I recently did an upgrade of a server which involved upgrading the existing HP Smart Array controller card and hard drives.  We have an HP ML350G5 server that was using an E200i integrated smart array controller and 4 5.4k SATA drives in a RAID 5 array (I know, 5.4k drives…   it was actually a misconfigured order from HP).  At any rate, I upgrade to an P400 controller with 512MB of Battery Backed Write Cache (BBWC) and 7 15k SAS drives.

We did a full backup of the system using Acronis True Image server, upgrade the hardware, rebuilt the array and restored the backup (again using Acronis).  One option I noticed during the restore was the option to create a new disk signature or extract the existing signature from the backup file.  The default is to create a new disk signature, so we went with that a performed the restore.  An hour and a half later, the restore finished and everything looked good.  Everything except the Microsoft Office applications.  They for some reason wanted to reinstall and activate.  I let it run for about 10 minutes while it looked like it was trying to install, but it was hanging so we killed the process and looked around for some articles on what the issue might be. (more…)

Microsoft recently released their free anti-virus, anti-malware and anti-spyware program called Microsoft Security Essentials.

Aimed at the consumer and small business market, this application really takes aim at the existing free anti-virus solutions out there, and even some of the pay solutions that consumers and small businesses use. 

The application is built on the same engine Microsoft’s enterprise solution (ForeFront) is built on, and integrates nicely into the operating system.  When I’ve tried other applications, including AVG Free, Avira, and Avast! I’ve always noticed the fact it was there in that my OS seemed to slow down to varying degrees when the software was scanning or downloading updates.

With Microsoft Security Essentials I haven’t noticed any impact to overall system performance.  In addition, the software caught a few things that the other applications mentioned above didn’t catch for whatever reason.

As a general rule of thumb I prefer built-in or integrated solutions simply because I feel there’s a better user experience, things are less intrusive and it just seems to perform better.

The big AV companies like Symantec, McAfee, Kaspersky and others surely must have at least a little trepidation over the fact the Microsoft has released a free anti-virus solution that they charge for.  Will Microsoft’s Security Essentials replace full-blown suites that Norton, McAfee and the others provide?  No, and it’s not intended to.  The others have firewall applications, inbound/outbound mail scanning, instant  messaging scanning, etc., that Security Essentials doesn’t have.  In my opinion however, those are all things you don’t really need in the first place and just slow your system down.  XP, Vista and Windows 7 has a firewall built-in, most people these days sit behind a cable, DSL or FIOS router which has firewall capabilities, and their IP address is masked behind the router’s NAT (Network Address Translation) feature as well.

Microsoft Security Essentials offers real-time scanning and virus, malware and spyware detection, so having an inbound/outbound mail scanner on top of real-time protection seems a bit like overkill to me as well.

What do you think?  Does Security Essentials fit the bill for you and your environment or do the added features offered by one of the bigger companies AV “Suites” fill the needs of your environment?

Microsoft is ramping up for the release of it’s newest operating system, Windows 7.  Set for general release on October 22, 2009 it promises to fix a lot of the stigma associated with Windows Vista.  The new OS is much nicer in a variety of areas than in predecessor (in our informal beta tests).  Overall it’s just a more polished OS, nicer interface, less intrusive security, and less of a hardware hog.

If you’d like to get your hands on this new operating system, but don’t want to either buy a new PC with Windows 7 preinstalled or shell out the $120 – $320 for the new OS (depending on the edition and if you buy the upgrade or full-retail version), then host a Windows 7 house party!  Microsoft is giving away special Ultimate Editions of Windows 7 to select groups in the U.S. and select other countries for spreading the word and hosting a house party between October 22 and October 29, 2009.

The folks over at ARS Technica have more information on the program, along with details on how to sign up.  Are you as excited about Windows 7 as we are?

Network security has been, and will continue to be, a hot topic among information technology professionals.  As a systems or network administrator, you should not only be aware of the need to keep a close eye on security, you should be actively engaged in it every day.  In addition to the tools listed below, you should also be looking at specialized training like Cisco CCNA Security training, Windows or Linux/Unix Security Training.

New vulnerabilities are discovered every day that could allow an attacker to penetrate your infrastructure.  Company data, company secrets, account information, financial data and more is at risk if your network is compromised. 

Here are 10 hacking tools that you should be aware of and use on a regular basis to help you see what the hackers see, and to keep your networks more secure.

Packet Sniffers

1. WireShark (http://www.wireshark.org)

Wireshark is perhaps one of the most widely used (and free) network monitoring / packet sniffing tools out there.  When you download and install, it will also install the WinPcap application.  Once your familiar with WireShark, you’ll be able to sniff your corporate network, trace conversations, identify insecure passwords, etc (especially using additional software like Cain & Abel).

This tools runs on Windows, Linux and Mac systems

2. Kismet (http://www.kismetwireless.net)

Kismet is a very powerful wireless sniffer, often used for “wardriving” (driving or walking around, searching for wireless networks to connect to).  A lot of features in this application including the ability to identity non-beaconing networks (networks that aren’t broadcasting their SSID).  Always a good idea to see how secure (or insecure) your wireless networks are if you have them within your company.  Wireless networks are one of the larger security holes in many networks (and home networks).

This tools runs on Windows, Linux and Mac systems

3. Cain & Abel (http://www.oxid.it/cain.html)

One of the most popular “password recovery” tools for Windows operating systems is definitely one you should be familiar with.  Insecure (i.e. weak) passwords offer little to no defense against a fairly knowledgeable hacker.  If they can can physical access to your network (including attaching to wireless networks) chances are they can sniff the network traffic and crack insecure passwords in a matter of seconds to minutes.  Routinely check your network for the existence of weak passwords using a tool like Cain & Abel to identify user’s who need to strengthen their passwords.

This tools runs on Windows, Linux and Mac systems

4. Metasploit (http://www.metasploit.com)

This tool is geared more toward people who do penetration testing (pen testing), patch installation verification, regression testing, etc.  It’s a framework that allows you to develop tools to test and launch exploits against your system to verify patches, defenses, etc., are working correctly.  A little more learning curve here, but if you really want to take your skills to the next level, this is one tool you should add to your skillset.

This tools runs on Windows, Linux and Mac systems

5. Hping2 (http://www.hping.org)

TCP/IP packet injection and manipulation is again a skill that is a little higher on the food chain, but something you should become familiar with.  Using this tool you can send partial ping packets, IP fragmentation, etc., to test firewalls, discover firewall rulesets, remote OS fingerprinting and more.

This tools runs on Windows, Linux and Mac systems

6. Nikto (http://www.cirt.net/nikto2)

If your organization maintains web servers, or you have a hosted solution that you want to ensure is up to snuff, a tool like Nikto might very well fit the bill.  It is a web scanner that can scan for thousands of potential vulnerabilities, and best of all it’s free and open source.

From the cirt.net website: Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

This tools runs on Windows, Linux and Mac systems

7. Nmap (http://nmap.org)

Nmap is a network mapping tool that can be used by security administrators to scan and test their networks for unidentified servers, hosts with vulnerabilities and/or unnecessarily open ports, etc.  Nmap is a popular tool among security administrators and hackers alike, and has been featured in such Hollywood movies as the Matrix: Reloaded and Die Hard 4: Live free or Die Hard.

This tools runs on Windows, Linux and Mac systems

8. Nessus (http://www.nessus.org)

Nessus is one of the most powerful network scanners available, and most serious security administrators tool of choice.  They have moved from offering a free version to a commercial version, which is potential cost prohibitive to some administrators.  However when you factor in the cost of remediating a hack to your network or infrastructure, potential loss of data, critical systems, and/or reputation it’s a small price to pay.

This tools runs on Windows, Linux and Mac systems

9. Snort (http://www.snort.org)

Snort is an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) that is widely used by security administrators to detect intrusions into their networks. It combines the benefits of signature, protocol and anomaly based inspection and is one the most widely deployed IDS/IPS technology worldwide.  There are a few pre-requisites for installing and running Snort, including Libpcap, PCRE, Libnet and Barnyard.

This tools runs on Windows, Linux and Mac systems

10. Retina (http://www.eeye.com/html/Products/Retina/index.html)

A commercially available network and security scanner from the folks at eEye Digital Security, Retina is a full-featured network monitoring application.  While not free nor open-source, it’s a popular tool used by many corporate and government security administrators.  Retina can also report on compliance with many corporate policies including SOX, HIPAA, GLBA, PCI and others.

Palaestra Training creates IT Certification Training videos for Information Technology professionals looking to achieve Microsoft, Cisco or CompTIA certifications as well as people looking to learn new skills. 

We’re pleased to announce that we now offer the award-winning MeasureUp exam simulation software with most of our training titles.

We include a full copy of MeasureUp’s award-winning exam prep software with most of our training titles.  This allows us to provide students with the best possible training experience.

MeasureUp has been a long time favorite among IT professionals and was awarded Redmond Magazine’s Preferred Product award as well as being a CertCities Reader’s Choice Awards finalist. 

Palaestra Training President, Christopher Rees states,  “MeasureUp’s exam preparation software is a great addition to our product offerings, and a perfect compliment to our already solid training.  Students are assured of getting the best training at a great price, now with the addition of exam prep tools to make sure they’re able to apply what they’re learning.”

Even in today’s economy, IT professionals continue to be in high demand and this trend is likely to continue for the next decade.  Our Computer Training Videos allow you to learn anytime, anywhere at your own pace.  Now is the time to invest in yourself and learn the skills that will make the difference in your career.

For more information, visit us online at www.PalaestraTraining.com

Every few years it seems like a massively virulent worm makes its way around the internet, and certainly this year is no exception.  The worm that everyone has been talking about the last few weeks is the Conficker Worm (Conficker.C to be precise, as this is the third variant of this worm).  This little piece of code does a lot to hide itself and takes advantage of a flaw in unpatched Windows systems.  It has the potential to be very nasty and can quickly spread around a network (and beyond) if left unchecked. 

Over 15 million PCs have reportedly been infected, and all of these suspected infections are supposed to kick in and “phone home’” on April 1st.  What happens when all these machines start phoning home?  No one knows for sure since it hasn’t happened yet, but the general consensus is that one goal may be to create a giant distributed computing environment that can be used for many different purposes; from spamming to snooping, collecting data, logins and passwords, sensitive information and so forth.  Another potential use would be a large-scale Distributed Denial of Service attack (DDOS attack).

Most of the Anti-Virus companies out there have been talking about conficker for weeks or more, and offer ways to keep your systems updated.  Make sure whatever anti-virus package you use, you keep updated.  Also install all the latest patches and/or service packs for your operating system (Mac users don’t have to worry about conficker unless you’re running Windows in a virtual machine or dual booting (i.e. bootcamp)).

Another great weapon against worms like conficker is the free DNS service called OpenDNS (www.opendns.com).  We’ve talked about OpenDNS before and how it can keep your browsing safer and more secure.  They’re an excellent service that enables you to fine tune your DNS and control what your users (or children) can and can’t get to.

OpenDNS has been actively updating their blocklist to include all the domains conficker may try to contact.  Worms like conficker, once activated, contact sites on the internet to get further instructions on what do to, where to go, etc.  Conficker.C supposedly generates some 50,000 domain names a day so trying to keep up with your own blocklist by hand would be a daunting, if not impossible task.

That’s one of the beautiful things about OpenDNS, is that they keep those blocklists updated for you.  By blocking access to those domains at the DNS level, you can effectively shut out any possibility (or most possibilities) of the worm actually being able to do anything.

So to protect yourself, some things to consider:

1. Update your anti-virus programs as soon as possible
2. Ensure real-time scanning is enabled on your Anti-Virus programs
3. Install all hotfixes, patches and updates
4. Turn on firewalls if appropriate (at the router or perimeter as well as individual machines – Again, do so where appropriate and make sure doing so doesn’t break any critical applications or connectivity)
5. Utilize a service like OpenDNS that blocks the vast majority of threats like the Conficker worm at the DNS level

Following these steps can go a long way to preventing the spread of worms, viruses and other general nuisances.

If you have a method or tool you use to keep your networks safe, please feel free to share!

I recently ran into an extremely annoying situation on two different computers, and strangely enough, two different operating systems.  One was a Windows Vista desktop and the other an Windows 2003 Terminal Server.

Every time I would launch Microsoft Word, it would crash upon exit.  I tried a number of recommendations from various tech websites, but nothing did the trick.

Finally I came across the fix, which was to fire up the good old registry editor (start > run > regedit) and delete a specific key in the registry.

The offending key is the DATA key under the following location:

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\

The “12.0” will vary depending on what version of Office you have installed.  Backup your registry first (anytime you work with the registry, back it up before you do anything…..  Just in case..).  Super important.  Hopefully you never need it, but it can save your rear-end should you ever need to revert back if something goes wrong.

Once you’ve “backed that thang up”, delete the “Data” key and fire Word back up.  Once I did that, Word started without a hitch and shutdown without a problem.  Hopefully this quick fix helps you as well!

Please leave a comment and let me know how you made out!

It looks like Microsoft is forging ahead diligently with their release schedule for Windows 7. 

At the recent Gartner Symposium 2008, Microsoft CEO Steve Ballmer stated that Windows 7 is not just Vista SP2, but rather a major OS release.  In fact, Ballmer states “It’s Windows Vista, a lot better”

According to the Microsoft MSDN Developer Conference (MDC), attendees will receive a beta of Windows 7.  The Microsoft MDC is taking place at various locations and dates/times throughout the country, so check their website for locations.

Note:  It also says if the beta isn’t available at the time of the conference, attendees will receive a copy when it becomes available.

So, take it for what it’s worth, but Windows 7 is on the way for sure.  We’re interested to hear from people who have been using the pre-beta releases.  From the early releases, do you see a massive difference from Windows Vista, or are they putting the finishing touches on Vista?

Let us know what you think, what you like and what you don’t!

December 1st, 2008 – Today through Wednesday, December 3rd, all of our Video Training series and Training Bundles are 30% off!

If you’re looking for great savings on Cisco Certification Training Videos, Microsoft Certification Training Videos or CompTIA Certification Training Videos, now is your opportunity to save big!  When checking out, use the promo code CYBER08 to have 30% instantly taken off your order.

This promotion only lasts until Wednesday, December 3rd.

Palaestra Training creates high quality IT Certification training for Microsoft, Cisco and CompTIA certifications and is the best, and most cost-effective way to quickly get up to speed, learn a new skill, or get the new job or promotion.

For more information about our training, or to view full-length free demos of our most popular training titles, visit us online at www.PalaestraTraining.com

Windows Vista has been with us for awhile now, and SP1 was released a few months ago to address a number of issues. 

Overall, sales have been less than predicted and reviews throughout the PC world have been less than stellar.  All of this may make you ask, as an IT professional “Should I skip Vista all together and just wait for Windows 7”?

Definitely a valid question, but in all honesty, even though I’m not a massive fan of Vista (I love some things and hate others) there are a number of reasons to deploy now and not wait until Windows 7.

(more…)