So I have a morel questions for everyone, today I noticed a huge load on both our Barracuda Spam Firewall 300 and I started to do some digging and found an IP address that was hammering it. So I decided for fun I would type this IP into my browser. Much to my amazement a router logon came up with a model name listed. So I did about 3 seconds research and found out the default username and password and believe it or not I was in. I couldn’t believe how easy it was. Now I know the user has no idea they are sending out spam but have been infected somehow so it would not be fair to punish the user by doing something malicious, but I wanted to stop the spam. I noticed the user was using PPoE to authenticate to their ISP so I changed their username to “IT_SEEMS_YOU_HAVE_BEEN_HACKED_YOUR_SPAMMING” something short and to the point. After that I saved it and my fun was over as the router no longer had connection, so it seems like my change worked. I was proud of myself for doing this public service.
Well for some reason today a user came to me with a strange issue, it seems that when they opened a xls file form the network drive that it could take up to 7 minutes to open. YIKES! So I started with the usual suspects, I rebooted Windows with no luck, I tried disabling antivirus, still no luck. I tried from another users computer with the same result. I started to suspect the network switch because we had a scheduled power outage to repair some electrical at our panel the night before. So I tried a test with a different machine from a different switch and I was able to open the file just fine. I tried again from my laptop on the switch I though was a problem and again the file opened just fine. My test ruled out the switch but I was using Office 2010 on my laptop and the end user was using Office 2003 so does not cross out all the suspects. Next thought….. I tried to copy the xls file to the users local machine and open locally, the file opened in seconds so now I was really scratching my head.
I grabbed a loner laptop with office 2003 on it and tested but no issues happened with it. So now I had ruled out Office 2003, the Switch, Server so it must be specific to only these 2 computers. I did some searching around on the web and found this article by Microsoft http://support.microsoft.com/kb/2570623 this described my problem to a T but I was still curious as to why it was only happening to 2 machines on the network and not the other 50. So I applied the fix they suggest which essentially makes 2 registry changes
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security]
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileValidation]
"EnableOnLoad"=dword:00000000
More or less this reg file is turning off File Validation for Office. Once I made this change the the files could be opened with no issue or lag. I still have no idea why this would all of a sudden become a problem and only for 2 machines. That one is still a head scratcher, thanks again MS
Well I hope this helps you in your travels of your IT world that others call the office!
If you have ever had to deal with multiple monitors you will understand the problem of managing two desktops and the windows within them. Windows 7 has made the desktop management a bit easier but not perfect yet. Once you have your monitors setup they way you want them then Windows should normally be “smart” enough to figure the rest out from there. I have found that some times I have users that will detach their secondary monitor and go to a meeting. They were working on a application that was open on their secondary monitor and when the secondary desktop was removed, Windows should have readjusted its position to the only monitor left to display data on. What ends up happening is that the users application window will be off the screen and they cannot see their application. This is one of the biggest pains in the ass with multiple monitors, Windows cannot seem to get it right. On a side note there is a work around in Windows XP to get your application window back without putting your secondary monitor back on. What this involved was the following steps:
You needed to make sure the application window was not maximized and was free floating, the only way to do this since you cannot click on the action buttons was to right click the applications status bar entry and chose restore. If restore was grayed out then you knew it was already in that state. If maximize was grayed out then you knew the window was in a maximized state.
Once you knew your application window was in a state where it can be moved, you could again right click on the applications status bar entry and this time chose “Move” from the context menu.
Now the important part… don’t touch your mouse! You will need to use your keyboards arrow keys.
You need to remember what side your secondary monitor was on. This is important because you either need to move your application window to the left or to the right to get it back on the main screen. Most secondary screens are on the right and if this is the case for you then you would need to move your application window to the left to get it on the main screen. To do this you would press and hold the left arrow key and hold it down. When you see the application window outline start to show on your monitor then you can use the mouse to take over and get back control of your window.
This is the old way but is prefect and is the only way I know of in Windows XP and earlier.
Windows 7 is a “different cat” (where did that cliché come from?) when you right click on task bar entries you get some crazy useless menus that has nothing in them about restore or move, so the method mentioned above will not work. “Well how the hell do I get my application window back on Windows 7!!!!!” you may ask……… Here comes the 4 shortcuts I found by accident.
Hold your Windows Logo key on you keyboard down (keep holding it down)
Press left or right
If you watch your application window will flip between 3 states snap left, restored, and snap right and will do this on each monitor you have. If you keep going left or right when it reaches the end of your desktop well it will come full circle and back to the other end of your desktop. So now when your application window is on a different monitor all you have to do is make sure the application window you want to move is in focus and just use the shortcut to move it back to the primary monitor!
This tip also works great for multiple monitor users that love using snap (if you don’t know what snap is I have embedded a video from MS is below) If you have ever tried to use snap on multiple monitors you will notice snap only works at the far left edged of your desktop and far right edge of your desktop. This is because Windows treats your desktop as one big desktop that extends multiple monitors. The way snap works is it snaps to the edges of the desktop not the edges of your screen. Using this shortcut it will allow you to use snap using the edge of your screen not the desktop. So if you have two applications open and you want them snapped to the left and to the right of the same monitor:
Click your first application and use “Windows Key + Left” .
Click your other application and use “Windows Key + Right”.
You now have windows snapped in the same screen with multiple monitors! There are also a few others like pressing “Windows Key + Up” to maximize the application window. “Windows Key + Down” will take a maximized application window to a restored one and a restored one to a minimized one. Play with these arrow key shortcuts, they are fun use and great to know about!
Just got a funny message from YouTube that I have never seen before. I Though I would share it with everyone. Does anyone have an idea as to why the hash is?
Hey everyone, I just got done listening to one of the best Security Now podcasts #303 http://twit.tv/sn303 listen to this podcast and digest what Steve has to say because it’s good!
After listening to the podcast and keeping in mind what Steve has said I would like to expand on two theories I have always had.
Assume that most hacker will always use the following pattern once they are required to brute force your password a-z then after exhausting that move to a-z + A-Z then after exhausting that a-z + A-Z + 0-9 then after exhausting that finally come to a-z + A-Z + 0-9 + Symbols. With this as the most common form of brute force used then we can assume one thing of the attacker, if you have a symbol in your password then the attacker will have to go through a-z + A-Z + 0-9 before using symbols in their brute force hack attempts. So keeping that in mind as long as you have 1 symbol in your password the hacker will not be able to guess your password until they have tried everything else and then move into adding symbols to their attack. Now because this is the last thing the hacker adds to their attack then why do you need more then one of anything before it? for example take the following passwrods
Now because each of theses has a symbol in it no matter how many combinations of a-z + A-Z + 0-9 will ever find your password and the hacker will have to use a-z + A-Z + 0-9 + symbols making these passwords just as strong as using one from each category. This is assuming that the Hacker users the process of a-z + A-Z + 0-9 + symbols in order. once you take the factor out of which one they use first. Maybe the hacker will use symbols + a-z + A-Z + 0-9 making it now not secure. This is why it is always best to use at least 1 from each category this way no matter which they test and in which order you are always protected. Most kiddy hackers though will always use the following pattern because they just download the simple tools from the net to do their brute force hacking. A lot of real hackers build and program their own attack applications so there is no way to know what patterns they will use. But the above will work 90% of the time but makes you question if it is required to have at least 1 from each category if you chose one from the deepest category? best practice will always be 1 from each just to cover all your categories.
A strong password should be one that if I were to speak it out loud to you that you could not remember it. For instance using a password from above “thisisareallystrongpassword!” if I spoke this out loud to you I can imagine you could remember it very easy because well it’s why it is easier for you to remember! Your password should be complicated enough that people cannot remember it if they heard it. Next to that there is also the eye factor, if a user saw you type in your password would they remember it? So my 1st statement above about passwords is kinda contradicted by this statement but only if you make is so simple anyone that saw it or heard it would remember it. The password i used above “519-768-4204″ is not so easy to remember for a user but to you it is a telephone number you can remember easy, what about add togeather two phone numbers you remember “519-768-4204-416-823-3428″ Stick a letter in there and you have something that is un-hackable by brute force and by anyone that is watching you type or hearing you say it!
So again some things to consider in the war against the bad guys that sometimes complicated is not always better because you will inevitably have to remember it! That does not mean that you cannot create a password that is simple to you but keeps everyone else guessing!
