My oh my how the landscape of malware has changed over the last 10 years. The traditional “virus” is all but dead, and the transports for new threats are evolving almost faster than the security services can adapt. The latest trend of malware is web-borne annoyance-ware like FakeAV, which tries to trick you into buying something and then essentially makes doing any task on your computer so obnoxious that you can’t even use it. Is FakeAV dangerous? That depends on how you look at it. Is FakeAV a big problem? Absolutely. » Read more: Let’s stop web-borne malware – Qualys
Another Blackberry Outage!
December 28th, 2009 by Josh No comments »I’ve been a Blackberry user and BES administrator since 2005 and while there have been a few bumps in the road over the years, nothing has ever been so bad as to question the platform’s integrity as a service for the enterprise. From Sales, to Operations, to IT, these devices offer the access, reliability, and security that our business needs. Our people have become so accustomed to being connected 24/7 that they depend on it. Heavily. With our BES and RoveIT Mobile Admin implementation, I’m able to take care of a lot of issues without being at my desk, in the building, or even in the same state as my employer. The Sales guys are on the road all the time and pretty much live on their Blackberry when they’re not in a hotel where they can use their computer. 
» Read more: Another Blackberry Outage!
Websense Remote Filtering – x64, Vista, Windows 7
November 6th, 2009 by Josh 1 comment »We have been a Websense customer for quite a few years now and while the basic functionality of the system has always been acceptable, I’ve always found everything else to be a tedious and slow process with them.
For example, when we first implemented Websense we had a Cisco PIX firewall and integrating Websense with the PIX was a snap. Eventually we replaced the PIX with a Watchguard and had to find a new method of integrating Websense into our network. We had a Cisco router as our LAN gateway, and Websense had an integration for Cisco routers so that seemed like the logical road to go down. After spending over a month working with their support crew without getting the integration to work, one of their techs asked “why don’t you just use it in standalone mode?” Naturally I had assumed that standalone mode would require the Websense server to be physically between the clients and the internet gateway, or to have the clients configured with proxy settings. Neither of which was something that I was willing to do. Turns out, neither is required. Why wasn’t this the first road for tech support to show me? It turned out that standalone mode was SO easy to install and configure, that I still can’t for the life of me understand why they even have integration options. » Read more: Websense Remote Filtering – x64, Vista, Windows 7
Outsourced SMTP – Good or Bad? – PostIni Outage?
October 13th, 2009 by Josh 7 comments »I’ve had some pressure from time to time, to outsource our SMTP gateway function. There are some legitimate reasons for doing this but there are also some fairly serious drawbacks as well. Right now it appears tha PostIni is suffering a significant outage and I can’t email Wal-Mart. Wal-Mart, I said. Just think about how many other enormous companies are being affected by this outage right now!
As I have resisted the pressure to outsource everything from backup storage to SMTP servers, we are not one of those companies stuck in the mud today. This does highlight one of the more serious drawbacks to having your SMTP outsourced. Yes they have redundant servers. Yes they have redundant networks. Yet somehow they are experiencing an outage. » Read more: Outsourced SMTP – Good or Bad? – PostIni Outage?
Disaster Recovery Simulation
October 13th, 2009 by Josh No comments »I’ve had this problem over the years, with managing to execute even a basic DR simulation. Once I bought some huge external drives to test restores from tape. By the time I got around to doing the test, the external drives weren’t big enough to do any but the smallest of our restores. I’ve been fortunate though, and the few real disasters we’ve had were easily recovered from, but I’ve been burned a few times by smaller instances of data loss because of issues that would have been discovered during a DR Simulation. » Read more: Disaster Recovery Simulation
Data Backup – Growing Pains
October 5th, 2009 by Josh 2 comments »When I started at my current employer during the summer of 2000, we had 4 servers, three of which had with thier own 20G DDS4 tape drive managed by independent installations of ArcServe. Combined, we had less than 50G of data being backed up by the daily full backup. The backups were usually flawless and completed in a few hours at most, and sending a monthy set offsite was no big deal and that set typically contained the data set from the last day of the month. I miss those days. » Read more: Data Backup – Growing Pains
OpenDNS is DOWN!!!
October 2nd, 2009 by Josh 8 comments »At 3:15pm EST today I got an email from our BES that it had lost its SRP connection. This happens from time to time and I ignore it as long as it reconnects within a few minutes. Today it did not. A quick test revealed that internet connectivity was alive and well, but that external DNS resolution was not. The OpenDNS servers were unreachable, as was their website. Oh dear.
I switched the forwarders on our internal DNS servers back to our ISP-provided servers and we were back in business, but what does this mean for OpenDNS? I’ve been using them at the corporate level at several of our US sites for over a year with success, but today’s mishap has me wondering if I will continue to do so in the future. I await more information from OpenDNS and hope they have a good explanation as well as a plan to keep this from happening again in the future.
Update: A rather snide comment (below) from David Ulevitch of OpenDNS suggests that this was a Verizon issue rather than an OpenDNS issue. Given the general lack of buzz on the internet, I’m inclined to believe it, but shouldn’t this type of issue warrant some sort of communication to the public? A blog post on the OpenDNS website, or a sticky thread in the forum would go a long way toward getting the word out when problems prevent access to their services, even if said problems are not directly an OpenDNS problem.
Capacity Planning for Virtualization
September 28th, 2009 by Josh No comments »When I began my journey toward virtualization, it was early and there weren’t many good tools for planning performance capacity. Step 1 started with a single host server with local storage, and after a year of running 14 low-resource servers on the one box, I had the leverage to take a big step up to Step 2.
Step 2 included an EqualLogic PS400E iSCSI SAN, and 4 Dell PowerEdge 1950III servers with VMWare ESX Enterprise, with a Virtual Center Server. Our immediate needs/goals for virtualization were modest, with plans only to virtualize file, application, and mail servers and only 15 to 20 physical servers. Our Oracle and SQL servers already had dedicated platforms and until we break into the realm of a ‘real’ SAN like EMC, I didn’t want to deal with the i/o headaches these systems would cause on our virtual platform. » Read more: Capacity Planning for Virtualization
WordPress app for Blackberry
September 10th, 2009 by Josh No comments »I’m sitting in the hospital with my adorable 5-hour-old daughter sleeping in my arms, and I got to thinking that it would be great if there was a Wordpress app for Blackberry. A quick search on Google and hey look at that, a Wordpress app for Blackberry! My battery is running dry so I’ll keep it short, and follow up later when I’ve had a chance to run this app through some more.
QLogic SanSurfer iscli – QLE4062C Advanced Settings
September 9th, 2009 by Josh No comments »Depending on the storage array you’re using with your QLogic HBA, there may be some advanced settings that you should configure. This example is taken from the recommended configuration for using QLE4062C iSCSI HBAs with an EqualLogic SAN. It is assumed that you have already installed SanSurfer iscli.
Recommended Settings:
IP_ARP_Redirect: on
KeepAliveTO: 120
Large_Frames: on » Read more: QLogic SanSurfer iscli – QLE4062C Advanced Settings
