20111231

Phishing Attempt and a free plug for OpenDNS

The other day I received an email that looked like it came from PayPal asking me to verify my account details with my username and password. After about 10 seconds I realized it was a phishing attempt. The sender wasn't a skilled phisher because the full URL to his site was actually displayed. Even though the link displayed "PayPal.com" it wasn't the actual website it was about to take me to. A quick way to determine the website is to look at the last two sections of the URL (or link), the "dot com dot net dot org etcetera...". I'll use the following fake URL as an example.
"http://www . paypal . com . craptastic . imtryingtostealfromyou . in". Even though  PayPal is in the link text the actual website you'd visit would be "imtryingtostealfromyou.in". This link was displayed. in the email. A decent attempt would be to hide the link with text but that can be easily debunked as well just by holding the mouse pointer over the link. The actual URL will appear in either the tool tip or the bottom of the browser.

Being the curious guy that I am I wanted to see the phisher's attempt at a the website. I fired up a virtual machine that I use for testing malware and virus "combat". After clicking the link I was immediately given the warning you see in the screenshot to the right. OpenDNS blocked the URL after it had been discovered it was a fraudulent site. Nice going by those guys. I don't make money with OpenDNS or am I affiliated with them (I wish :) ) I just think this is a great free service and highly recommend it.

20111209

Easy 3 Layered Defense Strategy

The more layers you put between yourself and the internet the better. It's a proven strategy thats been used for hundreds of years. Think of the Middle Ages. A  wall and gate protected the city, a moat protected the walls of the castle, and the castle was built with huge stone walls for the last layer of defense.
Think of the internet as a wilderness mixed with fantastic information, beautiful scenery, and the very rare dangerous animals that if you're not careful could harm you. Some of these beasts are hunting you, others aren't looking for anything in particular but are more predators of opportunity. Now, this doesn't mean you should lock yourself in the castle and never leave. The chances of you running into the hostile "creatures of opportunity" are rather slim but the less protected you are the greater the opportunity to be taken advantage of. There are many mechanisms of protection and A LOT cost money. This article isn't about prices or best technology. This is more of a quick lesson on the act of protection. Note: I haven't paid for an anti-virus, anti-malware, firewall, or perimeter defense in years and I can show you how to do the same.
Your 1st line of defense is easy and free. I'm going to name the technology in this one since it's the only one I use and recommend. It's called OpenDNS. OpenDNS acts as a go-between you and the internet. Very briefly DNS (Domain Name System) is what the computer uses to talk to the internet. It takes the name of the website you type in and translates it to numbers. Computers don't communicate like you and me (not yet), they use numbers. These numbers are how everything communicates on the internet. OpenDNS acts as a gateway between you and the internet. It stores, scans, and determines the safety of internet web addresses for you. Not only does this make the internet a bit faster it makes it safer. So it's a free win win for you. Signup is easy and set up is very well laid out and easy to follow.
Number 2 (or the castle moat) can be the most expensive part of the equation. Some of you may already have it. A router. Routers split up your internet connection between multiple computers and devices turning  your home into a network. Blu-ray players, gaming consoles, printers and even smart phones can benefit from a router. The protection part comes from whats called NAT (Network Address Translation). Basically it hides your computer from the outside network/internet kind of like a two-way mirror. You can see the internet but someone on the internet can't see you without a lot of extra work. It's what a lot of professionals call a hardware firewall. Even if you don't have more than one computer routers can be very beneficial for protection. Some routers can be very expensive depending on what they're used for. A simple wireless NAT router can be as low as $25.   They're easy to set up and you'll rarely have to mess with it more than once a year.
The last layer in our multi-layered defense comes from a software firewall. I use mine to track whats leaving my network. Lets say you get a bug on your system that wants to communicate with its parent on the outside of your network. There are plenty of firewalls to use. A good outbound firewall can stop and even inform you when the software tries to leave your system and communicate with an outside host. I've used several freebies in the 11 years I've been involved with computers and have concluded some of the best are free. Comodo, AShampoo (Windows XP only), and ZoneAlarm are all excellent free firewalls. Of course Windows comes with a firewall if you don't want to download these.
That's it. A multi-layered defense for your castle err..home. Remember the more layers, the more protection. The more protection the safer you're computer is. One last item always practice safe surfing habits. If it looks dangerous or offers look too good to be true, it probably is.



20111206

SCCM Training Notes

Bled for days fighting #sccm reports HTTP Error 500.24 - turns out it wasn't an SCCM error but an IIS 7.5 error. I'm quite the noob when it comes to SCCM, IIS, and the like so I'm learning as I go.
The 500.24 error was due to ASP.NET Impersonation not being enabled. So I opened my site and drilled to the SMSReporting node for my site and enabled ASP.NET Impersonation. I thought I was good to go and ran the SCCM reports again and ran into "HTTP Error 404.3 - Not Found The page you ... are requesting cannot be served because of the extension ...". After banging my head into the wall a few times and looking on Microsofts Technet site I discovered I simply didn't install ASP. I thought I had but rather installed ASP.NET (I'm learning remember?). I installed ASP and ran the reports again and bingo! I'm a happy man this morning.

20111128

SCCM Management Point Default

Why isn't the #SCCM site systems management point "allow devices to use this management point" allowed by default? 

GraydenTech's Fan Box

GraydenTech on Facebook