Silicon Shecky

Infosec Practitioner

Connect

And now for something completely different

By Leave a Comment

Server 2008 is a nice Operating System. Works pretty smooth, pretty easy to find things in it, DFRS management could be a little bit easier, but the biggest problem I have with it so far is…

Aero. That’s right the stupid looking, pain in the arse, Vista look. I can hear you now saying, “Come on, it just takes some time to get used to.” That is what they said about Word 2007, and after a year I still can’t find half the stuff I used in Word 2003, heck I found that they pulled some of my most useful things in that.

So pardon me if I say it loud and proud. I HATE THE AERO EXPERIENCE! The way that you “explore” a network is unintuitive, a pain in the rear, and just cumbersome. The layout, even when switched to Classic Mode, is extremely poor, and again unintuitive. The fact that you have to turn on the run command is just plain stupid on a server. The login screen is a pain also, especially if you want to log onto a different domain or workgroup.

Yeah, there are people out there that might love it, and good for them. I’d rather see microsoft give us a choice of the old XP desktop or the Aero desktop. Hey, with Linux you have KDE and GNOME, plus a bunch of other lesser known GUI desktops. Give us the choice!

Random Thoughts

By Leave a Comment

Just some musings and thoughts for the day today.

1) Registry cleaning is needed, and I”m testing a bunch of the different cleaners right now, but what do you like to use to clean your registry.

2) Terminal Server, is it really the be all end all for any small business when Office licensing alone can cost more than the server itself? And will this be the area that Open Office starts to shine in?

3) SBS 2008, when do you think the best time to start to deploy it to clients is? I know I”m trying to do it with fresh networks, but what about migration from prior versions on existing networks, where you need to have minimal downtime.

4) Online groups and fourms, what do you use for your tech forums? Myself I don’t really use any one particular one, but I do love Experts Exchange jsut for the wealth of knowledge there.

Just some thoughts to be discussed. Once things settle back down in the office, I’ll get back to doing reviews of Server 2008 and SBS 2008 (although I am still figuring out how we can get it on its own subnet around the office so I can run the wizards and go through it properly).

March Patch Tuesday

By Leave a Comment

So here it is, the second Tuesday of March and we all know what that means. Yep Microsoft Patch Tuesday! So lets ee what good old Microsoft has patched up for us this month.

The only Critical is a Windows Kernel update, which is patching a hole that, “could allow an attacker to take complete control of your computer if you view a website, email, or document that contains an evil graphic or picture,” according to Eric Schultze of Shavlik Technologies.

Now we all know that a hole in the kernel is bad, and the way this is made to sound this hole can be even worse than other kernel hole, but still I would recommend installing the patch in a test environment first if possible, or at least on a non-mission critical machine. Something about making changes to the Kernel always make me a little leary.

Then there is a series of 4 patches for DNS. Not surprisingly these are for lesser used holes along the Kaminsky DNS attack lines. Definitely get these installed especially with some of the odd ways some viruses seem to be showing up from spoofed DNS.

Finally a patch related to SSL spoofing. Again important, but like the DNS patches, not listed as critical.

Personally, all the patches seem to adress some very serious issues. How SSL and DNS spoofing are not thought of as critical for patching is beyond my comprehension though. At least Microsoft did patch them. Now where is the Excel patch for a major hole in that program?

Mike