As promised, here’s the link to my presentation at the 2012 Rock Eagle Computing Conference: Leveraging Active Directory Group Policy to Patch Common Windows Applications
If you have any questions, please don’t hesitate to post a comment on this page.
One person had asked about doing reporting via GPO. I’m not sure of what (if any) native AD support there is for doing inventory reporting. We ended up using OCS Inventory to track machines, and deployed the agent via GPO.
After several weeks of random blue screen crashes, I finally broke down and examined the event logs to see why my OS kept borking out. With a short google of the stop error, I found that my computer was overheating, causing it to randomly shut down in an effort to keep my CPU from melting. This was a shocker to me, as I purposefully bought one of the best cases for cooling available. After cracking open the side, I quickly realized that 2 years worth of dust had clogged my CPU’s heatsink, and covered all the components inside like the first snowfall of the season. I emptied a can of compressed air in an effort to de-dustify everything, but I was still seeing idle temps in the high 40′s. Enough was enough, and I decided to pull the trigger on the Noctura DH-14 that I’d been eyeing ever since I built this system 2 years ago.
This thing is MASSIVE. It’s easily 4 times the size of the stock heatsink and fan for my AMD Phenom II. In fact, I had to look up on Noctura’s site to see that it would even fit in my case, and with my RAM. Some RAM heatsinks are too tall to accommodate the Noctura. I was a little worried as I have Ripjaws RAM with the fancy looking headspreader, but luckily it was on the compatibility list. I still held my breath a bit at installation, but thankfully I had a few millimeters of space once everything was attached.
In the last few years, the Java developers changed how updates to the Java Runtime Environment (JRE) are installed. Their installer first uninstalls any old version of Java on your computer, and then installs the latest version. This is a good practice, as it keeps outdated versions of JRE from making your system vulnerable to malware and known exploits. But what happens when it fails?
Imagine pulling in to your driveway one evening after a long day at work only to realize that your front door has been kicked in. After the police arrive, you discover that you have been burgled. That new shiny 50” plasma is gone. Your house is a mess. And there’s a tangled jungle of cables where your computer once sat.
It happens every day in America. All of us have door locks, and many of us even have sophisticated alarm systems to deter theft. But even the best door lock and alarm system can be thwarted, and chances are you’re not employing bank vault level security at your front porch. Most of us try to offset the risk of theft by purchasing insurance, renting safety deposit boxes, or even deploying our very own safe. But what steps do we take to protect our computer? (continue reading…)
Don’t you hate the endless stream of software updates? Did you know that one of the most common reason people get viruses and malware is because they’re running out-of-date software? For years Linux users had software repositories where they could update everything with a single click. Now Windows users have access to a tool with similar results, called Ninite. (continue reading…)
I’ve been seeing more and more people fall victim to the fake anti-virus viruses that have exploded in popularity in the last few years. With a blending of social engineering tactics, in addition to traditional technical exploits, “scareware” viruses have seen an exceptional level of success. Preying on users who are perhaps unaware of what (if any) anti-malware applications are installed on their systems; “scareware” viruses trick users by appearing to be legitimate anti-malware programs. (continue reading…)
I have over 100 passwords that I have to keep track of between work and everything else. If you’re as forgetful as I am, this can be a daunting list! After trying many different password management strategies, I’ve finally landed on one that’s easy for me to work with, and allows for a strong unique password for each web site I visit. Best of all, I only have to remember one single password.
Before we get into the details of password management best practices, I’d like to take a moment to remind you as to why it’s important to have unique and strong passwords. Recently Georgia Tech researchers published a study that shows that with modern computing power, it’s possible to crack 8-character passwords in under two hours. But by adding 4 extra character, the length of time increases to over 17,000 years. That’s because each additional character increases the possibilities (and subsequently the number of passwords to try) by approximately 95 times.
I first wrote about the dangers of phishing scams in the early 2000′s. I posted some tips on my old freelance company’s website, back in the pre-blog days. While I don’t have the original post anymore, the good news is the same tactics that I suggested then are still helpful today. And the even better news is there are a few new tools that can help you avoid falling prey to scammers.
Phishing scams are attempts by criminals to obtain personal information from you. It first started in the late 90′s when spammers needed to find legitimate e-mail addresses to use for their bulk mailings. Legitimate addresses were less likely to get caught in anti-spam filters, which were becoming commonplace at the Internet Service Provider (ISP) level.
The typical phishing scam we see today is an official (or not so official) looking message that claims to be your ISP’s support department. The message demands you respond with your username, password, and possibly other details, lest your account be deactivated. Some of these messages are easy to spot as forgeries. For example, I received the following message the other day on my UGA e-mail account:
Computer viruses have been a major frustration for computer users and IT staff for decades. And it’s particularly costly to business, as companies must hire IT workers to clean infected machines, absorb non-productive downtime in their employees, and possibly lose valuable data. Estimates vary widely, and it’s very hard to say what the exact cost is. But I think we can all agree that it’s an avoidable disruption. Much like your personal health, prevention is by far the most effective strategy at combating pesky computer-based critters.
Computer terminology is never-ending, so I’m not surprised that people are confused about what’s what. Malware is software designed to secretly access a computer system without the owner’s informed consent, while a viruses is malware that replicates. The term “malware” is an umbrella, under which the term “virus” falls. Some of the nastier programs I’ve dealt with haven’t ever tried to replicate – they only try to prey on your computer.
AIM
Email
Flickr
GooglePlus
LinkedIn
Skype
Twitter
Facebook