954NETWORK BLOG!

A relative of mine that was in the service sent me these images.

Jason (Digitalkid)
www.954network.com

I found this video on an MSN videos page. Pretty funny, and more applicable now than ever with all of the trouble that the public has had with Vista!

Bills Last Day - Video

Jason (Digitalkid)
www.954network.com

These days, there are more and more people surfing the Internet and as you may expect, there are more and more threats to personal information and computer operation. That is why I am writing this short guide to Safe Computing. These are basic guidelines that you can use to reduce the threat of virus, spy-ware or malware infection as well as Identity Theft and other Internet based threats.

1. Make sure you have anti-virus software: This is one of the most important items to ensure that your computer remains safe from Internet Borne threats. There are plenty of solutions available, some of them free (AVG Free Edition – ClamWin) and some better than others. If you go the free route, I recommend AVG. If you decide to purchase an anti-virus suite, some good ones are AVG Professional, Symantec products and Computer Associates (CA) products. Any level of protection is better than none at all. Also, make sure to keep your software up to date as well as your subscription.

2. Patch your Operating System / Applications: Microsoft regularly releases updates to all of their products. This includes Security updates, Service Packs and feature enhancements. Make sure to visit the Windows Update site at least monthly and keep your computer up to date. This is also very important and should never be taken lightly. You hardware or other software vendors may also release patches.

3. Pay Attention to Emerging Threats: From time to time you will here about a new virus, flaw or vulnerability on the news or elsewhere. When these bulletins are released, read up on them and assess your risk; apply any applicable updates and avoid any pitfalls mentioned. Just be sure it is legitimate. There are some hoaxes out there so make sure you only follow any instructions from a trusted source.

4. Beware of your Click: Some sites have advertisements that may be appealing, usually telling you that your computer is infected, that you should clean your registry or other various “tips”. Be ware of these as most of the time, they are designed to do more damage than good.

5. Active-X: The word alone strikes fear in my mind;. Never install an Active-X control that is not from a trusted source. If you do need to install an Active-X control, lets use Adobe Flash Player, do not install it from a site that asks you to do so. Go directly to Adobe’s site to download the plug-in!

6. Keep an eye on the URL: when going to any site, it is important to make sure that you are on your intended site and not a phishing site made to look like your intended destination. Check the URL (Web Address) in the address bar to make sure it is spelled correctly and is in fact the site you are looking for.

7. Certificates: If you navigate to a site and get a certificate warning/error prompting you to either accept or not accept a certificate, it is usually a good idea to not accept it. There are exceptions to this rule though. For instance, if your organization has a site to access email remotely (Outlook Web access or otherwise) and your administrator has made you aware of the certificate error you will see, it is usually okay to accept the certificate.

8. Email Attachments: I am sure that we have all heard this one but it is worth repeating. If you receive an attachment on an email, do not open it unless you trust the sender. Even then, you should first save the attachment to your hard drive and scan it for viruses before opening it. You never know if someone you trust has a virus and is inadvertently sending it to you.

9. Password Protect Your Computer: You should always password protect your computer and change the password every now and then.

10. Passwords on the Internet: when you choose a password for a site to which you belong (a bank, credit card etc.) you should always choose a complex password. This means a password containing upper and lowercase characters as well as special characters if you are able. Also make your password at least 7 characters long and never have your computer remember these passwords for you.

If you follow these steps and use common sense when surfing the Internet you can greatly reduce the risks that you face. Remember that there are a lot of other people connected to the Internet and some percentage of those people are out for one thing, to steal from others. Do not be a victim! Be mindful of your personal information and activities on your computer and you will avoid future sorrow.

Jason (Digitalkid)
www.954network.com

Recently, I had a customer who’s anti-virus subscription was about to expire. They had been running Symantec Anti-Virus Corporate edition 10.0, which was a great solution and worked well in their organization but they needed to upgrade as is always the case when renewing licensing and going forward as new technologies and threats emerge. As their consultant, I was charged with recommending which direction they should go. I read many posts (angry posts) on the Symantec Forums regarding Symantec Endpoint 11 and decided to recommend this solution as an alternative to a few others, including Sophos. After days of debating the Pros and Cons, the customer decided to go with Symantec Endpoint 11 (Much to my amazement after all of the bad comments) with the assumption that Symantec is the best. Luckily, according to some of the posts as well as Symantec’s web site and docmentation, the newer MR2 release was supposed to resolve some of the issues I had read in all of the Angry posts.

After purchasing and downloading Symantec’s product, I began reading all of the manuals (Like a good I.T. Guy) and eventually started deploying the product. Up until this point, I was convinced that I would be in for an overnight-er but surprisingly it was relatively easy to install. I used the SQL approach as the database engine as apposed to the built in database option as I had heard horror stories about this configuration. Servers running out of resources (Mainly Disk Space), shares being inaccessible and servers having to be re-booted daily or more.  Once I had the management console installed, I decided not to install the client on the server due to, you guessed it – more horror stories. Instead, I left Symantec Enterprise 10.0 on the server and upgraded all client machines with the built-in upgrade push available from the management console. All in all it went smooth.

After a few days of playing around with the management console and the client, I noticed a few major issues including a great deal of communications between the Management Console (Server) and the Endpoints (Clients) so I began to investigate. After sniffing packets and reading (and a few cups of coffee) I determined that the traffic was being caused by the server “Pushing” communications as well as the constant checks for updates. To alleviate this, I set all clients to “Pull” updates every “X” hours, I also deleted the default update policy and created a new one that dictated that the server should only check Live Update for new content every 2 hours between 6:00 P.M. and 6:00 A.M. daily. This drastically reduced the amount of network traffic.

So, after sorting out the network saturation issue mentioned above, I was faced with the large consumption of resources that the Management Console was putting on the server. This was a relatively easy issue to resolve. I simply limited the amount of memory that the SQL server was allowed to consume to 256 MB and wrote a small batch script that restarts the Symantec Services each day at 6:30 A.M. and 5:30 P.M. as to not interfere with the update schedule. Once I had observed this configuration for a few days, I was satisfied with the results and so far all has been operational with a relatively low impact on the server.

Along with the Anti-Virus, Anti-Spy-ware and network protection features included in this product, there is also the capability to disable removable storage devices such as Flash Drives. This particular client was very interested in this feature as they are in a highly sensitive industry. That being said, I created a policy for select clients that prohibits the use of removable media devices and I must say, it works well.

Some of the things that I have noticed to be annoying is the new interface of the client as well as the Management Console. Symantec has switched from an MMC format as seen in earlier versions of their Corporate Anti-Virus to a web/java based interface. This thing is CLUNKY. Descovery of unmanaged clients usually takes longer than the login timeout so it never completes and the reporting functionality is sub-par. I do, however like the Active Directory integration features as well as the informational dashboard.

This configuration was put in place about 6 months ago now and I have not seen any major bumps in the road. The system seems to work well and is doing what it is supposed to with regards to protecting the client machines against harmful applications. All in all, after discovering a happy medium and wrangling this application into working properly, it is a decent solution. It provides a cost effective way to efficiently manage endpoint antivirus and security despite it’s early (Glaring) flaws, although I do not think that I will be recommending it to any future clients given the time and effort it took to get the thing working in the first place. I hear that there is an MR3 release, which I will be deploying at a new client (They had already purchased the license before my time). Hopefully the new version will not be such a pain to get working.

Jason (Digitalkid)
www.954network.com

The 2008 Elections are over and we have a new President with Barack Obama beating McCain and setting a new milestone for our country as the first African American president in the history of the United States. Around the Country, African Americans celebrated the victory with street parties and enthusiasm for the change that we need. And while this is a momentous achievement for African Americans as well as the Country as a whole, this election has been different all around starting with the candidacy of the first potential Female president in Hillary Clinton, the first African American President with Barack Obama and the first female Vice president with Sarah Palin (Along with the other candidates not mentioned here). This election is sure to be one for the history books. The real question is what will this new turn in politics mean for the American people? As a small business owner, I truly hope that there will be change in this Country that will benefit people like me as well as the working American. After two terms under Bush, any change is better than none in my opinion. I suppose we will have to wait and see what this new leadership will bring; cut through all of the campaign promises (or lies) and see what our new President will do for us, The American People.

Jason (Digitalkid)
www.954network.com

Blackberry, while a great smart phone, does not have any built in capabilities to Sync with an Exchange Server (Active Sync) like Windows Mobile and others do. There is one alternative to this and that is to forward a copy of the incoming email to a particular user to the devices email address. Here is how this can be done:

1. Create a Blackberry account if you do not already have one and assign the device an email address. I usually use [phonenumber]@provider.blackberry.net. Once that is created, send a test message to the address to ensure it is working. Also, change the “Reply To:” address on that email address to the users Exchange email address.

2. On your Exchange server, create a contact (Something like username-MOBILE) and set the smtp address for the contact to the address created for the device in the step above.

3. Open the properties of the user in Active Directory Users and Computers and go to the “Exchange General” tab. Click Delivery Options and change the “Forward to:” option. Choose the contact that you created in step 2 above. Also, make sure you check the box “Deliver messages to both forwarding address and mailbox” or the user will only receive email on the Blackberry.

That is it. Once you have completed the steps above, you can send a test message to the users Exchange email address and have them check to see if it was received in both locations. Also have the user reply to the test from their Blackberry to ensure that the address the reply comes from is their Exchange email address.

Jason (Digitalkid)
www.954network.com

From time to time, I find the need to enable Remote Desktop connections on remote machines (When it is not enabled on a client and I need to log into that PC). Luckily there is a neat little way to accomplish this, as long as you have Administrative rights to the remote computer and can connect it VIA remote registry. Here is how:

1. On the computer that has administrative rights to the target machine, open registry editor (Start > Run > Regedit – Enter)

2. Once in registry editor, click File and choose “Connect Remote Registry”.

3. Enter the target computers name or IP address and click OK.

4. Navigate to HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

5. Find the value on the right labeled: fDenyTSConnection (REG_DWORD) and change the value to “0″ (Zero) without the quotes.

6. Exit registry editor and connect to the remote computer with Terminal Services Client.

This is very useful when remotely managing new computers that were originally set up without this option enabled. Typically, this option is set under System > Remote tab.

Jason (Digitalkid)
www.954network.com

As a first time iPhone user, I was very impressed with many aspects of the phone. Firstly the design is unlike any other phone that I have ever had. It is sleek, thin and comparable in weight to many other smart phones on the market. It is also very simple and only has 5 buttons (Power, Volume Up/Down, Silent and Home), after that all interaction with the device is either done with the touch screen or through the built in accelerometer. On that note, the touch screen is the best I have ever used. It responds very well to all input unlike most Windows Mobile Devices that have touch screens. Another thing that I particularly like is the integration of most applications with each other. For instance, you can map an address with the Maps app directly from the information stored in a contact. Equally impressive is the fact that a fully functional iPod (As well as iTunes) is built right in and you can download all sorts of neat applications through the AppStore although WiFi is recommended or required for both. While all of the afore mentioned are very cool and interesting from the standpoint of entertainment, what improvements to productivity have been added? Great question, read on.

The reason I am a first time iPhone user is because I live in a Windows and Linux based world and could never shell out the type of money required to be an iPhone user without the option of configuring my corporate (Exchange) email account on the device. Well, Apple has added this functionality to the new iPhone and I am now reading my corporate email with ease. As well as reading my corporate email with ease, I am also sending my corporate email with ease. The keyboard/touch screen and auto spell check features on the iPhone make typing on the go a breeze. Another great feature is the ability to natively read PDF, Word and Excel documents on the phone.

After all of the praise given (And deserved) above, there are a few small issues that I have found with the iPhone. Although not major issues, they are still annoying. One such issue is the iPhones tendency to lock up for a few seconds when trying to type in the search field in contacts (UPDATE – V2.1 pretty much resolved this). The device also seems to hang up a little in general when switching applications quickly. Another small annoyance is the lack of options that are available. One such option is the ability to change the background of the home screen, which is a drab black. I have also heard a lot of complaints regarding 3G reception although I did not see that as I had already fully patched the device before experiencing the problem. Speaking of updates, there have already been 2 (Maybe 3) since the phones introduction. The battery life is also a bit shaky. If you want to save battery life, make sure you disable WiFi and Location awareness when not is use and also use the fetch feature for corporate email instead of push technology.

All in All, this device is superior to any other smart phone that I have had in the past.

Jason (Digitalkid)
www.954network.com