Monthly Archives : October 2010

Using Synergy to control multiple computers with one keyboard and Mouse.

I recently found this neat little piece of software called Synergy that allows you to control multiple computers with a single keyboard and mouse. I was a little skeptical at first, but I am really glad I decided to test it out because I was more than pleased.

Synergy is free and open source software (FOSS) that basically requires only a LAN connection. The program itself basically uses a NetBIOS like name to determine which computers to connect to and you can set that name within the program itself. Also, it uses a client server architecture, where one computer acts as the server and the others act as the clients. Once it is all setup, you can move your mouse seamlessly from one PC to another, even using multiple monitors on each PC.  As you would imagine though, you can’t drag windows across multiple machines as you would have hardware and software issues, but it does have a shared clipboard (though mainly for text). This even lets you share the mouse between different operating systems (Linux, Windows, Mac OS).

 

Setup is pretty simple. You install the application on the workstations you want to use, which takes a matter of seconds and you’re ready to configure.

The GUI is fairly simple as you see below. I’m using this particular computer as the so called “server”, as you can see I have selected the share this computer’s keyboard and mouse (server) option.  On the other computer you would select the first option and type the other computers host name which can be configured under the advanced tab.

You will then have to click the configure button to tell the program where each computer is located. For example, you have to tell it computer1 is to the left of computer2 so it knows which screen to switch to when you hit the edge of the screen. In this particular case I have also reversed that to say computer2 is to the right of computer1.

All you need to do then is start the Synergy that is configured as the server, and then start the client second. If you have configured your settings correctly, then everything should work. Enjoy!

Social Viruses

The other day, an acquaintance had sent me an email with the following content:

How to protect your e-mail address book

A computer repairman says this is like having gold.

This is a good thing.
I learned a computer trick today that’s really ingenious in its simplicity.

As you may know, when/if a worm virus gets into your computer

It heads straight for your email address book,

And sends itself to everyone in there,

Thus infecting all your friends and associates…

It went on from there, detailing a scheme to foil malware through the creation of a fake email address in the very beginning of your address book.

The sender, in all fairness, sent this to me to vet before he passed it on to everyone he knew – that was the unusual part.  Normally I receive these emails as a part of a mass-mailing, delivered as Gospel Truth by some well-meaning friend.

First of all, I NEVER forward ANYTHING that was sent to me in a mailing list – especially if it says “Send this to everyone you know!”, even if it threatens me with bad luck!  I know that the purpose of these messages is to cause well-meaning but gullible people to clog up email systems and bring mail servers to their knees. They play on one’s sense of guilt, sympathy, or sense of humor to encourage you to do their dirty work. They NEVER have any other purpose.

On those rare occasions that some new message actually tempts me to pass it on (and this can happen to anyone who is not paying attention – these are designed for it!), I know I can Google the subject or the first line of the message to see what’s REALLY going on.

One of my favorite resources is SNOPES.COM. A Google search of a message like the sample above will almost always turn up a hit from Snopes.  Read what they have to say – it’ll generally cure your momentary weakness. And if the sender is a friend, you might want to send the URL for their particular message back to them.

If you are interested, the information on the above message is right here.

Microsoft Considering Purchasing Adobe

According to industry reports that I have read in a few places, Microsoft might be close to putting in an acquisition bid for Adobe which is crazy in my view. The reports say that Microsoft CEO Steve Ballmer recently met with Adobe CEO Shantanu Narayen for what reporters are calling a “secret meeting.”  So far, neither Microsoft nor Adobe have discussed such a possibility but it would not be a surprise if Microsoft made such a play.  Their past acquisition history for reasoning falls into this category of company and segment. If anything is certain, it’s that Microsoft shouldn’t even entertain an Adobe acquisition, it makes no sense. Microsoft is clinging to the past as its competition continues to develop new and interesting technology that appeals to customers.  Here are some reason why this makes no sense:

  • Adobe Flash is not popular or prospective enough for the future
  • What market share are they really acquiring from a purchase of this nature?
  • Microsoft is focusing more on the cloud offerings and  getting spread thin with what they really do
  • Its a bad financial move, Adobe has not made good profits for the  last year
  • Microsoft is not focusing on desktop software anymore

Establish Standards for Cloud Computing

Cloud computing is the latest hot trend in the IT world and among technology consulting companies.  To a point where almost every meeting I go on talks about this subject matter and does so in a very misinformed way.  The perception out in the marketplace is that the cloud is cheaper, more reliable, and secure.  That is simply just not the case unless the proper steps and procedures are followed.  When will we see cloud standards?  That is a really great question because the security questions of encryption and penetration capability still have not been addressed.  How reliable is the data in the cloud?

The protocol, data format and program-interface standards for using cloud services are mostly in place, which is why the market has been able to grow so fast. But standards for configuration and management of cloud services are not here yet. The crucial  standards for practices, methods and conceptual architecture are still evolving and we are nowhere close.  Cloud computing will not reach its full potential until the management and architectural standards are fully developed and stable. Until these standards are formalized and agreed upon there will be pitfalls and mishaps, which cannot take place.

The main premise of Cloud protocol is  TCP/IP.  The cloud usually uses established standard Web and Web Service data formats and protocols. When it comes to configuration and management, the lack of effective, widely accepted standards is beginning to be felt and I have seen the negative results.  There are several agencies and organizations working on cloud configuration and management standards, including the Distributed Management Task Force (www.dmtf.org), the Open Grid Forum (www.ogf.org), and the Storage Networking Industry Association (www.snia.org).

Currently there are, as of yet, no widely accepted frameworks to assist the integration of cloud services into enterprise architectures.   An area of concern is the possibility of changing cloud suppliers. You should have an exit strategy before finding a provider and signing a cloud contract. There’s no point in insisting that you own the data and can remove it from the provider’s systems at any time if you have nowhere else to store the data, and no other systems to support your business.

When selecting an enterprise cloud computing provider, its architecture should have the following:

• the cloud services form a stable, reliable component of the architecture for the long term;
• they are integrated with each other and with the IT systems operated by the enterprise; and
• they support the business operations effectively and efficiently.

Other groups that are looking to establish industry standards include the U.S. National Institute of Standards and Technology (http://csrc.nist.gov), the Object Management Group (www.omg.org) and the Organization for Advancement of Structured Information Systems (www.oasis-open.org).

iPad Can Be Used With Verizon Wireless

Verizon and Apple seem to be having problems about getting the iPhone on its network and being able to sell it.  It’s pretty funny that as a result, the carrier is getting the iPad instead. Apple and Verizon Wireless today announced that the Apple iPad will be available in more than 2,000 Verizon Wireless retail stores starting October 28.

AT&T still has the exclusive contract with Apple and of course someone got really creative with how to make this happen.  Verizon Wireless will not sell the iPad (Wi-Fi + 3G), the version of the tablet that runs on AT&T’s 3G network, it will instead sell the Wi-Fi-only iPad with its own Verizon MiFi 2200 Intelligent Mobile Hotspot.

The iPad will be available in three bundles:
•Apple iPad 16GB + MiFi: $629.99
•Apple iPad 32GB + MiFi: $729.99
•Apple iPad 64GB + MiFi: $829.99
As far as data plans for the iPad, Verizon will offer one: Up to 1GB of data for $20 per month.

Verizon’s bundle prices are the same as what you’d pay for the iPad with integrated AT&T 3G. But Apple and AT&T offer a choice of two service plans: 250MB a month for $14.99 or 2GB month for $25.
Incidentally, AT&T today also announced that it would begin selling the Wi-Fi + 3G iPad in its retail stores on the same day: October 28.
The upside to buying an iPad from Verizon? Versatility: The MiFi provides Internet access for up to five devices at a range of about 30 to 40 feet. But it is one more thing to tote along with you, though the MiFi is only about the size of a pack of cigarettes, but half as thick (3.5 by 2.3 by 0.4 inches).

It’s also one more thing you need to keep charged. Battery life varies depending on how many devices you have connected at once. In our tests, with four Wi-Fi connections, the battery dropped to one bar in an hour. In 90 minutes, it was almost fully drained. On the other hand, we were able to eke out 8 hours and 5 minutes of power on the iPad (Wi-Fi + 3G) running the 3G modem nonstop.  Lots of things to consider I suppose but it seems that this offering is a bit premature and not as seamless as it should be.

Fix Cached Credentials over VPN

Ever had a remote user who uses a laptop outside of the company network and their cached credentials somehow do not work or have been lost from the cache? I recently faced this same issue and with a little advice from a colleague, I was able to successfully get the users credentials cached once again.

The way I was able to accomplish this was the fact that we had VPN setup, and since most companies have some sort of VPN for their users to access email and documents, we were able to use this to our advantage.

Essentially what I did was log onto the computer using the administrator cached credentials. Once in there I made sure the VPN connection was setup to point to my server at the main office, and I went ahead and logged in. Once in, I used a random application on the desktop (I think I used firefox), I right-clicked, and selected the run as option. When the dialogue came up, I used the end users credentials rather than my own. What this does is it will try to validate the user credentials with the domain controller because we are connected through the VPN.

Once this is done and the application opens, you can disconnect from the VPN, log off of the administrator account, and try logging on with the end user.

I was successful in my attempt and I hope you are too!

iPad and iPhone Can Be a Security Risk

BVA has found that these types of mobile devises if not provisioned correctly can seriously be a security risk to your network environment.  Security policies need to be set forth to ensure security at all levels of access.  Apple iPad tablet device as well as the iPhone is slowly becoming a legitimate business tool, your employees will soon have them in hand and invade your business. The reality is that the iPhone changes the playing field for security and really surprised IT consulting companies and their administrators when it got released.   The users needs versus wants changed completely where being able to have a Smartphone that just sync’s calendars, contacts, and emails changes drastically. The iPhone hit the scene and next thing we were getting requests for it to be integrated into a businesses mail environment immediately. These requests were coming from owners and directors, decision makers were being demanding about making it work, totally side-stepping the security protocols set forth by years of experience and best practice.  The bottom line is that the line between corporate tool and consumer gadget has not just been blurred; it has been completely erased.  There have been several studies that have shown that when asked, the iPad and iPhones present the greatest smartphone security risk for IT.  It’s a scary thought that you have locked down your environment but since a new gadget gets releases to the market and owners want it, it diminishes the integrity of the system.

There was recently a few contents by security outfits where they had people hack the iPhone in less than 2 minutes and won a cash price.  This is a scary thought and quite frankly shows how easy it can be for the non-hacker.  Obviously it might take a little longer from a less talented hacker but it can clearly be done.  Apple has little intention to make their OS more secure because it’s not the market that they are targeting.  Again they are targeting the consumer, not the business enterprise.  I am sure there will be a point in time when that day comes but it is not in the near future.  If Apple at the very minimum addressed just the enterprise security, supportability requirements, and new hardware level encryption.  I want to be very clear that the OS on the iPhone is the same as the iPad as well as its security. Apple targeted the iPad primarily as a media consumption gadget for the residential consumer, not the business community but again we have seen this shift.  I am not saying that you should ban the iPhone or iPad but develop policies and procedures that address the rules of engagement for integrating the iPad with your network environment.

As you develop the policies, keep in mind that the iPad is unique and could fall into a few different areas for policies.  Here are some key points to keep in mind:

•    delivers notebook-like functionality
•    smartphone OS platform
•    normally placed in the policy bucket for computer usage and security policies, not recommended
•    a good policy bucket to consider – smartphone usage and security policies (recommended)
•    same smartphone OS was hacked in less than 2 minutes

Make sure that whatever policy selected addresses the most important factor here which is allowing or denying the storage of confidential or sensitive information on the iPad, or how e-mail, instant messaging and other communications conducted through the iPad fit within archiving and compliance requirements.

MAC Microsoft Office 2011- Finally Got it Right

It feels like I have been waiting forever for the new release of Office for the Mac.  With Microsoft Office for the Mac 2011 (Home and Student version, $119; Home and Business version, $149), Microsoft has finally gotten it right. After a string of disappointing releases, the new Mac version of the world’s most widely-used office suite is a spectacular success, and an unexpected triumph for Microsoft’s Macintosh group. Compared with Office for the Mac 2008 and its predecessors, Office 2011 is innovative, better-designed, startlingly faster, vastly more powerful, and far more compatible with Office for Windows. It even includes a few features that outclass anything in its Windows-based counterpart, Microsoft Office 2010 ($499, 4 stars). If you’re a casual, light-duty office-suite user or a student, iWork ’09 ($79, 4 stars) is still a great option, but if you’ve got heavy-duty work to perform on the Mac, you’ll want Office for the Mac 2011.  The cost for the suite is pretty reasonable for the applications you get.

Office for the Mac still has some minor weaknesses, and at least one feature that’s less powerful than in the previous version—Office no longer syncs calendars with iCal. Overall, it’s the best office suite ever for using the Mac as a serious platform for getting work done.  Office for the Mac comes in two versions, a Home and Student Version (single user package, $119; three-user family package $149) and a Home and Business Version (single user package, $199; licensed for two machines, $279). The Home and Student version includes Word 2011, Excel 2011, PowerPoint 2011. The Home and Business version matches the Home and Student version plus Outlook 2011, which replaces the Entourage mail, calendar, and contact manager app in recent versions.

Pros: Fast, flexible office application suite. Most powerful Mac office software. Highly compatible with Office for Windows. Well-integrated with OS X. Visual Basic for Applications recorded and programmed macros fully supported. Newly-designed Outlook replaces Entourage as mail/calendar/contact app.
Cons: No calendar synching with iCal. Outlook won’t synch with or retrieve mail from Exchange Server 2003 or earlier.
Bottom Line: Office for the Mac roars back with fast, powerful application suite the best of its kind for the OS X platform.

Removing Fake Microsoft Security Essentials

In today’s world of spyware, viruses, and malicious attacks, there are very few that have given me the thought that they could actually be real. Typically you get the one that pops up saying you have 95 viruses and that you need to pay to clean your system, which is an immediate red flag. Most of the time the spyware looks really fake, and by fake I mean they have no company name, or they just use a generic names like “Windows Security 2010,” and “Antivirus 2010.” I thought this always to be the case until just recently.

The call came in like any other, the user was describing that Microsoft Security Essentials had detected an infection and needs to be cleaned. I told the user to go ahead and click the clean option in Security Essentials and it will clean the file. When she did this, it said it could not be cleaned and the apply now button on the bottom changed to a “Scan Online” option.  It took me a second but I realized that I had never seen this option in security essentials ever before.

If you click on the Scan Online button, it will list a total of 35 antivirus programs, 30 of which are real and 5 which are rogue. The 5 rogue ones are:

  • Red Cross Antivirus
  • Peak Protection 2010
  • Pest Detector 4.1
  • Major Defense Kit
  • AntiSpySafeguard or AntiSpy Safeguard

When these are allowed on the system they will perform a fake virus scan and say you are infected. Each one is the same, but slightly different interfaces. They also block certain applications from running (ex. Internet explorer, Malwarebytes, etc…). Below are the steps I took to resolve my issue.

Removing fake Microsoft Security Essentials.

Because I was offsite, I had to remote into this particular computer from another PC on the network, but if you are in front of it you can use the same methodology. I immediately checked add/remove programs and Microsoft Security Essentials was not even installed!

I downloaded the process explorer tool (procexp.exe) from live.sysinternals.com on a separate machine and put it on a network share (you can put it on a usb drive if you are in front of the PC). You can also try Ctrl+Alt+Del if it will work because it did not work for me. I opened the network share on the infected PC and copied procexp.exe onto the computer and ran it. NOTE: It is not usually best practice to open network shares when infected with spyware or viruses as they sometimes spread via those means but I had no other choice.

Here I found the fix.exe file was running on the system and I killed the process. I noted the path of the fix.exe file that procexp.exe shows you:

Documents and Settings(username)Application Datafix.exe

I then went into windows explorer > tools > folder options > view and made sure show hidden files and folders was selected. I browsed to the folder listed above and removed the fix.exe file. While in there I also noticed another interesting file with a randomly generated name.

Documents and Settings(username)Application Datajsdfgs.bat

I opened this file with notepad and saw the code in the picture below. This looked very suspicious, so I removed this as well.

Note: This may/may not be related to the Fake Security Essentials

I then thought I had the issue resolved and opened IE which worked fine, but then when I tried running Malwarebytes to scan the system, it still would not start. This alerted me that there is still a bigger issue. I also tried doing Windows update and this would fail as well. I began looking at my internet connection settings and found that there were static IP addresses that had been put into my TCP/IP settings. I checked on the location of these IP address and they appeared to be coming from the Ukraine. I removed them from my internet connection settings and then Microsoft updates worked fine again.

I also loaded up the real Microsoft Security Essentials and ran a full scan where it found and removed a rootkit.

Win32/Alureon.H

Upon removing this file, Malwarebytes and all other antivirus/spyware scans worked properly.

And just for good measure I downloaded the Piriform ccleaner utility from  www.ccleaner.com and ran the cleaner utility to remove all temporary files. I also ran the Registry tool in the application as well to fix all broken links in the registry.

After the full completion of all the afore mentioned tasks, the computer was running great and had no issues.

NOTE: Some of the symptoms in these email such as the file with the randomly generated name, DNS pointint to the Ukraine, and the rootkit may not necessarily be on your computer. These were found on mine during the cleanup. They may have been their previously, that is why it is always good to do a full scan with a legitimate antivirus/spyware program. It is also recommended that you consult a trained professional or be fairly tech savvy before trying to accomplish this yourself.


The tools I used are listed below:

Process Explorer (procexp.exe)

www.live.sysinternals.com (you can download the full suite of tools here for FREE!)

Malwarebytes

http://www.malwarebytes.org/

ccleaner

www.ccleaner.com