Worm outbreak feared after port scanning spike - silicon.com

June 24, 2005

0 comments  

Worm outbreak feared after port scanning spike - silicon.com: "A surge in scanning on a port associated with a Windows flaw patched last week suggests that a mass worm attack may be imminent, experts said.

A rise in activity on TCP Port 445 could be a sign that hackers are trying to exploit a flaw in Server Message Block, Gartner analyst John Pescatore said on Thursday.
<...>
Symantec saw a spike in scanning on TCP Port 445 last week but the probing of the port has since gone back to normal levels, Huger said. "I don't think we should be screaming the barn is burning by any means," he said."

You should always take what you hear in the news with a grain (sometimes bag) of salt, but situations like are an acceptable reason for alarm. Time to get those patches rolling!!

ComputerZen.com - Scott Hanselman's Weblog - Scott Hanselman's 2005 Ultimate Developer and Power Users Tool List

June 21, 2005

0 comments  

ComputerZen.com - Scott Hanselman's Weblog - Scott Hanselman's 2005 Ultimate Developer and Power Users Tool List: "Everyone collects utilities, and most folks have a list of a few that they feel are indispensable. Here's mine. Each has a distinct purpose, and I probably touch each at least a few times a week. For me, util means utilitarian and it means don't clutter my tray. If it saves me time, and seamlessly integrates with my life, it's the bomb.
Here are most of the contents of my C:/UTILS folder. These are all well loved and used. I wouldn't recommend them if I didn't use them constantly."
-
Holy Crap!! This Developer and Power User's Tool List is an awesome resource. Just scanning through the list I must have opened 10 links to tools. Really worth a look (and a place in your bookmarks).



IT Magazine Resources

June 18, 2005

0 comments  

TradePub.com"FREE one-year magazine subscriptions: computers, business and engineering trade publications" - Great resource of free technical/industry magazines. I get about 10 of these, all free and all to my home.

Here's a list of magazines of interest to the SysAdmin:
Free (to those who qualify)
EWeek
Network World
ComputerWorld
Information Security
Information Week
InfoWorld
Network Computing
Paid Subscriptions
Windows IT Pro - MUST HAVE
Wired
SysAdmin
Linux Journal

I know there's others.. if you know of any that should be included, let me know.

Migrating to Symantec AntiVirus Corporate Edition 10.0

June 16, 2005

0 comments  

Migrating to Symantec AntiVirus Corporate Edition 10.0, part 1: "This document gives a detailed description of migrating to Symantec AntiVirus Corporate Edition 10.0 from previous versions of Symantec AntiVirus Corporate Edition or Norton AntiVirus Corporate Edition."

Ok for those with SAV < 10.. The new version 10 offering looks great on paper (according to the release notes at least), but please take note.. I've done a lot of wathcing newsgroups, mailing lists, forums, etc, and it seems that a ton of people are having issues with it. According to all those who've made it work properly, the above guide must be followed to the letter or you will fail. Here's the experience of Andy (a member of the NTSysAdmin mailing list):

"My experience with the SAVCE 10 migration was relatively painless b\c I did my homework. Symantec published a four part upgrade document and anyone needing to upgrade to 10 needs to read, re-read, take notes and sleep with this doc. Also, take the upgrade in phases. The new SSC will manage version 9 clients, which buys you time. My upgrade went like this:

1. Remove SSC and any other management tools from primary server 2. Reboot server 3. Install new SSC 4. Reboot server 5. Install other management apps 6. Reboot server 7. Deploy AV server to primary server 8. Reboot server 9. Test SSC as needed, insuring updates are being retrieved, client groups are OK, etc.
10. Deploy SAVCE 10 client to a few clients 11. Reboot clients, if needed 12. Deploy to rest of clients and troubleshoot as needed 13. Clear SSC cache and test."

(IN)SECURE Magazine

0 comments  

(IN)SECURE Magazine: "(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics."

Reading through issue 1.2, I'm finding this magazine to be full of good writing, great info, and professional layout. This isn't something that some kid threw together, but a professional resource. Thanks to HNS.

i.Ftp - No BS FTP client

June 14, 2005

0 comments  

MemeCode - i.Ftp: "i.Ftp is a little graphical FTP client, which does what I need in an FTP client without the size and fuss."

If you're looking for a small (688K d/l), quick, no-install, little footprint ftp client that just gets the job done, this is what you want. Thanks to Matthew Allen and Philipp Krieger for a great little program.

Black Tuesday - 10 from Uncle Bill - 3 Crit

0 comments  

Microsoft Security Bulletin MS05-025: Cumulative Security Update for Internet Explorer (883939) - Critical, Remote Code Execution

Microsoft Security Bulletin MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution (896358) - Critical

Microsoft Security Bulletin MS05-027: Vulnerability in Server Message Block Could Allow Remote Code Execution (896422) - Critical

Microsoft Security Bulletin MS05-028: Vulnerability in Web Client Service Could Allow Remote Code Execution (896426) - Important

Microsoft Security Bulletin MS05-029: Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179) - Important

Microsoft Security Bulletin MS05-030: Vulnerability in Outlook Express Could Allow Remote Code Execution (897715) - Important

Microsoft Security Bulletin MS05-031: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458) - Important

Microsoft Security Bulletin MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing (890046) - Moderate

Microsoft Security Bulletin MS05-033: Vulnerability in Telnet Client Could Allow Information Disclosure (896428) - Moderate

Microsoft Security Bulletin MS05-034: Cumulative Security Update for ISA Server 2000 (899753) - Moderate