Sunday, November 29, 2009

Ten Ways Windows 7 Is Better than Vista

This is a great article that compares some differences between Windows Vista and Windows 7. The one I like most is that Windows 7 is leaner, it's less of a resource hog, allowing it to work with older and less powerful hardware.

http://www.informit.com/articles/article.aspx?p=1407361&ns=16329

Regards
John Crawford

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities


AddThis Social Bookmark Button

Add to Technorati Favorites

Tuesday, November 3, 2009

The Road To CISSP, Part II

Just passed the 3 week mark and no exam results. OK, "Officially" ISC2 says 6 weeks. But all the books say "4 days to 2 weeks". I scoured the internet and found that most receive their results within 2 weeks, or sooner. Of course, I made the fatal error of following the suggestion of another blogger who sent an email to the ISC2 register's office and promptly got his results. I got an email back that said my "exam had not been graded as yet and to wait 6 weeks before notifying" ISC2.

It's such torture to wait this long. My career plans and future training rest on the outcome of this exam. More than that, it will be a major shot in the arm if I pass (or it cold bring on some sever depression if I fail... ha ha).

So the wait continues. Words of encouragement are invited.


Regards
John Crawford

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities


AddThis Social Bookmark Button

Add to Technorati Favorites

Sunday, October 18, 2009

The Road To CISSP

About four months ago, I embarked on a mission to become a CISSP. The Certified Information Systems Security Professional (CISSP) certification is a daunting task for anyone, regardless of their background. While conventional thinking says this certification is achieved easier by technical people, the CISSP is a management certification. After being a Microsoft (and Unix/Solaris at one time) Systems Administrator for the past 11 years, I felt it was time to un-box those management skills I had learned and honed in the Army.

I've had several CISSP mentors over the years, most have moved on to greener pastures. One particular mentor would always tell me that everything is relative to how you think about a given circumstance or situation. My workday, for example, is chock-full of stressful issues as I deal one-on-one with end-users. When combined with the lack of direction, and the lack of policies and standards, a simple fix can turn into a nightmare. The mentor would ask why I was stressing about it. And I didn't get it, I couldn't make the connection, I was all about saving and fixing everything. The funny thing was, my boss wasn't stressing about any of it, so why should I? My stress was all in how I was thinking about the situation. A really nice benefit of going through the bootcamp Seminar is how they change ones way of thinking, at least for us technicians.

The training and exam are just the first step. I haven't even received my exam results, that usually takes a few weeks. Nonetheless, I am planning my next steps in transitioning from a technician to a manager, from the nuts and bolts of windows and PC's to information assurance and information management. My real barrier will be the thought process.

I developed a study plan to learn the ten domains, allocating one week for each. I scheduled to attend the bootcamp Seminar, and scheduled the exam. Scheduling the exam is probably the most important item in getting the brain into the learning mode. If you've attended an IT bootcamp, you know this is true. The psychology is something akin to a buffer overflow, or rather avoiding a buffer overflow.

My main source of reading was CISSP ALL-In-One Certification Guide by Shon Harris. Some current CISSP's and candidates find her book a bit too flamboyant with it's real life stories and her humor. I found it refreshing and inviting to the way I think.

Eighteen months ago when I finished my MCSE, the MCSE bootcamp was held at the same location as the CISSP bootcamp Seminar, co-located with the (ISC)² office in Vienna, VA. (ISC)² is the governing organization for the CISSP and several other Information Systems Security certification. It was then that I first decided to someday be a CISSP. At their recommendation, I purchased the "Official (ISC)2 Guide to the CISSP CBK". That was OK as a reference, but it reads like an encyclopedia, it's not for us folks with ADHD.

So earlier this year, I purchased CISSP ALL-In-One Certification Guide and CISSP For Dummies. These are good for getting the brain going in the thought process. Each also come with a CD and their own test engine.

During the last four months I carried the Shon Harris book with me when I wasn't at home studying. Allot of people noticed and asked questions. One particular gentlemen who happened to be a CISSP, recommended that I get The CISSP Prep Guide by Krutz and Vines. So I did. I found it to be a nice compliment to my studies with its unique view and a new pool of practice questions.

(ISC)² uses their own specialized curriculum during the seminar that accelerates the learning process I purchased the evening and Saturday review sessions from TrainingCamp which provided much needed practice questions and 16 additional hours of training. It's well worth the money for sure.



Regards
John Crawford

CISSP and (ISC)² registered certification marks of (ISC)², Inc.

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities


AddThis Social Bookmark Button

Add to Technorati Favorites

Tuesday, June 30, 2009

Many Computer Users Skip Routine Maintenance - HotHardware

The article sites some of the crazy things that can and do crawl inside a computer, and take nest. In my personal experience, I was asked to look at a computer that wouldn't boot, then would shut off. What I found was bugs and roaches living inside. I actually had to spray the computer with RAID, then seal it in garbage bags (so I could leave it outside for a few days). I took these pictures after I did most of the cleaning. But as you can see there is "bug" remnants, even rust and corrosion from something spilled inside the computer.

-------------------------------------------------------------------------------

Many Computer Users Skip Routine Maintenance - HotHardware

Posted using ShareThis

Regards
John Crawford

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities


AddThis Social Bookmark Button

Add to Technorati Favorites

Saturday, June 27, 2009

Windows 7: Are You Ready?


Microsoft has announced that Windows 7 will be available October 22. Let us hope with two short betas that Microsoft has worked out the kinks, and overcome the issues that has plagued Vista users. Here's an article that talks about 10 gee-wiz-wow-bang features found in Windows 7. Windows 7 Illustrated: 10 Cool Desktop Features

Here's is another good article on Windows 7. This one outlines how you can determine if Windows 7 will run on your existing computer, it's very straight forward. Will my computer run Windows 7?

Last, here is an article that compares Windows 7 and XP. If you were part of the majority of us that just didn't see the WOW of Vista, and refused to switch, read this article. It's not one of those Microsoft pie-in-the-sky commercials. This is a common sense approach that explains what advantages you will get with Windows 7. Benefits of Windows 7 over Windows XP

Pre-order Windows 7 Now



Regards
John Crawford

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities


AddThis Social Bookmark Button

Add to Technorati Favorites

Monday, June 22, 2009

Warning - Presto Tune-up is a Rogue Anti-Spyware Application

Warning - Presto Tune-up is a Rogue Anti-Spyware Application. It will try to make you believe you have been infected. See link for article and screenshots.


Presto TuneUp | Freetosupport.com

What is Hard Refresh? How is it different from Refresh?

What is Hard Refresh? How is it different from Refresh?

Shared via AddThis

Active Directory Password Expiry Reminder Email

This handy little script could prove invaluable to many organizations by saving dozens of man-hours each month with account lockouts and regular password resets.

Active Directory Password Expiry Reminder Email

Sunday, June 21, 2009

WARNING: Fake Twitter Invites Carry Malicious Worm

WARNING: Fake Twitter Invites Carry Malicious Worm

Posted using ShareThis

Response to "Why Enterprises Shouldn't Limit Web Traffic"

I don't really agree with the writer on this. I think it sounds good in theory, to transfer the problem to the "education" of the user. But that's assuming that all computer users know and understand all the things that can cause problems on a network. There's a few flaws in their reasoning.

First and foremost, most end-users are just that, users. They really don't know or care to know all the dangers of being on the internet. That's what they pay people like me to do, that is, to implement and enforce measures to allow businesses to include government agencies to go about their daily business. It's all about the bottom line. To a business, profit is the driving force. And they pay specialized people to make sure their enterprise is safe. I can tell you that to allow uninhibited use of the internet with no filtering would be disastrous. Hello!! Go back just a few years when the concept of computer and network security was non-existent. Users could go anywhere, download and install anything. They had root access to their boxes. It was pandemonium. It's much easier to stop a threat at a firewall, proxy server, or gateway, then to have it spread to thousands of workstations, servers, and other hosts in an enterprise. The author obviously lacks any formal computer or network security education, such as CISSP or even Security+.

The second reason is that employees are getting paid to do a job, not surf the web. That is unless it is their job or part of their job. Without rules or restrictions, employees will see it as a free ride, and an excuse not to get their work done. The author called this idea a "red herring". What???? Can someone explain that one?

The third reason goes into the legal and ethical issue. Do you want to allow users on a corporate network to gamble? To go to porn or sexually oriented sites? Hacking sites (and I don't mean ethical hacking)? To use their internet connection at work for any and all imaginable personal uses? Imagine how the taxpayers would react if users were permitted to do all that on government assets?

The author says "Employees are spending more time trying to find ways around the firewalls than working. If they had access to the sites they wanted to see, they'd go there and get back to work sooner." I got news for this gentleman, you do that where I work and they will toss you out on your ear. We all know the government and military enterprises are tightly locked down. Any attempt to circumvent security measures is considered malicious and or seditious behavior, and you will be shown the door and maybe criminal charges. You better hope you can get used to that irritating beep at McDonalds when the fries are done, because at that point you need a new career. In fact, many corporate networks are even tighter than government, sometimes they have NO internet access, just intranet. And their tolerenace is limited.

Lastly, the author has no concept of security, of any kind. He does not understand the role of the IT staff. Here's a quote:

"Companies don't need to limit the amount of access employees have to the Web -- they need to learn how to more effectively deal with the threats."

What the author is either forgetting (by now I thing he just doesn't know) that in many cases, the ONLY way to prevent a threat is to NOT GO THERE. That might be hard to swallow, but it's true.

"And that's the biggest issue with the enterprise blocking Websites. It might make sense at first glance, but if we take a rational look at things, it's actually clear that it's quite the opposite -- firewalls cause more headaches."

I will openly admit that making life easier for us IT people is NOT the first consideration of any implementation. Sometimes it's not a consideration at all. Sometimes it is a delightful benefit when it does make life easier. In any case, security is integrated into everything we do. It may be a headache, but it's our job. Those headaches are the challenges that drive us to be better, and to make our respective enterprise better.

The bottom-line is encouraging though. Companies nor government will ever relinquish that much control of their network resources to the employees. Even the recent U.S. Army decision to allow it's users access to social web sites, is not a major thing like is proposed in this article.

Shon Harris would have a field day with the author.




Why Enterprises Shouldn't Limit Web Traffic

Posted using ShareThis

Original Source: http://www.eweek.com/c/a/Security/Why-Enterprises-Shouldnt-Limit-Web-Traffic-376995/


Regards
John Crawford

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews



AddThis Social Bookmark Button

Add to Technorati Favorites

Windows 7 Features on a Vista or XP System

Some of this stuff is OK, but some I wouldn't touch. Media streaming is kool, if you're into that. ISO Burning is a great utility if you do not have third party software for your CD/DVD burner. I rarely use Windows Paint, but if it's your thing, go for it. The new Calculator looks very kool, and could have a wide range of uses.

I don't like the interface for the new Windows Search, but to each their own. I also found the the new Search was using up far too many system resources for my liking. Not to mention it takes up room on the task bar. I just found it to be worthless.

The Windows XP mode will be a great option for those of us that just will not or cannot afford to upgrade or buy software made for Windows 7. As for Internet Explorer 8, don't bother. The older your system is, the SLOWER IE8 will be. I had it for a few weeks, and it royally sucks. I use Firefox exclusively. I only use IE if it's a link in Outlook or a desktop shortcut. I suppose if you have a newer (or very new) system with lots of system resources, then IE8 may be a good upgrade.


Windows 7 Features on a Vista or XP System

Posted using ShareThis

http://digg.com/d1uRJz

Original source: http://www.pcworld.com/article/166935/windows_7_features_on_a_vista_or_xp_system.html

Regards
John Crawford

AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews



AddThis Social Bookmark Button

Add to Technorati Favorites

Sunday, February 22, 2009

Researcher demonstrates SSL attack

A security researcher has demonstrated a way to hijack Secure Sockets Layer (SSL) sessions to intercept login data.This is very disturbing. Our dependence on secure computing to access our banks, pay our bills, and shop online just became very insecure. While I know next to nothing about hacking, I know this is a very bad thing. When you take into account the free and open availability of these hacking tools, it won't take a professional hacker to steal your information.

Moxie Marlinspike, who spoke at the Black Hat security conference on Wednesday, explained how to subvert an SSL session by performing a man-in-the-middle attack. The anarchist researcher explained in...

read more | digg story