When you first install it there will be programs like adobe air that don’t seem to be able to update. Follow the links in secunia and it will run you through the latest versions again. I’ve been using it on all the family machines for a long time now and rarely have an issue to fix manually. I highly recommend it.

Anyone know of a better free tool? Leave a comment!

I don’t recommend doing this in order to block their ads. It is how they make money to build the product. If you use it for work, this is like cutting off your toe so you don’t have to look at it.

I would recommend putting the hosts file from MVPS.org on every machine in your organization for a jillion security reasons. You need to dog food it and run it on your computer. Just sayin, a side effect is that Spiceworks ads will be blocked if you keep it updated.

If you use Spiceworks for your business and choose not to pay the ads, think about it for a minute. I pay between $3-4k per year on a Dell kbox I used to replace Spiceworks. Are you going to pay the same when you bankrupt their model? Maybe just send them a check for saving you some time. I’m telling you the people there are really cool. Helping Austin stay weird. I might have disagreements with how they run their software, which is fine and why I moved on to a different product. But I think the nerd world needs the Spiceworks staff and community more than they realize.

check it out, they have a lot of great stuff added.

For today the windowsnerd prediction is that the TLC show will end after enough people get in fights with supermarket managers or go to jail and sue TLC. If there was a phenomenon where you could get $1000 worth of groceries for $30 consistently, companies will go out of business, people lose jobs. The show decided to highlight an anomaly that can’t be sustained on a large scale. Too bad for them.

Later on it might be interesting to study the amount of spyware, cookies, etc that come along with a standard visit to some standard coupon locations. Slickdeals.net, coupons.com etc. More interesting would be a list of statutes violated by the bar code scam. Is is possible to be charged with a felony for enough coupon scamming?

I disagree with the use of Apple tech to solve corporate problems. I work with protected information and use standard tools every corporation should be using. The problem with Macland is that Apple does not support secure computing. Try writing email to their HIPAA support address. So far they have not responded to a single one of our emails in the last 3 years. They don’t exist. Apple has no FIPS-140 support. They do not have a single certified device on the NIST FIPS 140-2 list.

 Apple is like a gold hammer if home computing is a kind of nail. Works pretty well together and looks nice. But the hammer is expensive and has to be replaced pretty quick. When you smack the business screw with the gold hammer, all kinds of crap goes wrong. Eventually when your business puts a heavy load on the screw, everything will fall apart.  I’m looking for the right tools to go in my toolbox. Not the one the popular comedian on TV uses. I’m a professional IT person, not a comedian.

I’d like to start a table to show a comparison of just Dell laptops with Windows, Red Hat vs Apple full OSX and iphoneOs. I’d like to stick to features useful to a medium to large business, not a group of 10 developers. Over time I’ll add links to each item to show a source for data directly on a government site. For the most part this is a cheat sheet for myself but if anyone else finds it useful let me know.

To the apple fanbois who will find this site, if you have helpful comments to keep this accurate, fire away. Just keep in mind that I’m in the big kids playground where Ford vs Chevy doesn’t matter. Individual products that meet government requirements matter. FIPS 140-2, HIPAA, HITECH, FDCC, USGCB are the types of regulatory issues I have. If you don’t have emails coming to your inbox every day with compliance reports… well just keep your flamebait to yourself please. You can’t learn about this stuff overnight. It takes years and a decent size staff. Until you have lived in that world, you don’t shed bias to examine this rationally.

I believe this is accurate as of March 2011.

Unless you have HIPAA, PHIPA, SOX, CISSP, work for DoD, or just a company who values privacy. Then you get a Blackberry and download the right apps. There should be no such thing as an iphone or droid at a company who has security requirements. Please tell me I’m wrong with citations of how an iphone or droid is fully compliant with FIPS140-2 and is listed on the appropriate NIST site so I can show my attorney. Then I will snuggle up in my happy google cloud or let my coworkers get all happy in their iphone cloud.

I do envy you people who are arguing about megapixels and screen size. Not becuase your petty arguments have merit, just because I want the happy ladder instead of the Escher staircase.

One side note- I still challenge anyone to show me an iphone app with a real business use for me that can’t be replicated by blackberry or droid. So far it doesn’t exist. I think these are all fairly equal platforms and just flavors, not fat vs carbs.

The combination of facebook owning your data, and you being excluded from that ownership/permissions editing should be something to ponder.

netsh ipsec static add policy description=”ossec block list”

netsh ipsec static add filter filterlist=”ossecfilter” srcaddr= 69.89.20.50 dstaddr=me protocol=tcp mirrored=yes

netsh ipsec static add rule policy=”ossec” filterlist=”ossecfilter” filteraction=block desc=”list of ips to block”

netsh ipsec static set policy assign=y

This blocks windowsnerd.com

Add another entry for slashdot. Ipsec doesn’t like having an empty entry so leave an addy in there to seed it for a delete in another step:

netsh ipsec static add filter filterlist=”ossecfilter” srcaddr= 216.34.181.45 dstaddr=me protocol=tcp mirrored=yes

Now if you open the ipsec MMC, you will see an applied ipsec policy, crack it open and you will see both entries for each IP.

Try going to windowsnerd.com, slashdot.com and another page. The first two will not work. All traffic has been blocked

Unblock -

netsh ipsec static delete filter filterlist=”ossecfilter” srcaddr= 69.89.20.50 dstaddr=me protocol=tcp mirrored=yes

Repeat – now you can block and unblock by running the static add and static delete command over and over. It will update the policy you created in the first step. Not quite as cool as adding to hosts.deny and firewall, but the same end result.

This example is for use on an application like OSSEC. If you desire, you can specify per port, IP addy, DNS name, whatever you want.

Skype TCP ports 13861, 34954, 42045

Apple remote admin stuff – tcp 5354

typical email – tcp  25, 143, 465, 587, 993, 995 (use these at your own risk. Some you need for gmail etc, but if you open 25 outbound you may be spamming if a machine is owned)

 web – tcp 80, 443

openvpn – tcp 1194

ssh – tcp  22

ftp -tcp 21

Instant messengers - tcp 1863, 5050, 5190, 5222, 5223

Remote desktop – do some port forwarding so it comes in on like 10020 and goes in to 3389. Dont open 3389 to the outside.

How do you find more?

Open a command prompt

type in netstat -no and hit enter

you will see a list of the open source and destination addresses. Compare this list to the auto refresh block list in your untangle firewall. Look for the PID. Compare that to a task manager PID and see what process is using it. Make sure you know what you are allowing when it is blocked.