windowsnerd.com

notes from an admin for himself. you can read it if you want.

Entries Comments


Custom Search






Hair stylist – Cheapest (easy) way to set up a wordpress blog in q1 2016

19 March, 2016 (14:53) | How to | No comments

Just added – Building a personal blog for a hair stylist explaining how to build a cheap easy wordpress blog to share your photos, life and connect with your clients better. I would recommend finding a nerd to help you. If you have one, great, the tools to make it cheaper and better are there. Let me know if anyone finds this helpful.

Dell Superfish 2.0 fishing – what has it and what doesn’t

23 November, 2015 (16:43) | antivirus/spyware, security | No comments

Starting to search for the Dell evil certificate: http://www.theregister.co.uk/2015/11/23/dell_security_nightmare_gets_worse/
I’ll start looking for the eDellRoot cert on all the machines I can find and update this. Please comment if you have any results.

Machines that do have it:

Machines that do not:
Precision t7610
Latitude e6510
Latitude e7440
optiplex 790

Logmein buys lastpass… time to go shopping for a replacement. Also Logmein is NOT HIPAA compliant

12 October, 2015 (07:44) | security | 1 comment

Anyone have an enterprise level password manager they recommend?

http://techcrunch.com/2015/10/09/logmein-acquires-password-management-software-lastpass-for-110-million/

Logmein is a scary company. Large price boosts with little warning, they lie about HIPAA compliance. The thing that makes me the most angry about Logmein is that they couldn’t just say NO. No we don’t meet the conduit exemption. No, we aren’t built for HIPAA data. Instead they have an employee in their forum trying to sell it like it is. I’m copy and pasting a bunch of data from their forum here in case they delete it or try to sue me for pointing out that they fail at HIPAA/HITECH.

Why is Logmein a fail on HIPAA/Hitech Omnibus compliance?

Logmein will not enter in to a Business Associate Agreement with you or your company. This means they take no legal responsibility for your patient data. It is also illegal. Once a 3rd party is informed they store, transport, touch patient data in the slightest they must sign a BAA and take responsibility for securing the data according to HITECH. The only exemption is for ISP’s called the conduit exemption. Logmein does not appear to have anything to do with being an ISP providing fiber lines to customers.

Their customer service is clueless, sales wouldn’t talk to me about it the last few times I tried.

No HITECH Omnibus compliance-

http://community.logmein.com/t5/Central/HIPAA-compliance-HITECH-Omnibus-BAA-available-yet/m-p/133037/highlight/true#M3974

Angi_Fro
New Contributor
Angi_Fro
Posts: 3
0
Accepted Solution HIPPA
Options
?04-25-2013 04:49 PM

The new HIPPA regs effective 9/2013 require those using remote access to have a Business Associate Agreenment (BAA) with the company providing remote access unless they are acting just as a conduit. Does anyone know if LogMeIn stores the data accessed in a data base or are they just a conduit for remote access?
Solved! Go to Solution.
Report Inappropriate Content
Message 1 of 6 (1,672 Views)

Sean_K
LogMeIn Contributor Sean_K
LogMeIn Contributor
Posts: 855
Topics: 40
Kudos: 26
Solutions: 36
Registered: ?04-05-2012
0
Re: HIPPA [ Edited ]
Options
?04-26-2013 07:04 AM – edited ?04-26-2013 07:27 AM

That depends on the definition of data as far as HIPAA is concerned.
Sean Keough
Product Specialist, LogMeIn Support
Report Inappropriate Content
Message 2 of 6 (1,667 Views)

Angi_Fro
New Contributor
Angi_Fro
Posts: 3
0
Re: HIPPA
Options
?04-26-2013 09:32 AM

data being patient private information
Report Inappropriate Content
Message 3 of 6 (1,659 Views)

Sean_K
LogMeIn Contributor Sean_K
LogMeIn Contributor
Posts: 855
Topics: 40
Kudos: 26
Solutions: 36
Registered: ?04-05-2012
0
Re: HIPPA [ Edited ]
Options
?04-26-2013 09:43 AM – edited ?04-26-2013 09:44 AM

Ah. That is not recorded by any of our logs.

We centrally log:

Access (Date/Time) to the account, and the IP from which the access occurred.
Access (Date/Time) to the computer, and the account and IP from which the access occurred.

Exactly what has been accessed during that session, we do not log.

Forced Screen Recording is possible, which would record what has been accessed within the Remote Session, but we do not store these in a Central location. They are stored in a place that the Host computer has access to.

Lastly, the logs of the sessions themselves are stored on the computers that were accessed.
Sean Keough
Product Specialist, LogMeIn Support
Report Inappropriate Content
Message 4 of 6 (1,657 Views)

Angi_Fro
New Contributor
Angi_Fro
Posts: 3
0
Re: HIPPA
Options
?04-27-2013 05:38 PM

Is that stated anywhere in writing where we could keep a copy for documentation?
Report Inappropriate Content
Message 5 of 6 (1,646 Views)

Sean_K
LogMeIn Contributor Sean_K
LogMeIn Contributor
Posts: 855
Topics: 40
Kudos: 26
Solutions: 36
Registered: ?04-05-2012
0
Solution! Re: HIPPA
Options
?04-29-2013 07:48 AM

This doc from our help site should outline everything important about HIPAA and LogMeIn.

https://secure.logmein.com/welcome/documentation/EN/pdf/common/LogMeIn_HIPAA.pdf

If you need something more, you could most likely get it by requesting it from a sales associate.
Sean Keough
Product Specialist, LogMeIn Support
Report Inappropriate Content
Message 6 of 6 (1,637 Views)

World of Tanks firewall exceptions March 2015 (Sophos UTM)

1 March, 2015 (22:12) | How to, Mindless Blather, networking | No comments

Gamers really suck at tracking down firewall ports, I don’t.

World of tanks has a bunch of ports needed, it may seem like a lot but they do appear to be using massive resources so a /24 isn’t out of line.

Here is a test from the Sophos UTM 9 firewall. Great UTM box for home, not sure about for businesses yet. I have WOT running with chat etc, just took it one step/port/ip range at a time.

wot firewall rules

 

 

 

At the moment I can’t figure out how to just list a bunch of comma separated ports, a sequence is separated with a colon :

So I have 2 internal test subnets as the source

services (ports) open-

UDP:

20010-20020

32800-32900

tcp/udp 1080 (clean this up later)

TCP:

5222, 5333

 

Destinations:

103.9.183.0/24

162.216.229.0/24

162.213.61.0/24

 

 

Let me know if you discover anything else. I’m cruising along just fine for now but haven’t been through a patch yet.

 

port 8089 firewall block 236.­61.­220-216.­q9.­net Ecobee thermostat

28 February, 2015 (09:52) | security | No comments

Look my ecobee is spamming a q9 datacenter in Canada. It’s not someone’s splunk server monitoring me on 8089 as I feared. Now on to fixing my kbox connection and see if otis notices I’m pinging the snot out of him while I mess with rules.

firewall ports

Horrible password policies – Dell Kace #1

10 November, 2014 (12:59) | security | No comments

We are trying to figure out how to change our Kace community passwords. Dell/Kace is the last one keeping us down on a little lastpass score competition. Kace will reset your password by asking for your email address and sending a new one to you via email. Thus far we can’t find another way to do it. We don’t see an option to choose our own password.

To make matters worse, it appears their password choosing tool is obsessed with the word “boxer.” Here are a few of my past passwords:

 

606boxer

6169boxer

7027boxer

1411boxer12725 (looks like they were stronger in 2011)

 

Needless to say, my lastpass score is severely handicapped by this one weak ass website. Funny that a shitty bank like chase is beating Dell at password security.

Poodle mitigation for IE and Google Chrome via group policy

16 October, 2014 (16:54) | security, Stupid windows tricks | 1 comment

poodle mitigation

https://isc.sans.edu/diary/OpenSSL+SSLv3+POODLE+Vulnerability+Official+Release/18827

IE – Go to policies>All settings>filter SSL in the options if you want to go fast. Choose the one on the right: Use SSL 2.0, TLS 1.0, TLS 1.1, and TLS 1.2.

 

 

 

 

 

settings greyed out for user

 

 

 

 

 

 

 

 

 

 

Google Chrome-

working on that right now.

McGladrey security is downright awful

24 August, 2014 (11:32) | complaining, Mindless Blather, security | 1 comment

I have been forced to work with McGladrey for quite a while now in order to maintain our accounting server and clients. I like the guys doing the work, they are good at what they do and pleasant to work with. What I can’t stand is the lack of oversight McGladrey employees get when it comes to security. Every time they show up we run through the same chaos with resetting their passwords, reminding them what their user names are etc. The team who works for us shares passwords with each other on paper and aren’t open to a central system suggestion from us. They always tell us that they have clients who are more strict, I don’t believe them. I am recommending we move to another vendor. Anyone have suggestions?

Lastpass is down. 8/12/2014

12 August, 2014 (09:17) | complaining, security | No comments

As of now, 9ish AM MST, 3 PM GMT, lastpass is still down for many users. Not all, I am in and working fine. Most my my company is not.

Lastpass has not published my comment in the forums which is a little disappointing. It was very professional and offered some data points for them to look at. Right now I am not impressed with how they are handling the outage. No email to customers, twitter isn’t very helpful. Twitter comments like “this is a small percentage of users” sound like a lie, who knows maybe that small percentage includes mostly all of my company and friends/family?

 

I am sure we will all learn a bit after this outage is done.

Update:

Ha, 7 hours for them to respond with what is going on:

Re: Lastpass login issues 8/12/2014?

Unread postby chantieLP » Tue Aug 12, 2014 11:11 am

Hi all,

One of our data centers went down at 3:57 am Eastern Time this morning (Tuesday August 12th). We immediately started taking action to migrate the service to run entirely on a different data center – in the meantime, a percentage of our userbase did experience connection errors with the LastPass service. We have been engaged with our provider the entire time and have been working with them to resolve the issues. We have done everything we can to minimize impact and are working to get the redundant data center up as soon as possible.

Apologies for the inconvenience. Please login offline for now to access your accounts.

Mid 2014 basic windows client hardening checklist

4 August, 2014 (11:22) | antivirus/spyware, security | No comments

This is the basic list, not anything fancy:

Step 1. Remove crappy software first

Step 2. Add good software second-

Emet 5.0

Secunia PSI 3.0

Some paid antivirus or MS defender. Do not do free antivirus, if you believe the conspiracy theory crap go to another website. You are like the anti vaccine people.

Install MVPS hosts file

Set up backup software – Mozy, something.

Set up file history on an external drive

If the user is smart enough, have a user user and an admin user. Remove the ability for the admin user to log in.

Step 3. learn more advanced stuff.

« Older entries