Security resources

A great site for look to see if you have application, operating system or hardware with security holes is http://secunia.com/.

I call this the equal opportunity security bug site. You can find information on Windows, on next page d-link, Cisco and all other products.

 

You can subscribe to get updates regularly. Interesting when you look at site you find more Linux security issues then Windows Issues.

 

Server 2008 r2 Beta

After much anticipation, Microsoft has now made Windows 7 Beta available for evaluation and testing to IT professionals! But most people did not realize that Server 2008 R2 is now able to be download as well.

Interesting I have Lenovo w700 Quad Core laptop with 8 gigs of memory and installing the Server 2008 r2 all but 3 drivers was found for me by the OS! That because Server 2008 r2 uses the same drivers as Vista 64.

Windows 7 and Server 2008 r2 are the same Operating System just features are missing or installed based on the version. for example Hyper-v will only come in server operating system. FYI Server 2008 r2 is 64 bit only !

For TechNet subscribers, you can download Windows 7 Beta today here


 
 

Windows 7 Beta

After much anticipation, Microsoft has now made Windows 7 Beta available for evaluation and testing to IT professionals! For TechNet subscribers, you can download Windows 7 Beta today here. On January 9th, the beta will open to all IT professionals on the Springboard Series for Windows 7.

 

I been using the for some time and I been very stable and found most of the device I had on my computer, what interesting is the when I installed windows Vista 64 I had a small problem finding Drivers, with the beta of Windows 7 it was a much easier solution .

Keyboard Shortcuts for Windows 7

Windows 7 boasts a lot of great new shortcuts

Here are some to use

Win+Home: Clear all but the active window

Win+Space: All windows become transparent so you can see through to the desktop

Win+Up
arrow: Maximize the active window

Win+Down arrow: Minimize the window/Restore the window if it’s maximized

Win+Left/Right arrows: Dock the window to each side of the monitor (If you’ve got dual monitors, adding Shift to the mix (e.g., Win+Shift+Right arrow) will move the window to the adjacent monitor.)

Win+T: Focus and scroll through items on the taskbar.

Win+P: Adjust presentation settings for your display

Win+(+/-): Zoom in/out

Shift+Click
a taskbar item: Open a new instance of that application

UAC and WINDOWS 7

Now with Windows 7 you can control how the UAC function work so you can reduce all warning and make the notifications about System UAC prompts less harsh..

 

User Account Control (UAC)

Why User Account Control (UAC)is a technology and security infrastructure introduced with Microsoft ‘s Windows Vista operating system. It aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase in privilege level.

How many of us work on our computer as Administrator?

This is bad if you are using your XP computer and surf the web, stuff could happen. for example

I go to the bad web site that want to load malware on to my computer, because I am login in as administrator the computer believes that I have all the knowledge to protect my computer, so if I click on something to install it does, with no warnings.

In VISTA the UAC function act this way;

1f you are login into vistas as administrator vista has a new method for security called SPLIT token You look like you are login in as Administrator but you are using a standard user profile and when an APPLICATION or process needs Admin privileges you are prompted to give THAT process ONLY Admin permissions so rest of operating system is still running as standard user.

For those of you who use Linux this is different from SU as ROOT when now the WHOLE computer is no running as ROOT.

UAC allow only that process to be elevated. THIS IS GREAT.


Besides disabling many important security features built into Windows, disabling UAC also poses a risk relating to application compatibility.

Important security features:

UAC stops administrative programs from running that you do not start. With UAC on, no program can run with admin control of your computer without your permission. Disabling UAC allows any program to use your administrative power, even if you do not start it.

UAC is also the technology that allows Internet Explorer Protected Mode to work – turning off UAC gets rid of that.

Application Compatibility:

Many non-administrative programs assume that they will be running with administrative power, and so they write settings or files to locations that they are not supposed to write to (such as Program Files).

In Vista under UAC, non-admin programs cannot do this, even if the user is an administrator, so UAC has to deal somehow with these programs, since there are a bunch of them that do this.

In order to get these programs to work in Vista, UAC watches for these common write-to-protected-location scenarios. When it detects a write to a monitored location that is failing because the program does not have administrator power, UAC makes a copy of the modified data and saves it inside of your user profile folder WITHOUT modifying the file/data in the protected location, while making the program THINK that it was saved to the protected location.

Whenever a non-compliant program opens a file in a protected location, UAC first checks to see if there is a “modified” version of that file inside of your user profile folder, and if so, opens the modified file instead of the original, without the program realizing it.

This allows the program to function by making it THINK that it is writing to a protected location, when in reality it is not.

When you disable UAC, this compatibility feature of UAC is turned off.

This means that all those hidden copies of modified data are now invisible to applications, since they will be seeing the original, unmodified data that exists inside of the real protected folder that they now have access to.

The consequences of this transition can be quite drastic if you have many programs on your computer that relied on this compatibility feature to function, since they will no longer have access to any created or modified data that they think they have saved to protected locations – instead, they will only see the original data that was probably put in place when their application was installed.

User groups

 

Why join a User group

  User Groups: Meet and learn with your peers

 

User groups are typically independently run, volunteer groups that meet on a regular basis to discuss and share information on a variety of technical topics. Participation in a user group is an excellent, inexpensive way to receive technical content, education and to meet with your peers to get more out of the products, technologies, and resources which you are interested in. A users’ group (also users group or user group) is a type of club focused on the use of a particular technology

The Association of Personal Computer User Groups (APCUG) is an International, platform-independent, volunteer-run nonprofit organization devoted to helping user groups offer better services to their members group. Sort of a User group of user groups.

With over 300 member groups, there are probably several groups within a 250 mile radius of you. Look them up on the APCUG web site via the User Group Locator
and get to meet other people with the same hobbies as you.

I am currently President of APCUG, past Regional Advisor, Vice president, has been on, the Board Advisor of The PC Users Group of Connecticut and current board member of the CT– Information Systems Audit and Control Association. Go find a user group and learn and share



 

welcome to this blog

On the blog we will be cover technology issues, We will review new products , give methods of protecting your self online and from identify thief.

Other ares that will be covered on this site include, Microsoft Operating system, VISTA, Windows 7, Server 2008. and Windows Mobile.

The blog will be amened at end users, I will not be covering software development, or covering a subject very deeply as their are many sites on the net that fill that need.