Hope you all have a great day and are touched by the miracle of Christmas. Best wishes on this joyous occasion!
Information technology, IT Consulting, the world through my eyes and other insightful commentary!
Tuesday, December 25, 2012
Monday, December 10, 2012
SharePoint 2007 Database Migration process
My client was in a position where the entire SharePoint database needed to migrate to a new server or a larger drive. The system drive was completely full. We had to come up with a solution to move all the data and minimize and potential data loss.
The first step is to use SQL management studio to ensure you have a good back up of all your databases. Once this is done you can easily restore database if need be.
Additionally, to ensure no users are trying to access SharePoint databases, stop all Windows SharePoint services using run and service.msc. Also all of the application pools should be stopped along with SharePoint web sites in Internet Information Services.
The next step that has to be completed prior to moving databases, taking databases off line and detaching prior to any move sequence. Open SQL management studio and select the database you need to take off line. (You want to make sure no users are on SharePoint). Right click database and select detach and drop.
The last step is to physically move the database to a larger drive or another SQL server. This can be accomplished by copying data or restoring to new location. Repeat step by attaching databases and restarting all SharePoint services and Internet Information Services web site. Project complete along with happy client.
Monday, November 19, 2012
The economics of Bain, cheap profits
Bain Capital out sources 170 US jobs to China . Sensata Technologies which is owned by Bain Capital recorded net income of $355 million which was a 16% increase over 2010.
Despite the hard work of the 170 employees who helped build the company, their jobs are being sent to China. (The factory is set to close December 2012). The move of the factory from Freeport Illinois to China is projected to generate modest profits for Bain partners. Additionally under current corporate taxes laws, they will get a small tax break for relocating to China.
(US workers protesting a factory closing, moved to China)
Companies that send US jobs over seas should not get any tax breaks. Additionally, it is projected that some taxes will be deferred on income generated over seas. The fact that some US companies have no goodwill towards it workers should not be over looked. The executive teams, stock holders, and investors who influence these decisions need to be held accountable. US workers and citizens need to continue to protest such actions, publicize such actions, and vote with your dollars where possible. As people who are being affected by such decisions say, "enough is enough".
In the current economic climate, the US economy needs to produce more jobs and sustain growth. We need to support corporations that value their workers as opposed to those who value cheap profits at the expense of the US as a whole.
Despite the hard work of the 170 employees who helped build the company, their jobs are being sent to China. (The factory is set to close December 2012). The move of the factory from Freeport Illinois to China is projected to generate modest profits for Bain partners. Additionally under current corporate taxes laws, they will get a small tax break for relocating to China.
(US workers protesting a factory closing, moved to China)
Companies that send US jobs over seas should not get any tax breaks. Additionally, it is projected that some taxes will be deferred on income generated over seas. The fact that some US companies have no goodwill towards it workers should not be over looked. The executive teams, stock holders, and investors who influence these decisions need to be held accountable. US workers and citizens need to continue to protest such actions, publicize such actions, and vote with your dollars where possible. As people who are being affected by such decisions say, "enough is enough".
In the current economic climate, the US economy needs to produce more jobs and sustain growth. We need to support corporations that value their workers as opposed to those who value cheap profits at the expense of the US as a whole.
Wednesday, October 24, 2012
Wild Ride Technology Forrest
We are now in fall of 2012 and getting close to snow boarding season. I have been giving some thought to getting some new snow boarding gear! The other night I went out to dinner with the family and did some shopping in the South Shore mall.
While outside the store, I notice the increasingly popular bar code on the entrance window. I promptly down load Bakodo bar code reader from App store and scanned the bar code. I then down loaded The North Face mobile application to my Iphone. I can now easily review all the snow boarding pants, check price, and user reviews.
I find it amazing how far technology has come. I plan on purchasing some cool new snow boarding pants and a mobile camera to document my Wild Ride through the technology Forrest. Make each run your best!
We went to North-face to check out snowboarding
pants and video cameras. I always thought North-face gear was nice but kind of expensive. I checked out the snowboarding pants and they seem reasonably priced around $250. I checked out the Go-pro video camera and think there pretty cool. After browsing for a little while, we decided to leave.
While outside the store, I notice the increasingly popular bar code on the entrance window. I promptly down load Bakodo bar code reader from App store and scanned the bar code. I then down loaded The North Face mobile application to my Iphone. I can now easily review all the snow boarding pants, check price, and user reviews.
I find it amazing how far technology has come. I plan on purchasing some cool new snow boarding pants and a mobile camera to document my Wild Ride through the technology Forrest. Make each run your best!
Wednesday, August 29, 2012
A mysterious email beware!
Over the last 10 years we have made the switch from letter and phone correspondence to email overload.
Since email is so prevalent, email administration is critical.
As email has proliferated, spam and spyware has increased. Many email servers have been compromised by the ability of an email server to receive email from an unknown sender and then
sending it on to a recipient or recipients, which could number in the thousands, that are
not users of that email system.
The protocol responsible for relaying is called SMTP or Simple Mail Transfer Protocol. This protocol belongs to the TCP/IP family and is used by email servers to transfer email from the senders email server to the recipient or recipients’ email server or servers. The default port that it works on is port 25.
SMTP is used to relay email from the host to the recipient’s email
server. A company that has an open relay can caused spam related issue,
so closing this loop and controlling relay is critical. This is done in different ways
depending on the email server platform. To get a detailed explanation of the SMTP protocol and how it works see the Internet Engineering Task Force’s (IETF) Request for Comments (RFC) 821 and 822
located at www.ietf.org.
You can check for relay by telnet to your email server using the following command:
telnet [server name] [port number]
The server will reply with a 220 message indicating that it is ready. Other commands
that you can use are HELO, MAIL FROM:, and RCPT TO.
The greatest threat comes in the form of Unsolicited Commercial Email (UCE) or SPAM.
Besides being very annoying SPAM has been and is becoming a very big problem, with
some very serious side effects, for the Internet community. It has become such a
problem that the IETF released RFC 2505 “Anti-Spam Reco
Sending a large amount of SPAM , it could cause a
Denial of Service (DoS) situation where the server is over loaded and can not process valid email. Also if the server has issues processing email, the hard drive can fill up causing server to crash.
One of the side effects of having an open relay and sending spam is getting black listed. The two domains that blacklist companies are Comcast and Barracuda networks. You illegitimate email will not get delivered and subsequent user complaints will follow. You will have to go through a process of rectifying the SPAM issue then requesting to be removed from domain blacklist. These blacklist
databases are used by many organizations to block UCE from getting into their email
systems. Two well-known organizations are Open Relay Behaviour-modification System
(ORBS) and Mail Abuse Prevention System(MAPS). More information about these two
organizations can be found at www.orbs.org and www.mail-abuse.org respectively. This
can start to cause you as the email administrator some serious problems with your users
as they will be unable to send their email to any of the domains that has your server on
their blacklist.
Another serious issue related to this problem is spam email are generally done to spoof people in to providing confidential information especially credit card numbers. There can be some legal obligations to correct corresponding issue as quickly as possible. For a good legal reference on UCE in the United States (Federal and State), European Union, as well as many other countries check out www.spamlaws.com.
Reference Security CERT RFQ:
Exchange Server
In this section I will detail the process of configuring Microsoft’s Exchange Server as to
preventing it from being an open relay server.
Exchange Versions
With versions of Exchange Server below 5.0 it is impossible to configure the server to be a secured relay. If your Exchange Server version is below version 5.0 the recommended
path is to upgrade to at least Exchange server 5.5 Service Pack 2 with the encapsulated
SMTP relay address patch. If you are running Exchange Server 5.0 you are able to stop
the open relay function but you have to disable POP3/IMAP. This version of the software should also © SANS Institute 2003, Author retains full rights
Internet Mail Connector
The Internet Mail Connector (IMC) is the service that is installed to allow your Exchange
Server to act as an SMTP server. By default this service is not installed during
installation, instead it is installed by running the Internet Mail Wizard after the exchange
installation is complete. To run the Internet Mail Wizard go to File ‡ New Other ‡
Internet Mail Service. By default the wizard does not put any controls on who can use
your Exchange server as a relay. After you have your Exchange server installed with the
default settings of Internet Mail Connector service your exchange server is vulnerable to
open relay.
Configuring Internet Mail Connector To Stop Open Relay
Since all the configuration changes happen in the IMS, the first step is locating the
properties for the service. Open your Exchange Administrator program and connect to
the Exchange server that has the IMS service installed. You will notice that the
Exchange Administrator is set up just like Windows Explorer with Containers on the left
hand side and objects on the right hand side. Once open find the Connections container
located under your\\configuration container in the left hand
column. Once highlighted you will notice connector objects on the left hand side, one
should be named Internet Mail Service (). You can view the IMS
properties by double clicking on it. Once open you will see several tabs, locate the
Routing tab and click on it to view the routing properties.
The first thing you notice near the top of the properties sheet is the option of Do not
reroute incoming mail or Reroute incoming SMTP mail (required for POP3/IMAP4
support). The obvious choice would seem to be the first, but, do not use it for your
system will not relay messages, but will receive them and then send a non-deliverable
message back to the return address of the message. This is not good because first it put
undo burden on your email system by accepting potentially very large email messages
but could also be used as a reverse UCE attack with your system involved. The best
selection here is the second selection.
Next you see a box titled Routing. On the right hand side of the screen select the add
button. In the ‘email sent to this domain’ enter your domain name. Next select the
option ‘should be accepted as “inbound”’ indicating that these are the only domains that
the SMTP server will accept mail for.
After you have set all of the domains that your server will be accepting mail for click on
the ‘routing restrictions’ to open your ‘routing restrictions’ properties page. The first
option is ‘Hosts and Clients that successfully authenticate’ which allows relaying of messages to only users that have accounts on your server or another way to validate who
the user is with the server. The next option is ‘Host and Clients with these IP
addresses’. With this option you can specify by IP address who is allowed to relay
through your system or what subnet is allowed to relay through your system. For
example a single IP address would put in their address and the subnet mask of
255.255.255.255. For a subnet you would specify the network portion of the IP address
and let 0 represent the client addresses with the subnet mask to match. The next option is
‘Hosts and Clients connecting to these internal addresses’. What this does is allows
relaying of clients who can access a specific interface on a multi-homed system. Do not
check this unless you have reason to do so. And the last option you have to prevent open
relaying through your Exchange server is ‘Specify the hosts and clients that can NEVER
route mail’. This option is pretty self-explanatory and works by denying specific IP
address or subnets.
After all the changes have been made to secure your SMTP server you have to stop and
restart the Microsoft Exchange Internet Mail Service located in the services on the
control panel.
This concludes my paper on Open Relay and configuring Exchange server to not being an
open relay system.
References:
Edwards, Mark Joseph. “Who’s Using Your Mail Server?.” 31 Aug 2000
http://www.windowsitsecurity.com/Articles/Print.cfm?ArticleID=15480 (10 Oct 2000)
Howard, Mark. “Coping with Unsolicited Email” 1 Oct 1999
URL:http//www.exchangeadmin.com/Articles/Print.cfm?ArticleID=6174 (10 Oct 2000)
Microsoft. “Inside Exchange Internet Mail Service” 2000
URL:http://www.microsoft.com/exchange/techinfo/InsideIMS.htm” (10 Oct 2000)
Minasi, Mark. “Untangling Email” 1 Apr 1998
URL:http://www.win2000mag.com/Articles/Print.cfm?ArticleID=3024 (10 Oct 2000).
Reavis, Jim. “Are you an accidental spammer?” 23 Aug 1999
URL:http://www.nwfusion.com/newsletters/sec/0823sec1.html?nf (10 Oct 2000)
Redmond, Tony. “Exchange 2000 and SMTP” 9 Feb 2000
URL:http://www.win2000mag.com/Articles/Print.cfm?ArticleID=8140 (10 Oct 2000)
Toombs, Douglas. “Junk Email – Protect your Exchange Server from Junk Email.” 1 Aug
2000 URL:http://www.winntmag.com/Articles/Print.cfm?ArticleID=3673 (10 Oct 2000)
Since email is so prevalent, email administration is critical.
As email has proliferated, spam and spyware has increased. Many email servers have been compromised by the ability of an email server to receive email from an unknown sender and then
sending it on to a recipient or recipients, which could number in the thousands, that are
not users of that email system.
The protocol responsible for relaying is called SMTP or Simple Mail Transfer Protocol. This protocol belongs to the TCP/IP family and is used by email servers to transfer email from the senders email server to the recipient or recipients’ email server or servers. The default port that it works on is port 25.
SMTP is used to relay email from the host to the recipient’s email
server. A company that has an open relay can caused spam related issue,
so closing this loop and controlling relay is critical. This is done in different ways
depending on the email server platform. To get a detailed explanation of the SMTP protocol and how it works see the Internet Engineering Task Force’s (IETF) Request for Comments (RFC) 821 and 822
located at www.ietf.org.
You can check for relay by telnet to your email server using the following command:
telnet [server name] [port number]
The server will reply with a 220 message indicating that it is ready. Other commands
that you can use are HELO, MAIL FROM:, and RCPT TO.
The greatest threat comes in the form of Unsolicited Commercial Email (UCE) or SPAM.
Besides being very annoying SPAM has been and is becoming a very big problem, with
some very serious side effects, for the Internet community. It has become such a
problem that the IETF released RFC 2505 “Anti-Spam Reco
Sending a large amount of SPAM , it could cause a
Denial of Service (DoS) situation where the server is over loaded and can not process valid email. Also if the server has issues processing email, the hard drive can fill up causing server to crash.
One of the side effects of having an open relay and sending spam is getting black listed. The two domains that blacklist companies are Comcast and Barracuda networks. You illegitimate email will not get delivered and subsequent user complaints will follow. You will have to go through a process of rectifying the SPAM issue then requesting to be removed from domain blacklist. These blacklist
databases are used by many organizations to block UCE from getting into their email
systems. Two well-known organizations are Open Relay Behaviour-modification System
(ORBS) and Mail Abuse Prevention System(MAPS). More information about these two
organizations can be found at www.orbs.org and www.mail-abuse.org respectively. This
can start to cause you as the email administrator some serious problems with your users
as they will be unable to send their email to any of the domains that has your server on
their blacklist.
Another serious issue related to this problem is spam email are generally done to spoof people in to providing confidential information especially credit card numbers. There can be some legal obligations to correct corresponding issue as quickly as possible. For a good legal reference on UCE in the United States (Federal and State), European Union, as well as many other countries check out www.spamlaws.com.
Reference Security CERT RFQ:
Exchange Server
In this section I will detail the process of configuring Microsoft’s Exchange Server as to
preventing it from being an open relay server.
Exchange Versions
With versions of Exchange Server below 5.0 it is impossible to configure the server to be a secured relay. If your Exchange Server version is below version 5.0 the recommended
path is to upgrade to at least Exchange server 5.5 Service Pack 2 with the encapsulated
SMTP relay address patch. If you are running Exchange Server 5.0 you are able to stop
the open relay function but you have to disable POP3/IMAP. This version of the software should also © SANS Institute 2003, Author retains full rights
Internet Mail Connector
The Internet Mail Connector (IMC) is the service that is installed to allow your Exchange
Server to act as an SMTP server. By default this service is not installed during
installation, instead it is installed by running the Internet Mail Wizard after the exchange
installation is complete. To run the Internet Mail Wizard go to File ‡ New Other ‡
Internet Mail Service. By default the wizard does not put any controls on who can use
your Exchange server as a relay. After you have your Exchange server installed with the
default settings of Internet Mail Connector service your exchange server is vulnerable to
open relay.
Configuring Internet Mail Connector To Stop Open Relay
Since all the configuration changes happen in the IMS, the first step is locating the
properties for the service. Open your Exchange Administrator program and connect to
the Exchange server that has the IMS service installed. You will notice that the
Exchange Administrator is set up just like Windows Explorer with Containers on the left
hand side and objects on the right hand side. Once open find the Connections container
located under your
column. Once highlighted you will notice connector objects on the left hand side, one
should be named Internet Mail Service (
properties by double clicking on it. Once open you will see several tabs, locate the
Routing tab and click on it to view the routing properties.
The first thing you notice near the top of the properties sheet is the option of Do not
reroute incoming mail or Reroute incoming SMTP mail (required for POP3/IMAP4
support). The obvious choice would seem to be the first, but, do not use it for your
system will not relay messages, but will receive them and then send a non-deliverable
message back to the return address of the message. This is not good because first it put
undo burden on your email system by accepting potentially very large email messages
but could also be used as a reverse UCE attack with your system involved. The best
selection here is the second selection.
Next you see a box titled Routing. On the right hand side of the screen select the add
button. In the ‘email sent to this domain’ enter your domain name. Next select the
option ‘should be accepted as “inbound”’ indicating that these are the only domains that
the SMTP server will accept mail for.
After you have set all of the domains that your server will be accepting mail for click on
the ‘routing restrictions’ to open your ‘routing restrictions’ properties page. The first
option is ‘Hosts and Clients that successfully authenticate’ which allows relaying of messages to only users that have accounts on your server or another way to validate who
the user is with the server. The next option is ‘Host and Clients with these IP
addresses’. With this option you can specify by IP address who is allowed to relay
through your system or what subnet is allowed to relay through your system. For
example a single IP address would put in their address and the subnet mask of
255.255.255.255. For a subnet you would specify the network portion of the IP address
and let 0 represent the client addresses with the subnet mask to match. The next option is
‘Hosts and Clients connecting to these internal addresses’. What this does is allows
relaying of clients who can access a specific interface on a multi-homed system. Do not
check this unless you have reason to do so. And the last option you have to prevent open
relaying through your Exchange server is ‘Specify the hosts and clients that can NEVER
route mail’. This option is pretty self-explanatory and works by denying specific IP
address or subnets.
After all the changes have been made to secure your SMTP server you have to stop and
restart the Microsoft Exchange Internet Mail Service located in the services on the
control panel.
This concludes my paper on Open Relay and configuring Exchange server to not being an
open relay system.
References:
Edwards, Mark Joseph. “Who’s Using Your Mail Server?.” 31 Aug 2000
http://www.windowsitsecurity.com/Articles/Print.cfm?ArticleID=15480 (10 Oct 2000)
Howard, Mark. “Coping with Unsolicited Email” 1 Oct 1999
URL:http//www.exchangeadmin.com/Articles/Print.cfm?ArticleID=6174 (10 Oct 2000)
Microsoft. “Inside Exchange Internet Mail Service” 2000
URL:http://www.microsoft.com/exchange/techinfo/InsideIMS.htm” (10 Oct 2000)
Minasi, Mark. “Untangling Email” 1 Apr 1998
URL:http://www.win2000mag.com/Articles/Print.cfm?ArticleID=3024 (10 Oct 2000).
Reavis, Jim. “Are you an accidental spammer?” 23 Aug 1999
URL:http://www.nwfusion.com/newsletters/sec/0823sec1.html?nf (10 Oct 2000)
Redmond, Tony. “Exchange 2000 and SMTP” 9 Feb 2000
URL:http://www.win2000mag.com/Articles/Print.cfm?ArticleID=8140 (10 Oct 2000)
Toombs, Douglas. “Junk Email – Protect your Exchange Server from Junk Email.” 1 Aug
2000 URL:http://www.winntmag.com/Articles/Print.cfm?ArticleID=3673 (10 Oct 2000)
Monday, May 28, 2012
iPhone Suri sexy librarian
I came to the conclusion that my iPhone was like a new adventure that would eventually please me. Is it the best thing in the world? Not really, but we are going to make the best of it! Still I am on a learning curve!
Monday, March 19, 2012
Challenge to reach the pinnacle "30"
The progression toward the pinnacle is a journey to self fulfillment. To face a challenge and make it come off as success makes the journey that much more sweet.
I wanted to take on a fun challenge so I am planning my 30 year high school reunion with many fantastic friends. During the planning process we have the opportunity to reconnect with old friends and make some new ones along the way.
Looking back on found high school memories, remembering friends, classmates, teammates, crushes,dreams and aspirations. The reflection provides a unique prospective of how we were and where we would like to go.
The experiencing of planning a reunion has been a gratifying experience especially working with the talented group of people on the planning committee. Our reunion is a celebration of our journey to reach the pinnacle and a spring board to future success and happiness. May our futures be bright and the challenges enriching! We are looking forward to seeing many of you in the near future.
I wanted to take on a fun challenge so I am planning my 30 year high school reunion with many fantastic friends. During the planning process we have the opportunity to reconnect with old friends and make some new ones along the way.
Looking back on found high school memories, remembering friends, classmates, teammates, crushes,dreams and aspirations. The reflection provides a unique prospective of how we were and where we would like to go.
The experiencing of planning a reunion has been a gratifying experience especially working with the talented group of people on the planning committee. Our reunion is a celebration of our journey to reach the pinnacle and a spring board to future success and happiness. May our futures be bright and the challenges enriching! We are looking forward to seeing many of you in the near future.
Wednesday, February 29, 2012
Super Intelligence
The age of super intelligence is upon us. The smart devices we carry allow us to have instant access to information anywhere in the world. After completing a review of a new smart phone I am rolling out, I was amazed at the capability at our finger tips.
The new device I am rolling out is a Verizon Pantech 4G which has built in video for face to face communication. The Android platform has applications that allow us to communicate socially to family, friends and business partners. Applications are constantly being written to improve our productivity, entertainment, and communication.
The pace of innovation is amazing as speed and capability increases with each new upgrade and release. High definition video, 4G speed, texting, Facebook all come included while storage increases and the devices become more affordable. The Pantech Breakout is the most affordable 4G device in the Verizon line up. See my initial review of this new high tech device.
My Pantech Breakout review
The new device I am rolling out is a Verizon Pantech 4G which has built in video for face to face communication. The Android platform has applications that allow us to communicate socially to family, friends and business partners. Applications are constantly being written to improve our productivity, entertainment, and communication.
The pace of innovation is amazing as speed and capability increases with each new upgrade and release. High definition video, 4G speed, texting, Facebook all come included while storage increases and the devices become more affordable. The Pantech Breakout is the most affordable 4G device in the Verizon line up. See my initial review of this new high tech device.
My Pantech Breakout review
Sunday, January 29, 2012
Targeted Individual - persistent advance threat
The new security treat is advanced persistent threat (ADT) attack when an individual target is researched and the malware program is customized so the threat signature goes undetected. In the crime arena, we would consider this crime of opportunity.
The hacker crafts a malware program allowing back door entry into your computer system allowing theft of property, ideas, drawing, and various building and production plans at the corporate level. Today the targets go behind household zombies, but corporations with significant resource, both financially and technologically.
The latest and most sophisticated attacks involve installing remote administrator tools (RATS) on command and control servers on corporate networks. Many of these attacks are developed over months and years to infiltrate various systems.
To counter these attacks, the Open Information security Foundation (OISF) is building the next generation intrusion detection system / intrusion prevention system (IDS/IPS) engine. One protection strategy is to use a layered security technology in addition to user training and education.
Since hackers often find ways to get around perimeter protections, the focus becomes controlling out bound data and communications used to steal information. We need to use best practices to secure data and control the fact that information cannot leave the network or be off loaded.
Implementing security initiatives by protecting mission critical systems via network segmentation and virtual local networks can limit damage. Additional security can be enhanced by limiting peer to peer sharing.
Prevailing wisdom suggest all networks will be potentially compromised so the appropriate response is critical. Currently it can be difficult to find a compromised system which makes correcting issues difficult. One approach is to analyze logs to look for indicators of an intrusion. This usually take the form of internal traffic being redirected to an unauthorized domain name system (DNS) server.
Security top ten
1. Improve security awareness and training among staff
2. Enforce security controls during concept phase
3. Encrypt data on removable media devices
4. Protect passwords change cycle
5. Develop social media program to enhance and protect assets and reputation
6. Review access to key assets frequently (limit privileged access)
7. Develop application white list for employees who manage sensitive data
8. Conduct risk assessments
9. Engage complex authentication
10. Limit access to sites or warn about potential spyware and malware issues
The hacker crafts a malware program allowing back door entry into your computer system allowing theft of property, ideas, drawing, and various building and production plans at the corporate level. Today the targets go behind household zombies, but corporations with significant resource, both financially and technologically.
The latest and most sophisticated attacks involve installing remote administrator tools (RATS) on command and control servers on corporate networks. Many of these attacks are developed over months and years to infiltrate various systems.
To counter these attacks, the Open Information security Foundation (OISF) is building the next generation intrusion detection system / intrusion prevention system (IDS/IPS) engine. One protection strategy is to use a layered security technology in addition to user training and education.
Since hackers often find ways to get around perimeter protections, the focus becomes controlling out bound data and communications used to steal information. We need to use best practices to secure data and control the fact that information cannot leave the network or be off loaded.
Implementing security initiatives by protecting mission critical systems via network segmentation and virtual local networks can limit damage. Additional security can be enhanced by limiting peer to peer sharing.
Prevailing wisdom suggest all networks will be potentially compromised so the appropriate response is critical. Currently it can be difficult to find a compromised system which makes correcting issues difficult. One approach is to analyze logs to look for indicators of an intrusion. This usually take the form of internal traffic being redirected to an unauthorized domain name system (DNS) server.
Security top ten
1. Improve security awareness and training among staff
2. Enforce security controls during concept phase
3. Encrypt data on removable media devices
4. Protect passwords change cycle
5. Develop social media program to enhance and protect assets and reputation
6. Review access to key assets frequently (limit privileged access)
7. Develop application white list for employees who manage sensitive data
8. Conduct risk assessments
9. Engage complex authentication
10. Limit access to sites or warn about potential spyware and malware issues
Subscribe to:
Posts (Atom)