Technology Made Simple
Sunday September 26th 2021

Simple Tips to a Secure Password

Password Security

For many of us out there creating a secure password isn’t always easy, it’s hard to memorize one of those complex passwords (i.e. @<6v’)T[~5).   I want to give you some good tips (and things to avoid) in order to make your password more secure.  The most common thing people do, and I was once guilty of that myself, is make the password for every website the same.  While this makes things easy on you, it also makes it easy for hacker to gain access to those accounts.  Last year the website Gawker had a data breach and had username and passwords stolen from them, well some of those same username and password accounts worked on other sites, hackers know this so make sure you choose unique passwords for each site using these tips:

  • Using a remember-able paraphrase create a strong password for the site.
    For example (on a photo site) the passphrase you remember could be: i use my iPhone 5 and we make that secure by 1U5eMy1P0N35 (Now that password is more secure)
  • Passwords should be more than 10 characters (recommend more than 15 if possible)
  • Use Capitals Letters, Lower Case Letters, Numbers and Symbols

Thins to Avoid in Passwords:

  • It should not be like your previous passwords
  • It should not be your name (or login name)
  • It should not be your friend’s, pet’s, family’s name
  • It should not be a dictionary word
  • is not a keyboard pattern (qwerty, or 12345678)
  • It should not be less than 10 characters
  • It should not be written down where people can see it
  • It should not be dates, zip codes or phone numbers

While these tricks may seems trivial, the extra security your new passwords may make it a less interesting target for hackers.

National Cyber Security Awareness Month (10th Year)

ncsam10_bnr1

Hello Everyone,
October marks the 10th Annual Cyber Security Awareness Month.  This month is set aside as an opportunity to engage both public and private sector companies and more importantly the general public to create a safe, secure, and resilient cyber environment. It’s not just companies that should pay attention,  everyone has to play a role in cybersecurity. The threats posed by hackers is always evolving and threaten no just businesses, but everyday home users.

Cyberspace is woven into the fabric of our daily lives and the world has never been more connected than it is today. We all enjoy the benefits and convenience that the internet provides, things like shop from home, banking online, and interact and meet new friends from around the world. The Department of Homeland Security is committed to raising cybersecurity awareness across the nation this month, and you can help by taking some time to learn how to can be safe a minimize your risks.  You can get tips this month from this blog, or via my twitter @JimGuckin  or use the following hashtag #NCSAM or finally by visiting the sponsors websites listed below.

This year marks the tenth anniversary of National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center.

How to elevate RSAT shortcuts

Windows Logo

Companies out there, should not have their IT staff account with Administrator access for everyday work.  Yet IT staff generally will complain (I’m guilty of it) when they need do some administrative work.  Now to make an administrators work easier (while following best practices) you give the IT staff user accounts and use another account to elevate the privileges when you need to get work done.  There is a problem using the Windows RSAT tools on Windows , it tries to use your user account to do this, and since it’s not an administrator, it fails.  On Windows 7 workstations you have to use a trick (shift+ right click -> Run as a different user) to get these RSAT tools to work.  This can just be plain annoying to do, but there is a work around.

To eliminate the extra clicks and the need to enter your username and password every time you launch an admin tool from your user account, you can edit the shortcut to the tool to include the RUNAS command. This can be easily accomplished this on your machine by making copies of the RSAT shortcuts and placing them on your desktop and editing those copies. I would suggest not editing the start menu icons and that applies to all users and letting other users that might log in to your computer be able to launch these tools with the admin account. (Not Good)

Copy the shortcuts that live in the hidden folder at C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\.  I copied the shortcuts of the tools I use and pasted them to the desktop.

Once you get the tools you use, copied to the desktop, Right-click on those new shortcuts and choose Properties.  On the properties tab under the Target field change the text from:

%SystemRoot%\system32\dsa.msc

to:

%SystemRoot%\system32\runas /savecred /user:yourdomain\domainuser “mmc dsa.msc”

(It goes without saying buy: Replace yourdomain with the name of your domain and domainuser with the name of the admin account you want to use.)

I added the /savecred switch (optional) and this saves the password you type.  Click OK and then double-click the icon for the RSAT you just edited.  You’ll see a command window pop up that will ask you for the password associated with the account you entered in the /user switch. Type your password (don’t freak out because the cursor will not move), and hit enter, and the tool will launch.  If you chose to use the /savecred switch, this is the only time you will be prompted to enter the password for that user. Saved passwords can be managed in the Credentials Manager (if you need to update or delete)

 

Q&A Monday: 64 bit Print Driver on 32 Bit System

PrinterQuestion:

I’m trying to add a 64 bit driver, for our existing 32bit printer shares on our Windows 2008 Server.  When I try to add 64 bit drivers for the printer, I browse out to the 64 bit driver, and I get a prompts stating: “the specified location does not contain the driver for the requested processor architecture”.  Another coworker tried another method, but it wanted nprint.inf to install it.  Is it not possible to install an x64 version of a printer driver on a x86 server?

Timothy N. Palmer
Dunwoody, GA

Answer:

Without describing the full process of adding it, I want to make sure that we are on the same page.  Please try the following steps on the print server.

  1. Open Print Management from the Administrative Tools folder on the client computer running an 64 bit version of Windows.
  2. Right-click the printer to which you want to add additional printer drivers, and then click Manage Sharing.
  3. Click Additional Drivers.
    1. The Additional Drivers dialog box appears.
  4. Select the check box of the processor architecture for which you want to add drivers.
    1. In your instance this would be x64.

If the print server does not already have the appropriate printer drivers in its driver store, Windows prompts you for the location of the driver files. If you haven’t already, download and extract the appropriate driver files (make sure they are 64 bit), and then in the dialog box that appears, specify the path to the .inf file of the driver. The driver files you install must match the drivers installed on the print server (the printer name must be identical as well as the driver version).

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

Q&A Monday: LZMA File

File Compression

Question:

I received a file from a coworker that has a LZMA file type with a large sum of data, and I don’t know how to open it.  Please help!

Kevin Knight
South Dakota
 Answer:

LZMA is a compressed file, something like the ZIP compression that most of us are generally familiar with. It’s used as a way to group files together and compress them causing their total size to diminish.  Now depending on your operating system, you need to choose the right software:

Windows: 7 Zip

http://www.7-zip.org/

Mac OS:  The Unarchiver

http://unarchiver.c3.cx/unarchiver

Both of these are software packages that I have used, and Unarchiver also has a Windows version as well, but I’ve just grown more comfortable with 7 Zip on Windows machines.

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

Importance of Security Awareness

NetworkSecurity

Whether you know it or not, companies spends millions of dollars trying to make their network safe from hackers.  Billions of dollars and a lot of lost time are the cost that companies have to share when their systems are breached.  The problem becomes that most companies only address half of the solution, you can pour all the money you have into security devices and monitoring software, but that’s only half the battle.  I don’t think you should quite cut your IT security budgets, but look holistically at the problem.

One of the best sources of information or a way around your firewall and IDS systems are the users themselves.  Making sure to have a good relationship with your users and explain the common techniques or current attacks going on, goes a long way to keep your network safe.

I have a very good relationship with the users in my workplace, I keep them informed of phishing attack and they let me know when there is an email that doesn’t quite seem to be right.  This relationship for many techs out there may seem easier said than done.  It means taking time out of a busy day to look at an email with a user, explaining why it is or isn’t an attack.  I’ve done work before where 75% were false cases, but I smiled and friendly explain why…and told them that if they ever had concerns again to call me.

The second part that I recommend, is that you take time to have cyber security awareness training.  I’m not talking a day long bore fest training explaining everything, just give them the overview and keep it brief.  While your passion is keeping their network safe, their passion maybe to not sit in meetings.

Another part of this (and it’s something I do) is every often (especially around end of year holidays) I make sure to send out little emails with tips on how to stay safe when browsing online.  This email is secretly dual purposed, one if they shop while at work, they stay safe and two if they shop at home unsafe and bring a virus into the network on a flash drive or forwarded email.

I really do find it amazing how little credit is given to a phishing campaign.  In 2011 RSA, a major technology company, was hacked all when an employee responded to a phishing attempt.  This is a company whose whole business was security, and fell victim to what hackers know, No matter how secure a target the user is always the weakest link.  By giving them the tools to learn and know common tactic, and keep them safe in both their home and work life, the better of a chance that user doesn’t fall victim to a cyber criminal and put your data in jeopardy.

 

Q&A Monday: Check MAC AD Authentication

applelogo1.jpg

Question:

I work for a School District with a very small tech department.  As we are in an educational environment, we are running a mixed environment with Mac’s and PC’s authenticating to a Windows 2003 AD servers, 9 total servers total spread out throughout 8 sites.  I have been running into problems with a few Mac’s in our Mac labs that authenticate to the AD and I was wondering if you had a Mac terminal solution to determine what domain controller authenticated a user

Rick Valbuena
California

Answer:

Rick, first off I am really sorry that it’s taken this long to respond back to your message, and to everyone for ignoring this site, I was recently married and now my wife and I are expecting a child, so life got a little complicated and this site and my email have been neglected.

The first thing I’ve heard about adding macs to a domain, is often you find out problems you never knew you had.  Windows and Mac computers deal completely different when trying to authenticate to a domain controller and with Macs sometime it’s hard to figure out why.  I know in Leopard you can use the following command:

dscl . -read /Config/Kerberos:YOUR.REALM.EDU

This should get you the information on what domain controller your Mac systems are trying to reach.  From there you can find out if you are connecting to the right one, or if there is a problem.

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

Q&A Monday: Windows 8 Install on VmWare Issues

Question:

I just downloaded the Windows 8 Release Preview ISO from Microsoft’s website, and when I went to load the ISO into VMWare, I get the following message:

“Windows cannot read the <Productkey> setting from the unattended answer file”

I am not using an answer file, so I am not sure what is causing this.  I have downloaded the ISO file again, thinking it was a corrupt iso file, but the problem still existed.  Any Help?

Craig D. Guess
Wedgwood, TX

Answer:

This actually is a question that I’ve seen a lot around the message boards, and actually has a very simple solution.  Though I have not really seen what causes this error, but it’s simple enough to work around:

  1. If your Windows 8 VM is currently powered on, power off.
  2. Right Click the VM and click settings
  3. Find the floppy drive and deselect it.
  4. Power On the virtual machine
  5. Proceed with the install

That’s it, once the floppy drive has been deselected, you’ll now be able to install Windows 8 in your virtual environment.

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

Q&A Monday: Dell PowerEdge 2970 Install Problems

Question:

I have a Dell PowerEdge 2970 server, and I’m trying to install Windows Server 2008 R2 with the Dell CD that came in the package.  It boots off the CD and loads the install GUI, and then stops before installing everything asking for drivers.  I tried putting the RAID array drivers on a USB and letting it search there, but it doesn’t find any, and still gives me the missing drivers error, any suggestions?
Rey Dennis
San Jose, CA
Answer:

This is one of those questions, that just happen to get me off my lazy but and look into something similar that I have.  I had a server similar to this one, that was doing the same exact thing, and you did the same thing I did, minus the hours spent on thinking something was wrong with the RAID configuration itself.  The issue ended up being so simple, but something that I overlooked.  In the 2970 you need to account for the Broadcom Chipset, that controls the DVD drive.
I made the assumption, that because the CD had booted up and began the process that it had the driver how else would it have started up, but in reality windows installer didn’t have the correct driver and would fail out.  So you need to go to:

 Broadcom HT1000/HT1100 Chipset SATA Controller QDMA

and download the driver to your desktop, once there you can extract the files to a USB drive and then when you get that error on the server insert the USB device, click the browse button and then select the drive and click OK, shortly you should have you install humming along.

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

Disaster Recovery: Starting a Simple DR Plan

I’m starting a new series on Disaster Recovery that will hopefully run on Fridays for a bit.  Not many companies will even think that they need a plan like this, until a disaster hits and then it’s too late.  In this installment I’ll start you on the thought process and how to go about writing your own.  In the following weeks we’ll go into more depth of scenarios and what you need to think about.

How you go about starting a disaster recovery plan, depends on how you got on the path to thinking about it.  Usually this comes on a couple of ways:

  1. Management asked you to look into it
  2. You are being proactive
  3. You had a disaster and looking to never repeat that again
  4. You had an outage and trying to make sure it doesn’t happen again

There is one of these that some of the hard work is already done, that is, management asked you to look into it.  Meaning they are at least already aware of the need, doesn’t mean the rest is going to be easy, but broaching the subject with management can be stressful.

If management  isn’t looking into a DR plan, then you are going to need to talk with them and get them on-board with the plan.  Top management needs to support this plan, plus the time, energy and money that will be needed  to make this plan a success.

Next you need to start thinking about what kind of disasters you want your plan to cover.  If you are reading this, than it’s most likely your first time, and the answer of “everything” just wont do.  Start first with events that may have impacted your company within the last couple of years.  For most companies this is usually power or service interruption.  From here start to make some plans on how you could keep operations running.  For example:

Company XYZ is in an area were the power often goes out for short periods of time.  So to keep systems up and running, we installed a UPS and Generator for the building.

The reason I suggest starting with these kind of events are that it’s easier to plan and mitigate these kind of problems and will give you the base on which to build on.   When working through these basic scenarios in your group, start to discuss what are the most important systems to keep up and running.  If you company does a lot of online order processing, you may want to make sure that server stay on as long as possible, but maybe the print server doesn’t need to same level up-time.  Also what happens if the primary connection to the internet drops or has problems?  These are things you need to think of, some may be more important that others.

When you start figuring out what technology is critical and what isn’t, you’ll learn its easier said than done.  Almost everyone you talk to will make a case to why their system needs to stay up.  With the help of upper management, you can start to carve out a real picture.

Beside just making sure your servers stay up, another thing which you should be doing anyway, is making sure your servers are backed up.  Servers will fail, it’s all but an inevitability, making sure that you can get the data back up and running after a problem is key to getting your business back on track.

This is the simplest way to make sure you’re covered from the small stuff.  Think…what’s important….what needs to keep running…and is everything securely backed-up?  That’s it.

————————————————————–
This is an ongoing series on disaster recovery for businesses, so please check back for the next couple of Fridays as the series continues.  This is not a complete information guide on DR, just something to get you started and thinking.  If there are any questions or comments, please leave them blow in the comments section.

 Page 3 of 19 « 1  2  3  4  5 » ...  Last »