leedesmond’s blog

If not already done so, your number one priority should be to evaluate, test then deploy the critical security patch for supported Windows operating systems that was part of Microsoft’s out-of-band MS08-067 release last week.

In a nutshell, this vulnerability has already seen real exploits on the rise in the wild where unpatched systems could easily fall prey to remote malicious RPC attacks against the Windows Server/Browser service via TCP/135 and TCP/445 - all without any form of authentication or authorization. An infected machine can potentially become a unwilling host for self-replicating, wormable exploits against other unsuspecting machines in the network, thereby jeopardizing the security of any connected nodes.

To safeguard against similar incidents in the future, consider disabling unwanted services on Windows client machines (laptops and desktops) to harden them from becoming victims. I published an article that discussed this topic some years back; look for “Windows NetBIOS Protection: Closing The Door Ajar @ Home” here. For Windows servers, keep a close tab on security patch management that should be part of your standard IT operational process and procedure.

References: Microsoft Malware Protections Center blog, Microsoft Security Response Center (MSRC), Microsoft Security Advisory (958963)

Technorati tags: Security

No Comments »

I got this invitation from our Schweizer IT Professional und TechNet team colleague over at Microsoft to pass this exciting news along.

Free new Virtual Lab based Exam 70-113: TS: Windows Server 2008 Active Directory, Configuring. Register before December 17th to take the exam at no charge before December 31st with promo code H640. By taking part, you stand a chance to receive free exam vouchers that can be used to register for any Microsoft Certification exam delivered at a Prometric testing center.

Read more at source.

Technorati tags: Certifications, Windows Server 2008, Community/User Group

No Comments »

I was invited to give a public lecture to the staff and students of the Communications Systems Group at ETH Zürich on Tue 14 Oct 2008 entitled “Network Security in a Virtualized Environment”. You can find an abstract of the talk as follows and here.

In the highly connected world of networks affectionately known as the Internet, financial gains have taken the pole position driving malware authors to dish out ever increasingly potent dosages. The maturity and benefits of virtualization technology offer a viable platform to analyze and combat malicious infiltrations and their ill effects. Just how secure is the network barricading the host and guest virtual machines running on top of it? Will the behavior of worms or viruses be dramatically altered in a virtualized environment? This talk looks at the landscape of today and tomorrow of virtualization and network security.

Drop me a comment with your details if you are interested to learn more about the presentation.

ETH = Eidgenössische Technische Hochschule

Technorati tags: Virtualization, Security, Networking

No Comments »

Users who travel between different office locations pose a big challenge to IT when it comes to timely patch management with WSUS. It makes sense to download patches and updates from local servers or machines in close proximity rather than bloating the expensive network links with essentially the similar data downloads.

The trick is first to enable the DNS options “Round Robin” and “Netmask Ordering” at the server level. Next, create multiple Host (A) records with the same server name, say WSUS, that match to each of the actual corresponding IP address in the different subnets. This name should be identical to the one defined in the group policy for Computer Configuration/Administrative Templates/Windows Components/Windows Update/Specify intranet Microsoft update service location.

When a client picks up its DHCP address, the query against the local DNS server for WSUS should resolve to one or more IP addresses returned in sequence. This is arranged in such a way that servers in the local or in the vicinity of the IP subnet (where the client is located) are listed first followed by all others.

Besides maintaining consistency through the use of one common name regardless of physical locations, service redundancy and a limited form of load balancing - though not fool-proof - can be achieved if more than 1 servers are available for the Windows Automatic Update client’s picking.

Reference: Configure WSUS for Roaming Clients, Whassup with WSUS?

Technorati tags: WSUS, Security

No Comments »

—————————
Microsoft Office Outlook
—————————
File access is denied. You do not have the permission required to access the file E:\outlook.pst.
—————————
OK
—————————

This misleading error occurs even though you may already have full control and access to the Outlook data file. The cause is attributed to the fact that Outlook must be able to write to the *.PST data file although your intention is simply to read the archived data. Moving it over to a writable media will resolve this.

Technorati tags: Exchange Server

No Comments »

Deleting a virtual machine in Hyper-V will result in the contents of all the VM’s sub-folders* to be wiped off completely. This includes vital information such as configuration settings and snapshot details that describe the VM. The emptied sub-folders will remain though and all virtual hard disks associated with the VM (vhd files) will be preserved on the host disk.

In the event that the VM has one or more snapshots, these will be automatically merged into the original base vhd image. As a result, the mere simple action of deleting a VM may take several tens of minutes before the VM can be removed from the Hyper-V Manager interface. Therefore, ascertain that sufficient disk space is available on the host to avoid any issue upfront.

As a best practice, always use Hyper-V’s Export feature to backup the virtual machine’s hard disk(s), configuration information and folder structure prior to deleting the VM.

* Snapshots, Virtual Hard Disks.

Technorati tags: Windows Server Virtualization, Hyper-V

1 Comment »