October – Cyber Security Awareness Month

Quote from OpenDNS newsletter;

We work hard to keep you safe online all year long, but the good folks at the National Cyber Security Alliance have designated October as the month to raise awareness for this very worthy cause. We’ve asked our friend Michael from the NCSA to share with you a few tips — in addition to using OpenDNS — for protecting your cyber self. Take it away, Michael!

“Top Ways to Stay Safe Online,” by Michael Kaiser, Executive Director, National Cyber Security Alliance

The Internet is supposed to make our lives better, and for most of us, that’s exactly what it does. But the Internet has a dark side, and unless we take the proper precautions, this wonderful tool can end up causing us more harm than good. October is National Cyber Security Awareness Month, and it’s a good time to take a hard look how our online behaviors may be putting us in harm’s way. You don’t have to be a computer genius to protect yourself online and you don’t have to spend a lot of money. By following a few common sense tips, you can make the most out of your Internet experience, while protecting you and your family from online threats.

Protect your identity: On the Internet, your personal data (social security number, birth date, etc.) is extremely valuable and can be used against you. Keep it protected.

Protect your children: Children face unique risks on the Internet, and require unique rules and safeguards. Monitor your kids’ online activities closely. There are many tools available to help you protect them from online threats.

Protect your accounts. Choosing hard-to-guess passwords and changing them regularly can help prevent criminals from getting at your money or personal information.

/by

Windows update / Forefront update error codes

,

Have you ever had Windows Update or Forefront Antivirus fail to update, and then mock you with one of those very informative errorcodes like 0×80244015?  Well guess what, you are not a totally lost, there is actually a “cheat-sheet” http://inetexplorer.mvps.org/answers/63.html for decoding these 😀

Now why these translated error codes are not not displayed as opposed to those interesting 0×80244015 number codes… well your guess is a good as mine..

/by

McAfee Virus Scan 8.7 Enterprise

,

McAfee has released a new version of their enterprise antivirus.  I would advocate that it is indeed a good idea to make sure to upgrade your antivirus regularly, not only the definitions files mind you – newer version or patches for existing versions as well.  More than once I have seen that upgrading an existing installation revealed malware or other infections.

McAfee’s Enterprise Virusscan is in my opinion on of the better products on the marked, its fast – only informs you when there is something to inform about – and its highly tweakable.  That said, then most antivirus products are quite similar today – so I guess its a lot up to personal preference.

Hmm, from what I can see it looks more like a beta, but I may be wrong..

/by

Online Virus Scanning

, ,

Just had a friend on the line, “I think I have a virus..”..  in this day in age even if you have a decent antivirus installed, is no guarantee for an infection-free existence.

Anyhow, my suggestion to him was; try some or all of these online scanners (its free and besides the time it takes to scan it’s fairly painless), actually for the rest of us it’s a decent idea to sometimes get a second opinion (from our installed antivirus) even if we think everything is fine.

So get scanning;
http://onecare.live.com/site/en-US/center/howsafe.htm?s_cid=mscom_msrt
or http://onecare.live.com/

http://www.bitdefender.com/scan8/ie.html

http://housecall.trendmicro.com/

http://www.kaspersky.com/virusscanner

http://support.f-secure.com/enu/home/ols.shtml

http://www.eset.com/onlinescan/

http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

http://home.mcafee.com/Downloads/FreeScanDownload.aspx
(or goto McAfee and search for McAfee Free Scan)

A collection of various utilities (page is in Danish, but links to international sites)
http://www.spywarefri.dk/onlinevark.htm

If you are about to give up, then there is one final hope – McAfee offers an online service where they will assist you in removing your infection for US$ 89,- and if the sh.. really hits the fan, then $89 may not be that bad a deal).

http://us.mcafee.com/root/landingpages/afflandpage.asp?affid=0&lpname=12982&cid=45687

/by

Hacking with Johnny and Google

,

Have some spare time? want to learn how not to expose all your confidential information to the  Google crawler, well, take a swing by http://johnny.ihackstuff.com/ here is a guy, that has devoted a lot of time into mapping how to utilize Google to search for all sorts of “interesting stuff”, stuff you were never supposed to see. 

This is an eye opener for most, you really need to think before exposing anything to the Internet – be that webcams, alarms or just your dishwasher otherwise you may end up on a page like this.

/by

Forefront Client Security Deployment

, , ,

You may have heard about Microsoft’s antivirus solution (Forefront Client Security, the corporate version – there is also a home user version), well now there is an additional way of deploying it (see button link) – untested, but sounds like piece of pie 🙂

Microsoft’s Live Care (home user version);
http://onecare.live.com/standard/en-us/default.htm

Microsoft Forefront Client Security;
http://www.microsoft.com/forefront/clientsecurity/en/us/default.aspx

Corporate deployment (New method);
http://www.codeplex.com/fcscompete/Release/ProjectReleases.aspx?ReleaseId=14440

A few web-casts that may also be interesting (have not seen them myself yet);
http://whitepapers.techrepublic.com.com/abstract.aspx?docid=348503
http://whitepapers.techrepublic.com.com/abstract.aspx?docid=348463

/by

Print Migrator 3.xx – an oldie but still useful

,

Ever tried re-installing a file/print server?  And ever had to manually recreate a number of printers / print cue’s?  Its a horrible way to spend an evening :-/

And actually its a total waste of good (Battlefield playing) time, if you use “Print Migrator” from Microsoft to export the printers in advance you can simply re-import all printers and cue’s in minutes.  In order for this to work properly, you should export your printers from time to time (as a disaster recovery preemptive step).

Print Migrator is a Microsoft utility, and its free 😉

http://www.microsoft.com/windowsserver2003/techinfo/overview/printmigrator3.1.mspx

Additional disaster recovery hints;
Be sure to backup;
DHCP scopes,
Printers,
Shared folder info (a reg key) – “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverShares” (you can once you have restored all data simply import this registry key and all shares are restored with correct NTFS).

Export data via commandline this way;
Create a C:ackup directory
use this commandline:

regedit /e c:ackupshares.reg HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanservares

printmig -b c:ackup\%computername%-Printers.cab

Now you will have a dump of your printer cue’s and the setup of all your shares on this server/machine, these can be found in c:ackup.

This will reduce your recovery time tenfold.

I use a scheduled script like this to ensure I have a current backup of printers and shares;

@Echo off
cls
Echo *************************************************************************************
Echo * SYSTEMBACKUP SCRIPT V 20081104        *
Echo * This script will backup printers, dhcp and shares to c:systembackup directory    *
Echo *************************************************************************************
Echo.

rem
rem   To schedule at 12:00 /interactive /every:sa “c:systembackupsystembackup.cmd”
rem

mkdir c:systembackup
mkdir c:systembackupdhcp
mkdir c:systembackupprinters
mkdir c:systembackupshares

Echo System Backup Commencing… [SHARES]
regedit.exe /e c:systembackupshares\%computername%-shares.reg HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserver
Echo System Backup Commencing… [PRINTERS]
c:systembackup oolsprintmig.exe -b c:systembackupprinters\%computername%-Printers.cab
Echo System Backup Commencing… [DHCP]
del /F /Q c:systembackupdhcp*.*
copy %systemroot%system32dhcpBackup
ew c:systembackupdhcp
regedit.exe /e c:systembackupdhcp\%computername%-dhcp.reg HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDHCPServerParameters
netsh dhcp server dump > c:systembackupdhcpDHCPconfig.cfg

Echo Done.
exit

/by

MySQL database backup for dummys

, ,

If you have a MySQL database somewhere you obviously need to back it up, now I am not much into the inner workings of a MySQL database and have limited access to my hosted services, however I managed to find a link to a utility you can use ‘offsite’, its called “MySQL Administrator 1.2” dooh 😉

Anyhow, you can get it from here;
http://www.mysql.com/ (you may need to do some digging as versions change and I thus not can provide a permanent download link).

How to backup your DB (Danish link);
http://www.web10.dk/help/faq/mysql_backup

/by

Cool Security Links

,

Want to expand your knowledge in the security field? ofcause you do, its cool 🙂

Spend some time visiting;
http://www.irongeek.com – tons of cool stuff and tutorials
http://www.hak5.org – a cool show with neet stuff from modding to hacking.

/by

Penetration testing

,

Looking to expand into Pentesting, then you should take a look at;
http://www.metasploit.com/

Now this is not for noobs, its hardcore – but hey that is what you need working in this field.

Another link would be Backtrack (a linux boot cd with all the stuff you need);
http://www.remote-exploit.org/backtrack.html
http://en.wikipedia.org/wiki/Auditor_Security_Collection#Auditor_Security_Collection

Caution Note,if starting out in this field, be sure to NOT try pentesting random sites/networks, you may do it only for fun and to learn, but it may be illegal (depending on regional law, and on what tests you perform) furthermore the sysadmin on the other end may not enjoy your ‘school project’ and take it very serious.

/by