David Overton's Blog and Discussion Site
This site is my way to share my views and general business and IT information with you about Microsoft, IT solutions for ISVs, technologists and businesses, large and small. I specialise in Windows Intune and SBS 2008.
This blog is purely the personal opinions of David Overton. If you can't find the information you were looking for e-mail me at admin@davidoverton.com.

To find out more about my Windows Intune BOOK - Microsoft Windows Intune 2.0: Quickstart Administration click here

To find out more about my SBS 2008 BOOK - Small Business Server 2008, Installation, Migration and Configuration click here

Browse by Tags

David Overton's Blog

Buy my books

Windows Intune:Quickstart Administration

This is the RAW book (Read as Written).
Click here for more information
Buy or pre-order today

SBS 2008 - Installation, Migration and Configuration

Small Business Server 2008 – Installation, Migration, and Configuration

Buy today in book or e-book form

Request a Review Copy



  • SBS 2008 Update Rollup 1 Released to fix Vista AV reporting issue and GoDaddy domain registration issue

    Hi everyone, the first roll-up of fixes for SBS 2008 shipped today. It addresses some minor issues, which is good, but always worth being aware of. From the Official SBS 2008 blog SBS 2008 Update Rollup 1 Releases Today Windows Small Business Server 2008 Update Rollup 1 releases today. This rollup package addresses the following issues in Windows Small Business Server 2008. Issue 1 The Security tab in the Windows Small Business Server 2008 Console incorrectly reports the spyware and malware status of Windows Vista Service Pack 1-based clients that are joined to a domain. Specifically, some security applications are reported as incompatible in the antivirus and malware status that is reported. Issue 2 The Internet Address Management Wizard exits unexpectedly when you register a domain name. This issue occurs when you select GoDaddy.com as the provider, and then you click Register Now How to obtain this update This update will be available from the Microsoft Update Web site: http://update.microsoft.com More Information http://support.microsoft.com/KB/958715 The Official SBS Blog : SBS 2008 Update Rollup 1 Releases Today ttfn David Technorati Tags: SBS 2008 , Vista , Windows Vista , Updates , GoDaddy , Anti-virus , Anti-Malware , System Updates , Microsoft , SBSC , Community
  • Important Microsoft security update – update your machines now!

    DavidOverton.com rebooted today due to an emergency security update – an “out of band” release from the normal “patch Tuesday” process.  It is worth considering updating and reboot your computers and servers asap.   More information on this can be found at http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx .  Impacted systems below:   Operating System Maximum Security Impact Aggregate Severity Rating Bulletins Replaced by this Update Microsoft Windows 2000 Service Pack 4 Remote Code Execution Critical MS06-040 Windows XP Service Pack 2 Remote Code Execution Critical MS06-040 Windows XP Service Pack 3 Remote Code Execution Critical None Windows XP Professional x64 Edition Remote Code Execution Critical MS06-040 Windows XP Professional x64 Edition Service Pack 2 Remote Code Execution Critical None Windows Server 2003 Service Pack 1 Remote Code Execution Critical MS06-040 Windows Server 2003 Service Pack 2 Remote Code Execution Critical None Windows Server 2003 x64 Edition Remote Code Execution Critical MS06-040 Windows Server 2003 x64 Edition Service Pack 2 Remote Code Execution Critical None Windows Server 2003 with SP1 for Itanium-based Systems Remote Code Execution Critical MS06-040 Windows Server 2003 with SP2 for Itanium-based Systems Remote Code Execution Critical None Windows Vista and Windows Vista Service Pack 1 Remote Code Execution Important None Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1 Remote Code Execution Important None Windows Server 2008 for 32-bit Systems * Remote Code Execution Important None Windows Server 2008 for x64-based Systems * Remote Code Execution Important None Windows Server 2008 for Itanium-based Systems Remote Code Execution Important None ttfn   David
  • Configuring OneCare for Servers in SBS 2008

    The Console setup process ( Once SBS is set up, how to do the basic configuration through the management console ) sets up SBS 2008 for use. OneCare for Servers provide anti-malware capabilities and is an important part of the system integrity. SBS 2008 comes with a trial of OneCare and so far I’ve found it very effective. Setup today requires two updates that it downloads and applies itself: Notice that the initial configuration immediately informs you that you need to update Start the process, tell OneCare which country you are in and and accept the EULA. The download starts, updates and finishes If you have an activation key, or wish to purchase one you carry on through the process, switching to a web site to complete the process Note, DO NOT try to activate your trial in the Technical Preview unless you have already been provided with a key If you have been going through the Console in order then this is it baring the enabling of Office Live. Finally, all the SBS 2008 entries can be found at http://davidoverton.com/blogs/doverton/archive/tags/SBS+2008/default.aspx ttfn David Technorati Tags: Microsoft , SBS 2008 , SBS , Tips , SBSC , Small Business , Small Business Server 2008 , Community , Partner , Console , One Care , Security , Anti-Virus , Anti-spam
  • How to change spam settings on Exchange 2007 / SBS 2008 to enable some / all / more spam to be delivered to an account for analysis

    One of the settings I wanted to change in SBS 2008 was the spam filter settings – some mails that I was receiving were being deleted without any option for me to review them. Since I had to go and read the manual on this, I thought I would share the answer on this. Open the Exchange Management Console Select the Organization Configuration and then Hub Transport Select the Anti-spam and look at Content Filtering By default the “Reject messages” SCL rating is set to 7. I change this to 8, enable "Quarantining messages” for messages above a level of 6 Finally, you need to enter the e-mail of a mailbox to receive the quarantined e-mail You can see how this impacted the e-mails themselves in the daily report – notice the number of mails still rejected / quarantined: That is it. See all the other SBS 2008 items at http://davidoverton.com/blogs/doverton/archive/tags/SBS+2008/default.aspx ttfn David Technorati Tags: Microsoft , SBS , SBS 2008 , Small Business Server 2008 , Exchange 2007 , Tips , Spam , Content Filtering
  • Latest news, events and downloads in the Security world from Microsoft - Windows Server 2008, Mobile, employee habits, Antigen, IPSEC, ForeFront, NAP, XP Firewall, System Center

    Each month the TRM blog product this great summary of the Microsoft world in various product areas. The blog can be found here http://blogs.technet.com/trm/ News Help your customers securely deploy Windows Server 2008 with the Windows Server 2008 Security Guide! http://go.microsoft.com/fwlink/?LinkId=92550 Every day, adversaries attempt to invade your customers’ networks and access their servers—to bring them down, infect them with viruses, or steal information about customers or employees. Your customers are looking to Microsoft and Windows Server® 2008 to help them address these threats. To assist customers in taking full advantage of the rich security features in Windows Server 2008, Microsoft has developed the Windows Server 2008 Security Guide. The Windows Server 2008 Security Guide provides IT professionals with best practices, predefined security templates, and an automated deployment tool to help strengthen the security of servers running Windows Server 2008. Supporting Your Family, Friends, and Neighbours http://go.microsoft.com/?linkid=8287993 By Steve Riley, Senior Security Strategist, Trustworthy Computing Have you become a support professional outside of the workplace? Read this article and learn how to discuss security with your family, friends, and neighbours to better help them stay safe and secure online. More Security and Control for Mobile Devices http://go.microsoft.com/?linkid=8287995 Learn how to add, manage, secure, and update Windows Mobile devices like you do Windows-based laptops and PCs. Microsoft System Center Mobile Device Manager 2008 provides robust security features and a comprehensive device management solution that helps safeguard your corporate data, reduce the cost and complexity of mobile deployments, and centralize and simplify Windows Mobile device management. Island Hopping: The Infectious Allure of Vendor Swag http://go.microsoft.com/?linkid=8287996 The technique of island hopping -- penetrating a network through a weak link and then hopping around systems within that network...
  • Macworld - First Trojan reported for the iPhone

    Ahh, once again the joys of lessening the security on a device to enable modification or easier use shows its dark side. Once upon a time geeks could open and hack the software they bought and make their own world a better place. Now, more people do this without the knowledge of the risks they are taking or how to manage them. The result is that "other" things start to happen showing that the need for knowledge is even more important, especially with regard to security. First Trojan reported for the iPhone by Jim Dalrymple While not a huge risk, the first Trojan for the iPhone has been discovered. The first reports came from iPhone enthusiast site Modmyifone.com and were later confirmed by security research company F-Secure. <sniped> F-Secure reported that it was an 11-year-old kid playing with XML files who created the Trojan. “Next time it might be someone else with more skills and with specific target,” they said. Macworld | First Trojan reported for the iPhone ttfn David Technorati Tags: Security , iPhone , Trojan , Malware
  • Hackers eye open source coding tools - are your development tools safe to use?

    Now this sounds familiar - compromise the dev tools and they compromise all products produced with them. Enterprises using open source software to engineer custom applications could be vulnerable to a newly discovered class of hack attack, a security firm claimed today. Fortify Software 's Security Research Group reported that so-called 'cross-build injection attacks' could allow a hacker to insert code into the target program while it is being constructed. The use of open source coding tools have opened the doors to "possible system-wide exploits", according to Fortify. If an attacker compromises either the server that hosts a component, or the DNS server that the build machine uses to locate that server, he could use these vulnerabilities to take full control of the build machine and possibly other machines on the remote network. Fortify discovered that, during the application build process, systems that automatically download external dependencies, including the popular Ant, Maven and Ivy tools, are particularly vulnerable. Hackers eye open source coding tools - vnunet.com ttfn David Technorati Tags: Security , Developer tools , Open Source
  • Windows is now getting too difficult to hack, so the hackers sights are moving elsewhere, but that does not mean security is now easier.

    I have heard many times how Windows is the big target for virus and phishing nasty people in general, but more and more people are showing that Windows is just too hard to hack when applications and other platforms offer so much more opportunity. From the article at eBay: Phishers getting better organized, attacking Linux Dave Cullinane, eBay's chief information and security officer said that in his previous job protecting a bank from phishers "The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes. Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected. Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured system, he could seize control of the machine. " In the same article it also mentions: "We see a lot of Linux machines used in phishing," said Alfred Huger, vice president for Symantec Security Response. "We see them as part of the command and control networks for botnets, but we rarely see them be the actual bots. Botnets are almost uniformly Windows-based." Since Linux machines can be used to more easily create specially crafted networking packets, they can be used in highly sophisticated online attacks, said Iftach Amit, director of security research with Finjan Inc.'s malicious code research center. Now this might sound like a load of old "mine is better than yours", but there is much more to this. Oracle, who on the whole don't make that many products, released their latest set of patches, just 51 this month - http://techworld.com/applications/news/index.cfm?newsID=10369&pagtype=all , compared to a much smaller set from Microsoft. What is worth noting is...
  • Bad anniversary - 25 years of viruses and malware

    According to the article at MSNBC, 25 years ago a 9th grader let loose a virus on his friends because they didn't like his practical jokes. It was the 1st wild boot sector virus and started a whole industry of security watching. The whole article is worth reading as it discusses the whole business and how it has moved from people wanting to be discovered as the malware was originally designed for notoriety, while now it is more for stealing cash or launching attacks and the writers would rather remain unknown. School prank starts 25 years of security woes First person to ever let loose a personal computer virus was a ninth grader Marcio Jose Sanchez / AP Rich Skrenta poses for a portrait in front of his first personal computer, the Apple II Plus, at home in San Carlos, Calif. Skrenta set loose the first computer virus in 1982 — when he was in ninth grade. NEW YORK - What began as a ninth-grade prank, a way to trick already-suspicious friends who had fallen for his earlier practical jokes, has earned Rich Skrenta notoriety as the first person ever to let loose a personal computer virus. Although over the next 25 years, Skrenta started the online news business Topix, helped launch a collaborative Web directory now owned by Time Warner Inc.'s Netscape and wrote countless other computer programs, he is still remembered most for unleashing the "Elk Cloner" virus on the world. "It was some dumb little practical joke," Skrenta, now 40, said in an interview. "I guess if you had to pick between being known for this and not being known for anything, I'd rather be known for this. But it's an odd placeholder for (all that) I've done." School prank starts 25 years of security woes - Security - MSNBC.com ttfn David Technorati Tags: Virus , Malware , 25th anniversary , security
  • Web scams trick one in five US surfers - vnunet.com

    This applies to the UK as well as the US, however recent surveys which showed that people in the UK were prepared to give up their password for chocolate. Anyway, the rules are: If it seems to be too good to be true, it probably is You have not : won the lottery failed a bank security test had someone try to hack your account and you need to re-enter them had bad feedback on a site you have never heard of, or without your full name in the e-mail Got someone at a bank in another country wanting to give you some money If the mail is not sent to you and only you, then it is very, very, very unlikely to be real If the phishing scanner says it is a bad site, trust it unless you know that the address is the address bar is real, and then still don't enter personal information Even if they don't want your mail, handing over your personal details is telling them what they need to know in the real world. If you are asked to disable your system security, don't! Web scams trick one in five US surfers - vnunet.com Nearly one in five US adult surfers has been a victim of at least one internet scam, according a recent survey commissioned by Microsoft . Some 81 per cent of these victims admitted that they did something to compromise their own security, such as opening an e-mail message that appeared to be from a legitimate person or company. Security experts at Microsoft said that the biggest threats facing consumers online this year are criminals posing as trusted third parties to extract personal information. "Microsoft has witnessed a shift in criminal behaviour in the past year," said Adrienne Hall, senior director of communications and marketing at Microsoft. "The internet has changed the way we live, but many of the experiences that make the internet so valuable in our daily lives also require us to share information about ourselves that can present certain risks." Despite increasing media exposure and user education about identity theft and online fraud, many people are still not getting the...
  • Security is a journey, never a destination

    I was watching the Bourne Identity the other night and Marie asked "how did they find us", to which Bourne replied "we let our guard down, we got lazy". This is so very true for computer security - you can't stop updating your systems, updating your anti-malware tools, updating the firmware in your firewall and more. To highlight this I saw the article below. There was an operating system that claimed it did not suffer from the issues of needing constant TLC. Then 5 of the 8 community servers were compromised. Nice. Ubuntu Servers Hijacked, Used to Launch Attack Members of the Ubuntu colocation team suggest the attack could have begun with a Chinese IP address. The Ubuntu community had to yank five of the eight Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after discovering that the servers had been hijacked and were attacking other machines. It was suggested during an IRC (Internet relay chat) meeting of the Ubuntu colocation team Aug. 14 that the source of the troubles might have been a Chinese IP address trying to log onto the servers by brute force "for a long time now it seems," said a participant. On Aug. 14, the community began to bring the machines back up in a safe state so that they could recover data from them. Unfortunately, according to Ubuntu Community Manager Jono Bacon, the servers were all found to be out of date, stuffed with Web software, and missing security patches—at least in the instances where it was easy to determine what version they're running. "An attacker could have gotten a shell through almost any of these sites," Bono wrote in a posting, regarding a change to location server policy that resulted from the incident. Ubuntu Servers Hijacked, Used to Launch Attack ttfn David Technorati Tags: Security , Linux
  • Malware Removal Kit from Microsoft, including a boot from CD solution

    Malware Removal Kit The Malware Removal Kit is a download from TechNet that provides you with excellent guidance and tools to help you restore PCs infected with malware. The newest Solution Accelerator from Microsoft, it provides free, tested guidance to help you combat malware attacks and restore infected systems - so users can safely get back to work. The kit shows you how to use the Windows Preinstallation Environment (Windows PE) to discover malware by performing a thorough offline scan of your computers, uncovering malware that may be hiding in the operating system. And once malware is located and identified, it can be quickly removed from infected PCs with a number of free anti-malware tools, like the Malicious Software Removal Tool from Microsoft. ttfn David Technorati Tags: Malware Removal , WinPE , Security
  • Microsoft Security products - Forefront and the next version codename Stirling

    I have grabbed these security tit-bits from Technet this month and thought I would share them with you. Expect to be playing with Forefront in one form or another with a year, so might as well see what it does now :-) Microsoft Unveils Next-Generation Forefront Business Security Solution Codename "Stirling" http://go.microsoft.com/?linkid=6951832 Announced this month, the new Microsoft Forefront solution, codename "Stirling," is a single product that will deliver unified security management and reporting with comprehensive, coordinated protection across client, server applications, and network edge. "Stirling" acts as a distributed system, sharing and correlating information to identify complex threats, and dynamically responding to protect the organization. Microsoft Forefront Client Security 120-Day Trial Is Available http://go.microsoft.com/?linkid=6959785 Microsoft Forefront Client Security 120-day trial version is available for evaluation, a security solution that helps protect business desktops, laptops, and server operating systems from viruses, spyware, and other current and emerging threats. - Read how other IT professionals use Forefront Client Security http://go.microsoft.com/?linkid=6959833 - Take the virtual labs http://go.microsoft.com/?linkid=6959834 - Download the trial software http://go.microsoft.com/?linkid=6959835 Microsoft Security Awareness Toolkit http://go.microsoft.com/?linkid=6951861 Guidance, samples, and templates for creating a security-awareness program in your organization. Microsoft Forefront Server Security Management Console Beta 2 Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen. http://www.microsoft.com/downloads/details.aspx?FamilyID=2048daae-b9f2-4612-ada9-51537a5479ca&DisplayLang=en Microsoft Forefront Server Security Management Console Beta 2 User Guide Forefront Server Security Management Console allows administrators...
  • Microsoft Webcast: Security Intelligence Report Debrief: July to December 2006 (Level 200) - Thursday, June 14, 2007 8pm UK Time

    I saw this and wondered if anyone wants to attend? Microsoft Webcast: Security Intelligence Report Debrief: July to December 2006 (Level 200) Thursday, June 14, 2007 12:00 PM Pacific Time (US & Canada) This public webcast is designed to bring you up to speed on some of the latest threats that Microsoft’s customers and partners are dealing with today. The webcast is presented by the former vice president of the Anti-virus Research and Vulnerability Emergency Response Team (AVERT) for McAfee, Vinny Gullotto. For the past year Vinny has been working as the General Manager of the Microsoft Malware Protection Center (formerly known as MSAV). Please feel free to attend the webcast and to invite customers and/or partners as well. Simply use this link to register: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032340085&Culture=en-US ttfn David
  • What do Small Businesses worry about in IT?

    I just saw this re-sent internally and the data is quite UK centric, so: 63% of small businesses put data back and privacy as a top priority 7.6% of UK small business software spending was on Anti-Virus, in 2006 they planned to spend 10% more on data security - Source AMI 2006 50% of small businesses have as a priority to deploy in house or hosting data back up and disaster recovery (AMI) ttfn David

(c)David Overton 2006-13