windowsnerd.com

notes from an admin for himself. you can read it if you want.

Entries Comments


Custom Search






A few nifty security tools for home

17 February, 2013 (18:29) | antivirus/spyware, security | No comments

http://pwnedlist.com/ This site will look your email address up and compare it to a list of known hacked accounts. You can ask it to keep on scanning for free on a personal account. This company teamed up with lastpass to do nightly scans.

Lastpass for passwords! Nobody should remember or write down passwords these days.

Separate email accounts – Build an email account for “account management” No spam, no personal email, etc. Just resetting passwords. make sure that password is darn strong on your email account.  I recommend MS Outlook.com or Google with the google authenticator.

WordPress- Bulletproof Security, WP Security – Both have similar approaches. If you run wordpress, you should spend a weekend getting to know each.

Don’t forget your hosts file from mvps.org when you install windows 8. This currently blocks commercials in hulu, most ads etc.

 

Free windows 8 ISOs straight from microsoft

8 July, 2012 (19:58) | OS, software | No comments

http://windows.microsoft.com/en-US/windows-8/iso

Or google it yourself, “windows 8 consumer preview ISO” and go grab it. You need to start getting ready for the upgrade now if you are like me. I’m just adding the link because people keep asking me.

How to find credit card numbers and social security numbers on an employee workstation

8 July, 2012 (18:49) | How to, Monitoring, security, software | No comments

Cornell developed their spider program a while ago. You can search for anything on a machine using regular expressions with this tool. It takes a bloody long time to search an entire hard drive so hopefully you have the user locked down to write access in My docs or the equal on linux/osx. This tool has to run as administrator or a service on newer versions of windows so plan accordingly when automating.

I use this to search for HIPAA data and credit cards. Works pretty well, I write the log file out to a server over an IPsec encrypted tunnel. Download and enjoy:

http://www2.cit.cornell.edu/security/tools/

Wooohooo I made my first $100 from google ads

30 June, 2012 (16:08) | blogging | No comments

They deposited it straight into my bank account. Well it is nice to get something back, it won’t cover the costs of running this page for years but it helps.

Why Macs are not designed for business use

30 June, 2012 (16:01) | linux, mac, security | No comments

Macs are great machines if you are a rich trendy person who was so brilliantly targeted by Steve Jobs. Not so good for normal people trying to keep up with the Joneses. Also not good for business at all.  This list is just a reminder for myself  when people are complaining as to why we protect HIPAA/PHIPA data with a capable OS’ like Windows and Red Hat. I know they all want bling and brainless packages to install. We tend to either install on windows with our own customizations and compile our own packages and automate with RHEL. We use exciting security technologies with certificates, ipsec, dnssec, selinux etc. We do our best to comply with fips-140-2, FISMA, USGCB and other standards that require tools that aren’t available or mature on apple products.

Laptops:

capable of: dell/win dell/rhel macbook pro
dock yes yes no
built in aircard yes yes no
lojack yes yes no
intel AMT yes yes no
gps tracking yes yes no
antitheft 3.0 yes yes no
remote wipe yes yes no
4 monitor support yes yes no
intel vPro yes yes no
FIPS-140-2 encryption yes yes few
FIPS-140-2 authentication yes yes no
Timely security patches yes yes no

 

That’s a few minutes of thought, I’ll add more as time goes on. Mac is a lot more expensive for quite a few reasons. Up front cost is very expensive. You need a developer to do all the custom security and networking work in a business setting.

Refresh on a Mac is a lot faster than a PC especially now that the hardware is soldered on to the motherboard of a Mac. Good luck upgrading the RAM on a fleet of macbook pros, you will have to buy new ones before your renewal and replacement cycle is done. Or you will have workers without the resources they need to do their job.

Enterprise tools just aren’t out there for mac. Typical users think they know computers because they get along with their home machine just fine. Automation and centralized tools are the name of the game in business. Mature products don’t exist hence the need for a full time developer. At my old job most of the mac staff were developers. We worked closely with Michael Bartosh and had him in house for long periods of time to build the tools that came with windows or were easy to deploy in red hat.

Apple’s HIPAA email address goes to a black hole. Nobody on my team has gotten a response from them on any email we have sent. At my last job we did, but they called Mike down the hall who was already in our building and he laughed about Apple not having any HIPAA support or intention to build it.

Apple is downright horrible when it comes to security. They buried their heads in the sand as a defense against malware and finally last week corrected some statements on their web page about threats against mac. Java patches come out in a few weeks for windows and linux, they take 6 months for mac.

Apple is driven by rabid fanboys like a wacky fringe religion on a recruiting spree. They troll all forums and magazine comments to offer wisdom like OSX doesn’t get spyware. Then the goalposts move to trojan horses aren’t viruses. Now the goalposts move again to Apple people are richer and better targets and other wacky explanations as to why they get attacked like every other OS. The defensive tone is always flooding public forums. The ratio of fanboy posts to market share is way off. If people actually read my webpage I’m sure I’d get comments here.

The main lessons in security are finally being realized by apple. They decided to start checking for updates every day vs every week and automatically install now. I constantly find apple machines who haven’t patched lately if ever. They hate the popup. They did come up with the brilliant idea that if a component like java hasn’t been used in X amount of time it will disable itself. I do like that one a lot.

Apple makes an idiot proof anti multitasking environment perfect for home users. It does a great job in this audience. It is absolutely not built for business use and is not cost effective. I suppose if a company has money to burn or make money with a hip image it makes sense in certain public facing areas. But it is a tool with a very limited job.

I do like apple products the design is brilliant and I would use one at home for basic surfing if given one free. The walled garden ecosystem is very nice for novice users and consumers who aren’t interested in learning what a computer does. I can’t say I’m a mac hater at all. I just hate users forcing their will on business by abusing positions of power vs using logic to make sound decisions.

 

 

 

Finally! Spiceworks adds a client Agent

28 June, 2012 (15:20) | Monitoring | No comments

Many people came here to flame me for citing a lack of agent on Spiceworks. Apparently they saw the light 4 years later. It has finally matured into a really good little product. Still not quite enterprise material but if you have a small business full of mac/win machines it is THE best free tool for the job. Check out their new video.

Mac users – I told you so, John Dvorak did too

16 April, 2012 (20:14) | antivirus/spyware, prediction, security | No comments

Nice to see some predictions come true. From my own blog here in 2009-

With today’s news of Snow Leopard including some sort of anti-spyware/malware (i doubt antivirus.) I decided I should compile a list of my favorite mac holes for the macholes that seem to say there aren’t any. The culture will shift once AV/ASW is installed on all Macs, so the fun of prodding them will go away. So to all the macholes who say there is no such thing as a security threat to Mac, grow up. Your time is coming. When you play with the big kids, you get more 3rd party hardware, software vendors, and lots of problems. Muhahahah. spoiled brats.

6/2009 http://www.theregister.co.uk/2009/06/11/mac_malware/

7/2009 http://www.theregister.co.uk/2009/07/21/andrews_video_malware_ruse/

—————————————

Well to add to the list for famous mac munching software –

apple defender/Antivirus scam

Flashback

Sabpub

I have plenty of saved up forum posts about how Macs are invincible.  It is sad to see macs getting attacked, but in a way it is nice to be able to say “I told you so. ” and be 100% correct on all fronts. Macs aren’t invincible. No platform is. The market share argument is valid. Virus is like Kleenex unless you really say things like “please hand me a Scott Tissue to wipe my Apple Macbook Pro keyboard.”

I think the moral of the story is that people are sheep. If  a strong shepherd like Mac tells the sheep they are safe, they will believe them. It isn’t really their fault, they are stupid. We need to go after the assholes that tell the sheep they are safe.

 

 

Use your old remote with an XBMC machine

16 April, 2012 (10:17) | How to, Remote Management, Stupid windows tricks | No comments

Need a remote? Just buy this usb dongle and use one of the 20 you have.

 

http://flirc.tv/

OSX Flashback shows apple innovating something in security. wait what? Apple and security in the same sentence?

15 April, 2012 (10:12) | mac, security | No comments

Apple did something brilliant. They might not be good at security, in fact they pretty much always suck at it. This forced them to create something new and just brilliant. If a user doesn’t use Java for X time, it SHUTS OFF! How incredibly obvious but new is that? How cool would it be if telnet got disabled after not being used for a few months on a windows box?

http://www.theregister.co.uk/2012/04/13/apple_releases_flashback_removal_tool/

This new process of disabling after a service is not in use needs to become the standard for all platforms.

Windowsnerd.com vs ABC’s The Bachelor

20 February, 2012 (20:09) | Mindless Blather, prediction | 1 comment

God I hate this show. Only in the US can you have the polygamist player asshole show garnering an #1 ratings spot while real news (and G4tv’s Morgan Web) is falling off the radar.

Nevertheless, due to my female counterpart’s enticement programme, I end up noticing most of each episode while playing Star Wars – The Old Republic. While I feel it is more important to level my Empire bounty hunter’s black market skills, she thinks we should consume this tripe while holding hands. Which has a negative effect on my 1337 combat tactics and mouse hand

Apparently her twittering SMS messaging obsessive friends agree that she needs to see the show. The pace of twits tweeting and iPhones beeping increases at a rate close to a powertech bounty hunter’s superheated gas dps curve. By the end of the night its ready to explode. Our nerd/male slut watching compromise involves a massive leather Scandanavian Designs couch, giant 120HZ 3dTV, Dell Precision M6500 with dual SSDs, Intel quad core extreme edition, 16GB of ram, beer and a slice of triple chocolate cake from Hacienda Colorado.  That nerds, is what compromise is. My massive cranium unfortunately has extra cycles to burn on the Bachelor noise resulting in a mild bit of analysis. I have two theories for my prediction on the bachelor season 500,321.888:

1. If the show is somewhat real and they have a genuine interest in making profit from a happy couple, Ben will keep the hot horse riding chick. The parents are a good fit, it just works. Baton twirling band girl doesn’t have a chance because her dad is a tool. Which is sad, she is probably at about the nerd level I am so I feel bad for her dabbling in the deep pool when she should be in the plastic pool with me.  Former married girl doesn’t have a shot. Although her dad is cool because he rocks a pen in the pocket sans pocket protector. That means he is rich because he has so many shirts that he does not need to protect his pockets. I suspect he is intelligent enough to know his daughter is a skank. I hope I never have a skanky bachelor daughter.

2. Model “evil” girl will win if the show is completely based on corporate interest, sponsorship, drama, well just money. I feel bad for Ben if he is somehow stuck in this position, well maybe. It could be that Ben is legally blind and the blurry images presented through his distended corneas make  Courtney look somewhat attractive. Hell, maybe he just likes her hair color or the smell of burning silicone and taste of stale botulism on her upturned distorted lip. The girl looks like a confused or poisoned fish and has some obvious daddy issues. If I had to be around her psychotic plastic lip and or personality, I think I would be  as awkward as Mike Myers next to the mole. Fi fi fi fi fiFIIIIISHHH!

Overall I think he is going for the model. The bachelor results in disasters created by the typical beauty pageant operation. 25 girls enter, 24 lose, 1 loses spectacularly a little later. Usually aided by a cocktail of cocaine, liposuction, purse sized dog and a relationship gone bad. The judge at these events gets a smile on his face for a while, until he ends up with a few prescription creams to apply to his junk. I’m glad I’m a socially inept nerd with a penchant for star wars.

« Older entries

 Newer entries »