Digital Choke Daynotes

"Daynotes" are popularized by a Internet Web site called the "Daynotes Gang" (http://www.daynotes.com or http://www.daynotes.org), a collection of the daily technical and personal observations from the famous and others. That group started on September 29, 1999, and has grown to an interesting collection of individuals. Readers are invited and encouraged to visit those sites for other interesting daily journals. You can send your comments to us by clicking on any mailbox icon.

Reports

I've been a bit busy lately. My normal routine is to write these things in the evening, but by the time the evening rolled around, I was too tired to write coherently. (Yeah, I know: what makes me think I know how to write coherently?)

So, for those of you who are really interested in what has been happening, here it is.

I got up early Saturday to drop off the truck for it's smog check and an oil change. I got a ride back to the house, and rearranged a few of the drip irrigation lines and some other minor cleanup of the plantings in the back yard. We have a travel trailer for sale, and someone wanted to look at it. It's over at the in-law's house, so we arranged to meet with them, although they never showed up. Back home again, where I started working on the laptop to get things arranged for my class next week. Another person called about the trailer, so I went back to the in-law's to wait for them, who were an hour late. (I was reading a good book at the time, so it wasn't all a waste of time.) They finally showed up, and spent a total of five minutes taking a look at it.

So I got back home for dinner (barbequed boneless chicken breasts), then worked on the laptop some more. I was trying to re-size the disk partitions so I could install some other operating systems, but the program wasn't working right. By the time I got through trying to get that to work, it was too late to write.

Sunday, I worked some more on the laptop, to no avail. So I did some other stuff to get ready for the class. It's a week-long thing about Windows 2000 and security, and it should be quite good.

Monday and Tuesday was taken up by the class, and the evenings with reviews and preparation for the next day. I took a short break to write this stuff, just so that my two readers would not be disappointed by another empty day.

Posts have been a bit erratic lately, as you may have noticed.. These all-day classes are fairly intense, so the old brain is a bit overloaded. One can tell because of the lack of proofreading -- Brian "watch them apostrophes" C. (my unofficial and after-the-fact proofreader) has caught a few grammatical and spelling errors lately. But it is always nice to hear from him.

I've noticed a bit more spam in my "Digital Choke" mailbox lately. Most of it is variations on the "Nigerian Scam", plus the assorted body part enlargement mail. I don't think the email address robots are getting the email address from this place. When you click on the mailbox icon, you get a form to fill out, rather than a 'mailto' command. So the email address is a bit more hidden here than on most sites.

But then I did a more complete search of the files here, and see that I have not been very consistant in following my own rules. There are several pages with 'mailto' links, rather than links to the mail form. I'll have to fix that.

So I think that I will try an experiment. Brian Bilbrey and Greg Mazin, who host this site on their servers (I think they are here, in case you need a good and cheap place for hosting), have set it up so that any mail sent to digitalchoke.com to my personal address. So you could send a mail message to mickeymouse-at-digitalchoke.com, and I would get it. So I think that I'll change my mailto links to specify a different mailing address, and then see how long it takes for the new email address to be harvested by the spammers.

At class today, part of the discussion was firewalls and protection. An interesting question for you network dweebs is "where is the border?", and "how well is your border protected?". The border (not Taco Bell) is where you put your defense against outside threats. You should have firewalls protecting your border, among other things. But sometimes the border isn't where you think it is. For instance, the border might be that network jack in the conference room that you let anyone plug in their laptop. What kind of protection do you have there? Are you protected against an infected laptop plugging into your network. Which, as you regulars know, is how our network got the Blaster worm a few weeks back. So you need to make sure that all of your borders are protected.

(Later) I meant to mention that the original Daynotes link (www.daynotes.com) is not active for the moment. It seems that Tom Syroid, who was one of the original Daynoters (and is on sabbatical), didn't get the notice that the domain registration had expired. I understand that he is working on it, but in the meantime, you can use the alternate Daynotes site www.daynotes.org .

The topic for today's class was hardening a Windows 2000 IIS server. I learned a few things, although I had done some research before on this subject. But it was nice to get it all in one place. The instructor is very knowledgeable, and he has put together some good workbooks. He has compiled what looks to be the ultimate checklist for securing a Win2K server, and put it in the book. The list looks quite extensive, and I'll be using it extensively. There's a new Win2K IIS server that is scheduled for installation in our DMZ, and I get to do a security audit before it goes live. That will be a good test for the checklist.

I will also compare that Win2K checklist with the settings in the Win2k3 (Windows 2003 Server) that I put together for the mail system. That one is not in production yet, and is still isolated in the lab. It will be interesting to see how the Win2K3 settings compare to the checklist.

Tomorrow is script day (yep, on Saturday). Although I used to do a lot with batch files (but not as much as John Dominik), I haven't done much with VBS scripts. The instructor says that just about all of the Win2K checklists can be done with scripting and policies, so it should be interesting.

I did some minor editing of the pages on this site (you might notice a different font for the links), changing the mail-to links to point to a different mailing address here. I also got rid of some unneeded files. Then I started looking at the "Webalizer" configuration file. It's used on this site to show site statistics by extracting the information from the log files. It's a free program that you can use for your web sites, you'll find it at www.webalizer.com . I'd like to exclude a few of the non-content files and image files from the stats. I also grabbed a current copy of the "Digital Choke" story. I've got a few ideas to update that story. It was written last year, and a few concepts and parts of the story could use an update to reflect current events.

Daynotes	a daily journal of our activity	Send us email
Digital Choke	an action that is sometimes needed for your computer; also a short techno-story available here.	Send us email