Notes from the Virtual Study Conference 2010

Last Saturday I spent at home attending the Security Track the the Virtual Study Conference 2010.

The conference was the first edition of this virtual, worldwide conference and consisted of tracks in both Polish and English.   
After reviewing the different tracks I decided to go for the securitytrack that sounded very promising, and belive me it really went above and beyond my expectations..

The first Session Thomas Shinder heldt on DirectAccess and Microsoft Forefront Unified Access Gateway 2010 was a good walkthrough of the technologies and possibilities Microsoft provides for remote access.

The second was a great and detailed explanation by Tomek Onyszko on how Kerberos authentication works.

The next session was called Cybercrime: The Gathering Storm! By Andy Malone, and I must admit that this was the session I was most looking forward to.
A description of the latest trends regarding cybercriminal sophistication, the impact of the credit crunch and Chinese ”hacking schools” and their latest targets.
Packed with demos of the tools available for information gathering, Phishing site “generators”, and other malicious tools a cybercriminal has in his toolbox.
This session was truly amazing and I am happy to be able to link to the same presentation held at TechEd earlier this year.

Getting ready for the second season of IT-classes for Immigrant Women

I would like to share some experience I have had recently with doing some volunteer community work, creating and running a computer class for Immigrant Women in Oslo.

Background
Last autumn my employer Steria had a vision of trying to help out in the local community by sharing some of the skills and resources the company possesses.
A local organization called the Church City Mission who does community work was contacted, and there were discussed different ways that the company might contribute.
The Church City Mission came up with the idea that we could hold computer classes for users of a center focusing on health and family-care they ran, with many immigrant women among the users.  
Many of whom are lacking basic computer skills.

An email was sent out to all Steria employees in Norway asking for people to contribute.
I decided to join in and see what this was all about.
At the first meeting with the volunteers I accepted the task of creating the class material, as well as holding the class for a group of Somali women (with an interpreter).
In parallel with this class we held classes in Arabic for Iraqi women and in Urdu for a group of Pakistani women, these classes where held by volunteer Steria employees who speak these languages. More

Moving my passwords from my wallet to the cloud

Stopping passwordreuse with Roboform Online and GoodSync

A lot of people have a handful of passwords that they keep re-using for more than one personal online account.
This is a habit that is as understandable as it is dangerous, since we are constantly creating more and more  online accounts and remembering unique passwords and where they should be used is not an easy task.
Even though most of us have been fine reusing the same half-dozen-or-so passwords over and over again for years, I think the days of innocence are coming to an end, as recent studies by  Kaspersky Lab shows that “Password reuse opens door to ID theft” .

Passwordmanagers are well and good but they have one big problem  – you are helpless when you do not have access to it.
More

So long, and Thanks for all the Sid’s

On the retiring of the NewSid tool and the creation of Myths in IT

When working as a consultant, its not unusual to come across  customers who for some reason has chosen to do things in a way that is not in accordance with established “Best Practice”.

Often the customer will tell you that it is because of some unique characteristic of his solutions and environment, and that the decision not to honor the best practice is based on previous experience of internal staff, and/or other external consultants. The rationale behind the decisions might have been true in the past , but may not be true anymore.
However- the details of the previous experience is not known, – but someone once made this decision, so it must have been based on some rational reason, – right?
More

Deployment CD second edition out now

Johan Arwidmark from TrueSec has released a new version of his excellent Deployment CD.

The CD covers Lite-Touch Deployments using the Microsoft Deployment Toolkit and Zero-Touch Deployments using System Center Configuration Manager 2007. The first version covered these topics using MDT 2008 while the new edition uses MDT2010 and SCCM Sp2 R2.

The CD consists of step-by-step Guides and Video Tutorials:
More

SCCM 2007 R3 Announced

The System Center team has today announced the plans for the upcoming SCCM 2007 R3.

The added features are mostly about power management,  a feature I think captures the zeitgeist in a great way.

In these times of financial crisis, IT-departments are looking to cut costs, and are at the same time encouraged to “think Green IT”

The upcoming release of the SCCM 2007  R3 can help IT-departments address both these concerns – by providing tools for power management for SCCM 2007 clients.
More

PowerShell Scripts for finding Services and Scheduled Tasks that are using a specific account

A while ago I created some scripts that others might find useful.
The scripts where made for checking whether or not it was safe to disable a specific account, by looking for services and scheduled tasks that might be needing this account to run.
The scripts where originally made for checking win-2003 servers.

I have written them so that they now look for the use of the local administrator account on the servers, the scripts can therefore be helpful if you are going to disable this account in your environment (which you should..)
I made three scripts to accomplish this task, one “ping-script” to get a list of servers to check, one to check for services and one to check for scheduled tasks.

More

Hyper-V Management Pack for SCOM 2007 released

On Friday Microsoft made the Hyper-V Management Pack for SCOM  2007 available for download from the Microsoft Download Center.

Features include:

• Management of critical Hyper-V services that affect virtual machines and host server functionality
• Management of host server logical disks that affect virtual machine health

• Full representation of virtualization in a single Hyper-V host server, including virtual networks, virtual machines, and guest computers

• Monitoring of virtual machine hardware components that affect availability

Get it here!

Corrupt test DB with no Backup -going for the last resort

Today I was notified by a coworker that a database running on a VM in our test lab was acting up and that the event-log was filled with error messages like these:
____________________________________________________________
“SQL Server detected a logical consistency-based I/O error: incorrect checksum (expected: 0xdadadada; actual: 0×6d6d6d6d). It occurred during a read of page (1:4232) in database ID 5 at offset 0×00000002110000 in file ‘C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\databaseName.mdf’. Additional messages in the SQL Server error log or system event log may provide more detail.
This is a severe error condition that threatens database integrity and must be corrected immediately. Complete a full database consistency check (DBCC CHECKDB). This error can be caused by many factors; for more information, see SQL Server Books Online.”
____________________________________________________________
pretty scary stuff If you ask me..
More

The hard to find SystemCenter Partner forums at Microsoft

Rod Trent over at myitforum posted these links to the Config Manager and Operation Manager Partner Forums.

I believe you will need a Microsoft Live Account associated with a Microsoft Partner to log in.
Configuration Manager:
http://social.technet.microsoft.com/Forums/en-US/partnersystemcentercm

Operations Manager:
http://social.technet.microsoft.com/Forums/en-US/partnersystemcenterom