What other professional development and/or tracking tools do you use in your job? Please leave some feedback and let me know what you use or if this Printable CEO made a difference in your job.]]>
So… if you want to reduce your carbon footprint in 2009, check this out. I know I will.]]>
The first of these is called the BubbleTimer. It is meant to help you meet your goals through better time management. This may be useful if you are a consultant or need a way to quickly track time on projects.
Hope this is of use to you in 2009!]]>
The guides available include:
As you see, there is a lot of information here to absorb and make use of in your environment. I’m going to be checking out the Systems Center Operations Manager 2007 implementation guide. It’s gonna be an interesting ride but at least Microsoft is offering some free support assistance in the planning and design phase.
Try some of these guides out. Share with us your thoughts and how effective the guides were in helping your organization meet operational demands.]]>
Discount Codes – Nmap Book – Wireshark Certification Status – Global Knowledge – Movie Update – Virtual Conference Survey
Holiday/End-of-Year Specials at www.wiresharkU.com
Fyodor Releases Nmap Book
Gordon “Fyodor” Lyon, the creator of the must-have tool, Nmap, has released the long-awaited title “Nmap Network Scanning”. This 468-page book (nmap.org/book/) is a required reading for anyone securing a network. I was thankful that Fyodor sent me a pre-release copy of the book, which was a blessing since the content was more in-depth than I’d hoped for. Chapters define scan variations, OS fingerprinting techniques, tips and tricks and the newly-developed ZenMap, the graphic front end for Nmap. “Nmap Network Scanning” should be front and center on your desk for months and years to come! Thanks, Fyodor!
Wireshark Certification Status
Final beta tests are underway for a planned January 2009 release of the long-awaited Wireshark Certification test. The Wireshark Certification Information Packet (WCIP) should be out at the beginning of the year (sign up to receive the document at www.wiresharktraining.com/certification).I know you’ve waited a long time for the certification and I appreciate your patience – it took me a lot longer to get the questions together and ensure we could deliver via the Internet.
Global Knowledge Signed as Wireshark Authorized Training Partner
We are thrilled to sign on Global Knowledge as our North American Wireshark University Authorized Training Partner. In Q1 2009, two new Wireshark courses release – the first course focuses on Wireshark basic through advanced functionality and in-depth review of TCP/IP communication patterns (CORE 1). The second course delves into troubleshooting and network forensics with the Wireshark Certification Vouchers included in the course price (CORE 2). More course information will be put on www.wiresharkU.com before end of year.Read the press release.
The Only Thing Slower than This Network is Hollywood!
Well, folks… after hearing about the ‘movie’ project for a few years now, you’re probably thinking the darn thing isn’t going to make it out there. You’re probably right, but one more step was checked off last week – the script was finalized. The writers, Joe D’Ambrosia and Tom Teves (Murray Hill 5 Productions) gave me the near-shocking news on Friday. If you don’t know these guys, check out the “Dead Rocker” (appropriate for kids) at www.youtube.com/watch?v=I5aD00UeE9g. I kinda figured out who the murderer was (at least I knew what the main clue was) after watching a second time. Can you/your kids figure it out?
Happy Holidays to All! [Oh... and if you checked out the movie link...no, I'm not a spy and no, my kids don't play soccer.]
I have been watching some of the exchanges between posters on the forums. It amazes me what people will post when the environment provides seeming anonymity. ITKE does offer this also, but the moderators do a great job of keeping the Trolls away. The Craigslist posters do not behave in the same professional manner that ITKE users do. There are many writers on Craigslist that belittle computer user skills for those asking “noob” questions. There are also those who attempt to discredit or otherwise tear down answers from those who have real computer skills and knowledge.
For example, there was a recent posting thread reminding people that the Microsoft Tuesday patches had been released. One feature that Craigslist offers similar to ITKE is the ability to rate postings. Someone rated the patch Tuesday reminder as a “thumbs down” posting. This is really unprofessional behavior. The thread went on to describe that exploits were sure to follow the patches since hackers use the patches to reverse-engineer the vulnerability. Someone asked if the exploits could already exist. Of course they might, but the exploits would become more likely after the patches are released.
The thread also described how the patches are to protect users from themselves. Most users are tempted into doing something (downloading software, answering yes to some popup window, visiting that interesting website) that causes malicious software to do something on their system that is totally unintended by the users… so the patch is there to fix some things that might be otherwise used by these malware writers. Really patching is the only preventive mechanism. Antivirus is a detective method that detects when something is trying to do something it shouldn’t. Patching won’t let those things happen – unless the user makes a poor judgement call… we all do! I have even opened an infected PDF file thinking it was a legitimate document. Fortunately, AV was able to clean up after my mistake.
For some reason, some troll thought they would say that these postings were by a “know-it-all n00b”. It seems like this Craigslist forum user may be one of those miscreants who want people to remain ignorant and cannot handle someone else teaching others about safe computing and answering other users’ questions.
I would like to encourage ITKE readers and IT professionals to help make IT support forums professional and user-friendly. If you have time, watch the Craigslist computer forums, offer support to the users who don’t have the same professional support available we have on ITKE. Make the trolls look even worse by treating the users with some respect. By sharing our knowledge and skills, we can help users use the computer in a productive manner. Thanks for reading this and hope you join me in sharing knowledge either here on ITKE and/or Craigslist.]]>
The Virtual Linux Desktop ranges in price from $59 to $289 per user, depending on level of software and service desired, according to the report. IBM estimates that the software package could save corporate customers up to $800 per user, when compared with the cost of maintaining Microsoft’s Vista operating system, Office suite, and collaboration tools, the newspaper said.
For more information see:
Wall Street Journal -IBM Creates ‘Microsoft-Free’ Desktop: Applications for Thin Clients Would Operate From Back-Office Server
What do you think? Can Big Blue pull it off?]]>
Windows PowerShell Scriptomatic]]>
I just sent this email reminder to all users in my organization. I would recommend you do something similar if you are not already ensuring users are aware of these issues. Feel free to use my content and add your own.
It is that time of year again when folks send electronic holiday greeting cards to one another. Some of the greetings may also be games that bear holiday messages. It is also a time when malicious software spreads using these same types of messages and software. You should also be cautious when doing any holiday shopping online or at stores. It is important that you and those you communicate with understand these risks. Your finances and identity are always at risk in today’s technology environment, but you may be less attentive during the holiday season. The following 10 tips are meant to remind you of some important security precautions.
1. Do NOT use your company email address for personal holiday greetings or shopping activities. Merchants may sell your email address to other non-reputable sources and this puts your company identity at risk.
2. If you receive personal holiday greetings or “cute” games at your company email address, ask the sender to not send those to you at work. Use a personal email account for those communications.
3. If you do receive holiday greetings or games at your personal email address, check with the sender before opening to be sure they sent the message. Spammers and malicious software writers can easily deceive you through social engineering. They will do everything possible to get you to open their message and potentially damage your computer and/or harvest your email address as a valid address.
4. Don’t trust everything you see online. Finding something on the internet does not guarantee that it is true. Anyone can publish information online, so before accepting a statement as fact or taking action, verify that the source is reliable.
5. If it looks too good to be true, it probably is. You have probably seen many emails promising fantastic rewards or monetary gifts. However, regardless of what the email claims, there are not any wealthy strangers desperate to send you money. Beware of grand promises—they are most likely spam, hoaxes, or phishing schemes. Also be wary of pop-up windows and advertisements for free downloadable software—they may be disguising spyware. Close the pop-up windows by clicking the X in the top right corner. Do not click the YES, NO, or CANCEL buttons in the window. It may cause unwanted computer issues if you do. Do not trust what you see in these pop-up windows. Contact IT support if you have any questions or issues.
6. Avoid phishing schemes. Banks and other institutions will not actively solicit personal information by email. When you click a link in an email asking for this type of information, your choice may risk your finances and personal identity. The link may take you to a website hosted by someone with malicious intentions. If you enter your personal information on the website, you have just had your identity taken by a social engineering attack and may have incurred a financial loss.
7. If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a web site connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org/phishing_archive.html).
8. If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. Consider reporting the attack to the police, and file a report with the Federal Trade Commission (http://www.ftc.gov/).
9. Do not participate in forwarding chain letters or perpetuating hoaxes or urban legends. Hoaxes attempt to trick or defraud users. A hoax could be malicious, instructing users to delete a file necessary to the operating system by claiming it is a virus. It could also be a scam that convinces users to send money or personal information. Phishing attacks could fall into this category. Urban legends are designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information. Another common form are the emails that promise users monetary rewards for forwarding the message or suggest that they are signing something that will be submitted to a particular group. Urban legends usually have no negative effect aside from wasted network bandwidth, server resources and time. If you want to check the validity of an email, there are some web sites that provide information about hoaxes and urban legends: Urban Legends and Folklore – http://urbanlegends.about.com/; Urban Legends Reference Pages – http://www.snopes.com/; Hoaxbusters – http://hoaxbusters.ciac.org/; TruthOrFiction.com – http://www.truthorfiction.com/; Symantec Security Response Hoaxes – http://www.symantec.com/avcenter/hoax.html; McAfee Security Virus Hoaxes – http://vil.mcafee.com/hoax.asp
10. Protect yourself while shopping online. Use and maintain anti-virus software, a firewall, and anti-spyware software. Keep software, particularly your web browser, up to date. Do business with reputable vendors. Take advantage of security features like secure passwords and encrypting information between your computer and the vendor’s website (look for the “lock” symbol in the browser or the website address beginning with “https” rather than “http”. Use a credit card rather than a debit card. Check your statements for any unusual or unauthorized activity.
Hopefully these tips will help you and those around you to have a happy holiday and reduce the risk of an unwelcome holiday event due to being uninformed. Please feel free to share these tips with your friends and family to help increase awareness and reduce risky behavior.
See the CERT Cyber Security Tips website for more information like this.]]>