August 2007 - Posts
Microsoft has published at its latest e-magazine, a few guides that give you a more coherent and indepth view of how microsoft sees security in an organization like yours.
As per the microsoft view, many organizations learn how to respond to security incidents only after suffering attacks. By this time, incidents often become much more costly than needed. for that matter, Microsoft has published a guide for responding to IT security incidents. Learn how to define an incident response plan and contain the damage and minimize risks.
After overcoming all the fires, here are six easy steps that every company should take to enhance computer security in terms of getting the proverbial biggest bang for the security buck. Each suggestion is described in some detail with links to more in-depth treatment, templates, and tools.
In addition to those, Another risk for your organization comes in the form of regulatory compliance. Learn how to reduce the complexity of compliance using familiar Microsoft tools and technologies and turn compliance into a competitive advantage.
as published in the MU Blog, microsoft has announced yesterady that we have released version 1.0 of the Microsoft Update Catalog! With the new Catalog, you can search for updates available through the Microsoft Update service and download them to your machine (regardless of whether the update is applicable to your machine). You can also import updates from the Catalog directly into WSUS 3.0, System Center Essentials 2007, or System Center Configuration Manager 2007.
Some key features of the MU Catalog include:
Full-text search: You can search using a keyword, KB article, MSRC bulletin, driver manufacturer, driver model, driver version, product, and/or classification.
RSS: Save your searches in RSS and get notified when new updates match your criteria.
Download with BITS: We use BITS to make the download experience robust and efficient.
“Shopping basket”: You can select multiple updates (and multiple languages) and download them together.
Integration with WSUS: You can import updates from your basket into Windows Server Update Services 3.0, System Center Essentials 2007 or System Center Configuration Manager 2007.
- Localization: The Catalog is localized in all core Windows Vista languages.
Tips for searching the Microsoft Update Catalog (from the Catalog FAQ)
The Microsoft Update Catalog lets you search on a variety of update fields and categories. These include the update title, description, applicable products, classifications, and knowledge base articles (e.g. KB9123456). When searching for hardware updates ("drivers"), you can also search for driver model, manufacturer, class, or a 4-part hardware id (e.g "PCI\VEN_14E4&DEV_1677&SUBSYS_01AD1028"). You can narrow the scope of your search by adding additional search terms.
like every other month, Jeff Jones publishes in his blog the operating system vulnerability scorecard comparing all popular operating system for the client and server side.
Year-to-date 2007 Client and Server Charts - Full Set of Supported Components
* RHEL Desktop 5 shipped in March, so only represents vulns since then
* RHEL 5 Advanced Server shipped in March, so only represents vulns since then.
read the full article at the source.
the Forefront Team has published in its blog that Exchange Server 2007 SP1 Beta 2 was released offering features enhancements such as support for Windows Server 2008, enhanced integration with Microsoft Office Communications Server 2007, and improved mobile device management and security. Exchange Server 2007 SP1 also includes features that enhance the user experience in Outlook Web Access, provide greater functionality in the Exchange Server 2007 Management Console, and deliver improved disaster recovery capabilities through Standby Continuous Replication.
As a part of our ongoing deep integration with Exchange Server 2007, we are also unveiling Forefront Security for Exchange Server SP1 Beta 2. This Service Pack integrates multiple scan engines from industry-leading security firms into a comprehensive, layered solution, helping protect your Microsoft Exchange Server messaging environments from viruses, worms, spam, and inappropriate content.
This new release provides support for Exchange Server 2007 SP1 and Windows Server 2008, as well as content filtering and manageability enhancements including seamless support for organizations running IPv6, improved content filtering with installable keyword lists that can be used to eliminate email containing profanity in eleven supported languages, improved integration with Microsoft System Center Operations Manager through new management packs (available in Q4 2007) that allow administrators to proactively monitor the state of their Exchange 2007 protection and increased flexibility for scanning or blocking high compression zip files and RAR archives. For more information, please read our release notes.
Please note, Forefront Security for Exchange users who are running Exchange 2007 RTM and wish to upgrade to Exchange 2007 SP1 must first upgrade to Forefront Security for Exchange SP1.
A weakness has been reported in Microsoft Internet Explorer, which may expose FTP usernames and passwords.
When Internet Explorer is used to access an FTP site, the username and password is stored in the file (e.g. an HTML file) when viewing and then saving (using "File" -> "SaveAs") it. This may lead to exposure of the username and password if a user e.g. uploads the saved file or makes it otherwise accessible to other people.
The weakness is reported in Internet Explorer version 6 and 7 (when using the "Open FTP Site in Windows Explorer"). Other versions may also be affected.
Solution: Do not make files (e.g. HTML files) that were opened and then saved via an FTP session in Internet Explorer available to others.
Original Advisory: http://blog.washingtonpost.com/securi...8/ftp_files_expose_web_site_cred.html
Source: http://secunia.com/advisories/26427/
Somewhere between RFC 1924 (A Compact Representation of IPv6 Addresses) and RFC 1926 (An Experimental Encapsulation of IP Datagrams on Top of ATM) sits RFC 1925 that details The twelve networking truths.
no. it is not a joke, this really is RFC 1925! probably a very old joke, which I just recently encountered :-)
you are more the welcome to read the full RFC, but let me make it shorter (and funnier) for you all :
1. Introduction
This Request for Comments (RFC) provides information about the
fundamental truths underlying all networking. These truths apply to
networking in general, and are not limited to TCP/IP, the Internet,
or any other subset of the networking community.
2. The Fundamental Truths
(1) It Has To Work.
(2) No matter how hard you push and no matter what the priority,
you can't increase the speed of light.
(2a) (corollary). No matter how hard you try, you can't make a
baby in much less than 9 months. Trying to speed this up
*might* make it slower, but it won't make it happen any
quicker.
(3) With sufficient thrust, pigs fly just fine. However, this is
not necessarily a good idea. It is hard to be sure where they
are going to land, and it could be dangerous sitting under them
as they fly overhead.
(4) Some things in life can never be fully appreciated nor
understood unless experienced firsthand. Some things in
networking can never be fully understood by someone who neither
builds commercial networking equipment nor runs an operational
network.
(5) It is always possible to aglutenate multiple separate problems
into a single complex interdependent solution. In most cases
this is a bad idea.
(6) It is easier to move a problem around (for example, by moving
the problem to a different part of the overall network
architecture) than it is to solve it.
(6a) (corollary). It is always possible to add another level of
indirection.
(7) It is always something
(7a) (corollary). Good, Fast, Cheap: Pick any two (you can't
have all three).
(8) It is more complicated than you think.
(9) For all resources, whatever it is, you need more.
(9a) (corollary) Every networking problem always takes longer to
solve than it seems like it should.
(10) One size never fits all.
(11) Every old idea will be proposed again with a different name and
a different presentation, regardless of whether it works.
(11a) (corollary). See rule 6a.
(12) In protocol design, perfection has been reached not when there
is nothing left to add, but when there is nothing left to take
away.
Security Considerations
This RFC raises no security issues. However, security protocols are
subject to the fundamental networking truths.
References
The references have been deleted in order to protect the guilty and
avoid enriching the lawyers.
in another great 10 things article Debra Littlejohn Shinder explains that the same security precautions that prevent DoS attacks, viruses and worms, and other high profile attacks may not be addressing a much more insidious problem: theft of company data for corporate espionage or other purposes. Yet the disclosure of your trade secrets to a competitor or the release of private company information to the media could, in some cases, result in a much greater loss than network downtime.
Let’s look at what you should be doing to keep your data from walking out the door.
#1: Practice the principle of least privilege
There are two opposing philosophies by which you can set your network access policies. The first, the “all open” policy, presumes that all data is available to everyone unless you explicitly restrict access. The second, the “least privilege” policy, operates on the assumption that all data is off-limits to a given user unless that user is explicitly given access to it. The latter is like the need-to-know policies of government intelligence agencies: Unless a user has a demonstrated need to have access to a particular file, he or she can’t access it.
#2: Put policies in writing
You may think it should be obvious that your employers are not to copy important company information and take it home or e-mail it outside the internal network without permission. However, unless you put such policies in writing and have workers sign for receipt, you may be hard pressed to penalize them for violating that policy. Unwritten rules are much more difficult to enforce.
Your policies should be specific and give examples of what’s prohibited. Workers may not understand, unless you spell it out, that e-mailing a company document as an attachment to someone outside the network (or even to their own home account) is just as much a violation of policy as copying that document to a USB drive and physically taking it out the door.
Wording of the policy, however, should make it clear that the prohibition is not limited solely to the examples you give.
#3: Set restrictive permissions and audit access
The first step in protecting data is to set the appropriate permissions on data files and folders. It goes without saying that data on Windows networks should always be stored on NTFS-formatted drives so you can apply NTFS permissions along with any share permissions. NTFS permissions are more granular than share permissions and apply to users accessing the data on the local machine as well as over the network.
Give users the lowest level of permissions possible for them to get their work done. For example, give Read Only permissions to prevent users from modifying files. Learn more about working with NTFS permissions from this article.
You can also set up auditing on files and folders that contain sensitive data, so that you can see who accessed it and when. Learn more about auditing object access from this TechNet article.
#4: Use encryption
Another advantage of storing data on NTFS-formatted drives is that you can apply Encrypting File System (EFS) encryption. EFS is supported by Windows 2000 and later operating systems and will prevent other users from opening the file even if they have NTFS permissions. With Windows XP/2003 and later, encrypted folders can be shared with other users by assigning them special permissions through the encryption dialog box.
One way data can be stolen is by stealing the entire computer, especially if it’s a laptop. With Vista Enterprise and Ultimate editions, you can use BitLocker full drive encryption to protect data in case of theft of the computer. Read more about using EFS and BitLocker to protect against data theft here.
#5: Implement rights management
Some data theft can be prevented by keeping the wrong people from being able to access that data using the methods above. However, what about theft by people that you need to give access to? You can use Windows Rights Management Services (RMS) and the Information Rights Management (IRM) feature in many versions of Office 2003 and Office 2007 to prevent users from forwarding, copying, and otherwise misusing e-mail messages and Office documents (Word, Excel, and PowerPoint files) that you send to them. Find out more about RMS/IRM here.
#6: Restrict use of removable media
One of the most popular ways to sneak digital information out of an organization is by copying it onto some sort of removable media or device. USB thumb drives are inexpensive and easy to conceal, and high capacity SD, CF, and other flash memory cards can hold a huge amount of data. Users can also copy files to their iPods or other MP3 players or to CD or DVD writers. You can permanently restrict the installation of USB devices by removing the ports physically or filling them with a substance. You can also use software to disable the use of removable devices on each individual computer or throughout the network.
In Vista, you can restrict use of removable media (USB devices and CD/DVD burners) through Group Policy. (See “What’s New in Vista Group Policy.”). For other operating systems, there are third-party products, such as Portable Storage Control (PSC) from GFI.
#7: Keep laptops under control
Another way a user can make off with files is to connect to the internal network with a laptop or handheld computer, copy the files to its hard disk, and then take the computer off premises. You need to maintain control over what computers connect to your LAN, not just remotely but by plugging directly into a hub or switch onsite, as well.
You can use IPSec to prevent computers that are not members of the domain to connect to your file servers and other computers on the LAN. This paper explains how IPsec and Group Policy can be used for server and domain isolation.
#8: Set up outbound content rules
Firewalls can do more than keep undesirable traffic out of your network. They can also keep specified traffic from leaving your network. Your data can walk out the door physically or can be sent out a virtual door via e-mail, peer-to-peer file sharing, etc. You can set up your firewall to block certain types of outbound protocols, such as those used by P2P software.
You can also set up your mail server to block sending of outbound attachments and block outbound content by keywords using content filtering appliances, software, or services such as:
#9: Control wireless communications
Even if you block sending of certain types of data through your firewall or filtering systems, a determined person may be able to connect a company laptop to a different wireless network within range, one that doesn’t have blocking mechanisms in place. Or he or she might connect the computer to a cell phone that has Internet access and use the phone as a modem.
Keep track of wireless networks that may be available from your company premises and if possible, block their signals.
#10: Beware creative data theft methods formats
Remember that your data can walk out in many different formats. A user can print out a document and carry it out in paper form or a thief can steal printed documents from trash cans if the paper hasn’t been shredded. Even if you’ve implemented a technology such as rights management to prevent copying or printing documents, a person could take a digital or film photograph of the content onscreen or even sit and copy the information by hand. Be aware of all the ways your data can leave the premises and take steps to protect against them.
Allthough most of this is not quite new, I've only recently discovered this article on the windows server 2008 home page that explains quite well the "what's new" features in 2008...
Microsoft Identity and Access solutions are a set of platform technologies and products designed to help organizations manage user identities and associated access privileges. With a focus on security and ease of use, these solutions help businesses boost productivity, reduce IT costs, and eliminate the complexity of identity and access management. Microsoft Identity and Access solutions fall into five distinct areas:
• Directory Services: Simplifies management of users and devices.
• Strong Authentication: Secures access beyond user names and passwords.
• Federated Identities: Collaborates securely across organizational boundaries.
• Information Protection: Safeguards confidential data—no matter where it goes.
• Identity Lifecycle Management: Automates identity and access management.
Microsoft Windows Server 2008 expands on the Microsoft Identity and Access foundation with several new features and technologies to help organizations improve operational efficiency, simplify compliance, and strengthen security.
What's New with Directory Services
Read-Only Domain Controllers: One of the most significant new features for Active Directory Domain Services (AD DS) in Windows Server 2008 is the Read-Only Domain Controller (RODC). An RODC allows you to easily deploy a domain controller that hosts a read-only replica of the domain database. This is well suited for locations where physical security of the domain controller can't be guaranteed, where network connectivity may have a negative impact on productivity, or where other applications must run on a domain controller and be maintained by a server administrator (who, ideally, is not a member of the Domain Admins group). All of these scenarios are common in branch office deployments.
An RODC holds the same objects and attributes that a writable domain controller holds. However, locally originating changes are not made to the RODC replica itself; instead, these changes are made on a writable domain controller and then replicated back to the RODC. This prevents changes made at branch locations from potentially polluting or corrupting the AD forest via replication.
Administrators may also specifically configure an RODC to store (cache) user credentials. The first time a user attempts to authenticate to an RODC, the RODC forwards the request to a writable domain controller. If the authentication is successful, the RODC also requests a copy of the user credentials. The Password Replication Policy determines if the credentials are allowed to be replicated and cached on the RODC. If the credentials are cached, the next time that user attempts to log on, the request can be directly serviced by the RODC until it is subsequently notified, through replication, of a credential change. Credential caching can increase end-user productivity by mitigating the effects of wide area network (WAN) latency or network connectivity issues that are commonly experienced by branch offices. AD DS also maintains a list of all credentials stored on RODCs and, if an RODC is ever compromised, an administrator may force a password reset for all user credentials stored on that RODC.
RODCs include a delegated promotion feature that allows installation and management to be delegated to non-administrative personnel at a branch office. Branch office personnel can complete an installation by attaching a server to the RODC account an administrator has previously created. This feature eliminates the need to use a staging site for branch office domain controllers, or to send installation media and a domain administrator to the branch location.
Active Directory Federation Services: Active Directory Federation Services (AD FS) is a server role in the Windows Server 2008 operating system. You can use AD FS to create a highly extensible, Internet-scalable, and secure identity access solution that can operate across multiple platforms, including both Windows and non-Windows environments. AD FS now includes a policy import/export feature to make it easier to set up a trust relationship between federation partners. A membership provider is added to allow role-based authorization to Windows SharePoint Services (WSS) and Rights Management Services (RMS) for users from a federation partner, and administrators now have the ability to limit federation service deployment through Group Policy. Support for different certificate-revocation checking settings is now provided, as well.
Directory Service auditing: Administrators now have granular auditing capabilities through the new Directory Service Changes audit policy subcategory. The Directory Service Changes audit policy captures the old and new values of changes made to Directory Service objects or their attributes. Administrators will know exactly who made a change, when the change was made, what object and/or attribute was changed, and what the beginning and ending values were. Directory Service auditing is captured in the Windows Event Log, and may be consolidated or actionable through Microsoft Operations Manager or other third-party tools. This detailed level of logging helps simplify Directory Service change management tracking and can enhance an organization's regulatory compliance.
Server Core role: AD DS and Active Directory Lightweight Directory Services (AD LDS) are supported roles for Server Core installations of Windows Server 2008. Server Core is a new installation option that creates a low-maintenance environment ideal for specific role-based services. Server Core is designed to reduce management and servicing requirements, while limiting the attack surface of a Windows Server 2008 installation.
Read more about Server Core.
Service-based AD DS: AD DS is service-based in Windows Server 2008 it may now be stopped and started via Microsoft Management Console (MMC) snap-ins or from the command line. A service-based AD DS simplifies management by reducing the time required to perform offline operations, such as an offline defragmentation or authoritative restore. It also improves the availability of other services that are running on a domain controller by keeping them active while performing AD DS maintenance. Any clients that are specifically bound to a stopped domain controller would simply contact another domain controller through discovery.
AD DS Snapshot Viewer: By exposing information about objects in snapshots of AD DS (taken over time), Snapshot Viewer helps you identify objects that have been accidentally deleted. These snapshots can be viewed on a domain controller without starting the domain controller in Directory Services Restore Mode. By comparing the various states of the objects as they appear in different snapshots, you can more easily decide which AD DS backup to use to restore the deleted objects.
Fine-grained password and account lockout policy: Fine-grained password policies allow specification of multiple password policies and application of different password restrictions and account lockout policies to different sets of users within a single domain.
Install from media: The install from media (IFM) option can be used to install an additional domain controller in an existing domain and to minimize replication traffic during the installation.
What's New with Strong Authentication
Cryptography API: Next Generation: Cryptography API: Next Generation (CNG) is a completely new infrastructure application programming interface (API) in Windows Server 2008 that implements the National Security Agency's Suite B protocols recommendation. Active Directory Certificate Services (AD CS) leverages CNG for its cryptographic needs. CNG is a long-term replacement for the CryptoAPI in previous versions of Windows.
In AD CS, classic cryptographic algorithms are still supported through certificate service providers (CSPs), while new cryptographic algorithms, such as elliptic curve cryptography (ECC), are supported through CNG key providers. One of the unique features of CNG is the ability for organizations to leverage custom cryptographic algorithms as required.
Granular administration model: AD CS employs new security features that provide granular control over who can enroll certificates, what certificates they can enroll, and who can be issued the certificates. These management features integrate AD DS security groups into the management tasks of enrollment agents and Certificate Managers.
V3 certificate templates: In AD CS, V3 certificate templates supersede the V1 and V2 certificate templates introduced in previous Windows versions; they support the latest Windows Server 2008 CNG cryptographic algorithms. V3 templates also provide a more secure method for client validation of domain controllers, and can encrypt client and server AD CS-related communications.
Enterprise-wide public key infrastructure (PKI) management: PKIView, available as part of the Windows Server 2003 Resource Kit, is now included as an MMC snap-in with the installation of AD CS in Windows Server 2008.
PKIView simplifies the management of an enterprise's PKI by combining vital certificate authority (CA) management tasks within a single administrative interface. This consolidated view removes geographical boundaries by providing globalized support through Unicode character support. Via the consolidated interface, administrators have:
• A single, hierarchical view of the complete PKI infrastructure that is registered with, and participates in, an AD DS topology.
• A parent/child relationship view―when a particular root CA is chosen, all subordinate CAs are detailed within the root's tree.
• The ability to directly manage each node within the interface.
• Color-coded indicators that signify the overall health of CAs, trees, or the enterprise PKI as a whole.
Support for the latest standards: AD CS in Windows Server 2008 introduces support for the latest standards, including the Online Certificate Status Protocol (OCSP), the Issuing Distribution Point Extension (IDP CRL), and the Simple Certificate Enrollment Protocol (SCEP).
What's New with Information Protection
Federated collaboration: Windows Server 2008 delivers the first implementation of a fully integrated Federated Rights Management Services solution. This integration combines the aspects of Active Directory Federation Services (AD FS) with those of Active Directory Rights Management Services (AD RMS) to deliver an easily deployed external collaboration framework.
Prior to Windows Server 2008, rights-protected collaboration with external organizations required IT administrators to internally maintain a secondary set of credentials for use by external users. These were typically domain accounts or some form of Passport integration. With the integration of the features of AD RMS with AD FS, external users attempting to access an organization's protected content are initially authenticated by their home realm ("domain controller"), thereby eliminating the need to maintain a redundant set of credentials.
Once these external users are authenticated, AD RMS policies are enforced, and AD RMS will automatically provide the external user with appropriate content licenses to work with an organization's protected content. Administrators have granular control over how these external users interact with an organization's content and may also define templates to apply to multiple partner relationships. Federated Rights Management Services in Windows Server 2008 is fully compatible with existing Microsoft Office SharePoint Server 2007 deployments and fully supports down-level AD RMS clients.
Common management theme: AD RMS transitions to a more familiar management framework. The AD RMS web-based administrative interface of the past moves to an MMC snap-in. Additionally, managing AD RMS becomes more prescriptive, with a task-oriented interface that provides quick links to required, recommended, and optional configuration tasks. Four new security groups allow administrators to delegate AD RMS management tasks to specific users or groups.
Windows BitLocker™ Drive Encryption: Windows BitLocker Drive Encryption is a data-protection feature that is available in Windows Vista Enterprise and Windows Vista Ultimate for client computers, and in all editions of Windows Server 2008. Windows BitLocker Drive Encryption is a new feature from Microsoft that addresses the very real threats of data theft or exposure from lost, stolen, or inappropriately decommissioned PC hardware.
Windows BitLocker Drive Encryption prevents a thief who boots another operating system or runs a software hacking tool from breaking the Windows Server 2008 file and system protections, or performing offline viewing of the files that are stored on the protected drive. The feature ideally uses Trusted Platform Module (TPM) 1.2 to protect data and to ensure that a computer that is running Windows Server 2008 has not been tampered with while the system was offline. Windows BitLocker Drive Encryption enhances data protection by bringing together two major subfunctions: full drive encryption and the integrity checking of early boot components.
Nick White from the Windos Vista Team Blog has interviewed Mike Burk, a Security Center Program Manager, and Austin Wilson, a Director from Windows Client Marketing about how and why the Windows Vista Security Center evolved
If you've used Windows Vista, I’m sure you've noticed that the Firewall, Automatic Updating, Antivirus, Antispyware, Internet Security Settings and User Account Control settings are all located in one easily accessed place: the Security Center.
Although the Security Center was originally introduced with Windows XP SP2, Windows Vista has improved on almost every feature found there. A lot more "under the covers" features have been included for Windows Vista. If any of these safeguards are out of date or in an unsecure state, the Security Center will warn you so that you can make adjustments or changes.
Some of the other improvements to the Windows Vista Security Center include:
- Showing the status of software designed to protect against spyware (such as Windows Defender) that helps to keep your computer safe with the latest downloads and updates
- Security settings for Internet Explorer 7
- Notification if User Account Control has been changed or is no longer enabled
The Windows Security Center can also monitor security products from other security companies and will show you if they're current with the latest virus definitions and other updates.
Windows Security Center monitors the following security components for Windows Vista: Firewall, Automatic updating, Antivirus, Anti-spyware and other malware protection, Internet Security Settings and User Account Control
As you surely know, it's a whole new ballgame when it comes to computer and Internet security. Regardless of how, where or for what you use your computer, I suggest you visit this link to learn more about Windows Vista Security Center and security in Windows in general.
-----
click here for the full article.
I've was recently contacted by several people who have encountered the following messege in Windows Vista:
This issue is because services that runs in session0 run separately from the user’s session and therefore can't display popups directly to the user.
in my exploration for the solution to that one, i've encounted a post at Brad Rutkowski's Blog that talks and explains exactly that:
"Windows Vista isolates services in Session 0 and runs applications in other sessions, so services are protected from attacks that originate in application code. In Windows Server 2003 and earlier versions of Windows, all services run in Session 0 along with applications, which poses a security risk because services run at elevated privilege and therefore are targets for malicious agents who are looking for a means to elevate their own privilege level.
The popup itself is Windows Vista playing nice with legacy services that send user interaction dialog boxes to session zero instead of the corresponding user session, this is called the "interactive service detection service". This workaround will be removed from the next version of Windows, at which time all applications and drivers must handle Session 0 isolation properly.
Proving that Microsoft devs are smart (IMHO), on a TS server in LH, these popups will only be displayed to the administrative sessions and not to the user sessions that are present on the TS server. "
in addition, steve mentions a link to this doc that details what devs should be doing these days to take into account this isolation.
"The next time you go on a hunting spree for a blog theme, make sure you’re downloading from a trusted site or you may want to rethink giving your blog that oomph factor especially when you’re using WordPress or Joomla!.
A concerned blogger reported that a site named templatesbrowser.com has been repackaging blog themes to insert unwanted phishing code that could end up as a link spam. How does it go about doing this? It uses a PHP code in its template that can retrieve HTML codes like the one below, which are usually hidden from the user by setting the display style to None"
More at source:
http://blog.trendmicro.com/link-spam-on-tampered-blog-themes/
I've recently encountered an article in Debra Littlejohn Shinder's blog that tries to predict (and i think that it might be well accurate) the skills that would be needed by IT over the next years.
If you want a job where you can train in a particular skill set and then never have to learn anything new, IT isn’t the field for you. But if you like to be constantly learning new things and developing new skills, you’re in the right business. In the late 80s, NetWare and IPX/SPX administration were the skills to have. Today, it’s all about TCP/IP and the Internet.
Let’s take a look at some of the skills you should be thinking about developing to keep on top of things in the tech world in the next five years.
To read the full list at the source, click here
I recommand number 10. :-)
I wish to join to the discussion regarding the Discussion Groups in MS Israel.
Although most of my blog posts are more professional and security related, my readers will excuse (or might join J) me for this not related to security post.
I've used to answer a lot of questions back in the day, but in the last few months (maybe even a year), I do not remember answering a single question there. I've been to dozen different forums (including petri.co.il, Microsoft.com TechNet Forums, ISAServer.org and many more) answering thousands of questions.
The problem I believe is into the level of questions written in the MSFTIL Discussion Forums. as Netanel said, it is quite disturbing to have to answer questions like why is my Emule not working and why is windows firewall keep on blocking it.
I think it is time to see where we are and start looking forward to the future. try and see what is wrong at what we are doing now, and how can we improve it to the most efficient way possible. I believe that a BPR is in order. for those of us who did not study operations management (and no, i am not talking about the new OpsMGR :-)), BPR equals Business Process Re-engineering.
the basic BPR is conducted in five main steps:
- Step One: Gain Enterprise-wide Commitment
- Step Two: Create a BPR Project Team (including representatives from all the layers (Management, Users, Technology Specialists, Etc)
- Step Three: Business Needs Analysis
- Step Four: The Plan of Action
- Phase 1: Analysis and Specifications
- Phase 2: Project Planning and Administration
- Phase 3: System Construction
- Phase 4: Compliance Testing and System Re-work
- Phase 5: Pilot System and Quality Assurance Testing
- Phase 6: Final Implementation and Roll-Out
- Phase 7: Ongoing Support
- Step Five: Ongoing Management of a new automated system
I recommend reading an article called Critical Steps to Successful Business Process Re-Engineering that was written to the University of Florida for more information about the BPR process.
The two main of wrong doings I think that should be taken under consideration when doing the BPR are:
1. Changing the interface which is horribly uncomfortable (at least for me) comparing to other technical forums (ex. TechNet Forums are doing it just the way I like it... aha aha :-)).
2. Appointing one or two persons to moderate and manage the forums (people with technical skills on one side, and enough free time to invest in doing this job, since it is a commitment) like exists in any other forum that honors itself. this job would probably be voluntary (maybe done by MVP's or something like that) but I believe some kind of push is required on this case from Microsoft's end of the rope.
As a start, I volunteer myself for the security and management forums where i think I could be most useful.
Think it over, pay it forward, take it wherever you want...
Just start doing it (and no, I do not work in nike :-))
I've recently encountred several issues with new IMFv2 (released in Exchange 2003 sp2) not working properly, and I want to see if and how can I see what is the SCL rating each message gets.
after a short search, the MSExchange Team Blog has provided (once again) the solution:
The deployment doc describes how to expose the SCL through an x-scl header when archiving messages in Chapter 6, “Storing the SCL Rating with Archived Messages”. This allows you to determine the correct settings to set for the Archive directory. But the SCL property isn’t exposed to the end user when they try to determine why either a non-UCE message was in the junk mail folder, or why a large number of UCE messages aren’t being blocked before they arrive in the Junk-Mail folder. Just because the property isn’t exposed, doesn’t mean it can’t be though!
The following is an Outlook configuration file provided by Paul Bowden that will allow you to configure Outlook to expose the SCL property. Copy the SCL.CFG text and save it as SCL.CFG (in the same location as the .ICO files, usually program files\...\office 11\forms\language ID), then follow the instructions below to install it.
SCL.CFG:
;**********The CFG file**********
[Description]
MessageClass=IPM.Note
CLSID={00020D31-0000-0000-C000-000000000046}
DisplayName=SCL Extension Form
Category=Standard
Subcategory=Form
Comment=This forms allows the SCL to be viewed as a column
LargeIcon=IPML.ico
SmallIcon=IPMS.ico
Version=1.0
Locale=enu
Hidden=1
Owner=Microsoft Corporation
Contact=Your Name
[Platforms]
Platform1=Win16
Platform2=NTx86
Platform9=Win95
[Platform.Win16]
CPU=ix86
OSVersion=Win3.1
[Platform.NTx86]
CPU=ix86
OSVersion=WinNT3.5
[Platform.Win95]
CPU=ix86
OSVersion=Win95
[Properties]
Property01=SCL
[Property.SCL]
Type=3
NmidInteger=0x4076
DisplayName=SCL
[Verbs]
Verb1=1
[Verb.1]
DisplayName=&Open
Code=0
Flags=0
Attribs=2
[Extensions]
Extensions1=1
[Extension.1]
Type=30
NmidPropset={00020D0C-0000-0000-C000-000000000046}
NmidInteger=1
Value=1000000000000000
;**********END CFG
1. Go into Tools | Options | Other | Advanced Options | Custom Forms | Manage Forms
2. Hit the Install button, and choose SCL.CFG …install into your Personal Forms Library
3. Hit OK several times to return to the main Outlook screen
4. Right-click on the Column headings in your Inbox (other any other folder) and choose "Field Chooser"
5. Pull-down the scroll-bar and choose "Forms…"
6. Set focus to your Personal Forms, choose the SCL Extension Form, then click Add
7. Drag and drop the SCL property into your column headings …and voila!