Digital Choke Daynotes

Regarding the XP/SP2 update, I found this in the Microsoft Knowledgeable, which talks about the problems some programs have with SP2. Most of the problems are with ports that the new SP2 firewall now blocks. So the article tells you which ports you need to to open for that particular program.

The schedule for SP2 availability for Automatic Update systems has been delayed a couple of days, according to an article in eWeek. MS says that the delay is by request from large customers who are not ready for the update because they haven't finished testing it. That sounds reasonable. XP-Home users should be getting it today, as will companies that are using the Software Update Server (free from MS). The "SUS" is built so that the administrator gets to decide which updates to release, so those users can delay the update for a bit. XP-Pro users with Automatic Updates are supposed to get it later this week.

We geeks ("us geeks"?) with fat pipes have already gotten the full 270MB update. I've burned a copy for my family; at work the network services guys are still testing. Although I think that the main problem we might have at work is users calling the Help Desk with questions about the new firewall popup messages. I still have no problem with the update for home users. More geeky SP2 information (quite extensive) is available at this MS site.

I note that Wired magazine's on-line edition has decreed that, from henceforth, they will be using the term "internet" in all of their stories, rather than "Internet". Details here.

On a different subject, someone passed along this link to the 'word popularity' site. You type in a English word, and you get the popularity score of that word. It can be a bit of a time sink, though, but interesting. I spent a bit of time there, and sent this along to a friend:

About that "word count" site: I noted that "John" = 266, "Kerry" = 14903, for a total of 15,169. And "George" = 913, "Bush" = 2629, for a total of 3,542. Not sure what that means...

It would seem that we ought to be able to figure out some sort of "word count ranking" game for names. We just need to figure out what to do with a person's name that isn't in the word list. Do you average the other scores, apply a weighted value, or what?

In that spirit, I am:

Rick (10992) Hellewell (unknown) at digital (4393) choke (16934) dot (6022) com (22709)

As we have warned before, 'phishing' is becoming quite common in emails. With some clever tricks, some of which are hard to spot, you can be fooled into clicking on a link that will look like your bank's web page, but is actually a page designed to get your financial information. If you fill in the form, you can bet that your bank account will have fraudulent charges in about an hour.

At the office, we've been getting a lot of these phishing emails. They are hard to block, as they don't contain executable attachments. And some of them are quite good. You regular readers (yes, both of you) have read the report I did on one phishing email here, and have taken the phishing test here.

Phishing emails are increasing, and getting quite good (see more examples at the Anti-Phishing Organization in their "Archives"). Anti-virus won't find it, and a fully patched system (even XP/SP2) can be fooled.

The folks at the Internet Storm Center provided a link to a browser add-in that displays the actual domain name of the web page. "SpoofStick" is available for IE and Firefox (doesn't work with NetCaptor). It adds an additional toolbar, and shows text like "You're on digitalchoke.com". That's all it does, but will help ensure that you are on the site that you think you are. Recommended. Get it at here.

One of the things I Get to Do is maintain and issue VPN certificates to those that need remote (outside the office) access to our network. We try to be pretty strict with the requirements of a computer that gets a VPN certificate. It's important that the computer is properly configured, since a VPN connection assumes a trusted relationship between the computer and our network.

A lot of people think that a VPN connection is a secure connection, so nothing can happen. The 'secure connection' part has two parts: the connection between the computer and our network (through a secure hole in our firewall), and encryption of the data between the two connections (so nobody can 'sniff' the data during transmission). Once you have a VPN connection, your computer is part of the network, just like it would be at the office computer.

So in addition to making sure the office computers are properly configured and protected, you need to make sure that computers connected via VPN are properly configured and protected. The basic parts of that protection are firewalls, operating system updates, anti-virus protection and updates, and adware/spyware protection. With those parts in place, you can have a trusted connection to the network through a VPN connection.

I spent most of yesterday and today revising our standards document that details the proper configuration of a computer that wants a VPN connection. I also created an installation document, complete with screen shots, of the proper installation of the VPN client software. It all looks pretty good now, so I sent a notice out to the various departmental network administrators and support staff that included the new documentation in PDF format.

I also updated our internal Information Security web pages. (I'd give you a link, but it's internal, so it wouldn't do you any good.) Those pages contain the company acceptable use policies, information on proper computer use, protecting information, and also include help for employee home computers. Similar to the reports here (see the report links at the top of these pages), the pages are another way to educate the users on 'safe computing" -- safe for the company information and access and availability. The main mantra of an Information Security office is to ensure "CIA": Confidentiality, Integrity, and Access. (And if you do that right, you have "CYA"'.)

I noticed on John Doucette's "Silicon Patch" (one of the Daynotes gang) pages that they had a problem with disappearing laptops at his work. Seven laptops went away (4 company and 3 personal). It's not the cost of the laptops that is the problem, it's the data on there that you worry about. Although it is probable that they were stolen for the laptop, not the data, you still worry about it. Proper protection of a laptop is important. One wonders if a $20 laptop cable lock would have prevented the loss. Or a policy of requiring power-on passwords and encrypted document folders for all laptops. Or even keeping track of serial numbers, and anti-theft stickers.

Perhaps you have a computer going off to college. Have you thought about the proper protection of that computer? The Internet Storm Center reported today that an un-patched, unprotected computer will become infected in under 30 minutes after connection to the internet (and probably faster on a college network).

Since Stacy (youngest daughter) is returning to collect the end of next week, I've spent some time protecting her computer (she has a desktop and a laptop). Before she leaves, both will get:

• Windows XP SP2 Update
• Windows Office Update
• Firewall enabled (Windows and ZoneAlarm)
• Automatic Updates (set for download and install)
• Anti-virus current with hourly update checks, configured to check all incoming files
• Anti-spyware/adware check
• Security cable lock
• A printout of my "Home Computer Checklist"

And I will spend some time teaching her how to keep protected, along with email and phone reminders while she is gone. I suggest that you might consider the same protection for the computers in your life.

By the way...what do you think of the new font/color/size? Better? Worse? Hard to tell? Don't care? Hit the mailbox icon and let me know. (Here is a slightly smaller size...is this more readable, or less?)

I got a few votes on the new font. Most like this size rather than the "slightly smaller size" (Dan S mumbled something about "bigger is better"). The back of my head has been pondering a redesign of this place. Perhaps a new coat of paint, steam clean the rug, clean the windows. So don't be alarmed if things look different all of a sudden.

At work, there is a BindView report that runs at 2 am (not pm), making a list of all the user id's that are still logged in. Since the company is not a 24-hour place, the number should be a lot less than 340. The report is saved as a spreadsheet file, and one of the columns is the user's name. So I added a column with a formula of the user name plus our local domain name, which gave me their email address. A copy of that range into the "To" field of a mail message, and a polite message reminding people to log out at the end of the day, and the send key finished off that job. I got a few apologetic responses, so at least people are paying attention.

Another report that is run on a regular basis is a list of inactive users -- people that haven't logged on in the last 90 days. Those kinds of accounts can be a security risk, so they need to be deleted. That report is sent to the respective department's admins, who are supposed to take care of getting rid of the inactive accounts. They haven't been keeping up, so I sent off a reminder to them.

The weather here is cooling off a bit from the 98-102 F of the past few days. So this evening's chicken thigh barbeque job turned out nice. Pam pre-cooks the chicken, so I just cook in the BBQ sauce. Some corn on the cob, homemade biscuits, and a nice dinner in short order.

So now I have the laptop in it's assigned place, the TV tuned to the Olympics. I watched Hamm come back from that bad vault, winning the gold; quite impressive. But it didn't get over until midnight, and I get up at 5am. So there's not much energy this time of night. I am enjoying the Olympics, overall. Although I am getting tired of some of the new show promos. (Like the "Father of the Pride" cartoon. No way that will show up on my TV viewing schedule.)

... more later ...
Last Week	Next Week	Prior Weeks	mail	bookmark	The Digital Choke story