Don’t Join the Club

The Storm Gang has changed their messages. It started out with ecards, as mentioned before. Now they are sending out mail that verifies you joined some sort of club. The latest is over on our Security Dawg site here. Pay heed to the warnings there.

And I finally got around to changing the redirect on the old blog pages. So perhaps my three regular readers will be stopping by again. And I got my link on the Daynotes page (here; the gang there are regular daily stops for me) changed to point to these pages. I hadn’t remembered to ask Brian Bilbrey to make the change; once I got that ’round tuit’ to ask Brian to make the change, it happened within minutes.

Brian and his friend (and business partner) Greg Mazin run the servers that host my pile of drivel, along with more important sites like Dr. Jerry Pournelle’s Chaos Manor. So if you are looking for a good host at reasonable prices, Brian and Greg are the guys to contact.

Servers Are Us

I’ve spent the past couple of days setting up a bunch of servers at work. There are a couple of SQL servers (one for the web filtering, one for the mail filtering), a new Windows Update Server (we’ll be upgrading to version 3), one for the corporate anti-virus solution, and a few mail filter servers.

Our data center uses HP servers, so the servers are a combination of DL360 and DL380 systems. They are quite easy to set up; it just takes a bit of time to get all the OS updates (we’re running Windows Server 2003) installed and other things configured. The HP SmartStart software makes it mostly painless, just takes a bit of time.

The process is pretty easy. Install the server in the racks (the rack rails just click into place), slide the server on the rack. Then cable up the network cards, power, and KVM. Then use the SmartStart software to start the configuration process, including setting up the drive arrays, and continue with the OS installation.

Next step is to install all the OS updates, add the security template, install the anti-virus program, and set up the computer for automatic updates from our update server (I wrote a compiled Windows Script to do that).

The whole process (other than physically racking the server) takes a bit over two hours. There’s additional time to install the needed application, but the whole thing is quite easily done.

I’ll be spending the next few days doing that, in between the other aspects of my job.

Rick’s Law of Home Fixit Projects

Over the years, I’ve had to fix a few things around the house. And each little project that I do follows the rule of “Rick’s Law of Home Fixit Projects”.

For instance, suppose that you want to add some drip irrigation for the flower bed. That requires one trip to the local HomeDepot/Lowes/Ace/HardwareStore (take your pick). So off I go, get the new drip irrigation parts, and set aside some Saturday time to do your little project.

That’s when you realize that you forgot a few parts. So it’s off to the store again to pick up the one part that you need to finish the project. And then there’s the final trip for the last part that you need.

Once again, the “Rick’s Law of Home Fixiti Projects” strikes again: “Every project requires at least three trips to the hardware store”.

And it happened again this weekend. My mother-in-law is selling the cabin up in the mountains (near Strawberry, CA), and I needed to finish fixing the water pipes. You see, it was my job last winter to drain the water pump and pipes before winter set in. The cabin is at 6000 feet elevation, and doesn’t get used during the winter (it’s a mile back on a unplowed forest service road). The water supply is from the river out front, the cabin is older and not well-insulated, and has metal (galvanized) pipe.

So in the fall, we take one final trip up to the cabin to prep it for winter. The pipes, pressure tank, and water heater get drained, the toilet gets some anti-freeze, and any leftover food is taken home. And that’s what I did last fall.

Then in the spring, it’s back up to the cabin to get it ready for the family to use. And that’s when I discovered that I must have left a bit of water in the water pump. It was a bit obvious — a spray of water as I turned on the pump.

We got a plumber who decided that the pump didn’t need to be replaced, it just needed a new impeller housing. The plumber replaced that part. And Pam and I went up Saturday to finish turning on the water before the sale of the cabin ‘closes’.

I knew that there was one drain plug that needed to be replaced. So the first trip to the hardware store I picked up an assortment of plugs and fittings. And one of the plugs fit, so I turned on the water pump (no leak), and found that a ‘union’ fitting in the bathroom was leaking. The union was pretty old, so I decided to replace it. I took off the old one and brought it with me, and Pam and I drove to South Lake Tahoe (CA) to the hardware store to get a new union.

For those of you that are counting, that’s hardware store trip #2.

Side note: it was lunch time, so we drove onto highway 89 towards Camp Richardson, and stopped at the “Burger House” (about two miles from the “Y” — the junction of highway 50 and 89). Great burgers (1/2 pound), big bun, a pile of pickles, cheddar cheese, and fresh red onions), a basket of shoestring fries, and a milkshake. Yeah, not really diet food, but it was really good. Recommended, if you are in the neighborhood. Outside dining; while we were there, a few California Dept of Forestry fire trucks headed for the fire in Tahoe City; that’s another story. Anyhow, great burger place if you are in the neighborhood.

After lunch, back to the cabin (about a 25 minute drive), where I discovered that I bought a 3/4″ union, and needed a 1/2″ size.

Which required — wait for it — yes, the third trip to the hardware store.

I did get everything back together, no leaks, all is well.

But the next time that you start on a project around the house, remember “the Law”. It will take at least three trips to the hardware store.

Guaranteed.

Smarter Malware

During the ‘morning rounds’ on the Innertube, I came across this blog entry from the folks at VirusList.com, which is the blogging site of the anti-virus folks at Kapersky Labs. The entry talks about a multi-stage attack by some malware that is after your on-line banking information.

Stage 1 is the initial infection, which can get on your system with a ‘drive-by’ just by visiting a malwared web page. A program is downloaded and installed on your computer. The program sends every URL (web page address) that you visit to the hacker’s web server.

Stage 2 is where the malware watches for encrypted web page traffic, such as when you visit your on-line banking site, or a shopping site as you are doing a checkout/payment. That traffic is captured and sent to the hacker’s web server.

Stage 3 is when the hacker analyzes that traffic (web page content, even though encrypted), and determines the bank you are visiting. It then sends to your computer another program that intercepts any keystrokes as you are using your banking web site.

The result is information about your bank login, account number, password, etc. sent back to the hacker. At that point, identity/financial theft can ensue.

Your protection against this? Anti-virus program that can sense the download of the malicious software from step 1. For instance, the electronic greeting card (‘ecard’) mail that’s going around. Clicking on the link in those emails will get you a download (and install) of malware. At that point, your computer is ‘owned’ by the hacker.

If you keep your anti-virus current (and your operating system and applications patches current), you’ll be protected. Along with the Safe Computing Practice of not clicking on links in emails.

And if your computer is infected? How do you recover from that? I’ve been working on a malware-infected computer. My conclusions will be in a post over on the “Security Dawg” web site.

Greeting Card Virus Warning

There’s another “You’ve been sent a greeting card” spam mail making the rounds. In some cases, it may get through your spam filters.

The message includes a link to click on to get your card. Clicking on the link will result in an attempt to download a virus on your computer.

If your anti-virus is current, it should block the viral install attempt. But “Safe Computing Practices” are that you should be very wary about clicking on links in emails. And greeting cards emails are a common malware-distribution technique.

Our recommendation is to just delete greeting cards messages.