website

May 26 2009   8:41PM GMT

Microsoft releases SharePoint Designer 2007 for FREE!

Posted by: Troy Tate
Microsoft, SharePoint, website, design, website administration, website admin, tools

SharePoint Designer 2007 is Now Free – Office SharePoint Designer 2007 provides the powerful tools you need to deliver compelling and attractive SharePoint sites and quickly build workflow-enabled applications and reporting tools on the SharePoint platform, all in an IT-managed environment.  You can use SharePoint Designer 2007 to create and deploy interactive solutions on the SharePoint platform, without having to write code.  It also provides the professional-quality design tools you need to create great-looking SharePoint pages that are compatible with a wide range of browsers.  Additionally, site administrators and IT managers can control exactly how SharePoint Designer 2007 is used to help ensure information workers have a managed and controlled experience.

If you are interested in learning more about SharePoint Designer 2007, please be sure to check out:

·         Microsoft Office Sharepoint Designer 2007 Product Overview

·         SharePoint Designer demos

·         SharePoint Designer webcasts

·         Help for SharePoint Designer 2007

·         Future direction of Sharepoint Designer 2007:  video

Jan 6 2009   4:45PM GMT

Swiss-army knife for public network testing

Posted by: Troy Tate
toolkit, tools, testing, connectivity testing, website, dns, ping, tracert, icmp, tcp, udp, public network, ssh, SSL, cryptography, crypto, crypto testing, hash, typosquatting

Sometimes it is necessary to test connectivity outside of your private company network. There are several resources I use. I will share a couple of those with you in this posting.

One of my favorite and most frequently used sites is Network-Tools. This website allows you to test Traceroute, PIng, Domain Name Server (DNS) lookup, Whois, and DNS record lookups. This is an excellent resource like DNSTools or DNSStuff.

Another site with useful public internet testing tools is Serversniff.net. You can use this site to perform TCP pings rather than the standard ICMP pings. There is also a step-ping test. This provides the ability to have increasing ping packet sizes to see if there is a bottleneck somewhere before the tested host. There are lots of other tools available on this website. I recommend you check it out and see which offer value to you in your support activities.

Unfortunately, these tools only work from the public internet. You will not be able to test hosts on your private network, but hey, shouldn’t you already have some other testing tools in your toolbag for the private network? I’m sure I will describe more tools as the year moves on.

Thanks for reading & let’s practice safe networking out there! Please feel free to leave comments for other readers so they can adequately support their networks.

Jan 6 2009   4:23PM GMT

Is this program good or bad for my computer?

Posted by: Troy Tate
information security, bho, activex, Security, website, community, Database, malware, research

Have you ever wondered if an application or running process is good or bad? Google searches do a good job of helping you determine if a process is legitimate or not. I just came across another resource in the fight against malicious software. It is a search engine for files, CLSID’s, and application names. The site is SystemLookup. The search results show whether the item is Malware, spyware, adware, or other potentially unwanted items, Legitimate items, Open to debate, or Currently unknown status. The various categories available for search include:

browser helper objects (BHO), toolbars, search hooks, explorer bars
Internet Explorer Buttons
Layered Service Providers
ActiveX Installs
Extra protocols
AppInit_DLLs & Winlogon Notify
ShellServiceObjectDelayLoad
Shared Task Scheduler
Services

The website is community-based so please contribute and improve this resource for security information.

Dec 15 2008   9:05PM GMT

Improving yourself in 2009

Posted by: Troy Tate
administration, planning, tools, website, Performance, professional

It is going to be another year end here in a few weeks and the new year begins. We all struggle to meet deadlines, track what we do and where our time goes. I have found a few tools that I will be sharing with you in the next couple of blog entries. Maybe one of these will help you in 2009 and make you more valuable to your organization.

The first of these is called the BubbleTimer. It  is meant to help you meet your goals through better time management. This may be useful if you are a consultant or need a way to quickly track time on projects.

Hope this is of use to you in 2009!

Dec 10 2008   1:19PM GMT

The larger world of free technical support - Craigslist computer forum

Posted by: Troy Tate
Networking, tools, documentation, patching, web, IT education, malware, website, anti-virus, troubleshooting, howto, online identity, risk, awareness, education, professional

I recently came across the computer forums on Craigslist. I had heard of Craigslist previously but was not aware of the significant scope of what it offers besides classified ads. I’m not suggesting that folks leave ITKE to the Craigslist computer forums for support - far from that.

I have been watching some of the exchanges between posters on the forums. It amazes me what people will post when the environment provides seeming anonymity. ITKE does offer this also, but the moderators do a great job of keeping the Trolls away. The Craigslist posters do not behave in the same professional manner that ITKE users do. There are many writers on Craigslist that belittle computer user skills for those asking “noob” questions. There are also those who attempt to discredit or otherwise tear down answers from those who have real computer skills and knowledge.

For example, there was a recent posting thread reminding people that the Microsoft Tuesday patches had been released. One feature that Craigslist offers similar to ITKE is the ability to rate postings. Someone rated the patch Tuesday reminder as a “thumbs down” posting. This is really unprofessional behavior. The thread went on to describe that exploits were sure to follow the patches since hackers use the patches to reverse-engineer the vulnerability. Someone asked if the exploits could already exist. Of course they might, but the exploits would become more likely after the patches are released.

The thread also described how the patches are to protect users from themselves. Most users are tempted into doing something (downloading software, answering yes to some popup window, visiting that interesting website) that causes malicious software to do something on their system that is totally unintended by the users… so the patch is there to fix some things that might be otherwise used by these malware writers. Really patching is the only preventive mechanism. Antivirus is a detective method that detects when something is trying to do something it shouldn’t. Patching won’t let those things happen - unless the user makes a poor judgement call… we all do! I have even opened an infected PDF file thinking it was a legitimate document. Fortunately, AV was able to clean up after my mistake.

For some reason, some troll thought they would say that these postings were by a “know-it-all n00b”. It seems like this Craigslist forum user may be one of those miscreants who want people to remain ignorant and cannot handle someone else teaching others about safe computing and answering other users’ questions.

I would like to encourage ITKE readers and IT professionals to help make IT support forums professional and user-friendly. If you have time, watch the Craigslist computer forums, offer support to the users  who don’t have the same professional support available we have on ITKE. Make the trolls look even worse by treating the users with some respect. By sharing our knowledge and skills, we can help users use the computer in a productive manner. Thanks for reading this and hope you join me in sharing knowledge either here on ITKE and/or Craigslist.

Oct 9 2008   3:00PM GMT

Alternatives to e-mail attachments - SharePoint is risky!

Posted by: Troy Tate
administration, Networking, Firewalls, Storage, Security, DataManagement, intellectual property, email, Data security, Policy, SharePoint, Exchange, design, website, risk, policy enforcement, vulnerability

I’m looking for some help on this topic and have posted a question to the ITKE community. Hopefully someone out there has had some experience with this service for your organization and can provide some valuable insight.

One group I participate in is a mailing list from SANS. If you have not attended a SANS event or education, then you should try to get to one of their events. They are one, if not, the premier non-vendor related security and systems administration group in the IT industry. I posed the same question to this peer group and have had some very good responses. Some suggestions for solutions have come back and include:

Microsoft Office SharePoint (http://www.microsoft.com/sharepoint/default.mspx)

OpenText – Livelink (http://www.opentext.com/2/sol-products/sol-pro-llecm10.htm)

Webex Connect – (http://webex.com/enterprise/index.html) (There are other flavors for small & medium business)

 Accellion -  http://www.accellion.com)

 

These are very interesting solutions and I will certainly be looking at all potential candidates. One thing that bothers me about the SharePoint option is its security capabilities. SharePoint is typically Microsoft Active Directory integrated. This has major security implications and in fact CSO magazine has posted a recent article on this topic. I recommend that you read the article and understand what risks the SharePoint solution may open for your organization.

Why Security Pros Hate Microsoft SharePoint

Microsoft’s SharePoint collaboration platform is all the rage in today’s business world, especially since third parties gained the ability to plug security holes. But managing it can still be a nightmare for IT security shops.

I am still looking for more references and ideas for this solution, so please share what you are doing for your organization and it will be much appreciated by me and other readers.

Oct 1 2008   8:03PM GMT

Financial Crisis & Technology Accelerators

Posted by: Troy Tate
administration, homeland security, financial analysis, government, website, Metrics, threshold, risk, awareness, blog, Wall Street, analysis

We all know that things in the US economy are bad right now. Looking back we wonder if anyone was thinking ahead and thinking “what-if” and managing the risk. Apparently no one was doing that and here we are today with the government working on a $700 billion bailout for some critical financial organizations to ensure the world credit market does not collapse.

Speaking of looking back, I was recently reading the book Good to Great by Jim Collins. This is a easy to read business management book with some very good nuggets. It was written in 2001 and focuses on several companies and what it took for them to exceed the general market and become what the researchers considered great companies. Some of the companies mentioned include Abbott, Circuit City, Fannie Mae, Kimberly-Clark…

Wait, did I just say Fannie Mae? Isn’t that one of the companies that is being bailed out by the US government? Why yes it is! Interesting… before 2001 Fannie Mae was considered a great company according to Mr. Collins and team. You are wondering how I am relating this to IT or technology. Well, one of the chapters in the book is titled “Technology Accelerators”. This chapter focuses on how do “good-to-great organizations think differently about technology?” The book says that Fannie Mae:

“Pioneered application of sophisticated algorithms and computer analysis to more accurately assess mortgage risk, thereby increasing economic denominator of profit per risk level. “Smarter” system of risk analysis increases access to home mortgages for lower-income groups, linking to passion for democratizing home ownership”

As we have seen, something must have changed since 2001. Fannie Mae is no longer considered a great company since it is in need of so much taxpayer help due to poor risk management. What did the company do with the technology that made them so great before 2001? Did they just modify some Excel spreadsheet and change the threshold so some cells that were red are now yellow or even green? Did they ignore the idea of managing mortgage risk to ensure that people could have the “dream come true” of home ownership?

I cannot answer that since I am not part of Fannie Mae or any financial institution. I just ponder what if they had continued to use technology effectively in addition to making less risky decisions if they would still be considered a great company.

One thought I want to leave you with is one of the unexpected findings by Mr. Collins and his research team about technology accelerators:

“The idea that technological change is the principle cause in the decline of once-great companies (or the perpetual mediocrity of others) is not supported by the evidence. Certainly, a company can’t remain a laggard and hope to be great, but technology by itself is never a primary root cause of either greatness or decline.”

Sep 19 2008   12:53PM GMT

Did you see this? - Encyclopedia of internal network security threats

Posted by: Troy Tate
Networking, forensics, Security, tools, Microsoft Windows, Monitoring, Browsers, web, reporting, WWW, antivirus, homeland security, Data security, malware, Policy, design, Firefox, Microsoft, website, troubleshooting, honeypot, botnet, risk, research, awareness, vulnerability, man-in-the-middle

Promisec has released an online encyclopedia of internal network security threats. This is available online for free. There is a lot of information to look through and decide how the risks affect your organization.

Take for example the entry describing GoogleTalk. The site rates it as one of the top 5 internal threats.

The more we know about these risks the better prepared we can be. Thanks for your time. Let’s be good network citizens together & practice safe networking!

Sep 8 2008   4:49PM GMT

Did you see this? - 2007 Web Application Security Statistics Project

Posted by: Troy Tate
Security, tools, Database, Monitoring, Development, web, internet, DataManagement, WWW, Data security, malware, Policy, website, Metrics, risk, research, awareness, vulnerability, data loss

The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape.

 

Goals

1. Identify the prevalence and probability of different vulnerability classes 2. Compare testing methodologies against what types of vulnerabilities they are likely to identify.

 

The statistics was compiled from web application security assessment projects which were made by the following companies in 2007 (in alphabetic

order):

 

- Booz Allen Hamilton

- BT

- Cenzic with Hailstorm and ClickToSecure

- dblogic.it

- HP Application Security Center with WebInspect

- Positive Technologies with MaxPatrol

- Veracode with Veracode Security Review

- WhiteHat Security with WhiteHat Sentinel

 

The overall statistics includes analysis results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity. The detailed information can be found here:

 

http://www.webappsec.org/projects/statistics/

Aug 22 2008   8:02PM GMT

Poor Spelling = Identity Lost

Posted by: Troy Tate
administration, Networking, forensics, Security, Browsers, web, reporting, WWW, intellectual property, CA, certificate authority, malware, SSL, design, website, howto, network analysis, online identity, risk, awareness, blog, vulnerability, MITM, man-in-the-middle

Well, I am not the best speller and I know that is true for most people. I have recently discovered how this human weakness can get you into trouble and cause identity loss as well as potential financial loss.

This issue has recently come to light with some of the Black Hat presentations. The actual presentation can be found here. This example actually refers to SSL VPN attacks but consider what would happen if an attacker was able to create a man-in-the-middle SSL proxy using a typosquatting domain name. For example, what if you typed https://www.mybnak.com/myaccount into your browser. The actual address should be https://www.mybank.com/myaccount. This is just a simple typographical error right? Hmmmmm… maybe not!

Consider if an attacker purchased the domain name mybnak.com. They then were able to get an SSL certificate or create a self-signed one that to an uneducated user looked ok. Have you ever seen a message like the following?

How many of you (come on, admit it now) have clicked on this or know someone who would click on this without thinking a second time? Say you did click on Yes and proceeded. The website you go to looks exactly like the one where you intended to go! This is because the address you mistyped into your browser actually goes to an SSL proxy and you just said you trusted the website. You have now fallen into the man-in-the-middle attack.

This looks like the following picture:

This attacker now takes all the traffic you send it, reads it, saves what it wants, repackages it, sends it to your intended destination and returns information back to you (keeping copies of what information is returned) without you knowing that someone is between you and your intended bank. Phishers do use a similar mechanism although a savvy consumer might actually see that the address in the address bar does not match their intended destination at all. In my example, YOU mistyped the address!

Well if this does not scare you into making sure you can type addresses or keep accurate bookmarks then read some of the following and make up your own mind:

Mozilla SSL Policy Considered Bad for the Web

SSL VPN might not be as secure as you think

Black Hat 2008 Aftermath

But, on the other side of this argument consider this story about how a MITM attack saved Columbian hostages.

The internet is not a place to be ignorant about your surroundings. Users must be vigilent and savvy about its use. Maybe there should be internet driver testing and licences?

Thanks for your time. Let’s be good network citizens together & practice safe networking!