Phishing

Protect yourselves from Phishing attacks with this handy poster:  Phishing

Advertisements

Education. Education. Education

No, I’m not referring to one of Labour’s winning manifesto policies of the 1997 UK general election, in this case, I’m talking about educating end users about ICT security.

What lead me to write this article was an interesting issue I recently came across. I say issue, it was more of a surprise. A pleasant one I may add…

Think before you click!

pointer

In a typical world, most computers users are click happy. See an advert… click, new message pops up on screen… click, new email comes through… click!

In the brief pauses between the clicking of clicks, the computer user spends very little time, if any, to review what is actually being clicked on…

So, it came as a surprise (after many months and years of what I thought was a seemingly fruitless effort in trying to educate people), out of the blue, one of our customers emailed me to notify me that they had received a suspicious email, and could I investigate…

Sure enough, not only had the suspicious email happily passed across no less than four different AV & Malware venders to reach the users mailbox, none of the 56 vendors from Virus Total detected an issue either!

Of course, being highly suspicious, I sent the sample to one of our AV providers, an hour later they responded stating the attachment was in fact infected with a brand new virus: Halifax_Reactivation.pdf – PDF/Phishing.Agent.AV trojan and would be added to the next signature, which rolled out a few hours later.

So in the end, rather than a fruitless effort to make users aware of the risks; in this case at least, education proved itself to be above all else, a vital first defence against infection and potentially prevented major damaged to the business (imagine if that virus happened to be a new breed of Cryptolocker!).

Oh, and of course, that particular user was publicly thanked for bringing the problem to our attention, followed up with information from our AV vender…

TSN

Windows Deployment – Advanced Part 2: Using WSUS to inject updates during OS deployment

In this article, I’m going to demonstrate how to configure WSUS to work with MDT (or rather MDT to work with WSUS).

Now, updating the odd computer with the latest updates isn’t really an issue, even on the slowest of internet connections. But what if your trying to update tens, or hundreds of client computers during your image deployment? Every one of those clients is going to individually attempt to contact Microsoft and download necessary updates. You’ll find this quickly bottlenecks your internet feed, even on the fastest of connections.

What’s a WSUS?

No, cast that image that weedy person to one side!

WeedyMan

Because we’re talking about Microsoft WSUS!!

WSUS Logo

Continue reading

Windows Deployment – Advanced – Part 1. Performing Domain Joins Securely

In the first of this new multi-part series, I will show you how to take you Windows Deployment to the next level.

(For this series, we're assuming your running Server 2012 R2 with the latest updates, and the latest release of MDT 2013).

This article looks at locking down the os.deploy account that you use to automatically join computers to the domain.

So, let us improve the security of the mdt join account. This account which we have specified in CustomSettings.ini (Windows Deployment, Part 1: Configuring the Deployment Environment) and which is used by MDT to join the target computer to the domain.

If we leave this account as a Domain User, then MDT will be able to join the first few computers it installs into the domain but then will fail to join any others.

This is because by default Domain Users can only join 10 computers to the domain.

In our initial article, we made the account a member of the domain admins group – of course, perfectly acceptable in a lab environment, but not so in the real world.

This is because of these three facts:

  • The domain admin password is visible in the customsettings.ini
  • The domain admin password is sent in plain text across the network
  • The domain admin password is temporarily stored on the remote pc

So, how do we overcome this??

Continue reading

So, what exactly is ‘The Cloud’?!

The Cloud: A phrase that for many conjures up images of typical British weather, leaving many with the question: “What exactly is ‘The Cloud’?”

saas cloud

This article attempts to clear things up in time for summer and answer that very question.

 

What is ‘The Cloud’?

The cloud in its simplest form means: a set of servers or services offered over a publicly accessible network (ie. the internet)

Many people use cloud technologies every day, without even giving it a second thought.

Gmail, Outlook.com, OneDrive, iCloud and Dropbox are excellent examples of cloud based services you’ve likely come across both at home, and in the workplace.

 

What can ‘The Cloud’ do for me and my business?

There are many advantages for those looking to use cloud technologies:

Reducing infrastructure costs

Utilizing cloud technologies such as Microsoft’s Azure can help your business reduce it’s spend on IT hardware, maintenance agreements and ongoing costs associated with power and cooling.

Whilst services such as Azure don’t yet totally eliminate the need for on-site servers, it does reduce the quantity of servers your business may need to purchase or refresh in the future.

Improving your Disaster Recovery plan

If you have a need to back up your data, and let’s face it, who doesn’t, using a cloud service to store an offsite copy of your important documents or servers can offer a cost effective way of improving your disaster recovery plan.

 

Can you PaaS me the what???

Ever heard terms such as IaaS and PaaS? No idea what they mean?  Read on…

IaaS: Infrastructure as a service allows you to create your own virtual servers, without the financial overhead of purchasing your own server hardware.

PaaS: Platform as a service offers the ability to host auto-scaling websites and SQL databases, without the financial overhead or technical complexities typically associated with hosting those services in-house.

SaaS: Software as a service, such as Office 365, gives businesses the ability to improve collaboration and communication between employees and other businesses.


 

There you have it, the next time someone’s talking “the cloud”, theres no need to vacantly stare into the sky and wonder…

Death from above: The silent server room killer

It was a Tuesday morning after a bank holiday. 90 minute trek into the office, which was quicker than the usual two hour slog out of Cornwall.

Turned the laptop on, and grabbed a coffee whilst the laptop finished installing its selection of updates for Windows 10 tech preview.

Upon firing up our service board application, I was greeted with hundreds of server alerts from the evening before.

Careful inspection of the alerts showed that the aircon had failed in one of our customers backup server rooms.

Luckily, the extractor fan we insisted on having installed (after a secondary aircon unit was considered too expensive) was able to assist with cooling the room. Not enough to keep the room cool, but helped prevent damage to the hardware.

The local aircon maintenance company were called out to perform an urgent repair.

After under an hour onsite, the aircon engineer had resolved the problem and the disaster had been averted.

The problem? Dandelion seeds.

An excess of dandelion seeds had blocked the external inverter units fan, causing it to overheat and trip out the power. This of course shut down the aircon to the server room.

Unbelievable, but true. If you have external aircon inverters, its worth getting them checked out!

What can I do to prevent this:
Of course having redundant aircon units on separate supplies is a great idea (with an annual maintenance contract) , if funds allow, but having email alerts coming through is a great warning system, and its little to no cost to implement. It’s also possible to shutdown servers if they get hot (though of course that can have its own issues with regards to continuity of service).

I recommend taking a look at this guide from the guys over at howtogeek

60 days to go: Is this the biggest security threat of 2015?

The clock is ticking….

th

With less than two months from now, Microsoft will stop supporting Server 2003, leaving many businesses with a major security headache.

From July 14th 2015, Microsoft will no longer issue security patches for Server 2003, leaving it open to an ever increasing risk of virus, spyware and malware infection, not to mention a plethora or security holes allowing hackers to gain access to a businesses network (67% of IT security breaches happen with businesses employing less than 100 staff).
microsoft-windows-server-2003-qih-800

Enable Hyper-V replication between two workgroup servers

Hyper-V replication is an essential ‘server availability’ tool for any organization. Whilst it is not a substitute for good backups; it will allow you to restore an up-to-date copy of your virtual servers very quickly, should your primary host hardware fail.

In this tutorial, i have built two Windows 2012 R2 servers using a pair of old Dell Optiplex 580’s (AMD Phenom CPU, upgraded to 8GB RAM each), and a single 8 port Netgear GB switch.

Hyper-V-logo

The Primary server name is: Truro

The Secondary server name is: Exeter

Lets get started…

Continue reading

How to reset a forgotten server admin password…

A few weeks ago, we had a call from a business who’s IT support company had gone AWOL.

This left the business with a server they were unable to access – you see, the IT support company hadn’t provided their customer with any passwords or documentation for their server.

hqdefault

So, when we got the call, the company I work for did as any good IT support business would…  we donned our superhero capes and got stuck in….

 

Here’s how you do it:

Continue reading