TechMentor Day 2

Hacking and Countermeasures

This session was ran by Todd Lammle, CEO GlobalNet Training/Cisco Author.  It was a bit rough since he didn’t have his PowerPoint slides due to his laptop being stolen.  Not too much technical info was covered as I had hoped.  The one idea he brought up that I thought was great is IP blocking on the router.  A lot of hacks originate from China, India, Hong Kong, Russia and North Korea.  If your business doesn’t do any business with those countries, he said you can just block all the assigned IP address ranges for each one.  Quite a genius idea in my opinion.

Windows Firewall

By Greg Shields, MSCE: Security/Editor Redmond Magazine.  Short version: XP SP2 Firewall = Not great.  Vista Firewall = Good.

He spent most of the time covering SDI (Server/Domain Isolation).  It is possible with Windows Firewall and GPOs to setup Server Isolation, Domain Isolation or both Server and Domain Isolation.  It adds another layer of security to the network.  Important aspects he pointed out were to make sure that DNS was exempt as well as looking at DHCP and DCs.  There is a fair amount of planning needed, but once implemented it makes setting up NAP much easier.

Preventing an Active Directory Failure

Also by Greg Shields.  He began by demonstrating the gpotool.exe from the Resources kit.  It checks all DCs and verifies that GPOs are set correctly.  Or more accurately, it resolves broken GPT/GPC linkages.  I can only guess how many we have. 

DNS aging and scavenging:  This is something I haven’t come across before.  Granted, I haven’t had to deal much with DNS problems.  It is one of those things that when setup correctly “just works”.  When problems occur, then you have to be aware of where to start looking.  I’m not sure if we using aging and scavenging, but it is an interesting topic.  I’ll look into it later.

Remove lingering objects from AD using repadmin.exe from the support tools:

Find the GUID of a DC:

- repadmin.exe /showrepl

Check for lingering objects before actually removing anything:

- repadmin.exe /removelingeringobjects * <DC GUID> dc={mydomain},dc={com} /advisory_mode

Remove lingering objects by running the above command without /advisory_mode. 

TechMentor Day 1

This week I’m in Orlando for the Microsoft TechMentor conference.  My flight here was pretty uneventful.  However, the drive from the car rental place to the hotel deserves some comment.  What is it with the tolls here?  I don’t think I could go even 5 miles without hitting another toll.  I realize that Florida prefers to tax out of staters as much as possible, but can you let me go at least 20 miles before a stop?  I feel a bit sorry for the residents here.  Not only do they have high gas prices, but they also have to pay $10 in tolls whenever they want to go any where.  The madness!

Windows PowerShell

The first session I went to was in introduction to Windows PowerShell.  Before I get into it, I want to comment on the presenter, Don Jones.  Don does not work for Microsoft.  He is the lead trainer for another company.  He definitely knows his material and is an excellent speaker. 

Regarding PowerShell: It appears that Microsoft is really pushing this to all of its product groups.  Exchange 2007 is already pretty integrated with PowerShell.  According to Don, in the past the GUI for all of Microsoft’s products was designed first with the command line added in later.  Now, all future products have to be able to be administered by PowerShell 100%.  GUI is second.  (This is me looking at my future self as a command line guru.  Should I have just cut the chase and become a Unix admin years ago?)  In the end, I’m pretty impressed with the direction they are going.  I think it is the right thing.

Windows Deployment Services

I attended the last half of the WDS session.  I am pretty familiar with it since I have been using it to push out Windows Vista/XP to the clients at work.  There was only one thing that I learned that I wish I knew beforehand.  Not anything that will make a major difference in what I’ve done, but it would have been a bit more efficient.  I did learn that I didn’t have the multicast option on.  This will be one of the first things I do when I get back to PBP.  It should speed up the deployment to multiple clients even more so.  (I only wish I had done it before our CS rollout.) 

The one thing I have had a problem with is the Windows answer file for WDS.  I found the tool pretty complicated, but I was able to generate an answer file.  However, I was never able to get it to work.  And I wasn’t sure why.  The presenter said that everyone hates the new answer file tool and Microsoft is aware of it and working on something better.  Granted, most 1.0 products from MS are never great.  They usually get much better with 2.0 stuff and nail it with 3.0.  I felt good that I wasn’t the only one having problems with it.  I was able to learn how to troubleshoot it and I have the website of the presenter.  It is a bit late now, but this is something I certainly want to get working for the future.

WorldWide Telescope

"Science educator Roy Gould and Microsoft’s Curtis Wong give an astonishing sneak preview of Microsoft’s new WorldWide Telescope — a technology that combines feeds from satellites and telescopes all over the world and the heavens, and weaves them together holistically to build a comprehensive view of our universe."

This is awesome.  Thank science!

http://static.videoegg.com/ted/flash/loader.swf

http://www.ted.com/talks/view/id/224

New Watch

Last week I bought a new watch.  I haven’t worn a watch in years.  Since I always have my cell phone on me, I just use it as my "watch."  Granted I have to pull it out of my pocket which isn’t as easy as just looking at my wrist, but it is nice not having that white band of skin on my wrist.  A few years ago, Microsoft announced a new technology they designed called SPOT (Smart Personal Object Technology).  Basically, it is a watch (or coffe maker, refrigerator, alarm clock, etc) that receives information from the Internet via FM radio.  I have been interested in obtaining one of the SPOT watches, but they were around $150-$300 which was enough to make me want to hold off.  Last week, Woot offered a Swatch SPOT watch for $20.  No brainer, right?

 

So after a week of use I feel pretty good about it.  It is nice that it always sets itself.  You can download different watch faces so you won’t get bored.  I have set it up to recieve:

 

• News
• Local Weather
• Movies and times from my local theaters
• Traffic reports based on my route

There is an option to sync with your Outlook contact, schedule and (one way) instant messages, but I figure having that on my phone is enough.

As far as bad stuff goes:

• Size- This is by far the largest watch I’ve ever owned
• Battery life- You have to charge it once a week

All in all, I like it.  It’s too bad becasue it appears that Microsoft has given up on the technology.  I was hoping they’d make them smaller, give them longer lasting batteries and add color screens.  Maybe some day…

New Phone

I finally got a new phone last week.  After hacking my old one over and over again, I think I finally hacked it one too many times.  It worked most times, but sometimes it would lock up and I’d have to pull the battery out and restart it 10 times before it would finally start up all the way.  Very annoying.  So I said so long to my T-mobile MDA (aka HTC Wizard).  I’ll miss it.  It was almost a full fledge computer.  Touch screen.  Full QWERTY keyboard.  200mhz dual core CPU.  Windows Mobile. Mmmm…

 

I did a lot of research before picking my current phone and even then I was really apprehensive about it.  But after using it for a week, I have to say that I definitly made a good choice.  I’m currently using a T-Mobile Shadow (aka HTC Juno).  Part of my hesitation was due to the CPU.  This uses the same 200mhz dual core CPU as my last phone.  Some new Windows mobile phones use a 400mhz single core CPU and the iPhone is whizzing along with 600mhz single core.  But for most tasks that I do, I can get by.  The big upgrade is that this phone has double the RAM/ROM of my last one.  Windows Mobile on the MDA could get a little slow with 64RAM/128ROM.  But Windows Mobile 6 certainly feels sweet with 128RAM/256ROM.  (Yet, still so paltry to the iPhone’s 8GB.)  I have already added a 2GB micro-SD card that I picked up for less than $20.  I could bump it to 4GB, but I doubt I’ll even put that much on it.  I primarily use my phone for contacts, calendering, texting and web (and phone of course). 

 

T-Mobile has added a really nice custom interface to the Shadow as well.  Even though it is the same old Windows Mobile 6 I’ve been using for the past year, it just gives it a new shiny feel.  The phone is also much lighter and smaller than the MDA.  I don’t even feel it in my pocket.  Part of this is due to the trade off of no touch screen and no full QWERTY keyboard.  The keypad is simialr to the blackberry style.  Predictive text works much better than I thought it would.  The screen is super bright and the speaker sounds really, really nice. 

 

Bad stuff.  The battery.  I think I will count myself lucky if I can make it 48 hours.  That’s with light usage.  I’m pretty sure I’ll be charging this thing every night.  Not that bad I suppose.  Based off what I’ve read, the battery drain might be fixed in software by T-mo or Microsoft.  I’ll keep my fingers crossed. (What does that mean anyway?)

 

I only signed a 1 year contract because I know I’ll want to grab a Windows Mobile 7 device as soon as it is availible (which won’t be fast enough).  I’m sure it’ll be well into 2009 or early 2010 before that is ready.  Oh… the humanity!  Program faster you Microsofties!!!!  We demand our upgraded mobile software!

 

Microsoft Surface

About a month ago Microsoft unvieled their new table top computer named Surface.  You can read more about it at http://www.microsoft.com/surface.  It is pretty neat and of course I want one.  While we wait for it to become availible, some guys have made a parody video that pinpoints some of the funny aspects of this thing.

 

Help Fight AIDS with Windows Live Messenger

Microsoft is donating money to charity if you use Windows Live Messenger.  You need to have Windows Live Messenger 8.1 so go download it if you don’t already have it.  Once you do, follow these directions:

1. From the contacts window, click the arrow next to your NAME and select options.
2. Next to you name, type one of the following codes for the cause you want to support.

*naf      National AIDS fund (this is the one I’m doing)

*mssoc  National Multiple Sclerosis Society

*sierra   Sierra Club

*help     Stop Global Warming

*komen  Susan G. Komen for the Cure

For example:  Jarred *naf

You can find more info by going here: http://im.live.com/Messenger/IM/Home/