Categories
blog

New Computer – 5.9 Vista Experience for under $400

A few weeks ago I go the go ahead from my wife to build myself a new computer.  I have been rocking a P4 at home for quite some time…so long in fact that I just started using my work laptop as my home computer.  It wasn’t horrible but definitely time to upgrade.  I knew I wanted to keep the cost down even though I think I could have gotten my wife to agree to nearly any reasonable price and I knew I wanted it to be FAST!! 🙂  That is a relative term but the items I did purchase SEEM very very fast to me.  It would blow my mind if I were to get all the high end stuff :).

CaseUltra X-Blaster ATX Black Mid-Tower Case
Power Supply:  Ultra LSP550 550-Watt Power Supply
Memory:  Corsair Dual Channel TWINX 4096MB PC6400
Processor:  AMD Phenom 9500 Processor
Motherboard:  Asus M2N-SLI Motherboard
Hard DriveSeagate 500GB Serial ATA
Video Card:  XFX GeForce 7600 GT (already owned)
Operating System:  Windows Vista Ultimate 32Bit (already owned)

Total:  $374.98 + Tax/Shipping

I thought that price was pretty darn good.  By the way, I don’t have all 5.9’s on Vista’s experience rating, I only have 5.9’s on everything except graphics.  I have 5.5 there but will hopefully be able to get a 9800GT Video Card here soon which will put me up to 5.9’s 🙂  The operating system was free because I let Microsoft spy on my Windows XP machine for a few months. In return, they gave me a copy of Vista Ultimate 32/64 Bit.

Categories
blog

NSA Security Configuration Guides

While I was in the Marine Corps doing one of my tour’s in the middle east (Iraq), I was often reminded that we needed to take great measures to secure our network systems.  We took several approaches to this task.  During my second tour I was in a way mentored by a contractor, Andy Garcia.  He worked, If I remember correctly, for Northrop Grumman and was part of the Information Security team for the Marines.  He sort of took me under his wing and showed me the ropes on basic information security.  I sort of became obsessed with it.  Just knowing how easy it was to exploit little things like unpatched Microsoft OS’ and buggy IOS or even wireless network with so called wired equivalent protection (WEP).  It just flabbergasted me watching him gain administrative access on systems that I once thought were “secure”.

I then found a blessing from the National Security Agency (NSA).  They had published baseline security lockdown guides for the majority of technologies that we were deploying.  I started using them to secure our systems along with a large number of recomendations from Andy and the information security team.  It was and still is my favorite part about the job.

Just as an overview, the guides go through getting rid of some bad default settings, teach you to run services with a less priviliged user, and best of all…common sense.  Securing systems is a lot of the latter.  Don’t use default passwords, don’t run as root, etc.  They go into great depth on certain subjects, an just glaze over a few others but the documents are well written and if uses appropriately WILL help you protect your systems.

This have been around for a while now so you may have already know about them but even if you have seen them before, please take a look again just as a refresh.

Categories
blog Microsoft

My take on AntiVirus / AntiSpyware applications

Virii suck, I just though I’d throw that out there.  They cost the world billions of dollars a year and keep people like you and me up at night.  I wish I had the final solution for you but I don’t, however, I do have a list of applications/tools/services that I use to keep my computers running virus and spyware free.

Desktop Antivirus / AntiSpyware

At work my company has standardized on NOD32 from ESET.  I had never herd of the company until I started at my current position about a year and a half ago and now, I rarely use anything but NOD32.  They have a couple of editions but I’m only familiar with ESET NOD32 AV v2.6 and v3.0.  So far I have not had a single problem with virii or spyware (except for a few hacking/cracking tools that I use on occasion).

If I’m not using or recommending NOD32 for home / client computers I go with AVG.  AVG AntiVirus 8.0, the newest version from AVG covers pretty much everything you would need from an AntiVirus / AntiSpyware software suite.  They even have a free edition that can be found here for home computers that only need basic protection.  If your on a budget, AVG Free Edition is for you.  Again, so far, with my use of AVG Antivirus, I have not had a single problem.

Safe Internet Browsing

This is a huge deal when it comes to keeping your computer safe.  Sometimes it doesn’t involve any software at all.  Just some intelligence and PG13 level surfing (no porn or online gambling allowed!!).  However, because of my ADHD and endless appetite for information, even I run across some potentially bad websites.

To combat this I use OpenDNS.  I’ve done a blog post on them a while back.  Search at the right if you are interested but I’ll cover a few points to OpenDNS here.  First of all, OpenDNS is cool.  Second, OpenDNS is free.  Now that I got those two things out of the way, I’ll explain it a bit.  OpenDNS is a free DNS service that you point your network DNS servers, clients, etc towards and you instantly get a bit better service.  If you go to the website and create an account and then register your IP address there, you can have settings specified that would prevent people from surfing websites that fall within a specific category.  Below is what I have mine set to.

The moderate setting includes blocking of Adaware, Alochol, Dating, Drugs, Gambling, Hate/Discrimination, Weapons, Tasteless, Lingerie/Bikini, Proxy/Anonymizer, Sexuality, Nudity, Pornography, and Phishing.  The last one is especially cool because it uses the phishing database PhishTank, which is THE defacto standard in phishing databases…well at least I believe so.

Desktop and Network Firewalls

As much as I should use a desktop firewall, I don’t.  It hinders my ability to do network scans, attach to different networks, open up shares on my computer remotely, test software, etc.  But, do what I say and not what I do.  If you have no reason not to use one…then do so.  The built in Windows Firewall is fine but if you need to feel a little safer at night, I recommend ZoneAlarm.  It has both high reviewes in the major computer magazines and is recommended by the security research group Gibson Research Corp.

My home network firewall is pfSense, a free open source, fully featured firewall that I have installed on an old workstation with two network interfaces.  Visit the website for a full list of features.  Other firewall’s that I would recommend would be the Cisco PIX or ASA, m0n0wall, and any Linux distribution running iptables.  It’s not that these are the only secure options out there but rather I only have extensive experience in this small list.

SPAM Protection

This cannot be stressed enough…  Never use an email address without a **GREAT** SPAM filter.  For personal use, grab a free GMail account.  For corporate use get a Barracuda SPAM firewall, use Postini or build your own SPAM filter based on SpamAssassin.  For the DIY I recommend Maia Mailguard.  The reason for this is quite simple, spyware and virii can be transmitted quite easily through email.  If you are not protected, you are asking for trouble.

Defense in Depth

Although all of my recomendations, in my option, are good ones..not a single one of them guarantees that you will not get infected.  Things like zero day attacks, trojans, virii, spyware, adaware, malware, etc are not always easily detected and therefore may hit a large number of computers over a short period of time without the security companies knowledge.  However, with the use of all of them together, you now have the tools for a fighting chance and with any luck, you’ll be virus free.

Hopefully you’ll take my advice on one or more of the above topics and have a safer more enjoyable time on the internet.

Extras!!

Here are a few extra tools that I did not fit in.

ESET Online Scanner | TrendMicro House Call | TrendMicro HijackThis | Symantec Removal Tools

Categories
blog Linux

5 Minute Cron Tutorial – Linux Task Scheduler

Cron is an exceptionally useful tool in the Linux world where administrative tasks can easily be rolled up into shell, php, perl, and python scripts among other things. Per a website that I just came across, the word cron comes from the Greek word chronos which means time.

First, lets setup the environment. I use VI as my text editor on Linux and you can view my “60 second VI tutorial” on here as well. To ensure that VI will be our crontab (cron table) editor we will need to edit your “.profile” file for whatever user you are going to be logged in with (typically root).

vi /root/.profile

Add one of thefollowing lines above the second fi to match your preference.

export EDITOR=/usr/bin/vi #if you have just VI installed
export EDITOR=/usr/bin/vim.basic #if you have VIM installed

Ensure that you save it with :wq.

Now that we have that out of the way, lets start scheduling tasks.

Since backups are traditionally something that you would want to automate or schedule, I’ll use it as my main example but first I’ll break down the cron scheduling syntax.

Field Meaning (input)
1 Minutes (0-59)
2 Hours (2-24)
3 Day of the Month (1-31)
4 Month (1-12) January thru December
5 Day of the week (0-6) Sun thru Sat
6 User to execute the command
7 Command to execute

0 2 * * * root tar czf /var/backup/www.tar.gz /var/www >> /dev/null 2>&1

With the above example and the table of what each field does, you get can put together that at 0200 or 2:00 AM every day root will be running “tar czf /var/backup/www.tar.gz /var/www >>/dev/null 2>&1” which is telling tar to tar up /var/www into /var/backup/www.tar.gz and /dev/null 2>&1 is a way to have the command put any output into a “trash can” if you will  Alternately you can specify a log file for that output to go with “>> /var/log/cronforcommand.log 2>&1”.  The * in a schedule means to omit that portion of the schedule.

That one was pretty basic so I’ll get a little more complicated now.  Matter of fact, I’ll just skip the user and command to execute from now on and focus on the command structure for scheduling with cron

EXAMPLES:

Every Minute – * * * * *

Every 5 Minutes – 0,5,10,15,20,25,30,35,40,45,50,66 * * * *

Every 5 Minustes (Simple) – */5 * * * *

Every Hour – * */1 * * *

Every 2 hours – * */2 * * *

Every Day @2:00 AM – 0 2 * * *

Every Day @ 6:00 PM – 0 18 * * *

Every Sunday @ 3:15 AM – 15 3 * * 0

On Feburary 11 @ 10:00 PM – 0 22 11 2 *

That pretty much covers the majority of typical uses for cron. Obviously this is a very powerful tool and can do so much more but for this post, I think it’ll do.  If I messed anything up , please let me know.  🙂 Enjoy.

Categories
blog Linux

Excelent Time Management Video – Randy Pausch

At work, I find it somewhat hard to stay on task.  I like it when I get real material things that can help manage my time.  One of they guys I work with sent me a link for this lecture by Randy Pausch.  As he recently passed due to cancer, this speaks volumes for his character as he had approximately 3 months to live at the time of this talk.  Please enjoy.