David Overton's Blog and Discussion Site
This site is my way to share my views and general business and IT information with you about Microsoft, IT solutions for ISVs, technologists and businesses, large and small.  

Browse by Tags

  • SBS 2008 Update Rollup 1 Released to fix Vista AV reporting issue and GoDaddy domain registration issue

    Hi everyone, the first roll-up of fixes for SBS 2008 shipped today. It addresses some minor issues, which is good, but always worth being aware of. From the Official SBS 2008 blog SBS 2008 Update Rollup 1 Releases Today Windows Small Business Server 2008 Update Rollup 1 releases today. This rollup package addresses the following issues in Windows Small Business Server 2008. Issue 1 The Security tab in the Windows Small Business Server 2008 Console incorrectly reports the spyware and malware status of Windows Vista Service Pack 1-based clients that are joined to a domain. Specifically, some security applications are reported as incompatible in the antivirus and malware status that is reported. Issue 2 The Internet Address Management Wizard exits unexpectedly when you register a domain name. This issue occurs when you select GoDaddy.com as the provider, and then you click Register Now How to obtain this update This update will be available from the Microsoft Update Web site: http://update.microsoft.com More Information...
  • Important Microsoft security update – update your machines now!

    DavidOverton.com rebooted today due to an emergency security update – an “out of band” release from the normal “patch Tuesday” process.  It is worth considering updating and reboot your computers and servers asap.   More information on this can be found at http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx .  Impacted systems below:   Operating System Maximum Security Impact Aggregate Severity Rating Bulletins Replaced by this Update Microsoft Windows 2000 Service Pack 4 Remote Code Execution Critical MS06-040 Windows XP Service Pack 2 Remote Code Execution Critical MS06-040 Windows XP Service Pack 3 Remote Code Execution Critical None Windows XP Professional x64 Edition Remote Code Execution Critical MS06-040 Windows XP Professional x64 Edition Service Pack 2 Remote Code Execution Critical None Windows Server 2003 Service Pack 1 Remote Code Execution Critical MS06-040 Windows Server 2003 Service Pack 2 Remote Code Execution Critical None Windows Server 2003 x64 Edition Remote...
  • Configuring OneCare for Servers in SBS 2008

    The Console setup process ( Once SBS is set up, how to do the basic configuration through the management console ) sets up SBS 2008 for use. OneCare for Servers provide anti-malware capabilities and is an important part of the system integrity. SBS 2008 comes with a trial of OneCare and so far I’ve found it very effective. Setup today requires two updates that it downloads and applies itself: Notice that the initial configuration immediately informs you that you need to update Start the process, tell OneCare which country you are in and and accept the EULA. The download starts, updates and finishes If you have an activation key, or wish to purchase one you carry on through the process, switching to a web site to complete the process Note, DO NOT try to activate your trial in the Technical Preview unless you have already been provided with a key If you have been going through the Console in order then this is it baring the enabling of Office Live. Finally, all the SBS 2008 entries can be found at http://davidoverton...
  • How to change spam settings on Exchange 2007 / SBS 2008 to enable some / all / more spam to be delivered to an account for analysis

    One of the settings I wanted to change in SBS 2008 was the spam filter settings – some mails that I was receiving were being deleted without any option for me to review them. Since I had to go and read the manual on this, I thought I would share the answer on this. Open the Exchange Management Console Select the Organization Configuration and then Hub Transport Select the Anti-spam and look at Content Filtering By default the “Reject messages” SCL rating is set to 7. I change this to 8, enable "Quarantining messages” for messages above a level of 6 Finally, you need to enter the e-mail of a mailbox to receive the quarantined e-mail You can see how this impacted the e-mails themselves in the daily report – notice the number of mails still rejected / quarantined: That is it. See all the other SBS 2008 items at http://davidoverton.com/blogs/doverton/archive/tags/SBS+2008/default.aspx ttfn David Technorati Tags: Microsoft , SBS , SBS 2008 , Small Business Server 2008 , Exchange 2007 , Tips , Spam , Content Filtering
  • Latest news, events and downloads in the Security world from Microsoft - Windows Server 2008, Mobile, employee habits, Antigen, IPSEC, ForeFront, NAP, XP Firewall, System Center

    Each month the TRM blog product this great summary of the Microsoft world in various product areas. The blog can be found here http://blogs.technet.com/trm/ News Help your customers securely deploy Windows Server 2008 with the Windows Server 2008 Security Guide! http://go.microsoft.com/fwlink/?LinkId=92550 Every day, adversaries attempt to invade your customers’ networks and access their servers—to bring them down, infect them with viruses, or steal information about customers or employees. Your customers are looking to Microsoft and Windows Server® 2008 to help them address these threats. To assist customers in taking full advantage of the rich security features in Windows Server 2008, Microsoft has developed the Windows Server 2008 Security Guide. The Windows Server 2008 Security Guide provides IT professionals with best practices, predefined security templates, and an automated deployment tool to help strengthen the security of servers running Windows Server 2008. Supporting Your Family, Friends, and Neighbours...
  • Macworld - First Trojan reported for the iPhone

    Ahh, once again the joys of lessening the security on a device to enable modification or easier use shows its dark side. Once upon a time geeks could open and hack the software they bought and make their own world a better place. Now, more people do this without the knowledge of the risks they are taking or how to manage them. The result is that "other" things start to happen showing that the need for knowledge is even more important, especially with regard to security. First Trojan reported for the iPhone by Jim Dalrymple While not a huge risk, the first Trojan for the iPhone has been discovered. The first reports came from iPhone enthusiast site Modmyifone.com and were later confirmed by security research company F-Secure. <sniped> F-Secure reported that it was an 11-year-old kid playing with XML files who created the Trojan. “Next time it might be someone else with more skills and with specific target,” they said. Macworld | First Trojan reported for the iPhone ttfn David Technorati Tags: Security...
  • Hackers eye open source coding tools - are your development tools safe to use?

    Now this sounds familiar - compromise the dev tools and they compromise all products produced with them. Enterprises using open source software to engineer custom applications could be vulnerable to a newly discovered class of hack attack, a security firm claimed today. Fortify Software 's Security Research Group reported that so-called 'cross-build injection attacks' could allow a hacker to insert code into the target program while it is being constructed. The use of open source coding tools have opened the doors to "possible system-wide exploits", according to Fortify. If an attacker compromises either the server that hosts a component, or the DNS server that the build machine uses to locate that server, he could use these vulnerabilities to take full control of the build machine and possibly other machines on the remote network. Fortify discovered that, during the application build process, systems that automatically download external dependencies, including the popular Ant, Maven and...
  • Windows is now getting too difficult to hack, so the hackers sights are moving elsewhere, but that does not mean security is now easier.

    I have heard many times how Windows is the big target for virus and phishing nasty people in general, but more and more people are showing that Windows is just too hard to hack when applications and other platforms offer so much more opportunity. From the article at eBay: Phishers getting better organized, attacking Linux Dave Cullinane, eBay's chief information and security officer said that in his previous job protecting a bank from phishers "The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes. Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected. Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured...
  • Bad anniversary - 25 years of viruses and malware

    According to the article at MSNBC, 25 years ago a 9th grader let loose a virus on his friends because they didn't like his practical jokes. It was the 1st wild boot sector virus and started a whole industry of security watching. The whole article is worth reading as it discusses the whole business and how it has moved from people wanting to be discovered as the malware was originally designed for notoriety, while now it is more for stealing cash or launching attacks and the writers would rather remain unknown. School prank starts 25 years of security woes First person to ever let loose a personal computer virus was a ninth grader Marcio Jose Sanchez / AP Rich Skrenta poses for a portrait in front of his first personal computer, the Apple II Plus, at home in San Carlos, Calif. Skrenta set loose the first computer virus in 1982 — when he was in ninth grade. NEW YORK - What began as a ninth-grade prank, a way to trick already-suspicious friends who had fallen for his earlier practical jokes, has earned Rich Skrenta...
  • Web scams trick one in five US surfers - vnunet.com

    This applies to the UK as well as the US, however recent surveys which showed that people in the UK were prepared to give up their password for chocolate. Anyway, the rules are: If it seems to be too good to be true, it probably is You have not : won the lottery failed a bank security test had someone try to hack your account and you need to re-enter them had bad feedback on a site you have never heard of, or without your full name in the e-mail Got someone at a bank in another country wanting to give you some money If the mail is not sent to you and only you, then it is very, very, very unlikely to be real If the phishing scanner says it is a bad site, trust it unless you know that the address is the address bar is real, and then still don't enter personal information Even if they don't want your mail, handing over your personal details is telling them what they need to know in the real world. If you are asked to disable your system security, don't! Web scams trick one in five US surfers - vnunet...
  • Security is a journey, never a destination

    I was watching the Bourne Identity the other night and Marie asked "how did they find us", to which Bourne replied "we let our guard down, we got lazy". This is so very true for computer security - you can't stop updating your systems, updating your anti-malware tools, updating the firmware in your firewall and more. To highlight this I saw the article below. There was an operating system that claimed it did not suffer from the issues of needing constant TLC. Then 5 of the 8 community servers were compromised. Nice. Ubuntu Servers Hijacked, Used to Launch Attack Members of the Ubuntu colocation team suggest the attack could have begun with a Chinese IP address. The Ubuntu community had to yank five of the eight Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after discovering that the servers had been hijacked and were attacking other machines. It was suggested during an IRC (Internet relay chat) meeting of the Ubuntu colocation team Aug. 14 that the source of the...
  • Malware Removal Kit from Microsoft, including a boot from CD solution

    Malware Removal Kit The Malware Removal Kit is a download from TechNet that provides you with excellent guidance and tools to help you restore PCs infected with malware. The newest Solution Accelerator from Microsoft, it provides free, tested guidance to help you combat malware attacks and restore infected systems - so users can safely get back to work. The kit shows you how to use the Windows Preinstallation Environment (Windows PE) to discover malware by performing a thorough offline scan of your computers, uncovering malware that may be hiding in the operating system. And once malware is located and identified, it can be quickly removed from infected PCs with a number of free anti-malware tools, like the Malicious Software Removal Tool from Microsoft. ttfn David Technorati Tags: Malware Removal , WinPE , Security
  • Microsoft Security products - Forefront and the next version codename Stirling

    I have grabbed these security tit-bits from Technet this month and thought I would share them with you. Expect to be playing with Forefront in one form or another with a year, so might as well see what it does now :-) Microsoft Unveils Next-Generation Forefront Business Security Solution Codename "Stirling" http://go.microsoft.com/?linkid=6951832 Announced this month, the new Microsoft Forefront solution, codename "Stirling," is a single product that will deliver unified security management and reporting with comprehensive, coordinated protection across client, server applications, and network edge. "Stirling" acts as a distributed system, sharing and correlating information to identify complex threats, and dynamically responding to protect the organization. Microsoft Forefront Client Security 120-Day Trial Is Available http://go.microsoft.com/?linkid=6959785 Microsoft Forefront Client Security 120-day trial version is available for evaluation, a security solution that helps protect...
  • Microsoft Webcast: Security Intelligence Report Debrief: July to December 2006 (Level 200) - Thursday, June 14, 2007 8pm UK Time

    I saw this and wondered if anyone wants to attend? Microsoft Webcast: Security Intelligence Report Debrief: July to December 2006 (Level 200) Thursday, June 14, 2007 12:00 PM Pacific Time (US & Canada) This public webcast is designed to bring you up to speed on some of the latest threats that Microsoft’s customers and partners are dealing with today. The webcast is presented by the former vice president of the Anti-virus Research and Vulnerability Emergency Response Team (AVERT) for McAfee, Vinny Gullotto. For the past year Vinny has been working as the General Manager of the Microsoft Malware Protection Center (formerly known as MSAV). Please feel free to attend the webcast and to invite customers and/or partners as well. Simply use this link to register: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032340085&Culture=en-US ttfn David
  • What do Small Businesses worry about in IT?

    I just saw this re-sent internally and the data is quite UK centric, so: 63% of small businesses put data back and privacy as a top priority 7.6% of UK small business software spending was on Anti-Virus, in 2006 they planned to spend 10% more on data security - Source AMI 2006 50% of small businesses have as a priority to deploy in house or hosting data back up and disaster recovery (AMI) ttfn David

(c)David Overton 2006-17