating system. "
October 28, 2004
October 22, 2004
Secunia - Advisories - Microsoft Internet Explorer Two Vulnerabilities - "http-equiv has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to compromise a user's system, link to local resources, and bypass a security feature in Microsoft Windows XP SP2."
It's funny to me that some media is making this a really big deal. Don't get me wrong, security IS a big deal, but what I'm referring to is the "It even affects SP2!!!!" speil. SP2 isn't the end-all complete total security solution everyone dreams about; it helps (a lot), but nothing is perfect.
Another thing: this only allows the attacker to plant HTML code into the Local Computer zone, not run scripts (on SP2). I'm sure someone can get creative, but this is no where near the severity that most people hype it up to be. It's just like the "exploit" a week after SP2 came out where the attacker had to persuade the user to save a file, then open it...
Understanding Windows Logging - "This article will focus on the importance of monitoring your windows event logs and will highlight the information that is able to be extracted from typical windows logs that help to secure your critical servers. The importance of monitoring the logs will be stressed and creative ways to do this centrally will also be covered. Logging is a very important factor when attempting to decipher what has taken place on a server."
Actually, this entire website is a great resource. Check out WindowsSecurity.com.
October 14, 2004
O'Reilly Network: Google Your Desktop: "The Google Desktop is your own private little Google server. It sits in the background, slogging through your files and folders; indexing your incoming and outgoing email messages, listening in on your instant messenger chats, and browsing the Web right along with you. Just about anything you see and summarily forget, the Google Desktop sees and memorizes for you."
This is a great little article detailing the ins and outs of the new Google Desktop. I'm seriously considering using this. Here's an overview of features:
Real-time operation (in the background)
Indexes files, AIM chats, Outlook (and Express), Text files, MS Office files, and web cache
Indexes any other files by filename
Uses the Google syntax
Can also search the web (without giving up privacy)
The current Microsoft supplied search is a joke. It's slow, only searches files, and doesn't find anything. Mac users have plenty of ammo against windows in this arena, especially with the new Spotlight technology in the works. Google is quickly expanding it's reach; rumors of a Google browser are all over the Internet. Next: the Google OS.
October 13, 2004
ophcrack - This is a version of Rainbow crack. Input a hash key in the webpage and receive the corresponding password!
Read Robert Hensing's Incident Response WebLog on "Why you shouldn't be using passwords of any kind on your Windows networks . . ." Robert makes a great point about not using passwords, but pass-PHRASES. Or, in my opinion, use an incredibly long password like I do. Ophcrack cracked only 7 characters of my 15 character password, AND got the case wrong. Also, disable LMHashes on your servers. The only reason you need the LMHash table is to provide backward compatability with Windows 95 and 98 clients. Most (sane) folks don't support those clients on thier domains, so it's safe to disable.
October 12, 2004
Just when I thought Halloween was over 2 weeks away, Microsoft scares me with 10 new bulletins and one rerelease (8 critical). Thank you Microsoft for the job security!
Microsoft Security Bulletin MS04-028:Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) - Critical (RERELEASE)
Microsoft Security Bulletin MS04-029: Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) - Important
Microsoft Security Bulletin MS04-030: Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) - Important
Microsoft Security Bulletin MS04-031: Vulnerability in NetDDE Could Allow Remote Code Execution (841533) - Important
Microsoft Security Bulletin MS04-032: Security Update for Microsoft Windows (840987) - Critical
Microsoft Security Bulletin MS04-033: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836) - Critical
Microsoft Security Bulletin MS04-034: Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376) - Critical
Microsoft Security Bulletin MS04-035: Vulnerability in SMTP Could Allow Remote Code Execution (885881) - Critical
Microsoft Security Bulletin MS04-036: Vulnerability in NNTP Could Allow Remote Code Execution (883935) - Critical
Microsoft Security Bulletin MS04-037: Vulnerability in Windows Shell Could Allow Remote Code Execution (841356) - Critical
Microsoft Security Bulletin MS04-038: Cumulative Security Update for Internet Explorer (834707) - Critical
October 11, 2004
Geek Cruises--computer education for geeks & consumers - ok I SERIOUSLY need this. Check out the "Convincing the Boss" link for helpful hints on getting your company to tote the note.
October 10, 2004
For me, the jury's still out regarding FireFox replacing IE. Here's some add-ons that are sure to help the transition:
IE View 0.82
Adds "View page in Internet Explorer" links to the content and link context menu. Handy for previewing pages in IE, loading up IE-only pages when you run across them in Mozilla, etc. - This saves you from the hassle having to open IE and navigating to the page that's giving Firefox issues.
An unofficial Google toolbar for Firefox. - Way more (useful) features than the official IE-only version.. the only complaint is that it takes up it's own toolbar. I like to keep my toolbars small, and in IE I combine the navigation buttons, Google Toolbar, and the File menu all on one line with the address bar and links right below, on thier own bar. Small and sleek. But with all of the features (university search, computer search, and many more searching options) I am willing to put up with this drawback.
Image Zoom 0.1.7
Adds zoom functionality for images - Can you live without this?
Autofill is a semi-faithful recreation of Google's IE Autofill function in Mozilla Firefox (with some additional features). - This is nice. Multiple profiles, more feilds, etc make this worthwhile (and better than the official Autofill).
Adds right-click access to Blogger's BlogThis popup. - For those not using the Googlebar, this is a necessary extension. Even if you are using Googlebar, this is a worthy feature that allows you to Blog a link without needing to visit the site.
Copy Plain Text 0.2
Copies text without formatting - see the Image Zoom response.
Modifies CTRL-TAB to switch to recently selected tabs; CTRL-SHIFT-TAB moves in the opposite direction. - A great time saver. Just like Alt-Tab in Windows, except for your FireFox tabs. I can't tell you how many times I hit Alt-Tab without thinking, just to get annoyed that I have to use the mouse to change tabs.
October 08, 2004
Well, I decided to make a jump to Mozilla Firefox from trusty ol' Internet Explorer. So far, I'm not 100% sure of what I think about the new browser. First looking at it, it seems really nice. I love the tabbed browsing, the XPSP2-like security features (block installs, block pop-ups, block active-x installs), the way I can customize the toolbars, and the speed. My favorites (bookmarks) imported over without hassle, as well as my cookies, history, and settings.
One of my main complaints is the lack of Google Toolbar support. Yes, there is a version of the toolbar built-in, but it is only limited to search (although you can search a lot more than Google). I want my Blog-This button, my highlighter, etc. Phil Ringnalda created a BlogThis extension for FireFox, but I haven't installed/tested it yet.
Most of my issues with this new browser is based around my familiarity with IE. I remember the early days, when Netscape was king and was the only browser I'd use. After Netscape died (well, died enough), I made the switch to IE and never went back. Looking at the browser world now, IE has fallen (way) behind. It is time for a change.
Here's a quick list of links to help with the Mozilla FireFox browser:
List of Keyboard Shortcuts.
List of Mozilla Extensions.
List of Mozilla Themes.
Also, I switched from Outlook Express to Mozilla ThunderBird last night as well. I've tested several email clients over the past few months, and ThunderBird looks like it can hold its own with OE. My main complaint, right off, is the lack of decent filter setup (which OE is victim to also). I've played with several other products the kill both of these clients when it comes to filter setup, but those other products usually suck at everything else. I would REALLY test ThunderBird and install it at work, but nothing beats Outlook 2003. Nothing. But, give me a few days/weeks and we'll see if I stay with the 'bird or run back to OE at home.
October 05, 2004
PictView for Windows: "Read images in over 150 variations of approximately 50 file formats, including all famous and widely-used formats"
Nice little utility.. most people wouldn't care about a picture viewer, but check out the command-line converter. I can't tell you how many times someone sent me an email asking me to convert a file from some obscure format to something readable.. this is a quick and easy program to do it with.