Computer Tips -Tech Info

We can expect 7 updates next week from Microsoft on the monthly patch day for July. Four of the updates will be for Windows, and 3 for Microsoft Office. There will be at least one critical update for each. It’s expected that we’ll see an update for the Excel issues that have been talked about the last few weeks. There are a number of publicly known Internet Explorer vulnerabilities, but it’s not known if Microsoft has prepared patches for those yet. It should be noted that many times 1 patch will cover a number of issues. This is commonly seen with Internet Explorer cumulative updates where several vulnerabilities are addressed with one update.

Read the rest of this entry »

A couple days ago I had a brief article on the vandals banging away at the door of my ssh server. Like I said, I’ve, at times, been fairly smug abou the futility of their actions, but…. the persistance concerns me. Let me be more specific, I keep a fairly tight ssh server setup (don’t allow version 1, only have specific users allowed, use privilige seperation, deny root login, and keep it updated whenever there is a problem with a running version.) But, when you see a single IP making THOUSANDS of attempts to log in, you start thinking…. what if they were to hit on the right username and try a thousand combinations of passwords with that username. Hmmmm… disturbing. So, I wound up setting up denyhosts and thought I’d share a bit more about it here.

Read the rest of this entry »

July 11th will mark the end of Microsoft’s support for Windows 98 and ME. Which means that there will be no further security updates for those systems after that date. In SOME ways, those systems may find comfort in the security through obscurity approach as much malware MAY not run on those systems, but that’s kind of a risky angle to play. For those that are willing to experiment…

Read the rest of this entry »

Analyzing the state of the computer world…. Sophos Antivirus has suggested that consumers consider a Mac for their next PC if they’re concerned about the increasing swarm of malware targetting Windows PC’s. The main point being there are no ACTIVE malware threats against Mac systems and Windows still seems to be increasingly targetted. Mac will likely be less malware prone for the foreseeable future. No, MAC users – that is NOT an excuse to ignore Security updates!!!!

   Send article as PDF   

The last few days I’ve been heavily researching the purchase of a camcorder. I guess I can’t just go out and pick something, I have to research at a number of levels. (Editorial reviews, user reviews, pricing, media, computer compatability, quality, etc. all of these come into play.) So, after several days of researching the product itself I was VERY close to going ahead with one place that had a fantastic price. But then I wondered, how come, this one place had a price that was a clear $100 lower than most anywhere else?

Read the rest of this entry »

The five Dapper Drake Kubuntu 6.06 LTS disks that I requested in the week or so before release arrived in the mail today. Thanks Canonical. Yes, I do a lot of downloading, but a professionally pressed disk looks so much better to give someone to try out than a home made cdr written on with a sharpie….

   Send article as PDF   

I really like printers with their own built in print server. They can be plugged into the network and some operating systems can just find them. Unfortunately most of the time Windows doesn’t just find an IPP printer. One tool that can be handy for such a time as this is a free tool like softperfect network scanner or you could substitute your own tool in to find where the printer is on the network. If you’re lucky enough to have designed the network or setup the printer yourself, you may know. But, in my job I may have information on some parts of a customers network, but many times I’m called in after the fact and get the “I need that network printer to work on this desktop” kind of assignment.

Read the rest of this entry »

Sometimes you just want to cry… I found this email exchange via sunbeltblog…. Essentially, the product manager and marketing director at some unknown company have just become aware that the “About” box in their program ACTUALLY SHOWS the product version and BUILD number. They think that’s just too much information to give to the customer and may give the wrong impression (that they didn’t get it right the first time.) Of course, the developer thinks it’s slightly important to have the version and build number there. (How else could you support unless you have a tracking number?)

Read the rest of this entry »

I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.

Read the rest of this entry »

Sometimes I wish I wasn’t curious about things…. The other night I was working on something on the testbox in the back room and saw the switch lights flickering fairly actively between the server and the internet gateway. At first I thought maybe it was some mail coming in, but it was awfully persistent. So, I started nosing around. I saw that sshd was showing up in the process list and on checking /var/log/messages…. found hundreds of ongoing attempts to break in through the ssh server. (sigh….) Now, there was a time when I’ve kind of snickered when I’ve seen these futile attempts, because I have a VERY short list of allowed ssh users. (AllowUsers username can be set in /etc/ssh/sshd_config) But, this was fairly persistent and there was more variety to the usernames than I’m used to seeing.

Read the rest of this entry »