My Thoughts On IT…

Brian Lewis's Thoughts on all things Information Technology related

sick-computerI usually lean towards not commenting on Apple things but here I feel I should point out this security issue.

Macs have recently been targeted by a phishing scam that redirects them from legitimate websites to fake sites which warn the user that their computer is infected with a virus. Then the user is offered Mac Defender “anti-virus” to solve the issue. It then tries to get your credit card information. The most common names for this malware are MacDefender, MacProtector and MacSecurity.

According to Apple:

In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.

When you receive these types of warnings either on a Mac or on a PC – Don’t install the software they are offering!!!

More info here:
http://www.zdnet.com/blog/btl/apple-mac-os-x-update-to-put-mac-defender-malware-issue-to-bed/49278?tag=nl.e539

http://www.zdnet.com/blog/bott/apple-continues-to-tell-support-reps-do-not-help-with-mac-malware/3375

disk2vhdI am amazed at how many people I talk to have not heard of Disk2vhd. It was initially released in October 2009 as a sysinternals tool so that means it is a Free and download! If you are an IT Pro you need to check out the Sysinternals tools. Disk2vhd weighs in at a whopping 811 kilobyte download. The tool is billed as a Physical to virtual migration tool but it is more useful than just that. Here are the categories that I see Disk2vhd useful.

P2V tool
Disk2vhd is a utility that creates VHD (Virtual Hard Disk) from a running PC. You can then use this VHD in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs). Disk2vhd runs on a system that is online by utilizing the Windows’ Volume Snapshot capability. VSS was introduced in Windows XP and is used to create consistent point-in-time snapshots of the volumes you want to include in a conversion. You can even have Disk2vhd create the VHD files on a local volume, even ones being converted. The tool can also be used to convert a running virtual machine on a competitive product to a VHD file.

Backup tool
Because you can run Disk2vhd on a live working machine and it will use the volume shadow copy service to make a point in time copy of your machine it makes a great backup tool. VSS allows you to copy open locked files. If your open databases are VSS aware then it gets a good flushed out copy of the database. Dsik2vhd puts a good load on the machine but it doesn’t hammer the box so this can be done while the machine does other work. Once you have the vhd file you have several options.
Virtualization with Hyper-v: To get your machine backup and running it only takes 5 minutes to setup a virtual machine with your vhd file.
Windows Deployment Server: You can use the WDS service to drop your image to bare metal hardware over the network.  
Disk Management MMC: Just mount the vhd file as a drive to a windows system and access your files. You can attach the vhd file as read only or you can mount it read write and access it as you would any other drive.
Boot to VHD: This is a feature that lets you boot your physical machine from a vhd file. It gives a menu at boot time which lets you choose the operating system. For more info: http://blogs.msdn.com/b/knom/archive/2009/04/07/windows-7-vhd-boot-setup-guideline.aspx

Imaging Tool
My ghost drive imaging replacement. You can use the Disk2vhd tool to get your image instead of imageX or Ghost. The great thing about this tool over the others is that you don’t have to boot up off a boot disk. Then to drop your image to real hardware use the Windows Deployment Server in Server 2008 R2 which has added support for vhd files as your image. Another nice feature is that you can mount the vhd as a volume and make changes to your image. In addition you can also just run the image in a virtual machine to make changes.

You can download the Disk2vhd tool from the TechNet Sysinternals website and while you are there check out the other great free utilities: http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

disk2vhdI am amazed at how many people I talk to have not heard of Disk2vhd. It was initially released in October 2009 as a sysinternals tool so that means it is a Free and download! If you are an IT Pro you need to check out the Sysinternals tools. Disk2vhd weighs in at a whopping 811 kilobyte download. The tool is billed as a Physical to virtual migration tool but it is more useful than just that. Here are the categories that I see Disk2vhd useful.

P2V tool
Disk2vhd is a utility that creates VHD (Virtual Hard Disk) from a running PC. You can then use this VHD in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs). Disk2vhd runs on a system that is online by utilizing the Windows’ Volume Snapshot capability. VSS was introduced in Windows XP and is used to create consistent point-in-time snapshots of the volumes you want to include in a conversion. You can even have Disk2vhd create the VHD files on a local volume, even ones being converted. The tool can also be used to convert a running virtual machine on a competitive product to a VHD file.

Backup tool
Because you can run Disk2vhd on a live working machine and it will use the volume shadow copy service to make a point in time copy of your machine it makes a great backup tool. VSS allows you to copy open locked files. If your open databases are VSS aware then it gets a good flushed out copy of the database. Dsik2vhd puts a good load on the machine but it doesn’t hammer the box so this can be done while the machine does other work. Once you have the vhd file you have several options.
Virtualization with Hyper-v: To get your machine backup and running it only takes 5 minutes to setup a virtual machine with your vhd file.
Windows Deployment Server: You can use the WDS service to drop your image to bare metal hardware over the network.  
Disk Management MMC: Just mount the vhd file as a drive to a windows system and access your files. You can attach the vhd file as read only or you can mount it read write and access it as you would any other drive.
Boot to VHD: This is a feature that lets you boot your physical machine from a vhd file. It gives a menu at boot time which lets you choose the operating system. For more info: http://blogs.msdn.com/b/knom/archive/2009/04/07/windows-7-vhd-boot-setup-guideline.aspx

Imaging Tool
My ghost drive imaging replacement. You can use the Disk2vhd tool to get your image instead of imageX or Ghost. The great thing about this tool over the others is that you don’t have to boot up off a boot disk. Then to drop your image to real hardware use the Windows Deployment Server in Server 2008 R2 which has added support for vhd files as your image. Another nice feature is that you can mount the vhd as a volume and make changes to your image. In addition you can also just run the image in a virtual machine to make changes.

You can download the Disk2vhd tool from the TechNet Sysinternals website and while you are there check out the other great free utilities: http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

Linux-penguin-huge-704931Microsoft now supports 3 versions of Linux running on our Hyper-v virtual server environment. The three supported flavors are Red Hat Enterprise Linux, Suse Linux Enterprise Server, and CentOS. CentOS Linux was added because it’s a popular distribution for hosting providers and Microsoft wants to make it very appealing for hosting providers to use our product. Red Hat and Suse are very popular in enterprise customer datacenters and they have been supported in Hyper-v for a while.

Hyper-V is able to run other versions of Linux but it does not fully support other version. The best way to run Linux on Hyper-v is to use the paravirtualization drivers or “enlightenments”. If the linux distro runs on Xen well it should run well on Hyper-v. You can get the paravirtualization drivers by installing the Linux Integration Components or the Satori InputVSC drivers.

For more info on the announcement see Sandy Gupta’s blog post:
http://blogs.technet.com/b/openness/archive/2011/05/15/expanding-interoperability-to-community-linux.aspx

computer_iconI had a customer who was looking for guidance on how to harden the IP stack of Server 2008 R2 similar to the guide on how to harden server 2003.

How to harden the TCP/IP stack against denial of service attacks in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;324270

It turns out there is no paper on how to do this for Server 2008 because it is built into the new IP stack. It has been there since the new IP stack in Vista and Server 2008.  This feature is even better in two ways. The first is it is self tuning. The second is that you can’t turn it off. You can read more about it here:
http://blogs.technet.com/b/nettracer/archive/2010/06/01/syn-attack-protection-on-windows-vista-windows-2008-windows-7-and-windows-2008-r2.aspx

Microsoft Office Web Apps will officially support Google’s Chrome browser with Office 2010 Service Pack 1 for Office and SharePoint. This service pack is expected to ship the end of June 2011.

The Office Web Apps (Word, Excel, PowerPoint, OneNote) are currently supported on IE, Firefox, and Safari. Chrome works just fine but is not officially supported today. What does that mean? Supported at Microsoft means they have done regression testing to make sure it works. Further if there is an issue it will be fixed. If it is unsupported our support group will still take you call and try and help with your configuration issues but there are limits to the steps we will take to get it working. 

For more information about Office 2010 Service Pack 1 – check out this blog entry:
http://blogs.technet.com/b/office_sustained_engineering/archive/2011/05/16/announcing-service-pack-1-for-office-2010-and-sharepoint-2010.aspx

I am an IT Pro at heart but this is a very cool offer for those of you who do development and I had to pass this one along. Also I have written some Windows Phone 7 apps – it is really pretty easy. If I can do it so can you! Why not dust off your programming skills give it a shot?

Here is the offer:

A new Developer offer to drive new WP7 app development was announced yesterday, (5/16/2011) at TechEd and through Community channels. 

clip_image002Developers submitting 5 new Windows Phone 7 apps will get Free advertising promotion for 1 of their 5 apps.   Their choice app will get 25,000 impressions of WP7 mobile advertising across MSN, Windows Live and Fox Sports Mobile networks, approx. 60 days. This offer will end 6/30 and is limited to 4 per developer and a total of 200 offers.    
Check out the full offer details at this page:  http://bit.ly/WP7DevOffer

clip_image004Here’s the deal:

  • Any developer that publishes 5 new apps between April 1 and June 30, 2011 gets FREE advertising for 1 of the 5 apps.
  • There is a limit of up to 4 offers per developer  (no gaming with multiple emails, multiple mailing addresses or variations of name)
  • There is a limit of 200 offers in total
  • This is open to all US based developers (that meet the legalese: 18+ years old,…); contest rules are on the site
  • Each developer that has at least one new app published and submitted will get a status email weekly so they know how they are doing.
  • After 6/30, when the offer closes, those developers that qualified will get their promo codes and instructions on how to redeem the offer.

imageI flew to Atlanta today for Tech-Ed North America. Tech Ed is a Microsoft public event that provides the most comprehensive technical education across Microsoft’s current and soon-to-release suite of products, solutions, and services. www.msteched.com.

While taking a taxi to my hotel I noticed that the interstate on the other side of the barrier was shutdown with a huge presence of police. I asked the taxi cab driver what was going on. He stated he didn’t know but it has been shutdown for 3 hours and that on the radio they didn’t know why. I took that as a challenge to find out why. So I search the internet using Bing. I couldn’t find anything. No, Google didn’t find anything either – nice try. I refused to fail. Then I checked on Twitter. On twitter I found that First Lady Michelle Obama was giving a commencement speech at Spelman College here in Atlanta. I then triumphantly gave the cab driver the information.

This incident helped me realize that Twitter is an amazing tool that really has changed the world. I have several examples of why I see this tool as having such a huge impact on our world. It was only about a year ago that I thought Twitter was a big lame waste of time. I thought it was just a bunch of people telling you what they had for lunch or that they were sitting in boring line… lame, lame lame. But then came the Chicago earthquake on February 10th 2010. A coworker knew the details within minutes of the quake due to twitter. Wow! Where else online could you find that out that fast? This was the start of my enlightenment about the power of twitter.  Just think about the huge impact Twitter has had on the world in the past 6 months. It played a huge part in the unrest around the world. It continues to help us know what is happening in the Middle East. It is a true intelligence tool. It doesn’t leave the reporting of news to the traditional reporters. News passes around the world in seconds as it happens through they eyes of everyday people. Another example of this is the guy who was tweeting about the US Navy Seals helicopters as they swooped in to nab Osama Bin Laden. Yes, Twitter is really a very powerful tool.

imageI flew to Atlanta today for Tech-Ed North America. Tech Ed is a Microsoft public event that provides the most comprehensive technical education across Microsoft’s current and soon-to-release suite of products, solutions, and services. www.msteched.com.

While taking a taxi to my hotel I noticed that the interstate on the other side of the barrier was shutdown with a huge presence of police. I asked the taxi cab driver what was going on. He stated he didn’t know but it has been shutdown for 3 hours and that on the radio they didn’t know why. I took that as a challenge to find out why. So I search the internet using Bing. I couldn’t find anything. No, Google didn’t find anything either – nice try. I refused to fail. Then I checked on Twitter. On twitter I found that First Lady Michelle Obama was giving a commencement speech at Spelman College here in Atlanta. I then triumphantly gave the cab driver the information.

This incident helped me realize that Twitter is an amazing tool that really has changed the world. I have several examples of why I see this tool as having such a huge impact on our world. It was only about a year ago that I thought Twitter was a big lame waste of time. I thought it was just a bunch of people telling you what they had for lunch or that they were sitting in boring line… lame, lame lame. But then came the Chicago earthquake on February 10th 2010. A coworker knew the details within minutes of the quake due to twitter. Wow! Where else online could you find that out that fast? This was the start of my enlightenment about the power of twitter.  Just think about the huge impact Twitter has had on the world in the past 6 months. It played a huge part in the unrest around the world. It continues to help us know what is happening in the Middle East. It is a true intelligence tool. It doesn’t leave the reporting of news to the traditional reporters. News passes around the world in seconds as it happens through they eyes of everyday people. Another example of this is the guy who was tweeting about the US Navy Seals helicopters as they swooped in to nab Osama Bin Laden. Yes, Twitter is really a very powerful tool.

thumbnailCAOBRS1OI attended the AITP Region 5 Conference yesterday and had the pleasure of listening to Stephanie Wright from the FBI present on Cyber Security. She talked briefly about “Spear Phishing” and it shocked me at how vulnerable I have been to this type of attack. Most of us know what Phishing is. Phishing is an attempt to acquire sensitive information such as usernames, passwords, bank account numbers,  or credit card details by sending fraudulent and misleading emails. For details on how to recognize Phishing emails see the link below.

How to recognize phishing email messages or links:
http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

I already know not to click on the average type of Phishing emails that we all receive but what about an email that you receive from a coworker or a conference you just attended? Would you open a PDF attachment from them when it is sent to just you? Let’s define Spear Phishing.

Spear Phishing is a targeted phishing attack. It is done by sending you an email and spoofing the email address so it appears to come from someone you know. The attacker gets this information from your Facebook account, company website, or other public source. The attacker picks a coworker or family member and sends you an email that appears to come from this person you know. This email has an attachment such as a PDF or Word document. When you open the attachment it attempts to infect your machine with a key-logger class tool designed to steal your financial information and eventually your money.

Another variant of this is to send you an email from a conference you just attended and let you know that the presentation from the conference is attached or better yet that the attachment is your unpaid bill. Who wouldn’t open that? This is a hard one to defend against.

How do you protect yourself from a targeted phishing attack? There is no silver bullet for this. I do have a few thoughts that will reduce your risk.

  • Keep your systems patched – this will limit the vulnerabilities
  • Use antivirus – Microsoft has a great free version – there is no excuse for not using antivirus
  • Don’t open email attachments – hunh? I can’t do that either
  • Use a dedicated machine for your online bill pay and don’t do email or surfing from that machine
  • Hope & Pray Winking smile

If you have other ideas that can reduce the risk from Spear Phishing please share them with me. (No, not in an email attachment. lol)