http://www.informit.com/articles/article.aspx?p=1407361&ns=16329
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
Sunday, November 29, 2009
Ten Ways Windows 7 Is Better than Vista
This is a great article that compares some differences between Windows Vista and Windows 7. The one I like most is that Windows 7 is leaner, it's less of a resource hog, allowing it to work with older and less powerful hardware.
http://www.informit.com/articles/article.aspx?p=1407361&ns=16329
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
http://www.informit.com/articles/article.aspx?p=1407361&ns=16329
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
Tuesday, November 3, 2009
The Road To CISSP, Part II
Just passed the 3 week mark and no exam results. OK, "Officially" ISC2 says 6 weeks. But all the books say "4 days to 2 weeks". I scoured the internet and found that most receive their results within 2 weeks, or sooner. Of course, I made the fatal error of following the suggestion of another blogger who sent an email to the ISC2 register's office and promptly got his results. I got an email back that said my "exam had not been graded as yet and to wait 6 weeks before notifying" ISC2.
It's such torture to wait this long. My career plans and future training rest on the outcome of this exam. More than that, it will be a major shot in the arm if I pass (or it cold bring on some sever depression if I fail... ha ha).
So the wait continues. Words of encouragement are invited.
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
It's such torture to wait this long. My career plans and future training rest on the outcome of this exam. More than that, it will be a major shot in the arm if I pass (or it cold bring on some sever depression if I fail... ha ha).
So the wait continues. Words of encouragement are invited.
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
Sunday, October 18, 2009
The Road To CISSP
About four months ago, I embarked on a mission to become a CISSP. The Certified Information Systems Security Professional (CISSP) certification is a daunting task for anyone, regardless of their background. While conventional thinking says this certification is achieved easier by technical people, the CISSP is a management certification. After being a Microsoft (and Unix/Solaris at one time) Systems Administrator for the past 11 years, I felt it was time to un-box those management skills I had learned and honed in the Army.
I've had several CISSP mentors over the years, most have moved on to greener pastures. One particular mentor would always tell me that everything is relative to how you think about a given circumstance or situation. My workday, for example, is chock-full of stressful issues as I deal one-on-one with end-users. When combined with the lack of direction, and the lack of policies and standards, a simple fix can turn into a nightmare. The mentor would ask why I was stressing about it. And I didn't get it, I couldn't make the connection, I was all about saving and fixing everything. The funny thing was, my boss wasn't stressing about any of it, so why should I? My stress was all in how I was thinking about the situation. A really nice benefit of going through thebootcamp Seminar is how they change ones way of thinking, at least for us technicians.
The training and exam are just the first step. I haven't even received my exam results, that usually takes a few weeks. Nonetheless, I am planning my next steps in transitioning from a technician to a manager, from the nuts and bolts of windows and PC's to information assurance and information management. My real barrier will be the thought process.
I developed a study plan to learn the ten domains, allocating one week for each. I scheduled to attend thebootcamp Seminar, and scheduled the exam. Scheduling the exam is probably the most important item in getting the brain into the learning mode. If you've attended an IT bootcamp, you know this is true. The psychology is something akin to a buffer overflow, or rather avoiding a buffer overflow.
My main source of reading was CISSP ALL-In-One Certification Guide by Shon Harris. Some current CISSP's and candidates find her book a bit too flamboyant with it's real life stories and her humor. I found it refreshing and inviting to the way I think.
Eighteen months ago when I finished my MCSE, the MCSE bootcamp was held at the same location as the CISSPbootcamp Seminar, co-located with the (ISC)² office in Vienna, VA. (ISC)² is the governing organization for the CISSP and several other Information Systems Security certification. It was then that I first decided to someday be a CISSP. At their recommendation, I purchased the "Official (ISC)2 Guide to the CISSP CBK". That was OK as a reference, but it reads like an encyclopedia, it's not for us folks with ADHD.
So earlier this year, I purchased CISSP ALL-In-One Certification Guide and CISSP For Dummies. These are good for getting the brain going in the thought process. Each also come with a CD and their own test engine.
During the last four months I carried the Shon Harris book with me when I wasn't at home studying. Allot of people noticed and asked questions. One particular gentlemen who happened to be a CISSP, recommended that I get The CISSP Prep Guide by Krutz and Vines. So I did. I found it to be a nice compliment to my studies with its unique view and a new pool of practice questions.
(ISC)² uses their own specialized curriculum during the seminar that accelerates the learning process I purchased the evening and Saturday review sessions from TrainingCamp which provided much needed practice questions and 16 additional hours of training. It's well worth the money for sure.
Regards
John Crawford
CISSP and (ISC)² registered certification marks of (ISC)², Inc.
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
I've had several CISSP mentors over the years, most have moved on to greener pastures. One particular mentor would always tell me that everything is relative to how you think about a given circumstance or situation. My workday, for example, is chock-full of stressful issues as I deal one-on-one with end-users. When combined with the lack of direction, and the lack of policies and standards, a simple fix can turn into a nightmare. The mentor would ask why I was stressing about it. And I didn't get it, I couldn't make the connection, I was all about saving and fixing everything. The funny thing was, my boss wasn't stressing about any of it, so why should I? My stress was all in how I was thinking about the situation. A really nice benefit of going through the
The training and exam are just the first step. I haven't even received my exam results, that usually takes a few weeks. Nonetheless, I am planning my next steps in transitioning from a technician to a manager, from the nuts and bolts of windows and PC's to information assurance and information management. My real barrier will be the thought process.
I developed a study plan to learn the ten domains, allocating one week for each. I scheduled to attend the
My main source of reading was CISSP ALL-In-One Certification Guide by Shon Harris. Some current CISSP's and candidates find her book a bit too flamboyant with it's real life stories and her humor. I found it refreshing and inviting to the way I think.
Eighteen months ago when I finished my MCSE, the MCSE bootcamp was held at the same location as the CISSP
So earlier this year, I purchased CISSP ALL-In-One Certification Guide and CISSP For Dummies. These are good for getting the brain going in the thought process. Each also come with a CD and their own test engine.
During the last four months I carried the Shon Harris book with me when I wasn't at home studying. Allot of people noticed and asked questions. One particular gentlemen who happened to be a CISSP, recommended that I get The CISSP Prep Guide by Krutz and Vines. So I did. I found it to be a nice compliment to my studies with its unique view and a new pool of practice questions.
(ISC)² uses their own specialized curriculum during the seminar that accelerates the learning process I purchased the evening and Saturday review sessions from TrainingCamp which provided much needed practice questions and 16 additional hours of training. It's well worth the money for sure.
Regards
John Crawford
CISSP and (ISC)² registered certification marks of (ISC)², Inc.
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
Tuesday, June 30, 2009
Many Computer Users Skip Routine Maintenance - HotHardware
The article sites some of the crazy things that can and do crawl inside a computer, and take nest. In my personal experience, I was asked to look at a computer that wouldn't boot, then would shut off. What I found was bugs and roaches living inside. I actually had to spray the computer with RAID, then seal it in garbage bags (so I could leave it outside for a few days). I took these pictures after I did most of the cleaning. But as you can see there is "bug" remnants, even rust and corrosion from something spilled inside the computer.
-------------------------------------------------------------------------------
Many Computer Users Skip Routine Maintenance - HotHardware
Posted using ShareThis
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
-------------------------------------------------------------------------------
Many Computer Users Skip Routine Maintenance - HotHardware
Posted using ShareThis
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
Saturday, June 27, 2009
Windows 7: Are You Ready?
Microsoft has announced that Windows 7 will be available October 22. Let us hope with two short betas that Microsoft has worked out the kinks, and overcome the issues that has plagued Vista users. Here's an article that talks about 10 gee-wiz-wow-bang features found in Windows 7. Windows 7 Illustrated: 10 Cool Desktop Features
Here's is another good article on Windows 7. This one outlines how you can determine if Windows 7 will run on your existing computer, it's very straight forward. Will my computer run Windows 7?
Last, here is an article that compares Windows 7 and XP. If you were part of the majority of us that just didn't see the WOW of Vista, and refused to switch, read this article. It's not one of those Microsoft pie-in-the-sky commercials. This is a common sense approach that explains what advantages you will get with Windows 7. Benefits of Windows 7 over Windows XP
Pre-order Windows 7 Now
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Simple Opportunities
Add to Technorati Favorites
Monday, June 22, 2009
Warning - Presto Tune-up is a Rogue Anti-Spyware Application
Warning - Presto Tune-up is a Rogue Anti-Spyware Application. It will try to make you believe you have been infected. See link for article and screenshots.
Presto TuneUp | Freetosupport.com
Presto TuneUp | Freetosupport.com
Active Directory Password Expiry Reminder Email
This handy little script could prove invaluable to many organizations by saving dozens of man-hours each month with account lockouts and regular password resets.
Active Directory Password Expiry Reminder Email
Active Directory Password Expiry Reminder Email
Sunday, June 21, 2009
Response to "Why Enterprises Shouldn't Limit Web Traffic"
I don't really agree with the writer on this. I think it sounds good in theory, to transfer the problem to the "education" of the user. But that's assuming that all computer users know and understand all the things that can cause problems on a network. There's a few flaws in their reasoning.
First and foremost, most end-users are just that, users. They really don't know or care to know all the dangers of being on the internet. That's what they pay people like me to do, that is, to implement and enforce measures to allow businesses to include government agencies to go about their daily business. It's all about the bottom line. To a business, profit is the driving force. And they pay specialized people to make sure their enterprise is safe. I can tell you that to allow uninhibited use of the internet with no filtering would be disastrous. Hello!! Go back just a few years when the concept of computer and network security was non-existent. Users could go anywhere, download and install anything. They had root access to their boxes. It was pandemonium. It's much easier to stop a threat at a firewall, proxy server, or gateway, then to have it spread to thousands of workstations, servers, and other hosts in an enterprise. The author obviously lacks any formal computer or network security education, such as CISSP or even Security+.
The second reason is that employees are getting paid to do a job, not surf the web. That is unless it is their job or part of their job. Without rules or restrictions, employees will see it as a free ride, and an excuse not to get their work done. The author called this idea a "red herring". What???? Can someone explain that one?
The third reason goes into the legal and ethical issue. Do you want to allow users on a corporate network to gamble? To go to porn or sexually oriented sites? Hacking sites (and I don't mean ethical hacking)? To use their internet connection at work for any and all imaginable personal uses? Imagine how the taxpayers would react if users were permitted to do all that on government assets?
The author says "Employees are spending more time trying to find ways around the firewalls than working. If they had access to the sites they wanted to see, they'd go there and get back to work sooner." I got news for this gentleman, you do that where I work and they will toss you out on your ear. We all know the government and military enterprises are tightly locked down. Any attempt to circumvent security measures is considered malicious and or seditious behavior, and you will be shown the door and maybe criminal charges. You better hope you can get used to that irritating beep at McDonalds when the fries are done, because at that point you need a new career. In fact, many corporate networks are even tighter than government, sometimes they have NO internet access, just intranet. And their tolerenace is limited.
Lastly, the author has no concept of security, of any kind. He does not understand the role of the IT staff. Here's a quote:
"Companies don't need to limit the amount of access employees have to the Web -- they need to learn how to more effectively deal with the threats."
What the author is either forgetting (by now I thing he just doesn't know) that in many cases, the ONLY way to prevent a threat is to NOT GO THERE. That might be hard to swallow, but it's true.
"And that's the biggest issue with the enterprise blocking Websites. It might make sense at first glance, but if we take a rational look at things, it's actually clear that it's quite the opposite -- firewalls cause more headaches."
I will openly admit that making life easier for us IT people is NOT the first consideration of any implementation. Sometimes it's not a consideration at all. Sometimes it is a delightful benefit when it does make life easier. In any case, security is integrated into everything we do. It may be a headache, but it's our job. Those headaches are the challenges that drive us to be better, and to make our respective enterprise better.
The bottom-line is encouraging though. Companies nor government will ever relinquish that much control of their network resources to the employees. Even the recent U.S. Army decision to allow it's users access to social web sites, is not a major thing like is proposed in this article.
Shon Harris would have a field day with the author.
Why Enterprises Shouldn't Limit Web Traffic
Posted using ShareThis
Original Source: http://www.eweek.com/c/a/Security/Why-Enterprises-Shouldnt-Limit-Web-Traffic-376995/
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Add to Technorati Favorites
First and foremost, most end-users are just that, users. They really don't know or care to know all the dangers of being on the internet. That's what they pay people like me to do, that is, to implement and enforce measures to allow businesses to include government agencies to go about their daily business. It's all about the bottom line. To a business, profit is the driving force. And they pay specialized people to make sure their enterprise is safe. I can tell you that to allow uninhibited use of the internet with no filtering would be disastrous. Hello!! Go back just a few years when the concept of computer and network security was non-existent. Users could go anywhere, download and install anything. They had root access to their boxes. It was pandemonium. It's much easier to stop a threat at a firewall, proxy server, or gateway, then to have it spread to thousands of workstations, servers, and other hosts in an enterprise. The author obviously lacks any formal computer or network security education, such as CISSP or even Security+.
The second reason is that employees are getting paid to do a job, not surf the web. That is unless it is their job or part of their job. Without rules or restrictions, employees will see it as a free ride, and an excuse not to get their work done. The author called this idea a "red herring". What???? Can someone explain that one?
The third reason goes into the legal and ethical issue. Do you want to allow users on a corporate network to gamble? To go to porn or sexually oriented sites? Hacking sites (and I don't mean ethical hacking)? To use their internet connection at work for any and all imaginable personal uses? Imagine how the taxpayers would react if users were permitted to do all that on government assets?
The author says "Employees are spending more time trying to find ways around the firewalls than working. If they had access to the sites they wanted to see, they'd go there and get back to work sooner." I got news for this gentleman, you do that where I work and they will toss you out on your ear. We all know the government and military enterprises are tightly locked down. Any attempt to circumvent security measures is considered malicious and or seditious behavior, and you will be shown the door and maybe criminal charges. You better hope you can get used to that irritating beep at McDonalds when the fries are done, because at that point you need a new career. In fact, many corporate networks are even tighter than government, sometimes they have NO internet access, just intranet. And their tolerenace is limited.
Lastly, the author has no concept of security, of any kind. He does not understand the role of the IT staff. Here's a quote:
"Companies don't need to limit the amount of access employees have to the Web -- they need to learn how to more effectively deal with the threats."
What the author is either forgetting (by now I thing he just doesn't know) that in many cases, the ONLY way to prevent a threat is to NOT GO THERE. That might be hard to swallow, but it's true.
"And that's the biggest issue with the enterprise blocking Websites. It might make sense at first glance, but if we take a rational look at things, it's actually clear that it's quite the opposite -- firewalls cause more headaches."
I will openly admit that making life easier for us IT people is NOT the first consideration of any implementation. Sometimes it's not a consideration at all. Sometimes it is a delightful benefit when it does make life easier. In any case, security is integrated into everything we do. It may be a headache, but it's our job. Those headaches are the challenges that drive us to be better, and to make our respective enterprise better.
The bottom-line is encouraging though. Companies nor government will ever relinquish that much control of their network resources to the employees. Even the recent U.S. Army decision to allow it's users access to social web sites, is not a major thing like is proposed in this article.
Shon Harris would have a field day with the author.
Why Enterprises Shouldn't Limit Web Traffic
Posted using ShareThis
Original Source: http://www.eweek.com/c/a/Security/Why-Enterprises-Shouldnt-Limit-Web-Traffic-376995/
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Add to Technorati Favorites
Windows 7 Features on a Vista or XP System
Some of this stuff is OK, but some I wouldn't touch. Media streaming is kool, if you're into that. ISO Burning is a great utility if you do not have third party software for your CD/DVD burner. I rarely use Windows Paint, but if it's your thing, go for it. The new Calculator looks very kool, and could have a wide range of uses.
I don't like the interface for the new Windows Search, but to each their own. I also found the the new Search was using up far too many system resources for my liking. Not to mention it takes up room on the task bar. I just found it to be worthless.
The Windows XP mode will be a great option for those of us that just will not or cannot afford to upgrade or buy software made for Windows 7. As for Internet Explorer 8, don't bother. The older your system is, the SLOWER IE8 will be. I had it for a few weeks, and it royally sucks. I use Firefox exclusively. I only use IE if it's a link in Outlook or a desktop shortcut. I suppose if you have a newer (or very new) system with lots of system resources, then IE8 may be a good upgrade.
Windows 7 Features on a Vista or XP System
Posted using ShareThis
http://digg.com/d1uRJz
Original source: http://www.pcworld.com/article/166935/windows_7_features_on_a_vista_or_xp_system.html
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Add to Technorati Favorites
I don't like the interface for the new Windows Search, but to each their own. I also found the the new Search was using up far too many system resources for my liking. Not to mention it takes up room on the task bar. I just found it to be worthless.
The Windows XP mode will be a great option for those of us that just will not or cannot afford to upgrade or buy software made for Windows 7. As for Internet Explorer 8, don't bother. The older your system is, the SLOWER IE8 will be. I had it for a few weeks, and it royally sucks. I use Firefox exclusively. I only use IE if it's a link in Outlook or a desktop shortcut. I suppose if you have a newer (or very new) system with lots of system resources, then IE8 may be a good upgrade.
Windows 7 Features on a Vista or XP System
Posted using ShareThis
http://digg.com/d1uRJz
Original source: http://www.pcworld.com/article/166935/windows_7_features_on_a_vista_or_xp_system.html
Regards
John Crawford
AutismZone
Accokeek Computers
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Add to Technorati Favorites
Sunday, February 22, 2009
Researcher demonstrates SSL attack
A security researcher has demonstrated a way to hijack Secure Sockets Layer (SSL) sessions to intercept login data.This is very disturbing. Our dependence on secure computing to access our banks, pay our bills, and shop online just became very insecure. While I know next to nothing about hacking, I know this is a very bad thing. When you take into account the free and open availability of these hacking tools, it won't take a professional hacker to steal your information.
Moxie Marlinspike, who spoke at the Black Hat security conference on Wednesday, explained how to subvert an SSL session by performing a man-in-the-middle attack. The anarchist researcher explained in...
read more | digg story
Moxie Marlinspike, who spoke at the Black Hat security conference on Wednesday, explained how to subvert an SSL session by performing a man-in-the-middle attack. The anarchist researcher explained in...
read more | digg story
Subscribe to:
Posts (Atom)