Digital Choke Daynotes

 Monday, April 18, 2005       mail    link   the story

('Back in the Saddle Again'...)

Last week Pam and I were on vacation in Oceanside, CA, right about here. It's the same place we went last year. We rented a condo (apartment) for the week, at a cost of about $750. We had a view of the ocean from the balcony; the ocean is about a half block away from the balcony. The weather was pleasant (low 70's F), and it was quite relaxing.

We spent most of our time just relaxing, reading books, short walks along the ocean. We did a trip down to Sea World in San Diego, enjoying the flying dolphin and whale shows.

I did get some limited connectivity down there. There was an unprotected wireless network there, but the signal was a bit weak. I also brought down a wireless modem from Verizon. That worked fairly well, although it was quite slow. So most of the surfing I did was watching the guys on the ocean.

To catch up on the security front:

1) Microsoft's "Patch Tuesday" was last week. There are several updates that are important to install. Some of the vulnerabilities fixed have public exploits already released. The MS "Automatic Updates" will fix some of the problems, but there are also MS-Office updates. To fix those, you have to go to the Office Update site manually (look for "Office Family" on the "Windows Update" pages, which you can find on your Start, Programs menu). Recommend installing all appropriate updates. (Note that the Office updates might require your Office CD, although there is an option to get a larger update package that doesn't require the CD. I always copy the Office CD to the hard drive, and install from there; the installation is actually faster that way).

2) Firefox has some newly fixed vulnerabilities; exploit code is 'public', visiting a "nefarious site" can get you infected with remote controlling software. Current version is 1.03. Firefox is supposed to have an automatic update check (in the "Tools, Advanced" screen), but I've never gotten it to work. Recommend that Firefox users shrug off any complacency or superiority and ensure they install the 1.03 updates. (Also applies to Mozilla users.)

3) Identity theft is becoming a big problem. Best way to protect yourself is to get a free credit report (in western and mid-west states of the USA) via www.annualcreditreport.com (that site also has info on how to request by phone). Then make sure the credit report has accurate info; close inactive accounts, etc. Also, regular monitoring of your bank/credit statements (via web, if available) will alert you to improper charges (but be careful about that web checking at public 'hot-spots' or public computers; there might be keystroke logging software to capture your login info).

...and for a bit of fun

4) the new satellite images available via the new Google Maps (http://maps.google.com) has resulted in a new Google game: finding interesting things in the satellite image. There are many web sites that are cataloging "Google-Sats" places. There are several sites that have links to interesting satellite images. Here's a couple of links:

• http://gmaps.nicj.net
• http://perljam.net/notes/interesting-google-satellite-maps/
• http://www.shreddies.org/gmaps

There are some interesting missing sections of some sat images."Area 51" seems to be blank, for instance, and some government buildings (like the White House) have been "fuzzed" a bit.

I suspect that you'll spend some time wandering around the various images. (Note that a broadband connection is best, as some of the images are a bit large.)

 Tuesday, April 19, 2005       mail    link   the story

In yesterday's post, I mentioned getting a credit report and checking it, closing any inactive or unneeded accounts. I heard from loyal reader Richard M. (thanks!) that that part of my advice may not be a good idea.

The thinking is that although closing inactive accounts may seem to be a good idea, it can actually lower your credit score (that "FICO" score thing). Part of the FICO score is computed on the ratio of available credit to total credit. So if you have an inactive account that has a $5K credit line, closing that account will reduce your total available credit by $5K, thereby reducing your FICO score.

So I did a bit of Googling on this, and found some conflicting advice about that. There were a couple of places where they discussed how a FICO score is computed, and most mentioned that closing accounts is never a good idea. To improve your score, pay off those accounts, but don't close them. You might want to ensure that those companies have your correct address, but leave those zero-balance accounts open -- just don't use them. The more available credit you have (and the lower you keep your debt) will increase your credit score.

I found one good site that seems to contain current information about how to improve your credit score here. It says that there are five quick ways to improve your credit score:

1. Pay your bills on time (payment history is a very important part of your score)
2. Pay down your debts, and don't charge as much (vendors like to see a very low debt-to-credit ratio)
3. Don't close old, paid-off accounts
4. Credit Counseling will not hurt your score (it used to, but not anymore)
5. Stay out of bankruptcy (it will really kill your credit score)

I think that it is still important to look at your credit report. Since you can get one free report a year from each of the three credit agencies, schedule your free reports for every four months. On one of them, pay the extra $8 for your FICO score. Look for any inaccurate information; you can add corrections to your report. And keep a close eye on your active accounts (via your monthly statements -- or on-line statements more often) to ensure that there aren't any fraudulent charges.

 Thursday, April 21, 2005       mail    link   the story

I set up two Windows 2003 Web servers today. They are HP DL360 and DL380; two processors, 2GB RAM. One has two drives, so I set that up as RAID 1 (mirrored). The other has 5 drives, so the C drive is set up mirrored, and the data drive is set up RAID 5. These servers are to replace one of our web servers; one will be the development/staging system, the other will be the public system.

It was quite easy to set up. First the HP "SmartStart" disk, which was used to set up the disk array and start the OS install. The whole process is pretty easy, so I was done in about an hour. I downloaded SP1 and will install it tomorrow before connecting it to our network. With SP1 installed, the systems are protected with an internal firewall to block any attacks from known vulns that have been patched. And it will be interesting to try out the new security wizards that are now included with SP1.

I put an ad in Craigslist for the truck and the trailer last night. Got a call this evening from someone that wanted to take a look at it, but they never showed up. A bit irritating.

 Friday, April 22, 2005       mail    link   the story

Today's project was to get SP1 on the Win2003 server. I downloaded the file, burned a CD, copied it to a temp directory on the servers' C drive, then ran the program.

Files were copied, then there was the message about replacing a vendor's driver file with an updated version. So I said 'sure, why not', and the update finished. A reboot, and then...

...oops...

It seems that the file I replaced had to do with the disk array manager, which resulted in NDLDR not being found, and no boot of the hard drive.

Oh well.

Since it was a new server, and the whole thing was another learning experience (I've set up servers before, but this one was slightly different), I decided to start all over again. Got everything all installed and configured, and then got ready for the SP1 install again.

But I was a bit smarter this time. I pulled out one of the mirrored drives (there are only two in this system), and then did the SP1 install. And didn't replace the vendor file. The result was a successfully upgrade.

I then applied my security template via MMC, and then used the new SP1 "Security Wizard" to apply a more complete security setting. That went quite easily, and the resultant settings were quite good.

So with the SP1 installed, I connected the server to our internal network, did a bit of configuration, joined the local domain, and then verified all updates via Windows Update. Some more minor configuration of the Internet web sites, and the system is now working well. The one hard drive is still unplugged, though.

I'm going to let it 'cook' over the long weekend, then do some final configuration of the system, along with another security audit. That will happen Tuesday, when I'll also do the SP1 update on the public-facing server.

No posts this weekend. I'm off for an exciting fly-drive trip to Salt Lake and back. Time to get Stacy home from college for the summer. She's got her car all packed up with her stuff, so we'll drive back together. Some light rain is forecast for the weekend, so the drive will be nice and cool.

Enjoy your weekend!