windowsnerd.com

Thats about it. if you are an iwork ilife ifanbois, the only phone for you is an iphone. If you love google apps like me, get a droid. You want the best ladder up to your cloud. Both have more apps than you can shake a stick at. Can you really filter through 80,000 apps available on the google phone? Do you really care if 60% of droid apps are free? No, you want your ladder to your cloud.

Unless you have HIPAA, PHIPA, SOX, CISSP, work for DoD, or just a company who values privacy. Then you get a Blackberry and download the right apps. There should be no such thing as an iphone or droid at a company who has security requirements. Please tell me I’m wrong with citations of how an iphone or droid is fully compliant with FIPS140-2 and is listed on the appropriate NIST site so I can show my attorney. Then I will snuggle up in my happy google cloud or let my coworkers get all happy in their iphone cloud.

I do envy you people who are arguing about megapixels and screen size. Not becuase your petty arguments have merit, just because I want the happy ladder instead of the Escher staircase.

One side note- I still challenge anyone to show me an iphone app with a real business use for me that can’t be replicated by blackberry or droid. So far it doesn’t exist. I think these are all fairly equal platforms and just flavors, not fat vs carbs.

I’m not always the biggest fan of some of the things Apple does, but I think the Ipad is pretty darn cool. When CRN posted this story, I was a little offended at their assertion that the ipad is the target of the back door. It is not. Windows is the target. I am no lawyer, but I am guessing this is straight up libel against Apple/ipad. http://www.crn.com.au/News/173074,backdoor-malware-targets-apple-ipad.aspx

I forgot to publish this from Mexico after my birthday when it hit the press. One guy in Russia named Kirllos owns 1 in 300 facebook accounts and has them for sale. A close source today tells me he has a lead on a guy who is selling more accounts than that, and cheaper than Kirllos.  My only point being, if there are 2 known people who have a 1 in 300 shot at already owning your password, I hope you change it as often as I do. There are a lot more than 2 Eastern European hackers in the world.

The combination of facebook owning your data, and you being excluded from that ownership/permissions editing should be something to ponder.

That is odd, but hey a 25% discount on awesome nerd gear at thinkgeek:

not sure which ad company is causing it. When you calculate directions in mapquest it just spins and spins. Verified on a few machines in a few states so far. I may investigate, probably will just say don’t use mapquest.

The argument with users should go like this – We block malware/adware. If Mapquest has recently changed partnerships and signed with someone who has a negative reputation, that does not give us a valid reason to stop using exisiting tools to block malware/adware. Write to mapquest or use Google maps, Bing maps, etc.

Mapquest hangs on Loading and just spins

I have a client who is having problems with Comcast and intermittent outages. We have both talked to comcast over the last few years to discuss the issue and come to no resolution or attempt at real troubleshooting. Tuesday a tech is finally coming out.

I will have pingdom stats this time to show how often the connection drops. Pingdom checks the firewall at the residence. It is possible for pingdom stats to be off in a few rare cases where the firewall is down. Currently that would occur because the power has been out or the hardware failed. Should give a pretty accurate show of Comcast uptime in a residence. I will update the stats if the hardware fails or power drops.

To troubleshoot the intermittent internet issue:

1. Ran pings from in the house to a bunch of addresses. In windows ping -t ping.mit.edu, fire up another command prompt, ping -t www.msu.edu, colorado.edu, etc. In linux just ping.
2. Swapped access points, copying config from ddwrt and moving to the other
3. New installation of DDWRT
4. Grounded cable splitters
5. Swapped cable splitters and coax
6. Called comcast, had them add a mac address for my newest cable modem. Seems on newer cheap ones you can’t copy the MAC. This guy was extremely helpful. Told me the Up link had some poor signal strength. At the time of the call. Only the cable modem was plugged in. This tells me there is a signal strength problem outside the house.
7. Tried with the Untangle UTM appliance inline and without.
None of these steps over a very long period of time has solved the issue, and now all hardware has been replaced.

Time will tell. And you will be able to monitor this locations performance as well as others on my Monitoring page very soon.

Be nice to the troubleshooting guy. I was nice to this one today and he was very very helpful. Crazy to have a native english speaker at 5 on a Sunday in the US. Maybe my comcast stock is worth holding on to. (disclaimer there… I own about $1000 worth of comcast stock. It pays pathetic dividends, I don’t recommend it.)

For services like pingdom that only allow X sms messages but unlimited email, this is great:

replace phone# with your 10 digit number

Just deployed a few apps with WPKG. I have to say I love it. Client checks in with server, if it needs software, it installs. If it needs to uninstall, it does. Super cool. This is going to save me so many months of repetion. I would say it is free, but my boss pays me to do the work. Cheaper than altiris, that is for sure. So far, easier than altiris or deploying packages with Kaspersky.

Today I started toying with the idea of using OSSEC active response in Windows. My goal is to block a whole IP, you can do port or traffic type as you wish, if anyone wants that let me know.  The first piece of work to share:

netsh ipsec static add policy description=”ossec block list”

netsh ipsec static add filter filterlist=”ossecfilter” srcaddr= 69.89.20.50 dstaddr=me protocol=tcp mirrored=yes

netsh ipsec static add rule policy=”ossec” filterlist=”ossecfilter” filteraction=block desc=”list of ips to block”

netsh ipsec static set policy assign=y

This blocks windowsnerd.com

Add another entry for slashdot. Ipsec doesn’t like having an empty entry so leave an addy in there to seed it for a delete in another step:

netsh ipsec static add filter filterlist=”ossecfilter” srcaddr= 216.34.181.45 dstaddr=me protocol=tcp mirrored=yes

Now if you open the ipsec MMC, you will see an applied ipsec policy, crack it open and you will see both entries for each IP.

Try going to windowsnerd.com, slashdot.com and another page. The first two will not work. All traffic has been blocked

Unblock -

netsh ipsec static delete filter filterlist=”ossecfilter” srcaddr= 69.89.20.50 dstaddr=me protocol=tcp mirrored=yes

Repeat – now you can block and unblock by running the static add and static delete command over and over. It will update the policy you created in the first step. Not quite as cool as adding to hosts.deny and firewall, but the same end result.

This example is for use on an application like OSSEC. If you desire, you can specify per port, IP addy, DNS name, whatever you want.