Lee Desmond

Site Home Background Contributions Tech Tips Events motd / blogs Feedback

Archive

2005 May 2005 Apr 2005 Mar 2005 Feb 2005 Jan More ... TechNet Plus

Message of the day (motd) / Blogs (Jun, Jul)

Comments or feedback appreciated here. Thanks!


[20050728] Security: Sygate - SSE 3.x End-of Life

Sygate Secure Enterprise (SSE) 3.x has already reached End-of-life (EOL) on 18 Jul 2005 but technical support will still be available through 18 Jul 2006.

Support, availability of patches for security vulnerabilities and lack of certain enterprise features (in 3.x) are some key points to consider for planning a SSE upgrade project, taking into consideration Sygate Security Agent (SSA) upgrade as well.

For the initial Sygate Enterprise Protection (SEP) 5.0 release, expected anytime now (Jul-Aug 2005), direct upgrade from 3.x is not supported. This will likely change in the next release towards Q4'05. The current version is SSE 4.1 MR1, released earlier this month on 12 Jul 2005.

Contact Enterprise Support for more information.


[20050727] Security: Ethereal - Multiple Critical Vulnerabilities

Upgrade to 0.10.12 is the official statement to plug multiple critical security vulnerabilities discovered in the popular protocol analyzer tool. Affected versions = 0.8.5 up to and including 0.10.11.

The zlib compression library used by Ethereal is also flagged with vulnerabilities (zlib 1.2.1 and 1.2.2). zlib 1.2.3 provides the fixes and now ships with the Windows Installer.

Check out the security advisory from ethereal.com.


[20050727] After Windows Vista, What's Next in a Name?

By now you should have heard about "Windows Vista", the official (marketing) name for Longhorn client OS, announced 22 Jul 2005.

But do you know that core presentation and communication subsystems in Longhorn (er Vista) also have been christened, together with the Beta 1 release of Vista client on Wed 27 Jul 2005?

Avalon = Windows Presentation Foundation (WPF) and Indigo = Windows Communication Foundation (WCF)

News as reported at eweek.com.


[20050726] Security: MS Windows - Does your copy of Windows qualify for update?

Official MS press release announced 25 Jul 2005, only genuine copies of Windows will be granted full access to download Windows updates. Exception is Windows security updates which will remain opened to all (Windows) users, accessible via Windows Update, Microsoft Update for Windows or the Download Center.

According to MS, all transactions are anonymous and work by installing an (obligatory) ActiveX control on the client side that works with the Windows Product Activation service at Microsoft's server end.

( Note: http://genuine.microsoft.com will be contacted as part of the validation process )


Switzerland [20050726] Calling Swiss IT Pros MC* (MCT, MCSE, MCP, etc.)

I have been planning to found an IT Pro User Group here in Switzerland supported by an international non-profit organization / network for sometime now. You are cordially invited to be part of this exciting initiative, as founding members at this early stage in particular.

This is an excellent not-to-be-missed opportunity and channel to network among your peers in CH and the region, and to show that IT Pros are strategic part of business, and that we really do care ;)

All that is needed now is a bit of your time off you (busy) schedule to make it happen! Please contact me directly for more details.

Thanks for your interests!


Switzerland [20050725] Movies - Original Dialog or Dubbed?

Movies from just about anywhere in the world are shown here in their unabridged versions and original dialogs with subtitles, whether in the cinemas or on local television stations (dual channel mostly).

Depending on the movie and target audience, some of them will be dubbed in the local languages (German, French and Italian) e.g. animation features, although certain mainstream or big budget movies are also dubbed to cater to non-English speaking movie-goers.

( Imagine mostly Europeans watching Stephen Chow's action comedy Kung Fu Hustle in the original version with only a handful of Asians in the cinema, yet they are able to follow the dialog reading subtitles, laugh along and enjoy it just as much! )

The only annoying thing watching a movie in cinemas here, besides the unbelievably expensive movie ticket, is the mandatory break halfway through. Lasting about 10 minutes, it gives movie-goers a chance to go to the bathroom or puff a few puff (although most cinemas have since gone smoke-free), and of course the refreshment counter to ring in some extra cash (popcorns, beer, ice-cream, etc.).

How is it like going to the cinema from where you live? It will be an interesting (unscientific) survey to see how the demographics look like.

Post your comments today!


[20050725] Security MS: Anti-Spyware - MS Anti-Spyware built on MS Abandonware?

Along with the Giant acquisition in Dec 2004, the MS Anti-Spyware product is perhaps one of the largest and few remaining fort developed on VB6 in the world, according to a report at theregister.co.uk. Being part of the family does have its privileges (no VB6 support issue), non?


[20050721] Security Active Directory - Server Operators Group Limitations

Members of the built-in 'Server Operators' group in an Active Directory 200x domain environment does not possess (almost) equivalent rights and permissions as that of the 'Domain Admins' group. Read how this misconception could impact IT operations (process, roles & responsibilities), security (risks) and business (end-users), to name a few.


[20050721] VMWare Workstation 5 - Snapshot Feature Unavailable

Legacy VMWare Workstation 5 images may not be 'snapshotable' hence miss out on newer features such as Cloning (workaround).


[20050720] Firefox 1.0.6 released (most languages)!

Following the heals of 1.0.5 announced Wed 13 Jul 2005, Get Firefox! 1.0.6 is released today. It fixes newly discovered API issues (affects only certain applications) and simultaneously extends support to multiple languages (vulnerability list).


[20050719] Evaluation - Blog / RSS Feeds

blog / RSS feeds - a frequent request from many readers of this site (here) leedesmond.com - it has been decided to attempt equipping the site with this new functionality. Production rollout or schedule remains undefined presently (can only work on it ad-hoc when time permits).

Several open-source options are still being evaluated since the past few weeks. bBlog is currently the one being leaned towards. It at least managed to install and worked on 'non-standard' configuration after much tweaking and cries for help (thanks to the exceptional support from development team and public forum). Some key functions still do not work as expected and a complete reinstallation was again recommended (already did installs and reinstalls at least 3 times by the way!).

You can read about the agony of the struggle as documented (note: link may go off-line or disappear altogether without warning as it is still under evaluation and testing).

Your suggestions, comments or feedback here are greatly appreciated.
Tune in for more updates!


[20050719] Microsoft Switzerland Security Blog

Switzerland Microsoft Swiss Security Team recently launched a blog (20050705) focusing on security and related topics. Pay them a visit today!

The team (info from blog):


[20050718] MSSC secguide blog

This is a gem of information from the MS source that created all those security guidance solutions for the IT Professional community. See what you (may) have been missing at secguide's Weblog.


[20050718] Microsoft Malicious Software Removal Tool - Availability and Supported Platforms

Some caveats that an IT administrator needs to be aware of as summarized in Tech Tips.


[20050717] Alert Security - SpreadFirefox.com Hacked to Spread Spam? - Correction

There was a public post "Spread Firefox Downtime" by Asa Dotzler (asa) on Fri 15 Jul 2005 about this incident, which can only be viewed after much navigation further down the main page at spreadfirefox.com (ref: '[20050715] Alert Security - SpreadFirefox.com Hacked to Spread Spam?').


[20050716] Multiple or Duplicate Entities in SMS Machine Groups (SSE 3.x/4.x)

Affecting both SMS 3.x and 4.x, potential operational issues can result if not addressed, particularly when SMS Machine Group level configuration is deployed. More info at Tech Tips section.


[20050716] ipconfig /all - Contact MS PSS ?

If you have been to Tech.Ed recently and had connected to CommNet with your Windows machine, running "ipconfig /all" at the command prompt may elicit a different response:

Network functionality does not appear to be affected and ipconfig can alternatively be retrieved by using the GUI interface of the NIC (e.g. WiFi NIC > Properties > Status > Support > Details).


[20050716] Virtual PC 2004 - "Hang" after Resume from Hibernation

For more information see the Tech Tips section.


[20050715] Alert Security - SpreadFirefox.com Hacked to Spread Spam?

News (officially) broke today that SpreadFirefox.com has been compromised (hacked?), discovered only on Tue 12 Jul 2005, which was possibly the reason why the site was inaccessible most of the day.

However, it was believed that the attack actually took place much earlier, evidenced by multiple Emails received several days in a row, as shown below (in German German):

Note: Lese selbst = Read (it) yourself

The usual prescription applies - delete the mail if not already opened; otherwise do not click on any embedded links within the message.

Only today Fri 15 Jul 2005 that an administrative Email touching on this incident finally arrived from the Mozilla Foundation:

( curiously enough, this incident is not even mentioned anywhere on the affected site spreadfirefox.com )

[quote]

From: admin@spreadfirefox.com
Date: Friday, July 15, 2005 5:39 AM
To: announce@spreadfirefox.com
Subject: SPAM-LOW: Spread Firefox outage and privacy breach notice
Attachments: (none)

On Tuesday, July 12, the Mozilla Foundation discovered that the server hosting Spread Firefox, our community marketing site, had been accessed on Sunday, July 10 by unknown remote attackers who exploited a security vulnerability in the software running the site. This exploit was limited to SpreadFirefox.com and did not affect other mozilla.org web sites or Mozilla software.

We don't have any evidence that the attackers obtained personal information about site users, and we believe they accessed the machine to use it to send spam. However, it is possible that the attackers acquired information site users provided to the site.

As a Spread Firefox user, you have provided us with a username and password. You may also have provided us with other information, including a real name, a URL, an email address, IM names, a street address, a birthday, and private messages to other users.

We recommend that you change your Spread Firefox password and the password of any accounts where you use the same password as your Spread Firefox account. To change your Spread Firefox password, go to SpreadFirefox.com, log in with your current password, select "My Account" from the sidebar, select "Edit Account" from the sidebar, then enter your new password into the Password fields and press the "Save user information" button at the bottom of the page.

The Mozilla Foundation deeply regrets this incident and is taking steps to prevent it from happening again. We have applied the necessary security fixes to the software running the site, have reviewed our security plan to determine why we didn't previously apply those fixes in this case, and have modified that plan to ensure we do so in the future.

Sincerely,
The Mozilla Foundation

[unquote]


[20050714] Happy 10th Anniversary MP3 !

10 years into being on this very day (14 Jul 1995), the MP3 file extension adopted for the popular audio coding format is still the undisputed leading music format of choice. This is due in part to its superior audio coding technology and acceptance as an international standard (ISO standard IS 11172-3 "MPEG Audio Layer 3"), and worldwide compatibility ensured with the publicly available MP3 source code. Read more about it from the German institute that revolutionized and started it all - Fraunhofer IIS (Institut Integrierte Schaltungen). German


[20050714] Alert Security - Kerberos v5 Multiple Vulnerabilities

A number of security flaws has been discovered in Kerberos v5, affecting a wide range of OS platforms base on the popular MIT authentication protocol - Solaris, Linux and Mac OS X - to name a few. More info at secunia.com and mit.edu.


[20050713] Mac OS X 10.4 (Tiger) - 10.4.2 Update

As reported in heise.de (German only) and available now for download from official source (apple.com).


[20050713] Firefox 1.0.5 released (English)!

Get 1.0.5 Get Firefox! here today (fixes recently discovered security vulnerabilities).


[20050712] Alert Security - Microsoft Bulletin Summary for July 2005

A total of 3 security bulletins were released on 'Patch Tuesday' - all rated critical - affecting Windows, Internet Explorer and WinWord. Learn more here.


[20050712] WPC - Breaking News: MCP Program Overhaul (was)

As announced in the annual Worldwide Partner Conference (WPC) in Minneapolis, Minnesota over the weekend (8-10 Jul 2005), the MCP Program is set for a major overhaul. Starting with the soon-to-be released MS SQL Server 2005 and MS Visual Studio Team System 2005, the revised MCP Program will take on titles segregated into three new certification tiers based on skill-identifying credentials:

Tier 1: Microsoft Certified Technology Specialist
Tier 2: Microsoft Certified IT Professional or Professional Developer
Tier 3:
Microsoft Certified Architect

How this new MCP certification framework will evolve and the effects on the majority of MCSE holders or candidates pursuing certification (based on old/current MCP program) remains unclear though (i.e. timeframe, upgrade path, cost).

Read more about it at mcpmag.com and techtarget.com (thanks to fellow MCTs Richard and Lorenzo).


[20050712] Sygate - Update Alert: SSE 4.1 MR 1 is now available for download

Some new SSE 4.1 MR 1 functionality include (per mailing list):

Available list of bug fixes. Contact Sygate Enterprise Support for more information or download access.


[20050711] Sygate - Handling IDS/IPS Library Updates (SSE 3.x/4.x)

Check out for potential gotchas in the Tech Tips section.


[20050708] Tech.Ed 2005 Amsterdam - Official Close !

Tech.Ed Europe 2005 - Amsterdam / The Netherlands (4-8 Jul 2005)
Hands shaking, big hugs, parting words ... hard to imagine that another Tech.Ed has come and gone right at this very moment after the last session 1730 hrs. Some delegates would have already left earlier, some later tonight while still others will fly off a day or two later (or ride the bike, drive, take the tram or ...).

Overall it was a blast and many of us, the MCTs that is, thoroughly enjoyed the entire event, not to mention meeting up with old friends, colleagues and "long-time no see" acquaintances, and the opportunity to network and make new contacts.

To sum it all - the event was generally well organized. Weather was not too good for most of the week (cold and rainy in Summer Amsterdam), food for lunch and the Tech.Ed Party can be greatly improved, better quality and courtesy of certain service personnel, etc. But most of us enjoyed every minute of it and sure had great fun!

Come join (most of) us at IT Forum 2005 Barcelona (Microsoft IT Forum 2005 from 14-17 November, Barcelona, Spain) - Hola !

Got to sign-off now... CommNet is closing in a couple of minutes soon. Have a safe trip back everyone!


[20050708] Tech.Ed 2005 Amsterdam - Photos Fri 20050708

Click for photos (click for photos)


[20050708] Your Feedback - Thanks!

I have been receiving many of your valuable input via the feedback channel on this blog. Many thanks for your interest and support - please keep them coming!

Note that a reply is possible only with your valid Email address and should take only a couple of days unless I am on the road (business or vacation). Drop me another line if you do not get a reply within a reasonable timeframe. Oh one more thing: please help jog my memory with a picture, web site or some references like "Hey Desmond we met at IT Forum Copenhagen and ..." :-)


[20050708] TechNet Plus - Your Source of Ultimate IT Toolkit

Don't wait - take advantage of many new exciting features introduced in TechNet Plus 2.0 today! Click on the banner on the left hand side of this "motd / blogs" page and mention "www.leedesmond.com" sent you. Thank you!


[20050708] Tech.Ed 2005 Amsterdam - Do You know ...

... that Euro 50 cents is expected by the nice lady that "guards" the gates of relieve to visitors of popular nightspots in and around downtown Amsterdam? Similarly, Euro 20 cents is charged for using this facility at most public areas.

In case you are wondering, we are talking about the place frequent by weary tourists to answer the call of nature, but usually cannot find them when they are most needed - the toilet.


[20050707] Microsoft Certified Learning Consultant (MCLC) - More details

As first reported in this blog "[20050705] Tech.Ed 2005 Amsterdam - MCT Breaking News (non NDA)", and picked up by mcpmag.com, more details about MCLC have been revealed. Read more about it here.


[20050707] Tech.Ed 2005 Amsterdam - Photos Thu 20050707

Click for photos (click for photos)


[20050707] Tech.Ed 2005 Amsterdam - How to say 70 in French and more

Overheard during lunch in the dining hall: 50 is "cinquante", 60 is "soixante" but 70 is "soixante-dix" (60 plus 10), 80 is "quatre-vingt" (4 times 20) and 90 is "quatre-vingt dix" (4 times 20 plus 10) - explained by a French to a Norwegian delegete.


[20050707] Netcraft Anti-Phishing Toolbar - Just Don't Say Yes or No

If a user without a minimum of "Power User" rights machine on a Windows machine attempts to start IE, the Netcraft Anti-Phishing Toolbar (IE v1.5.11) will display the following error dialog, even if the user has previously run the application successfully:

A couple of scenarios can happen:
1. Clicking No will continuously show the same dialog unless the Cancel button is selected (IE will start).
2. A click on Yes (to close IE as prompted) will result in another error message as follows (IE will be closed if opened):


[20050706] Tech.Ed 2005 Amsterdam - Photos Wed 20050706

Click for photos (click for photos)


[20050706] Memory Leak in Windows XP Tablet PC Edition - Fixed !

Finally acknowledged and a bug fix made available by Microsoft at KB895953.


[20050705] Tech.Ed 2005 Amsterdam - Keynote Product Availability Announcement

SQL Server 2005, Visual Studio 2005 and BizTalk Server 2006 will be launched 7 Nov 2005 in San Francisco. This was revealed by Andy Lees at the keynote address (corporate vice president of Server and Tools Marketing and Solutions).


[20050705] Tech.Ed 2005 Amsterdam - Photos Tue 20050705

Click for photos (click for photos)


[20050705] Tech.Ed 2005 Amsterdam - MCT Breaking News (non NDA)

"Microsoft Certified Learning Consultant (MCLC)" new premier MCT program announced at this very moment by Ken Rosen (MCT Closed Session "MCT 2005: State of the Program" Room D / RAI 1200 hrs - confirmed non-NDA).

In summary [quote]:

1. Target audience: Senior trainers who design and develop consultative learning solutions
2. Customer value: guaranteed technical, instructional and consultative competence for learning solutions tailored to their unique need
3. Trainer value: differentiation from core MCT community, early and preferential engagement opportunities
4. Partner value: differentiation from other Certified and Gold Partners; early and preferential engagement opportunities

Requirements:
1. Initial Certification: (a) Active MCT (b) Case study detailing a consultative learning solution developed and delivered by the consultant - to be reviewed and approved by regional review board (c) career advancement certification (MCSE, MCDBA, MCSA, MBS Certified Master) (d) customer ROI Attestation Letter
2. Renewal: (a) renew with MCT Certification yearly (b) requires additional case study every 2 years
3. no additional subscription fees for 2005-2006
4. exempt from minimum delivery requirements
5. applications accepted quarterly

MCLC Schedule:
1. currently in beta (a) review boards up and running for NA and EMEA (b) applications accepted by invitation only through Aug --- NA invitation sent in Jun --- EMEA invitations will be sent next week
2. open MCT applications accepted beginning Oct 1, 2005
3. applications only accepted during Oct, Jan, Apr, Jul
etc. (missed the rest, running out of time, PPT too fast ...)

[unquote]


[20050705] Microsoft Baseline Security Analyzer v2.0 (for IT Professionals)

Check out the updated version of MBSA at this download from Microsoft (20050701).


[20050705] Identity Integration Feature Pack 1a for Microsoft Windows Server Active Directory

Now available for immediate download from Microsoft (20050630).


[20050630] Tech.Ed 2005 Amsterdam - You are invited!

Tech.Ed Europe 2005 - Amsterdam / The Netherlands (4-8 Jul 2005)
MCT Proctor and "Ask-the-Experts" are a few key roles that I shall be undertaking at this European leg of Tech.Ed event. Come by and say hi ;-)


[20050628] Update Rollup 1 for Windows 2000 Service Pack 4 (SP4) - Just Released

Read more about it here and here (KB 891861). Make sure that sufficient tests are conducted before wide scale rollout as it also contains a number of updates. This is on top of security updates released between SP4 and 30 Apr 2005.


[20050627] Implement least privilege (NIST 33 Security Principles)

This is security principle # 24 as published in the National Institute of Standards & Technology's (NIST) Special Publication (SP) 800-27 "Engineering Principles for Information Technology Security (EP-ITS)" from the Information Technology Laboratory (ITL) in Jun 2001.

See why "least privilege" is not really a new security buzzword?


[20050625] Secure Work Habits: Least-privileged User Account

Login using a non local administrative account, not even power-user, a Windows 2000/XP machine can be kept relatively safe from the majority of *ware intrusions for daily business uses. Most of them typically manage to find their way onto a machine (hence the corporate network) via the ubiquitous web browser, regardless of how secure the perimeter network is.

Nevertheless, it is often necessary to execute certain tasks with an administrative account. To that end, the runas command can be deployed, either at the command line or right mouse click an application within the GUI.

An excellent tool that goes by PrivBar can provide visual cues to help a user distinguish between different running instances of Internet Explorer. Tweak UI is another cool tool (from MS PowerToys series). More tools here.

Note that phishing or pharming attacks are expected to rise with increasing rates of identity thefts (last week's Mastercard incident is another striking alarm). This is not dependent on the account credentials login to a system. To mitigate against such risks for on-line transactions (shopping, e-banking, etc.), consider Anti-Phishing Toolbar, available for both IE and Firefox.

Properly configured and up-to-date personal / desktop firewall, in addition to Anti-virus, Anti-spyware and latest security patches are standard measures to stay 1-up for any systems connected to the Internet. Good ol' common sense surfing habits round up the defense arsenal (e.g. type URL explicitly and never click on any suspicious links in Emails that cannot be easily verified).

Check out my article (Windows NetBIOS Protection: Closing The Door Ajar @ Home - Aug 2004) which sheds some light on removing superfluous services that are not essential for normal operations.

*ware = ad-ware, mal-ware, spy-ware, etc.


[20050625] motd / blogs Archive

Archive breakdown by year / month available now on motd / blogs page.


[20050625] Win Server 2003 SP1 - Block Delivery Temporarily

If Automatic Update is set to pull updates from Windows Update (WU) or Microsoft Update (MU) directly from the Internet, W2k3 SP1 will be automatically downloaded starting July 26, 2005. A W2k3 SP1 Blocker Tool Kit is available now which effectively controls this behavior until March 30, 2006 (tool similar to Win XP SP2). Note that W2k3 SP1 installation still requires manual administrative intervention.


[20050624] Tech.Ed 2005 Orlando - Photos

TechEd 2005 - Orlando, FL (5-10 Jun 2005) Click for photos (click for photos)


[20050624] Tech.Ed 2005 Orlando - MCT Breaking News (was)

In summary, Ken Rosen (MCT Worldwide Program Manager) announced that:

1. VSAT requirement is removed but DSAT not-to-exceed will remain in effect. MCTs with outstanding VSAT scores will be recognized starting MCT 2006 (no details).
2. Minimum delivery requirement waived for MCTs with 5 consecutive years of tenure.

Both will take immediate effect, and will be officially reflected in the MCT Flash and program guide soon (sometime mid July).


[20050622] SQL Server 2000 + SP4 = MOM 2005 not happy

Find out more here.


[20050621] Tech.Ed 2005 Orlando - SUS Successor Announced

In case it slipped off the radar, the eagerly awaited (and long overdue) upgrade to SUS (Software Update Services), Microsoft's free patch management system - now officially known as Windows Server Update Services (WSUS) - is finally here, as announced in Tech.Ed 2005 Orlando (Jun 6,2005).


[20050620] Tech.Ed 2005 Orlando - No Live Update Possible

Unfortunately, ftp file transfer was blocked and updates to this site were impossible at Tech.Ed's CommNet. A couple of pictures were taken and may still be posted at a later date; please check back.