IT Blog  There is a feeling in the infosec community that Conficker may change its behavior April 1 and wreak havoc. Headlines have included: ComputerWorld: Conficker's next move a mystery to researchers Computer Reseller News: Conficker Worm to Strike April 1 USA Today: PC security forces face April 1 sh...

Posted: Mar 27, 2009   12:52 AM GMT  |  Blog: IT Trenches   |      Conficker, worm, updates

IT Blog  Hi folks, more often than not I see people deploying new network equipment or servers without firmware updates. What's up with that? As a good best practice it only makes sense to update the firmware on devices. These firmware updates usually patch lots of security holes and other bugs. People tend...

Posted: Oct 31, 2010   8:01 PM GMT  |  Blog: The musings of an IT Consultant   |      network equipment, switch, router

IT Blog  Unless you have a dedicated IT administrator--or preferably a dedicated information security administrator--who performs the role of testing and analyzing new patches and updates prior to implementation, your patches and updates should be automated. Large organizations have different needs, but hom...

Posted: Feb 28, 2011   9:51 PM GMT  |  Blog: Windows 7: Through the Looking Glass   |      Windows 7, Automatic Updates, Windows Update

IT Blog  For certain malware infection follow these steps: 1. Do not apply operating system patches. 2. Do not apply application patches. 3. Do open emails from unknown sources. 4. Do open attachments on emails from unknown sources. 5. Do open unexpected attachments appearing to be from known sources. "...

Posted: Jan 15, 2010   7:33 PM GMT  |  Blog: IT Trenches   |      malware, antivirus, information security

IT Blog  Just a quick Samba update to mark my return from the beaches of North Carolina: Major bug fixes included in Samba 3.0.25a are: Missing supplementary Unix group membership when using "force group". Premature expiration of domain user passwords when using a Samba domain controller. Failure to ope...

Posted: May 29, 2007   1:17 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  We just put a Samba tip up the other day regarding bugs and bug fixes, so it's kind of ironic that Jerry Carter, release manager for the Samba team, sent out a few bug updates today to the mailing list. The first, complete with patch availability: =========== Description =========== The idmap_ad.s...

Posted: Sep 11, 2007   2:56 PM GMT  |  Blog: Enterprise Linux Log   |      Security, Samba, Administration, interoperability and integration

IT Blog  Yesterday was Microsoft's monthly Patch Tuesday, but it was also Adobe's quarterly patch release day. While Microsoft buried IT admins with 12 new security bulletins, Adobe piled on with a slew of its own patches and updates. A recent report from McAfee found that the number of attacks against Adobe...

Posted: Feb 9, 2011   5:02 PM GMT  |  Blog: The Security Detail   |      Adobe, patch, update

IT Blog  There are some records that are good to achieve--most copies of Windows sold in a month, or most profitable quarter in company history, etc. Then, there are less desirable records, like say....the highest number of security bulletins, or the most vulnerabilities patched in a single Patch Tuesday. A...

Posted: Feb 15, 2010   2:58 AM GMT  |  Blog: Windows 7: Through the Looking Glass   |      Microsoft, security bulletins, Patch Tuesday

IT Blog  For the better part of two years now, I've been looking at various flavors of Linux, trying to see which one(s) are right for my needs. For servers, I stopped after finding Arch Linux, as it gave me the freedom to use as much of my resources as possible, without the overhead of a GUI and such. D...

Posted: Jul 27, 2011   3:22 AM GMT  |  Blog: I.T. Security and Linux Administration   |      security, review, distribution

IT Blog  Sir Winston Churchill once said, Those who fail to learn from history are doomed to repeat it. Those are wise words, and a sentiment that applies nicely to information security. As we begin 2012, it is a great time to reflect on the significant security events that occurred over the last year,...

Posted: Jan 5, 2012   4:20 AM GMT  |  Blog: The Security Detail   |      security, Qualys, Wolfgang Kandek

IT Blog  Microsoft released the annual Microsoft Security Response Center (MSRC) progress reporttoday. This paper provides a behind-the-scenes look into some of the work the MSRCteam has done over the past year. Specifically, the report highlights: Data from the Microsoft Exploitab...

Posted: Aug 1, 2011   6:16 PM GMT  |  Blog: The Security Detail   |      Microsoft, Microsoft Security Response Center, MSRC

IT Blog  With Linux 3.0 coming up around the corner, I thought it would be good to discuss some (possible) future improvements and additions to the kernel. While this is already in the 2.8 branch (which was created before the official 3.0 was announced), it'll be interesting to see what is carried over. ...

Posted: Jul 25, 2011   10:18 PM GMT  |  Blog: I.T. Security and Linux Administration   |      security, ipset, network

IT Blog  Not too long ago, Arch Linux released an update on their distribution, stating that they are removing support for tcp_wrappers. For the most part, this doesn't seem to be a big deal. They aren't a world-renown distribution like Ubuntu or Red Hat, so its unlikely that unless its a kernel-based dec...

Posted: Aug 5, 2011   5:28 PM GMT  |  Blog: I.T. Security and Linux Administration   |      security, iptables, tcp_wrappers

IT Blog  A letter from Samba contributor Jeremy Allison confirmed today that the Samba Team has decided to adopt the GPLv3 and LGPLv3 licenses for all future releases of Samba. The GPLv3 is the updated version of the GPLv2 license under which Samba is currently distributed. Over the course of the past year ...

Posted: Jul 9, 2007   5:20 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Legal, licensing issues

IT Blog  It's always a fun morning when the Samba team fires off another stable production release of their namesake open source project. Today, Samba's Jerry Carter mailed the Samba mailing list with an update on 3.0.25c -- it's available! This is the latest production release of the Samba 3.0.25 code base ...

Posted: Aug 21, 2007   12:07 AM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  Since we seem to love Samba around here so much, here's their latest update (delivered via the Samba mailing list, I suggest you get yourself to Samba.org and sign up!): Major features included in the 3.0.25 code base include: Significant improvements in the winbind off-line logon support. Suppo...

Posted: Mar 1, 2007   1:25 PM GMT  |  Blog: Enterprise Linux Log   |      Administration, interoperability and integration

IT Blog  From the Samba mailing list this morning: Major features included in the 3.0.25 code base include: o Significant improvements in the winbind off-line logon support. o Support for secure DDNS updates as part of the 'net ads join' process. o Rewritten IdMap interface which allows for TTL based cachin...

Posted: Apr 25, 2007   1:53 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  Major features included in the 3.0.25 code base include: Significant improvements in the winbind off-line logon support. Support for secure DDNS updates as part of the 'net ads join' process. Rewritten IdMap interface which allows for TTL based caching and per domain backends. New plug-in interf...

Posted: May 16, 2007   1:35 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  A Samba4 update from Andrew Bartlett hit my Inbox this morning with an overview of all the new features. NEW FEATURES ============ Samba4 supports the server-side of the Active Directory logon environment used by Windows 2000 and later, so we can do full domain join and domain logon operations with...

Posted: Sep 7, 2007   2:38 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  A trio of Samba security vulnerabilities dropped into my inbox today. The first: This bug was originally reported against the anonymous calls to the SamrChangePassword() MS-RPC function in combination with the "username map script" smb.conf option (which is not enabled by default). After further in...

Posted: May 14, 2007   2:29 PM GMT  |  Blog: Enterprise Linux Log   |      Security, Samba

IT Blog  Fresh from Samba.org are the latest features included in the 3.0.25 code base: Significant improvements in the winbind off-line logon support. Support for secure DDNS updates as part of the 'net ads join' process. Rewritten IdMap interface which allows for TTL based caching and per domain backen...

Posted: Apr 9, 2007   8:27 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  Samba release manage Jerry Carter once told me that the majority of "bugs" in Samba that get reported by users are actually misconfigurations of that user's system, or a problem with Microsoft Windows, and are not the fault of Samba. In one of the rare tips I've written for SearchEnterpriseLinux.co...

Posted: Nov 15, 2007   3:55 PM GMT  |  Blog: Enterprise Linux Log   |      Samba, Open source applications, Updates and upgrades

IT Blog  Samba 3.025 draws ever closer with the 2nd release candidate going live late last week. The details are as follows, courtesy of project lead Jerry Carter: Significant improvements in the winbind off-line logon support. Support for secure DDNS updates as part of the 'net ads join' process. Rewrit...

Posted: Apr 23, 2007   11:54 AM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  *NOTE* This is the second preview release of the Samba 3.0.25 code base and is provided for testing only. It is NOT intended for production servers. Major features included in the 3.0.25 code base include: Significant improvements in the winbind off-line logon support. Support for secure DDNS up...

Posted: Mar 22, 2007   11:49 AM GMT  |  Blog: Enterprise Linux Log   |      Samba, Administration, interoperability and integration

IT Blog  Apple users tend to have a false sense of security superiority when it comes to their beloved Mac machines. But you gotta give Apple some credit -- when a security hole is discovered, the company is pretty good about patching it quickly. This time around, Apple has released Security Update 2007-009...

Posted: Dec 18, 2007   12:48 AM GMT  |  Blog: Security Bytes   |      Application Security, Information Security Threats, Security Management