Cisco: Nexus Switch
Cisco Systems(CSCO) in its ongoing mission to build the data center of the future is offering a way for other server vendors to plug their blades into unified fabrics powered by Cisco networking gear. Cisco announced the release of their Nexus 4000 Blade Switch.
The Nexus 4000 blade switch supports the NX-OS operating system that is central to Cisco’s “Data Center 3.0″ vision for a converged data enter network that allows server and storage networks to connect seamlessly. The blade switch allows for integration with non-Cisco blade chassis – although no other vendor options have been announced at present.
Bob Nusbaum, product line manager for Cisco’s SAN switches, stated Cisco’s approach will support FICON, NAS/iSCSCI and Fiber Channel over IP, in addition to FCoE and CEE.
Microsoft Security Essentials
Microsoft released its new free antivirus utility, Microsoft Security Essentials, (MSE) today, 9/29/09, and while it is free – and completes the job it is also Slow.
This is a good move from Microsoft as Microsoft Security Essentials (MSE) provides real-time protection for your PC that guards against viruses, spyware, and other malicious software.
MSE is the replacement for Microsoft’s OneCare suite. It’s meant to be an improvement on that older free program (now at end of life.)
Security Essentials runs on Windows XP, Vista, or Windows 7 (beta or release candidate) on both the 32 and 64-bit versions – however one annoying thing is that you need to pick which OS your using – something Microsoft obviously should be able to figure out for you.
For folks concerned about security however MSE pushes a good amount of information to Microsoft. In the license
Microsoft states (in the license) that, it will automatically “send information about the software and your operating system to Microsoft. This information includes the versions of the software and operating system software… your Internet protocol address, the type of operating system, browser and name and version of the software you are using, and the language code of the device where you installed the software.”
While they state they will not use this information to identify you - for the security minded – it is important to take note just what is being sent from your system out of your network.
There are other options (free ) that will do exactly what Microsoft’s MSE does (such as automatically downloads virus and spyware definitions; provides real-time protection that scans downloads and attachments, and looks for suspicious file and program activity) - however it is nice to see them step up to the plate to help secure their customers.
CHMOD Permissions
On computer filesystems, different files and directories have permissions that specify who and what can read, write, modify and access them.
An excellent FREE iphone app makes this easy for you – however it does help to explain it all so – here is the skinny for you.
Permission Modes
7 5 5 user group world r+w+x r+x r+x 4+2+1 4+0+1 4+0+1 = 755
The permission mode is computed by adding up the following values for the user, the file group, and for everyone else. The diagram shows how.
- Read 4 – Allowed to read files
- Write 2 – Allowed to write/modify files
- eXecute1 – Read/write/delete/modify/directory
7 4 4 user group world r+w+x r r 4+2+1 4+0+0 4+0+0 = 744
Example Permission Modes
| Mode | Str Perms | Explanation |
|---|---|---|
| 0477 | -r–rwxrwx | owner has read only (4), other and group has rwx (7) |
| 0677 | -rw-rwxrwx | owner has rw only(6), other and group has rwx (7) |
| 0444 | -r–r–r– | all have read only (4) |
| 0666 | -rw-rw-rw- | all have rw only (6) |
| 0400 | -r——– | owner has read only(4), group and others have no permission(0) |
| 0600 | -rw——- | owner has rw only, group and others have no permission |
| 0470 | -r–rwx— | owner has read only, group has rwx, others have no permission |
| 0407 | -r—–rwx | owner has read only, other has rwx, group has no permission |
| 0670 | -rw-rwx— | owner has rw only, group has rwx, others have no permission |
| 0607 | -rw—-rwx | owner has rw only, group has no permission and others have rwx |
Palm Pre Dead ?
Verizon Reported as Shy on the Palm Pre
Verizon has reportedly ditched plans to offer the Palm Pre early next year. Poor sales at Sprint — the Pre’s exclusive U.S. carrier — as well as interest in handsets from Research in Motion and Motorola contributed to the decision, according to The Street, which cities “people close to the discussions.”
The Pre has not done as well as Palm had hoped - Insiders report Verizon is concerned that Palm Pre sales have not exceeded one million handsets sold since the device’s launch almost four months ago. With the Pre failing to deliver blockbuster sales numbers, Verizon is apparently hesitant to invest time and money into rolling out the Pre.
Sprint released the Instict which was absolutely nothing as advertised – virtually zero useful applications for business in comparison to the iPhone offered by Apple and AT&T. While Palm has promised the fate of the Pre would be different perhaps Verizon is bailing due to their interest in selling third-party smartphone applications through its VCast Store instead of through device-specific outlets like Palm’s App Catalog.
Palm needs to rethink their strategy in order to Woo the US Wireless Markets largest subscriber base – Verizon.
AT&T Says Google is breaking Law
AT&T on Friday accused Google of violating the U.S. Federal Communications Commission’s net neutrality rules by blocking Google Voice calls to some rural areas.
In a letter to the FCC, AT&T stated Google is claiming an advantage over other telecommunications providers by blocking calls, a cost-saving measure that traditional carriers are prohibited from using.
“We urge the Commission to level the playing field and order Google to play by the same rules as its competitors,” wrote Robert Quinn, a senior vice president for AT&T’s federal regulatory issues, in a letter to the FCC.
AT&T also contends that Google Voice violates FCC’s “net neutrality” guidelines, which say consumers are entitled to competition among network and service providers. AT&T said Google breaks the rules by “openly flaunting the call-blocking prohibition that applies to its competitors.”
Google’s telecom and media counsel Richard Whitt said that Google Voice should be allowed to block the calls because it is not a traditional phone service.
“Unlike traditional carriers, Google Voice is a free, Web-based software application, and so not subject to common carrier laws,”
Richard Whitt continued:
“Google Voice is not intended to be a replacement for traditional phone service — in fact, you need an existing land or wireless line in order to use it,” Whitt said. “Importantly, users are still able to make outbound calls on any other phone device.“
AT&T is accusing Google of being a hypocrite when it comes to Net neutrality because it blocks certain phone calls on its Google Voice service… Something tells us that these three companies have started a pissing match that everyone will need to sit on the sidelines and watch for some time.
Mac – The New Target?
A network of malware writers and spammers from Russia reportedly paid hackers 43 cents for each Apple Mac they infected with bogus video software. Sophos researcher Dmitry Samosseiko discussed his investigation of a group code named “coden-Partnerka this past Thursday at the Virus Bulletin 2009 conference in Geneva Switzerland.
“The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news — especially as so many Mac users currently have no anti-malware protection in place at all,” said Graham Cluley , a senior technology consultant at U.K-based Sophos, in a blog entry Thursday.
Apple has not been immune to attacks – but they are so rare most users don’t believe they can happen. While Mac accounts for only about 5% of the computers connected to the Internet – “security through obscurity” is not enough protection any more- as their market share has been growing. It is time to take protection and security up a notch for Mac OS X and Leopard.
Recover those Deleted Files -use a USB Key
Have you ever deleted files and then did the “oh crap… I need that back” dance? Perhaps the files were deleted accidentally or maliciously even – and your wallet just can’t afford to take the hit to pay for someone to recover the data. TechiePortal had a great posting reviewing two free applications that will help you recover your data.
First is Glary Undelete – a freeware application that can grab data deleted from your Recycle Bin – files deleted using the shift-delete key stroke – as well as recover files from digital cameras and memory cards. Both NTFS as well as FAT file systems are supported – and supports both Vista as well as Windows XP. The HostMedic agency has not tested Windows 7, 2003 or 2008 as of the posting of this entry.
Second – is a portable recovery application that is so small – you can even run it on your USB Stick. Restoration runs pretty much the same as Glary Undelete – and for a simple Sub 300KB application it is absolutely Awesome.
Awesome Cheat Sheets & Linux Tutorials # 1 & 2
I know your mother and teachers told you it is never good to cheat… but in this case these little helpers will assist you when the life of an admin gets tough.
If your just starting to cut teeth with the shell or are an old hat – everyone needs a reference tool that provides cut and paste commands to complete specific tasks.
Linux command line reference
Another very good Linux command line reference for common operations.
Arguably the Ultimate Collection of Linux/Unix Cheat Sheets:
more to come as they are found…
Disaster Recovery
Last night a friend told me that his Mac PowerBook gave up the ghost. Apparently the Video Card just decided to stop working. In chatting with him today we got into the topic of Backups and Disaster recovery.
He believes at most he lost just a few documents and emails – at most 3 days worth of work.
As the VP of a well known organization this still hurts.
Recently on the CITRT mailing list I read about a guy who was trying to help a parishoner in his church find a way of recovering data from soup that had been spilled onto a laptop.
The HostMedic Agency hears these types of stories all the time… it begs the question –
Does your organization have a formal written disaster recovery plan that includes remote workers?
Microsoft cant fix so just suggests “Turn Off” feature SMB2
Microsoft created the SMB2 (Server Message Block 2) network file and print sharing protocol and placed it into Vista and Windows Server 2008 (first release) … The question remains – why? All this does is duplicate the basic network print and file sharing functionality that has been in Windows for over 10 years.
Mark Wodrich and Jonathan Ness, both members of the MSRC (Microsoft Security Response Center) engineering team wrote that their is an exploit that will allow “complete control of the targeted system and can be launched by an unauthenticated user.”
Microsoft’s fix: JUST TURN IT OFF. Of course this can be done by manually editing the registry -or by following the Fix It Link from Microsoft. The bad news – if your using SMB2 – you may loose functionality on your network. The Hostmedic agency has not been able to verify that the systems should roll back to SMB (1 – the original) however Microsoft reports this is the case.
This security flaw is paramount for you to patch – even if you’re not using SMB2. The SMB2 protocol is activated by default on Windows 2008, as well as Vista.
Microsoft created SMB2 so they according to Wikipedia, would not have to share a protocol with Samba or anyone else for that matter…
Interestingly enough – “Only people who switched to Microsoft’s latest and greatest are vulnerable” If the exploit is stable enough, it can _very easily_ be used in a worm, so it can potentially be devastating.
Sans.org suggests:
- Run a host based firewall which will block access to ports 139 and 445. Please note that the builtin firewall in Windows Vista will automatically block this traffic if your location is set to Public. In other words, if you connect to a wireless network at Starbucks and set this you will be fine, but if you are inside your organization you are probably vulnerable, unless your administrators went one step further and used group policies to properly configure your firewall.
- Disable SMB2. This has some performance impacts, but it’s nothing one can’t live without until the patch is out. However, it requires modifying the registry.
The Hostmedic Agency has not been able to confirm this issue exists on Windows Server 2008 R2 or Windows 7 at the time of releasing this posting.
Disable SMB2. This has some performance impacts, but it’s nothing one can’t live without until the patch is out. However, it requires modifying the registry.
