One fantasy that Bill Gates thankfully knows how to fulfill by ZDNet's David Berlind -- Against the backdrop of all the vendors who've been indemnifying their customers against this, that, or the other lawsuit, I keep telling people that it's highly unlikely that vendors are going to sue you if the software you got from someone else (eg: Red Hat) infringes on a patent that belongs to someone else (eg: [...]
Friday, November 17, 2006
Windows Live Messenger and Windows Vista: Worse together
Windows Live Messenger and Windows Vista: Worse together by ZDNet's Mary Jo Foley -- Now that Vista's done, you might think that Windows Live Messenger and Windows Vista might be coexisting more peacefully. If you did, you would be wrong.
Bosses get into 007 gadgets
It's not just James Bond who gets to play with all the cool gadgets. More and more business executives are investing in secret agent-style hardware to make sure their top-secret company plans stay under wraps.
Bug-detectors disguised as fountain pens, keyboards that can secretly record everything typed on them, and clock radios with hidden cameras--devices once only of interest to spies--are now being bought by company chiefs who fear they are being spied on.
"The majority of the customers are buying countersurveillance equipment," said Julia Adams, director of surveillance gadget store Spymaster. "The majority are concerned with what is being leaked. They want to make sure they aren't being bugged and that the competition isn't listening."
Some executives carry pocket-size bug detectors when they are in meetings, on their own premises or elsewhere, that vibrate if they pick up on eavesdropping equipment.
Adams said that people usually pay the Spymaster store a visit because they have a feeling that something is not quite right and, as she points out, "more often than not that feeling is correct." Once they have equipped themselves with countersurveillance gadgets, executives often come back and stock up on surveillance devices, so that they can then find out which staff member in their office has been leaking information.
Business chiefs may well be right to watch their backs. According to a survey of 2,000 office workers commissioned by Samsung Electronics, 57 percent of respondents said they have found and read confidential information on a printer, and 21 percent admit to having read confidential information on a colleague's monitor.
And it's not just staff leaking company secrets to rivals that bosses have to watch out for. With the Cold War long over, corporate espionage has been heating up.
According to MI5, as the U.K.'s national security service is commonly known, foreign intelligence services are now targeting commercial enterprises "far more than in the past," in an attempt to get their hands on communications technologies, IT, lasers, optics and electronics, to name just a few targets.
At least 20 foreign intelligence services are operating to some degree against U.K. interests, MI5 warns, trying to get secrets from people by exploiting technology such as communications and computer systems. This means as well as buying countersurveillance gadgets to protect themselves, companies need to make sure their computer systems aren't coming under attack.
MI5 has a list with IT security advice on its Web site. It warns that electronic attacks may come from a range of sources: criminals, foreign intelligence services, lone hackers or terrorists. Companies should conduct a risk assessment to establish whether they are at particular risk of an electronic attack, it warns. Indeed, its sister agency, MI6, recently advertised for techies to help keep its own networks secure.
Other recommendations include:
• Buy IT gear from reputable manufacturers and suppliers.
• Ensure that software is as up-to-date as possible. Consider checking for patches and updates at least weekly.
• Ensure that Internet-connected computers are equipped with antivirus software.
• Always ensure that your information is regularly backed-up.
• Try to ensure that those who maintain, operate and guard your systems are reliable and honest.
• Seek regular security advice from system and service providers and make sure you act upon it. Pre-empt attacks instead of waiting for them.
• If there are particular categories of material you wish to protect, you could consider encryption.
• Take basic security precautions in order to prevent software or other information from falling into the wrong hands. Implement a program of security awareness among your staff. Train them not to leave sensitive material lying around and to operate a clear-desk policy.
• Invest in security cabinets and fit locking doors.
• Ensure the proper destruction of confidential material.
Bug-detectors disguised as fountain pens, keyboards that can secretly record everything typed on them, and clock radios with hidden cameras--devices once only of interest to spies--are now being bought by company chiefs who fear they are being spied on.
"The majority of the customers are buying countersurveillance equipment," said Julia Adams, director of surveillance gadget store Spymaster. "The majority are concerned with what is being leaked. They want to make sure they aren't being bugged and that the competition isn't listening."
Some executives carry pocket-size bug detectors when they are in meetings, on their own premises or elsewhere, that vibrate if they pick up on eavesdropping equipment.
Adams said that people usually pay the Spymaster store a visit because they have a feeling that something is not quite right and, as she points out, "more often than not that feeling is correct." Once they have equipped themselves with countersurveillance gadgets, executives often come back and stock up on surveillance devices, so that they can then find out which staff member in their office has been leaking information.
Business chiefs may well be right to watch their backs. According to a survey of 2,000 office workers commissioned by Samsung Electronics, 57 percent of respondents said they have found and read confidential information on a printer, and 21 percent admit to having read confidential information on a colleague's monitor.
And it's not just staff leaking company secrets to rivals that bosses have to watch out for. With the Cold War long over, corporate espionage has been heating up.
According to MI5, as the U.K.'s national security service is commonly known, foreign intelligence services are now targeting commercial enterprises "far more than in the past," in an attempt to get their hands on communications technologies, IT, lasers, optics and electronics, to name just a few targets.
At least 20 foreign intelligence services are operating to some degree against U.K. interests, MI5 warns, trying to get secrets from people by exploiting technology such as communications and computer systems. This means as well as buying countersurveillance gadgets to protect themselves, companies need to make sure their computer systems aren't coming under attack.
MI5 has a list with IT security advice on its Web site. It warns that electronic attacks may come from a range of sources: criminals, foreign intelligence services, lone hackers or terrorists. Companies should conduct a risk assessment to establish whether they are at particular risk of an electronic attack, it warns. Indeed, its sister agency, MI6, recently advertised for techies to help keep its own networks secure.
Other recommendations include:
• Buy IT gear from reputable manufacturers and suppliers.
• Ensure that software is as up-to-date as possible. Consider checking for patches and updates at least weekly.
• Ensure that Internet-connected computers are equipped with antivirus software.
• Always ensure that your information is regularly backed-up.
• Try to ensure that those who maintain, operate and guard your systems are reliable and honest.
• Seek regular security advice from system and service providers and make sure you act upon it. Pre-empt attacks instead of waiting for them.
• If there are particular categories of material you wish to protect, you could consider encryption.
• Take basic security precautions in order to prevent software or other information from falling into the wrong hands. Implement a program of security awareness among your staff. Train them not to leave sensitive material lying around and to operate a clear-desk policy.
• Invest in security cabinets and fit locking doors.
• Ensure the proper destruction of confidential material.
Wednesday, November 15, 2006
10 things you can do to give old servers a second life
If you're responsible for a network, you've probably seen Moore's Law' marching relentlessly on your servers. Today's cutting-edge server can be tomorrow's entry-level home PC.
To run with the pack in terms of performance, productivity, and competition, servers that are long in the tooth have to be put out to pasture regularly. But there might be (and usually is) some life left in these early retirees, and they can still be put to good use. Often, you can give old servers a new lease on life by upgrading to a bigger hard drive and adding RAM. The nature of your network will dictate what's best for you, but here are some ways you might get additional mileage from an old server.
#1: Turn it into a patch management server
Patch management is the bane of the network admin's life. In a Microsoft network environment, everything--from PowerPoint to Windows Server 2003--needs to be regularly patched for vulnerabilities. Setting all clients (I'm not even mentioning servers) to auto-update is not the wisest decision. Apart from being a waste of bandwidth (so many clients going out on the Net to download the same patches), you might (rightly) not like the idea of surrendering control over what needs to patched and when to some automated process. You need a centrally managed system.
If you're a small to midsize enterprise, you might find the cost of commercial offerings to be too high. A reasonably good--and free--alternative, is Microsoft's Windows Server Update Services (WSUS). You'll find a step-by-step guide to installing, configuring, and using WSUS here. According to the guide, the hardware recommendations for a server with up to 500 clients are a 1 GHz processor and 1 GB RAM.
#2: Create a NAS server for backups
Backups are the other bane (pain!) of the network admin's life. Here, also, that old server can provide relief.
Thanks to some great software available at a very reasonable price, you can quickly and painlessly turn an old server into a network-attached storage (NAS) device. Apart from the software, NASLite-2 CDD, you'll probably just need to add some big drives to turn your old server into a monster backup server. You'll find the software and more info here.
NASLite-2 CDD is bootable from CD as well as USB. As you'll read on the site, "NASLite-2... is optimized to perform at maximum efficiency with minimum of hardware requirements." It boots directly into RAM and runs on a mere 8 MB RAM disk. Basic requirements are a Pentium processor and 64 MB or more of RAM.
#3: Use it for disk imaging
Having up-to-date disk clones (ghost images) of critical machines (and even noncritical ones--e.g., in environments where you have many machines with the same hardware and software) can really save your bacon--and save you time. Finding storage space for these big images is another matter, though. But an old server might do nicely, even if you can't afford the luxury of buying software to re-image network clients from a central server. You can add some big drives to the old server to merely use its capacity to save all the images, which you can then use to re-image from a client (e.g., just copy the image to a removable drive and restore the image from there).
#4: Put it to work as a firewall
In need of a firewall? If writing Cisco access control lists isn't your forte, and your budget doesn't allow for a hardware or commercial software firewall, consider SmoothWall. This is a refined open-source firewall that will give many commercial apps a run for their money.
According to the site, "SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a Web-based GUI and requires absolutely no knowledge of Linux to install or use."
#5: Make it a test server
Why not use that old server for testing purposes? In a lab/test environment, you don't need top specs. (In fact, testing with minimum specs might be the point of the exercise and could be a good indicator of expected performance.) If need be, just throw in some extra RAM. You can use such a machine for testing new applications and new server offerings or even to practice your "alternative" operating system administration skills by installing Linux, UNIX, or FreeBSD.
Another good idea is to install virtual PC/server software on such a PC. With the competition between Microsoft and VMware heating up, expensive versions of these virtual machines are now available for free. You can get Microsoft's Virtual PC 2004 and Virtual PC 2007 (with support for Vista) here. Virtual PC 2007 was in beta at the time of writing. Microsoft Virtual Server 2005 R2 is also available as a free download. VMware's server offering is available here.
#6: Turn it into a file/print server
If you have a small department with its own needs, an old server can come in handy as a dedicated file/print server, easing the burden on your main file/print server(s). Installing a file server is simple enough. For more on Windows Server 2003 Print Services, see this article.
#7: Create a terminal server
If ever you wanted to try out the capabilities of Terminal Server services (especially the application server features), that old server could be just what you need. Just remember to put in lots of RAM. For a technical overview of Windows Server 2003 Terminal Services, download this Microsoft document.
If you like what you find, check out Deb Shinder's article "Create a scalable thin client solution with Terminal Server farms" for even more inspiration.
#8: Use it as a DHCP server
In the article "Create a superscope to solve the problem of dwindling IP addresses," I wrote about the problem of running out of IP addresses and explained how introducing superscopes could solve the problem. An extra DHCP server to help dish out addresses on another subnet can sometimes come in very handy in this situation.
#9: Make it a mail /SMTP server
So the big boss listened to the Linux guys and dumped Exchange Server. But now he and the rest of management want all the Exchange features and guess what? No can do. But maybe an open source product (there's also a network edition) called Zimbra is the answer. I haven't tested it, but it looks like a real contender, particularly for midsize and smaller companies. Try it on that server you're using for testing! For more information, go to http://www.zimbra.com/community/documentation.html. The requirements for evaluation and testing are an Intel/AMD 32-bit CPU 1.5 GHz, 1 GB RAM, and 5 GB free disk space for software and logs, as well as additional disk space for mail storage.
#10: Convert it to a monitoring server
Call me superstitious, but I like to keep my servers clean and pristine and dedicated to their primary roles. So yes, as a WAN manager I need software to sniff and ping and enumerate resources and to scan and inform me about the state of my network. But no, I'm loathe to install such software on my domain controller or other server performing some dedicated role. That's why I used the first old server to be retired for this noble task.
I gave the job to Spiceworks IT Desktop. (You can read Justin James' review here.) IT Desktop is a free, easy-to-use browser-based solution. You can believe the site when it says that the product takes less than five minutes to get up and running. It's designed for organizations with fewer than 250 devices on their network. System requirements are Windows XP Pro SP2 or Windows 2003 Server; a 700 MHz Pentium class processor; and 512 MB RAM.
You could also put The Dude to work. It does a great job of mapping your network and can be used for pinging, port probes, and outage notifications.
Some of your retired servers may not make the grade. But if you keep in mind these possible uses, I'm sure most of them will be able to perform some of these roles, thus giving new life to a potential doorstop.
To run with the pack in terms of performance, productivity, and competition, servers that are long in the tooth have to be put out to pasture regularly. But there might be (and usually is) some life left in these early retirees, and they can still be put to good use. Often, you can give old servers a new lease on life by upgrading to a bigger hard drive and adding RAM. The nature of your network will dictate what's best for you, but here are some ways you might get additional mileage from an old server.
#1: Turn it into a patch management server
Patch management is the bane of the network admin's life. In a Microsoft network environment, everything--from PowerPoint to Windows Server 2003--needs to be regularly patched for vulnerabilities. Setting all clients (I'm not even mentioning servers) to auto-update is not the wisest decision. Apart from being a waste of bandwidth (so many clients going out on the Net to download the same patches), you might (rightly) not like the idea of surrendering control over what needs to patched and when to some automated process. You need a centrally managed system.
If you're a small to midsize enterprise, you might find the cost of commercial offerings to be too high. A reasonably good--and free--alternative, is Microsoft's Windows Server Update Services (WSUS). You'll find a step-by-step guide to installing, configuring, and using WSUS here. According to the guide, the hardware recommendations for a server with up to 500 clients are a 1 GHz processor and 1 GB RAM.
#2: Create a NAS server for backups
Backups are the other bane (pain!) of the network admin's life. Here, also, that old server can provide relief.
Thanks to some great software available at a very reasonable price, you can quickly and painlessly turn an old server into a network-attached storage (NAS) device. Apart from the software, NASLite-2 CDD, you'll probably just need to add some big drives to turn your old server into a monster backup server. You'll find the software and more info here.
NASLite-2 CDD is bootable from CD as well as USB. As you'll read on the site, "NASLite-2... is optimized to perform at maximum efficiency with minimum of hardware requirements." It boots directly into RAM and runs on a mere 8 MB RAM disk. Basic requirements are a Pentium processor and 64 MB or more of RAM.
#3: Use it for disk imaging
Having up-to-date disk clones (ghost images) of critical machines (and even noncritical ones--e.g., in environments where you have many machines with the same hardware and software) can really save your bacon--and save you time. Finding storage space for these big images is another matter, though. But an old server might do nicely, even if you can't afford the luxury of buying software to re-image network clients from a central server. You can add some big drives to the old server to merely use its capacity to save all the images, which you can then use to re-image from a client (e.g., just copy the image to a removable drive and restore the image from there).
#4: Put it to work as a firewall
In need of a firewall? If writing Cisco access control lists isn't your forte, and your budget doesn't allow for a hardware or commercial software firewall, consider SmoothWall. This is a refined open-source firewall that will give many commercial apps a run for their money.
According to the site, "SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a Web-based GUI and requires absolutely no knowledge of Linux to install or use."
#5: Make it a test server
Why not use that old server for testing purposes? In a lab/test environment, you don't need top specs. (In fact, testing with minimum specs might be the point of the exercise and could be a good indicator of expected performance.) If need be, just throw in some extra RAM. You can use such a machine for testing new applications and new server offerings or even to practice your "alternative" operating system administration skills by installing Linux, UNIX, or FreeBSD.
Another good idea is to install virtual PC/server software on such a PC. With the competition between Microsoft and VMware heating up, expensive versions of these virtual machines are now available for free. You can get Microsoft's Virtual PC 2004 and Virtual PC 2007 (with support for Vista) here. Virtual PC 2007 was in beta at the time of writing. Microsoft Virtual Server 2005 R2 is also available as a free download. VMware's server offering is available here.
#6: Turn it into a file/print server
If you have a small department with its own needs, an old server can come in handy as a dedicated file/print server, easing the burden on your main file/print server(s). Installing a file server is simple enough. For more on Windows Server 2003 Print Services, see this article.
#7: Create a terminal server
If ever you wanted to try out the capabilities of Terminal Server services (especially the application server features), that old server could be just what you need. Just remember to put in lots of RAM. For a technical overview of Windows Server 2003 Terminal Services, download this Microsoft document.
If you like what you find, check out Deb Shinder's article "Create a scalable thin client solution with Terminal Server farms" for even more inspiration.
#8: Use it as a DHCP server
In the article "Create a superscope to solve the problem of dwindling IP addresses," I wrote about the problem of running out of IP addresses and explained how introducing superscopes could solve the problem. An extra DHCP server to help dish out addresses on another subnet can sometimes come in very handy in this situation.
#9: Make it a mail /SMTP server
So the big boss listened to the Linux guys and dumped Exchange Server. But now he and the rest of management want all the Exchange features and guess what? No can do. But maybe an open source product (there's also a network edition) called Zimbra is the answer. I haven't tested it, but it looks like a real contender, particularly for midsize and smaller companies. Try it on that server you're using for testing! For more information, go to http://www.zimbra.com/community/documentation.html. The requirements for evaluation and testing are an Intel/AMD 32-bit CPU 1.5 GHz, 1 GB RAM, and 5 GB free disk space for software and logs, as well as additional disk space for mail storage.
#10: Convert it to a monitoring server
Call me superstitious, but I like to keep my servers clean and pristine and dedicated to their primary roles. So yes, as a WAN manager I need software to sniff and ping and enumerate resources and to scan and inform me about the state of my network. But no, I'm loathe to install such software on my domain controller or other server performing some dedicated role. That's why I used the first old server to be retired for this noble task.
I gave the job to Spiceworks IT Desktop. (You can read Justin James' review here.) IT Desktop is a free, easy-to-use browser-based solution. You can believe the site when it says that the product takes less than five minutes to get up and running. It's designed for organizations with fewer than 250 devices on their network. System requirements are Windows XP Pro SP2 or Windows 2003 Server; a 700 MHz Pentium class processor; and 512 MB RAM.
You could also put The Dude to work. It does a great job of mapping your network and can be used for pinging, port probes, and outage notifications.
Some of your retired servers may not make the grade. But if you keep in mind these possible uses, I'm sure most of them will be able to perform some of these roles, thus giving new life to a potential doorstop.
Critical Broadcom Windows driver exploit released!
Critical Broadcom Windows driver exploit released! by ZDNet's George Ou -- According to Johnny Cache, this particular exploit is extremely reliable and results in "100% ownage" which means your computer belongs to the hacker if it's attacked using this exploit. Since the exploit has been rolled in to the Metasploit 3.0 framework which includes kernel-level shell code, the exploit can be performed with a moderate amount of hacking knowledge. This flaw is extremely dangerous because it exploits the kernel of the operating system which means it bypasses all conventional security measures like anti-virus, HIDS, firewalls, and user privileges. The attack range is limited to Wi-Fi range which is typically 100 to 200 feet but can be extended with high-powered antennas.
Wednesday, November 08, 2006
Will Windows Vista be worth the wait?
Will Windows Vista be worth the wait? by ZDNet's Ed Bott -- It's been a long and winding road, but Windows Vista is finally released to manufacturing. You'll no doubt be overwhelmed with coverage of the minutiae of Windows Vista in the next few days and weeks, but focusing on the road behind or on pixel-by-pixel inspections is a waste of time. After nearly a year of working with Windows Vista day in and day out in production environments, I've come up with three questions that every Windows user needs to ask about Windows Vista.
Friday, November 03, 2006
Virtualization and confusing array of Vista legal restrictions to haunt Microsoft and users alike
Virtualization and confusing array of Vista legal restrictions to haunt Microsoft and users alike by ZDNet's David Berlind -- According to fellow ZDNet blogger Mary Jo Foley, Vista's licensing is confusing enough. She literally ends up screaming for help. But, over at SecurityFocus, Scott Granneman is drawing attention to some of the more objectionable (and seemingly arbitrary) terms in Microsoft's End User License Agreement for the new version of Windows. In his analysis, there [...]
Thursday, November 02, 2006
Microsoft changes Vista license terms
Microsoft changes Vista license terms by ZDNet's Ed Bott -- Who says Microsoft doesn't listen? Three weeks ago, when the new license terms for Windows Vista were officially release, one change set off an avalanche of feedback from the enthusiast community. Today, Microsoft rewrote that part of the license agreement. Individual users can now transfer a retail license from one PC to another or upgrade an existing computer without fear of being forced to pay again.
Microsoft backtracks on Vista transfer limits
REDMOND, Wash.--Reversing a licensing change announced two weeks ago, Microsoft said on Thursday that it will not limit the number of times that retail customers can transfer their Windows Vista license to a different computer.
On Oct. 16, Microsoft issued the new user license for Vista, including terms that would have limited the ability of those who buy a boxed copy of the operating system to transfer that license. Under the proposed terms, users could have made such a switch only one time.
However, the new restriction prompted an outcry among hardware enthusiasts and others. Microsoft is returning the licensing terms to basically what they were in Windows XP--users can transfer their license to a new PC an unlimited number of times, provided they uninstall and stop using it on the prior machine.
The software maker said it paid attention to the response both directly to the company and on blogs and decided to reverse course. Microsoft had hoped to use the change to aid its ongoing efforts to thwart piracy.
"We're trying to be really clear about our intention to prevent piracy," said Microsoft product manager Mike Burk. "At the same time, after listening to the feedback that came in, (we) felt that we needed to make this change."
By reversing course, Burk said, Microsoft hoped to assuage users' concerns, particularly those of hobbyists who frequently upgrade the components of their PC, in some cases triggering Windows to consider the machine a new PC.
The plan to limit transfers was part of a series of changes to the terms that apply to boxed copies of Vista, not to the license that comes on a new, Vista-equipped PC. Separate rules apply for the versions of Windows installed on new PCs, which is how the majority of buyers get their copy of Windows. Typically, copies of Windows purchased on a new PC cannot legally be transferred to another PC.
Burk said that Microsoft isn't planning to back off any of its other planned licensing changes, including a move related to virtualization, in which a computer runs multiple operating systems, or multiple copies of the same operating system, at the same time.
Under those new license terms, any Windows version can serve as the primary, or host, operating system. However, only the Business and Ultimate editions of Vista can run as guest operating systems in virtualization.
"We're not planning on making any other changes," Burk said. "We'll keep listening to people's feedback."
No Mobile Blogging for Beta Users
Would be nice if the blogger team would have got this up and running as one of their first priorities.
I guess this is just another thing that we beta users will have to deal with.
I guess this is just another thing that we beta users will have to deal with.
Subscribe to:
Posts (Atom)
