Monday, 29 September 2014
Apple: Apple iOS 8 Bypasses Microsoft DHCP
When you’re out running errands with your phone in your pocket, Wi-Fi hotspots have the ability to track your movements and behavior by scanning your Wi-Fi MAC address. A MAC address is a string of characters that uniquely identifies your device on a network. With iOS 8, we’ve introduced an innovative feature designed to protect your privacy by randomizing your device’s MAC address when the device is passively scanning for Wi-Fi networks. Because your MAC address now changes when you’re not connected to a network, it can’t be used to persistently track you. This is in line with Apple’s industry-leading effort to do away with persistent identifiers, and is unique to iOS devices.
Reference:
We’ve built privacy into the things you use every day
http://www.apple.com/privacy/privacy-built-in/
Microsoft: URL Rewrite VS HTTP Redirect
The main difference between rewriting the URL and redirecting is the following. Redirecting sends a HTTP 301 or 302 to the client, telling the client that it should try to access the page using another URL. This means that the client knows that there is another URL that should be used. The communication between the server and client is illustrated as follows:
Request 1 (from client): Get file.htm
Response 1 (from server). The file is moved, please request the file newFileName.htm
Request 2 (from client): Get newFileName.htm
Response 2 (from server): Here is the content of newFileName.htm
Rewriting happens on the server, and simply is a translation of one URL to another, that is used by your web application. The client does not know that internally there is another URL, it just sees the one it sent to the server.
Request 1 (from client): Get file.htm
URL Rewriting (on server): Translate the URL file.htm to file.asp
Web application (on server): Process the request (run any code in file.asp)
Response 1 (from server): Here is the content of file.htm (note that the client does not know that this is the content of file.asp)
Reference:
How does "URL Rewrite" differ from "HTTP Redirect"
http://forums.iis.net/t/1174487.aspx?How+does+URL+Rewrite+differ+from+HTTP+Redirect+
Request 1 (from client): Get file.htm
Response 1 (from server). The file is moved, please request the file newFileName.htm
Request 2 (from client): Get newFileName.htm
Response 2 (from server): Here is the content of newFileName.htm
Rewriting happens on the server, and simply is a translation of one URL to another, that is used by your web application. The client does not know that internally there is another URL, it just sees the one it sent to the server.
Request 1 (from client): Get file.htm
URL Rewriting (on server): Translate the URL file.htm to file.asp
Web application (on server): Process the request (run any code in file.asp)
Response 1 (from server): Here is the content of file.htm (note that the client does not know that this is the content of file.asp)
Reference:
How does "URL Rewrite" differ from "HTTP Redirect"
http://forums.iis.net/t/1174487.aspx?How+does+URL+Rewrite+differ+from+HTTP+Redirect+
Microsoft: OWA Redirection and SSL Offloading Fail After Installing an Exchange Server Service Pack
After you install a service pack on a server that is running Microsoft Exchange Server 2010 or Exchange Server 2007, you may experience one or more of the following issues:
To resolve this issue, follow these steps:
1. Start IIS 7 Manager.
2. Select the default website, and then make sure that you are in Features View.
3. Double-click SSL Settings.
4. Click to clear the Require SSL check box.
5. Run the IISRESET command.
6. Repeat steps 1 through 5 for all virtual websites under the default website.
Reference:
OWA redirection and SSL offloading fail after you install an Exchange Server service pack
http://support2.microsoft.com/kb/2839692
- Outlook Web App or Outlook Web Access (OWA) redirection from the HTTP protocol to the HTTPS protocol fails.
- Secure Sockets Layer (SSL) offloading fails.
- An error message that resembles the following is displayed when a user tries to connect to OWA:
403 – Forbidden: Access is denied.You do not have Permission to View this directory or page using the credentials that you supplied.
- An entry that resembles the following is recorded in the IIS log:
2013-03-28 18:44:52 192.168.66.13 GET /owa/ - 80 - 192.168.66.25 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+Media+Center+PC+6.0;+InfoPath.2) 403 4 5 343
To resolve this issue, follow these steps:
1. Start IIS 7 Manager.
2. Select the default website, and then make sure that you are in Features View.
3. Double-click SSL Settings.
4. Click to clear the Require SSL check box.
5. Run the IISRESET command.
6. Repeat steps 1 through 5 for all virtual websites under the default website.
Reference:
OWA redirection and SSL offloading fail after you install an Exchange Server service pack
http://support2.microsoft.com/kb/2839692
Friday, 26 September 2014
IT Tecnnology: Adblock Plus - Advertisement Blocker
Adblock Plus is a free advertisement blocker. It blocks all annoying ads, and supports websites by not blocking unobtrusive ads by default (configurable).
Enjoy surfing the web without obtrusive ads cluttering your screen!
Adblock Plus for Google Chrome blocks:
· Banners
· YouTube video ads
· Facebook advertisements
· Pop-ups
· All other obtrusive ads
Adblock Plus is the world’s most popular browser extension, and is used by millions of users worldwide. It is a community-driven open source project, and hundreds of volunteers are contributing to the success of Adblock Plus to make sure that all annoying ads are automatically blocked.
Reference:
Getting started with Adblock Plus
https://adblockplus.org/en/getting_started
IT Technology: Browsec - Proxy Avoidance
Encrypts traffic and unlocks sites.
Facebook closed by an overzealous sysadmin? Browsec to the rescue!
Browsec encrypts your traffic and routes it through our secure cloud network. No one will be able to identify, track you or sniff your traffic.
- Visit Facebook and twitter from work, read whatever you want.
- Privacy. Hide your real location from the sites you visit.
- Netflix, Hulu, Spotify, Pandora, SoundCloud and so on — music and video services restricted to a few countries are now accessible to you too.
Browsec is a Chrome/Firefox extension. It is an advanced analog of ZenMate, Stealthy, Hola and friGate.
Reference:
Browsec
https://browsec.com/en/
Facebook closed by an overzealous sysadmin? Browsec to the rescue!
Browsec encrypts your traffic and routes it through our secure cloud network. No one will be able to identify, track you or sniff your traffic.
- Visit Facebook and twitter from work, read whatever you want.
- Privacy. Hide your real location from the sites you visit.
- Netflix, Hulu, Spotify, Pandora, SoundCloud and so on — music and video services restricted to a few countries are now accessible to you too.
Browsec is a Chrome/Firefox extension. It is an advanced analog of ZenMate, Stealthy, Hola and friGate.
Reference:
Browsec
https://browsec.com/en/
Google: YouTube for Schools
The steps below show network administrators how to configure access to educational and school-appropriate content on YouTube.
1. SIGN UP for a school account
Start by signing up for an official account for your school by visiting this page. The administrator of this account will then have the ability to include videos of his/her choosing for viewing within the school network. The administrator will also be able to approve access for teacher accounts
2. CHOOSE ONE OF THE FOLLOWING Options Depending On Your School's Network
A) Add new HTTP header rule
Modify your hardware filter or proxy server settings so that all outgoing traffic to youtube.com contains the following custom HTTP header. The ID to use in the HTTP header configuration, written below, is an example of a unique ID for your school’s network only. If your school is blocked at the district level, this HTTP header is then unique to the district network.
Example:
X-YouTube-Edu-Filter:ABCD1234567890abcdef
Field Name: X-YouTube-Edu-Filter
Description: When YouTube sees this header and an accompanying valid school ID in the incoming traffic, YouTube will serve a limited EDU-only site to all computers behind the school hardware filter.
Field Value Format: alphanumeric [a-z][A-Z][0-9]
Field Value Length: up to 44 characters
B) Create URL parameter rewrite rule
If your hardware filter does not support HTTP header modification, please rewrite all outgoing URLs to youtube.com by appending the parameter “edufilter” at the end. Exclude the &edufilter parameter from these file types: .css, .gif, .png, .js, .xml
Example:
http://youtube.com/?edufilter=ABCD1234567890abcdef
http://youtube.com/watch?v=gM95HHI4gLk&edufilter=ABCD1234567890afbcdef
3. REMOVE YouTube Domains Blocked
Ensure the following top-level domains are not blocked:
youtube.com
ytimg.com
Reference:
How YouTube for Schools Works
https://support.google.com/youtube/answer/2695317?hl=en&guide=2592683&ref_topic=2592688
1. SIGN UP for a school account
Start by signing up for an official account for your school by visiting this page. The administrator of this account will then have the ability to include videos of his/her choosing for viewing within the school network. The administrator will also be able to approve access for teacher accounts
2. CHOOSE ONE OF THE FOLLOWING Options Depending On Your School's Network
A) Add new HTTP header rule
Modify your hardware filter or proxy server settings so that all outgoing traffic to youtube.com contains the following custom HTTP header. The ID to use in the HTTP header configuration, written below, is an example of a unique ID for your school’s network only. If your school is blocked at the district level, this HTTP header is then unique to the district network.
Example:
X-YouTube-Edu-Filter:ABCD1234567890abcdef
Field Name: X-YouTube-Edu-Filter
Description: When YouTube sees this header and an accompanying valid school ID in the incoming traffic, YouTube will serve a limited EDU-only site to all computers behind the school hardware filter.
Field Value Format: alphanumeric [a-z][A-Z][0-9]
Field Value Length: up to 44 characters
B) Create URL parameter rewrite rule
If your hardware filter does not support HTTP header modification, please rewrite all outgoing URLs to youtube.com by appending the parameter “edufilter” at the end. Exclude the &edufilter parameter from these file types: .css, .gif, .png, .js, .xml
Example:
http://youtube.com/?edufilter=ABCD1234567890abcdef
http://youtube.com/watch?v=gM95HHI4gLk&edufilter=ABCD1234567890afbcdef
3. REMOVE YouTube Domains Blocked
Ensure the following top-level domains are not blocked:
youtube.com
ytimg.com
Reference:
How YouTube for Schools Works
https://support.google.com/youtube/answer/2695317?hl=en&guide=2592683&ref_topic=2592688
Apple: Microsoft Outlook Temp Folder for Mac OS X
You should be able to access the Outlook Temp folder by following the steps below:
- At the menu bar, click on Go
- Press the alt / option key and the Library should appear
- Click on Library
- Find and click on the Caches folder
- Find and click on the TemporaryItems folder
Thursday, 25 September 2014
IT Technology: Monitis vs StatusCake
Monitis is a web-based application to check the weblog report of a website. The application offers a lot of functionalities to check the website stats, including:
StatusCake is the best free alternative to Monitis. StatusCake is an online web-based application for tracking the traffic on a website. It helps developers to check the stats and visitors traffic on their website.
Reference:
3 Best Free Alternatives to Monitis
http://www.3alternatives.com/3-free-monitis-alternatives
- server
- network
- logs and application monitoring
- statistical analysis
- cloud server monitoring
- performance metrics
StatusCake is the best free alternative to Monitis. StatusCake is an online web-based application for tracking the traffic on a website. It helps developers to check the stats and visitors traffic on their website.
Reference:
3 Best Free Alternatives to Monitis
http://www.3alternatives.com/3-free-monitis-alternatives
Apple: Reset / Flush the DNS Cache
<< OS X Mavericks, Mountain Lion and Lion >>
Use the following Terminal command to reset the DNS cache:
sudo killall -HUP mDNSResponder
<< Mac OS X v10.6 >>
Use the following Terminal command to reset the DNS cache:
sudo dscacheutil -flushcache
Reference:
OS X: How to reset the DNS cache
http://support.apple.com/kb/ht5343
Use the following Terminal command to reset the DNS cache:
sudo killall -HUP mDNSResponder
<< Mac OS X v10.6 >>
Use the following Terminal command to reset the DNS cache:
sudo dscacheutil -flushcache
Reference:
OS X: How to reset the DNS cache
http://support.apple.com/kb/ht5343
Microsoft: Execute a Windows Command Remotely with PsExec
Utilities like Telnet and remote control programs like Symantec's PC Anywhere let you execute programs on remote systems, but they can be a pain to set up and require that you install client software on the remote systems that you wish to access. PsExec is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems.
Note: some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. None of the PsTools contain viruses, but they have been used by viruses, which is why they trigger virus notifications.
Usage:
psexec [\\computer[,computer2[,...] cmd [arguments]
Example:
This command executes IpConfig on the remote system with the /all switch, and displays the resulting output locally:
psexec \\marklap ipconfig /all
Reference:
PsExec v2.11
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
Note: some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. None of the PsTools contain viruses, but they have been used by viruses, which is why they trigger virus notifications.
Usage:
psexec [\\computer[,computer2[,...] cmd [arguments]
Example:
This command executes IpConfig on the remote system with the /all switch, and displays the resulting output locally:
psexec \\marklap ipconfig /all
Reference:
PsExec v2.11
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
Apple: Critical Security Risk to Unix and Linux Systems including Apple OSX! SHELL SHOCK - CVE-2014-6271
BE AWARE THAT PATCHES ARE IN ACTIVE DEVELOPMENT - YOU MAY NEED TO APPLY MULTIPLE PATCHES OVER THE NEXT FEW DAYS. CHECK WITH YOUR VENDOR REGULARLY
<< What is this? >>
A newly discovered vulnerability in the Bash command-line interpreter poses a critical security risk to Unix and Linux systems including Apple OSX.
The vulnerability (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271) is present in Bash through version 4.3, and was discovered by Stephane Chazelas. It puts Apache web servers, in particular, at risk of compromise via CGI scripts that use or call Bash.
The flaw lies in Bash's handling of environment variables: when assigning a function to a variable, trailing code in the function definition will be executed, leaving the door wide open for code-injection attacks. Worse, in many common configurations, the vulnerability is exploitable over networks.
<< How can I tell if I'm vulnerable? >>
There is a simple BASH command you can run to detect if your system is vulnerable.
The first example here shows a vulnerable system
# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
The second example shows a system after patching
# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
<< Is this important? >>
According to the NIST vulnerability database, which rates the flaw 10 out of 10 in terms of severity:
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service
Jim Reavis, chief exec of the Cloud Security Alliance, claims the hole is comparable in seriousness to the infamous password-leaking Heartbleed bug in the OpenSSL library that was uncovered earlier this year.
<< What are the attack vectors? >>
We don't know them all yet? There has been speculation that it might be as wide as effecting OpenSSH with pre-auth remote code exec or even possibly exploitable via DHCP. We will know more in the next few days, but at the moment all the vectors are unknown. There are people scanning for this vuln in the wild.
<< What can I do? >>
Patch - There are patches coming out for a number of Linux/BSD operating systems. Check with your vendor to see if there is one for your operating system.
BE AWARE THAT PATCHES ARE IN ACTIVE DEVELOPMENT - YOU MAY NEED TO APPLY MULTIPLE PATCHES OVER THE NEXT FEW DAYS. CHECK WITH YOUR VENDOR REGULARLY
At present there is no patch for Apple OSX. We would expect to see one in the next few days. In the mean time here are some steps which you can take to ensure your firewall is on and blocking all the incoming connections
If a patch is not available for your machine. We would advise moving it behind a border device if it is network connected, reducing network access to the minimum necessary and monitoring logs for any anomalous activity.
<< Solution for Apple OSX >>
OS X bash Update 1.0 fixes a security flaw in the bash UNIX shell.
http://support.apple.com/kb/DL1769?viewlocale=en_US
Reference:
SHELL SHOCK - CVE-2014-6271
http://www.nzitf.org.nz/news.html
<< What is this? >>
A newly discovered vulnerability in the Bash command-line interpreter poses a critical security risk to Unix and Linux systems including Apple OSX.
The vulnerability (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271) is present in Bash through version 4.3, and was discovered by Stephane Chazelas. It puts Apache web servers, in particular, at risk of compromise via CGI scripts that use or call Bash.
The flaw lies in Bash's handling of environment variables: when assigning a function to a variable, trailing code in the function definition will be executed, leaving the door wide open for code-injection attacks. Worse, in many common configurations, the vulnerability is exploitable over networks.
<< How can I tell if I'm vulnerable? >>
There is a simple BASH command you can run to detect if your system is vulnerable.
The first example here shows a vulnerable system
# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
The second example shows a system after patching
# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
<< Is this important? >>
According to the NIST vulnerability database, which rates the flaw 10 out of 10 in terms of severity:
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service
Jim Reavis, chief exec of the Cloud Security Alliance, claims the hole is comparable in seriousness to the infamous password-leaking Heartbleed bug in the OpenSSL library that was uncovered earlier this year.
<< What are the attack vectors? >>
We don't know them all yet? There has been speculation that it might be as wide as effecting OpenSSH with pre-auth remote code exec or even possibly exploitable via DHCP. We will know more in the next few days, but at the moment all the vectors are unknown. There are people scanning for this vuln in the wild.
<< What can I do? >>
Patch - There are patches coming out for a number of Linux/BSD operating systems. Check with your vendor to see if there is one for your operating system.
BE AWARE THAT PATCHES ARE IN ACTIVE DEVELOPMENT - YOU MAY NEED TO APPLY MULTIPLE PATCHES OVER THE NEXT FEW DAYS. CHECK WITH YOUR VENDOR REGULARLY
At present there is no patch for Apple OSX. We would expect to see one in the next few days. In the mean time here are some steps which you can take to ensure your firewall is on and blocking all the incoming connections
If a patch is not available for your machine. We would advise moving it behind a border device if it is network connected, reducing network access to the minimum necessary and monitoring logs for any anomalous activity.
<< Solution for Apple OSX >>
OS X bash Update 1.0 fixes a security flaw in the bash UNIX shell.
http://support.apple.com/kb/DL1769?viewlocale=en_US
Reference:
SHELL SHOCK - CVE-2014-6271
http://www.nzitf.org.nz/news.html
Google: Alternative URLs for Google.com and Youtube.com
<< Google.com >>
http://netease.google.com/
http://go.ogle.org/
http://lunaticus.dnip.net/
<< Youtube.com >>
http://youtu.be/
Reference:
Official Google url Alternatives
http://www.ghacks.net/2008/01/23/alternate-official-google-urls/
http://netease.google.com/
http://go.ogle.org/
http://lunaticus.dnip.net/
<< Youtube.com >>
http://youtu.be/
Reference:
Official Google url Alternatives
http://www.ghacks.net/2008/01/23/alternate-official-google-urls/
Wednesday, 24 September 2014
Google: Disable SSL for Google Search
<< Why you need to disable SSL >>
Searching over Secure Sockets Layer (SSL) provides you with a more secure and private search experience. You can tell that you’re searching on SSL when you see https in your URL (note the “s” in “https”, meaning secure).
When searching over SSL, the connection between the user and Google is encrypted. Because the connection is encrypted, the query rewriting techniques described below will not work unless you disable SSL search.
Blocking https://www.google.com may prevent your organization from accessing many Google products. Instead, use the steps below to enforce SafeSearch.
<< How to disable SSL Search >>
To disable SSL search for your network, configure the DNS entry for www.google.com (or any other Google country domains your users may use) to be a CNAME for nosslsearch.google.com or A Record for 216.239.32.20.
We will not serve SSL search results for requests that we receive on this virtual IP address (VIP). If we receive a search request over port 443, the certificate handshake will complete successfully, but we will then redirect the user to a non-SSL search experience. The first time a user is redirected, they will be shown a notice that SSL has been disabled by the network administrator.
Utilizing the NoSSLSearch VIP will not affect other Google services outside of Search. Logging into Google Apps and authenticating to different services will continue to work (and will occur over SSL).
Reference:
Block adult content at your school with SafeSearch
https://support.google.com/websearch/answer/186669?hl=en
Searching over Secure Sockets Layer (SSL) provides you with a more secure and private search experience. You can tell that you’re searching on SSL when you see https in your URL (note the “s” in “https”, meaning secure).
When searching over SSL, the connection between the user and Google is encrypted. Because the connection is encrypted, the query rewriting techniques described below will not work unless you disable SSL search.
Blocking https://www.google.com may prevent your organization from accessing many Google products. Instead, use the steps below to enforce SafeSearch.
<< How to disable SSL Search >>
To disable SSL search for your network, configure the DNS entry for www.google.com (or any other Google country domains your users may use) to be a CNAME for nosslsearch.google.com or A Record for 216.239.32.20.
We will not serve SSL search results for requests that we receive on this virtual IP address (VIP). If we receive a search request over port 443, the certificate handshake will complete successfully, but we will then redirect the user to a non-SSL search experience. The first time a user is redirected, they will be shown a notice that SSL has been disabled by the network administrator.
Utilizing the NoSSLSearch VIP will not affect other Google services outside of Search. Logging into Google Apps and authenticating to different services will continue to work (and will occur over SSL).
Reference:
Block adult content at your school with SafeSearch
https://support.google.com/websearch/answer/186669?hl=en
Microsoft: Redirect HTTP to HTTPS with IIS
In this guide we'll look at how you can use Microsoft's URL rewrite module to transparently redirect HTTP to HTTPS.
For this guide to work you'll need:
Once you have this done you can simply copy and paste the following code between the <rules> and </rules> tags in your your web.config file in your website root directory.
From here all you have to do is save your web.config file and test that the redirection is working.
Hopefully this guide has helped you to enabled HTTP to HTTPS redirection for your website on IIS using the Microsoft URL Rewrite Module.
Reference:
Redirect HTTP to HTTPS with IIS
http://www.iis-aid.com/articles/how_to_guides/redirect_http_to_https_iis_7
For this guide to work you'll need:
- IIS installed
- Microsoft URL Rewrite Module installed
- Create HTTPS bindings to your IIS website and assign certificate
- Ensure Require SSL is NOT checked under SSL Settings for your website
Once you have this done you can simply copy and paste the following code between the <rules> and </rules> tags in your your web.config file in your website root directory.
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
From here all you have to do is save your web.config file and test that the redirection is working.
Hopefully this guide has helped you to enabled HTTP to HTTPS redirection for your website on IIS using the Microsoft URL Rewrite Module.
Reference:
Redirect HTTP to HTTPS with IIS
http://www.iis-aid.com/articles/how_to_guides/redirect_http_to_https_iis_7
Microsoft: DNS Management
- A Records - To point your website at an IP address
- MX records - To point your mail to a mail server name
- CNAME records - To point your website to another site
Reference:
How to change nameservers, DNS records and add URL redirects.
http://support.novara.ie/info/index.php/How_to_change_nameservers,_DNS_records_and_add_URL_redirects.
IT Technology: airbackup by TeamViewer
airbackup is the solution to back up and restore your important business data online.
With airbackup you can simply back up and restore confidential business data, like Microsoft SQL database, Microsoft Exchange Server or any other files and folders in an automated process.
Fast
airbackup compresses your data to a minimum, recognizes duplicated data, identifies altered data within milliseconds and will only transfer modified data blocks.
Secure and 100 % encrypted
Your data is stored with highest encryption technologies. Client-side end-to-end AES-256 bit encryption and private key for 100 % data protection. No one but you can access your data.
Easy-to-use
Remotely configure your devices from a centralized dashboard in the browser. Once set up, your backups will start automatically.
Tuesday, 23 September 2014
BlueCoat: Encrypted Traffic Management
Advanced cyber threats are hiding in your encrypted SSL and HTTPS traffic. Eliminate the security blind spot. Blue Coat’s Encrypted Traffic Management solutions give you the tools to combat hidden risks in your SSL and HTTPS traffic, enforce your policies, and preserve privacy.
Encryption technologies such as SSL and HTTPS are supposed to improve network security. But all too often, they provide a hiding place for advanced attacks. In fact, 50% of all network attacks will hide in SSL by 2017, according to Gartner; and today, 80% of attacks that use SSL and HTTPS go undetected.
Blue Coat Encrypted Traffic Management solutions decrypt SSL and HTTPS traffic and direct payloads of interest to a variety of sophisticated security mechanisms, including next-gen firewalls, Intrusion Prevention Systems (IPS), malware analysis, and Data Loss Prevention (DLP)—while avoiding the 30-80% performance degradation often seen in HTTPS visibility deployments.
Now you can enforce your policies with encrypted traffic; reduce the data security risk of web, cloud, and mobile applications; protect privacy; and ensure compliance—without sacrificing the scalability and performance end users demand.
Reference:
Encrypted Traffic Management
https://www.bluecoat.com/encrypted-traffic-management-solutions
Monday, 22 September 2014
IT Technology: Air Conditioning in Server Room
Computer equipment generates heat, and is sensitive to heat, humidity, and dust, but also the need for very high resilience and failover requirements. Maintaining a stable temperature and humidity within tight tolerances is critical to IT system reliability.
In most server rooms “close control air conditioning” systems, also known as PAC (precision air conditioning) systems, are installed. These systems control temperature, humidity and particle filtration within tight tolerances 24 hours a day and can be remotely monitored. They can have built-in automatic alerts when conditions within the server room move outside defined tolerances.
Air conditioning designs for most computer or server rooms will vary depending on various design considerations, but they are generally one of two types: “up-flow” and “down-flow” configurations.
<< Up-flow air conditioning >>
This type of air conditioning draws air into the front of the air handler unit (AHU), cools the air over the heat exchanger, then distributes the cooled air out through the top or through duct work. This air conditioning configuration is well suited to retro-fitted computer rooms when raised floors are either of inadequate depth or do not exist at all.
<< Down-flow air conditioning >>
Typically, this type of air conditioning unit draws the air into the top of the air handling unit, cools the air over the heat exchanger, then distributes the air out of the bottom into the floor void. This conditioned air is then discharged into the server room via strategically placed floor grilles and onwards to equipment racks. These systems are well suited to new office buildings where the design can encompass raised floors suitable for ducting to computer racks.
Reference:
Server room
http://en.wikipedia.org/wiki/Server_room
In most server rooms “close control air conditioning” systems, also known as PAC (precision air conditioning) systems, are installed. These systems control temperature, humidity and particle filtration within tight tolerances 24 hours a day and can be remotely monitored. They can have built-in automatic alerts when conditions within the server room move outside defined tolerances.
Air conditioning designs for most computer or server rooms will vary depending on various design considerations, but they are generally one of two types: “up-flow” and “down-flow” configurations.
<< Up-flow air conditioning >>
This type of air conditioning draws air into the front of the air handler unit (AHU), cools the air over the heat exchanger, then distributes the cooled air out through the top or through duct work. This air conditioning configuration is well suited to retro-fitted computer rooms when raised floors are either of inadequate depth or do not exist at all.
<< Down-flow air conditioning >>
Typically, this type of air conditioning unit draws the air into the top of the air handling unit, cools the air over the heat exchanger, then distributes the air out of the bottom into the floor void. This conditioned air is then discharged into the server room via strategically placed floor grilles and onwards to equipment racks. These systems are well suited to new office buildings where the design can encompass raised floors suitable for ducting to computer racks.
Reference:
Server room
http://en.wikipedia.org/wiki/Server_room
Friday, 19 September 2014
Cisco: Configuring Call Handlers in Cisco Unity Connection
The link below is going to show you the configuration of the call handler in Cisco Unity Connection:
http://www.ciscopress.com/articles/article.asp?p=2021962&seqNum=7
http://www.ciscopress.com/articles/article.asp?p=2021962&seqNum=7
Palo Alto: How To Create Custom URL Categories
This document describes the steps to create a Custom URL Category list, use the list in a URL Filtering profile, and then applying the profile in a security policy.
1. For PAN-OS 4.0, 4.1, 5.0, go to Objects > Custom URL Category and click Add
For PAN OS 6.0, 'Custom URL Category' has been renamed as 'URL Category' and moved under Objects > Custom Objects:
2. Fill in the Name, Description, and the URLs of the category members (one per line).
Note: A list of URLs can also be imported from a file.
To apply the the custom category to a URL filtering profile:
1. Go to Objects > Security Profiles > URL Filtering and click Add.
2. Name the profile and select the custom category.
Note: The newly created category appears in the Category list with an asterisk next to it.
3. Optionally, add URLs to the Allow/Block lists as appropriate.
To apply the URL filtering profile in a security policy:
1. Go to Policies > Security
2. Select or create a security policy
3. Select the custom profile for URL Filtering, under Profile Setting:
4. Commit
The Palo Alto Networks firewall will process the filter as follows:
Reference:
How To Create Custom URL Categories
https://live.paloaltonetworks.com/docs/DOC-1500
1. For PAN-OS 4.0, 4.1, 5.0, go to Objects > Custom URL Category and click Add
For PAN OS 6.0, 'Custom URL Category' has been renamed as 'URL Category' and moved under Objects > Custom Objects:
2. Fill in the Name, Description, and the URLs of the category members (one per line).
Note: A list of URLs can also be imported from a file.
To apply the the custom category to a URL filtering profile:
1. Go to Objects > Security Profiles > URL Filtering and click Add.
2. Name the profile and select the custom category.
Note: The newly created category appears in the Category list with an asterisk next to it.
3. Optionally, add URLs to the Allow/Block lists as appropriate.
To apply the URL filtering profile in a security policy:
1. Go to Policies > Security
2. Select or create a security policy
3. Select the custom profile for URL Filtering, under Profile Setting:
4. Commit
The Palo Alto Networks firewall will process the filter as follows:
- Block list
- Allow list
- Custom category
- Pre-defined category
Reference:
How To Create Custom URL Categories
https://live.paloaltonetworks.com/docs/DOC-1500
IT Technology: What is Jitter in Networking
Simply said, time difference in packet inter-arrival time to their destination can be called jitter. Jitter is specific issue that normally exists in packet networks and this phenomenon is usually not causing any communication problems. TCP/IP is responsible for dealing with the jitter impact on communication. On the other hand, in VoIP network environment, or better say in any bigger environment today where we use IP phones on our network this can be a bigger problem. When someone is sending VoIP communication at a normal interval (let’s say one frame every 10 ms) those packets can stuck somewhere in between inside the packet network and not arrive at expected regular peace to the destined station. That’s the whole jitter phenomenon all about so we can say that the anomaly in tempo with which packet is expected and when it is in reality received is jitter.
In this image above, you can notice that the time it takes for packets to be send is not the same as the period in which the will arrive at the receiver side. One of the packets encounters some delay on his way and it is received little later than it was asumed. Here are the jitter buffers entering the story. They will mitigate packet delay if required. VoIP packets in networks have very changeable packet inter-arrival intervals because they are usually smaller than normal data packets and are therefore more numerous with bigger chance to get some delay.
In order to have the chance to better tune the jitter correction, best practice is to enumerate packets who arrive late and with that base data calculate a ratio of those packets and packets that are successfully transferred. With that ratio you can better adapt the jitter buffer to some predictable number of late arriving packets. This is the best way to tune jitter buffer. Although it can maybe some time be confusing but the jitter and total delay are not even close to be the same thing. Having a lot of jitter in network will probably increase the total delay to, but it must not be the case. It will usually mean that because more jitter means that you need bigger jitter buffer to be able to compensate the unpredictable packet network packet flow behavior.
The buffers are not endlessly big. In case of heavy jitter situation it is better to drop some packets or have fixed size buffer instead of creating delays in the jitter buffers itself. The main reason for the last sentence is that if you did a good job in planing and designing the network infrastructure with all the best practice and recommendations, the probability to have jitter issues is minimal. In that kind of network jitter is normally not a big problem.
You can se if there is some jitter in your network using RTP timestamps in Cisco IOS. Cisco IOS has by default those buffers set like a dynamic queue. This queue will change its size depending on the packet timing and tempo when arriving to destination. Almost all other vendors use static jitter buffers, Cisco deduced that dynamic jitter buffer with some enhancement in the design is the best way to use the buffer for VoIP transferring networks.
Reference:
WHAT IS JITTER IN NETWORKING?
http://howdoesinternetwork.com/2013/jitter
In this image above, you can notice that the time it takes for packets to be send is not the same as the period in which the will arrive at the receiver side. One of the packets encounters some delay on his way and it is received little later than it was asumed. Here are the jitter buffers entering the story. They will mitigate packet delay if required. VoIP packets in networks have very changeable packet inter-arrival intervals because they are usually smaller than normal data packets and are therefore more numerous with bigger chance to get some delay.
In order to have the chance to better tune the jitter correction, best practice is to enumerate packets who arrive late and with that base data calculate a ratio of those packets and packets that are successfully transferred. With that ratio you can better adapt the jitter buffer to some predictable number of late arriving packets. This is the best way to tune jitter buffer. Although it can maybe some time be confusing but the jitter and total delay are not even close to be the same thing. Having a lot of jitter in network will probably increase the total delay to, but it must not be the case. It will usually mean that because more jitter means that you need bigger jitter buffer to be able to compensate the unpredictable packet network packet flow behavior.
The buffers are not endlessly big. In case of heavy jitter situation it is better to drop some packets or have fixed size buffer instead of creating delays in the jitter buffers itself. The main reason for the last sentence is that if you did a good job in planing and designing the network infrastructure with all the best practice and recommendations, the probability to have jitter issues is minimal. In that kind of network jitter is normally not a big problem.
You can se if there is some jitter in your network using RTP timestamps in Cisco IOS. Cisco IOS has by default those buffers set like a dynamic queue. This queue will change its size depending on the packet timing and tempo when arriving to destination. Almost all other vendors use static jitter buffers, Cisco deduced that dynamic jitter buffer with some enhancement in the design is the best way to use the buffer for VoIP transferring networks.
Reference:
WHAT IS JITTER IN NETWORKING?
http://howdoesinternetwork.com/2013/jitter
Palo Alto: Resolving URL Category in Decryption Policy When Multiple URLs are Behind the Same IP
<< Issue >>
Problem happens when there are multiple web services behind the same IP, as with Google who hosts all its services (such as Drive, Translate, Search engine, Google+, Maps, Play, Gmail, Calendar etc.) behind the same group of IP addresses.
In cases where DNS resolves both www.google.com and www.drive.google.com in same IP address (eg. 173.194.78.189), hosts will use the same IP for both google.com and drive.google.com. So, if the first session traffic is to www.google.com, the local cache will map 173.194.78.189 to “search-engines”. Then, if the next host goes to www.drive.google.com using the same destination IP, the URL category will be resolved in “search-engines” instead of “online-personal-storage”.
If there is decryption policy that is set to decrypt only “online-personal-storage” category, this combination of traffic will not by hit and thus real drive.google.com data will not be decrypted.
<< Details >>
When troubleshooting SSL decryption related issues, a good starting point is to understand how decryption mechanism works in terms of URL categorization. In order to establish a secure SSL tunnel, the client and server perform a certain method of authentication. The client usually authenticates server’s identity based on its certificate. HTTPS connection is always initiated by the client who first resolves server’s URL and then sends a Client Hello towards the resolved IP address. The client then waits for response from server side, which should include its certificate.
In order to resolve proper URL category and determine whether or not to decrypt certain SLL traffic, the Palo Alto Networks firewall relies on the Common Name (CN) field of certificate received from the server. So, URL categorization is based on what is found in CN field. The resolved URL category is then mapped to the destination IP of intercepted packet sent from client side. In order to speed up the process of resolving URL category, the firewall stores each URL to the destination IP mapping in its local cache memory. So, the next time there is SSL traffic to the same destination, it will be resolved in the URL category already stored in local cache file. Having said that, mechanism of URL categorization for purpose of decryption looks like the following:
<< Resolution >>
In PAN-OS 6.0 a new method of resolving URL category for purpose of decryption was introduced. This new method is not based on the server's certificate CN field but on the SNI value of client's HTTP Hello message. Using this method ensures that under each circumstance, the Palo Alto Networks firewall will be able to properly resolve the URL category of upstream traffic and, with that information, engage right decryption policy.
Reference:
Resolving URL Category in Decryption Policy When Multiple URLs are Behind the Same IP
https://live.paloaltonetworks.com/docs/DOC-7235
Problem happens when there are multiple web services behind the same IP, as with Google who hosts all its services (such as Drive, Translate, Search engine, Google+, Maps, Play, Gmail, Calendar etc.) behind the same group of IP addresses.
In cases where DNS resolves both www.google.com and www.drive.google.com in same IP address (eg. 173.194.78.189), hosts will use the same IP for both google.com and drive.google.com. So, if the first session traffic is to www.google.com, the local cache will map 173.194.78.189 to “search-engines”. Then, if the next host goes to www.drive.google.com using the same destination IP, the URL category will be resolved in “search-engines” instead of “online-personal-storage”.
If there is decryption policy that is set to decrypt only “online-personal-storage” category, this combination of traffic will not by hit and thus real drive.google.com data will not be decrypted.
<< Details >>
When troubleshooting SSL decryption related issues, a good starting point is to understand how decryption mechanism works in terms of URL categorization. In order to establish a secure SSL tunnel, the client and server perform a certain method of authentication. The client usually authenticates server’s identity based on its certificate. HTTPS connection is always initiated by the client who first resolves server’s URL and then sends a Client Hello towards the resolved IP address. The client then waits for response from server side, which should include its certificate.
In order to resolve proper URL category and determine whether or not to decrypt certain SLL traffic, the Palo Alto Networks firewall relies on the Common Name (CN) field of certificate received from the server. So, URL categorization is based on what is found in CN field. The resolved URL category is then mapped to the destination IP of intercepted packet sent from client side. In order to speed up the process of resolving URL category, the firewall stores each URL to the destination IP mapping in its local cache memory. So, the next time there is SSL traffic to the same destination, it will be resolved in the URL category already stored in local cache file. Having said that, mechanism of URL categorization for purpose of decryption looks like the following:
- Client Hello message is intercepted by the firewall
- Firewall determines packet’s destination IP
- Firewall compares that destination IP with the list of IP to URL category mapping from its local cache memory
- If the same IP is in the list, the URL category is then taken from local cache memory
- If there is no match with local cache, the firewall waits for a response from the server to take a look in the server certificate's CN field
- URL resolution is done based on CN field, and that category is mapped to Server’s IP and added to the list in local cache memory for future use
<< Resolution >>
In PAN-OS 6.0 a new method of resolving URL category for purpose of decryption was introduced. This new method is not based on the server's certificate CN field but on the SNI value of client's HTTP Hello message. Using this method ensures that under each circumstance, the Palo Alto Networks firewall will be able to properly resolve the URL category of upstream traffic and, with that information, engage right decryption policy.
Reference:
Resolving URL Category in Decryption Policy When Multiple URLs are Behind the Same IP
https://live.paloaltonetworks.com/docs/DOC-7235
Thursday, 18 September 2014
VMware: VMware vCenter Operations Manager
VMware vCenter Operations Manager is the key component of the VMware vCenter Operations Management Suite. It provides comprehensive visibility and insights into the performance, capacity and health of your infrastructure.
Operation Manager allows users to do the following:
Comprehensive Visibility
Get a holistic view and deep operational insights into the health, risk and efficiency of your infrastructure and applications.
Capacity Optimization
Identify capacity shortfalls and over-provisioning so you can right-size virtual machines, reclaim idle resources and increase consolidation ratios with confidence.
Proactive Performance Management
Stop monitoring and start managing infrastructure and application performance proactively. Automated root-cause analysis and recommended remediation actions help you identify and eliminate potential bottlenecks.
Reference:
vCenter Operations Manager
http://www.vmware.com/products/vcenter-operations-manager
VMware: VMware vSphere Data Protection
Traditional data backup and data recovery solutions are expensive, slow and complex. They write data to tape, which is difficult and time-consuming to restore. In contrast, VMware vSphere Data Protection (VDP) provides fast backup to disk with dependable recovery.
Furthermore, VMware vSphere Data Protection Advanced extends the backup capabilities of your VMware vSphere platform with greater scalability and application-level integration for your mission-critical apps.
Sophisticated vSphere Data Protection capabilities ensure that your backups complete on schedule, keeping costs down despite exponential data growth:
Traditional backup solutions were designed for physical environments, creating unnecessary complexity in virtual infrastructures. vSphere Data Protection is specifically engineered for the virtualization and administration capabilities of the vSphere platform:
Reference:
Data Protection
http://www.vmware.com/products/vsphere/features/data-protection
Furthermore, VMware vSphere Data Protection Advanced extends the backup capabilities of your VMware vSphere platform with greater scalability and application-level integration for your mission-critical apps.
Sophisticated vSphere Data Protection capabilities ensure that your backups complete on schedule, keeping costs down despite exponential data growth:
- Variable-length de-duplication - Breaks files into sub-segments to determine which are unique, minimizing backup storage requirements. Achieves the industry’s highest average rates of de-duplication: 99 percent for file systems and 96 percent for databases.
- Global de-duplication - Reduces required backup storage further by de-duplicating data across all virtual machines pointed to the same appliance.
- Changed Block Tracking backup (CBT) - Works with variable-length de-duplication to reduce virtual network impact during backups, sending only daily unique changes to the virtual appliance.
- Changed Block Tracking restore - Unlike other solutions, vSphere Data Protection also uses CBT during restores for dramatic reductions in data recovery times.
Traditional backup solutions were designed for physical environments, creating unnecessary complexity in virtual infrastructures. vSphere Data Protection is specifically engineered for the virtualization and administration capabilities of the vSphere platform:
- Full vSphere integration – Native management through the vSphere web client lets administrators run backup and recovery from a “single pane of glass.”
- Easy to deploy and use – vSphere Data Protection deploys as a virtual machine appliance for easy setup and minimal post-deployment configuration. Policies are defined according to specified retentions and timetables, making backup schedules simple to create.
- One-step recovery – The intuitive web-based user interface permits simple recovery of full virtual machines or individual files. In addition, the “end-user self-service restore” option allows restore requests to be offloaded from IT.
Reference:
Data Protection
http://www.vmware.com/products/vsphere/features/data-protection
Microsoft: Difference Between Truncate and Shrink in Microsoft SQL
Shrinking actually shrinks the physical file. For example, it reduces the size from 100MB to 50MB. However, truncating the log keeps the physical size the same but frees up space within it by removing committed transactions, once they have been backed up.
Reference:
Difference between truncating and shrinking a log
http://social.msdn.microsoft.com/forums/sqlserver/en-US/84f3f091-3915-445c-9935-6d665334412b/difference-between-truncating-and-shrinking-a-log
Reference:
Difference between truncating and shrinking a log
http://social.msdn.microsoft.com/forums/sqlserver/en-US/84f3f091-3915-445c-9935-6d665334412b/difference-between-truncating-and-shrinking-a-log
Apple: New iOS 8 for iPhone and iPad
Continuity: Handoff, AirDrop, Instant Hotspot, calling and SMS/MMS
Continuity is all about providing a seamless, secure experience between iPhone, iPad, and Mac. As long as you're logged in under the same Apple ID, and your devices are in proximity, you can Handoff activity in an app on iOS to continue it right where you left off on OS X, or vice-versa. There's also a new, cross-compatible version of AirDrop so you can push data between all your devices, and Instant Hotspot, so your Mac or iPad Wi-Fi can use your iPhone or iPad cellular connection to get online automagically. Continuity also lets you make or take phone calls and SMS and MMS messages from your iPhone on your iPad or Mac.
Extensibility: Interactive notifications, inter-app communications, widgets, DocumentPicker, third-party keyboards
Extensibility fundamentally changes the way iOS works. While maintaining privacy and security, Extensibility adds a wide range of new features to iPhone and iPad. These include interactive notifications, opening up sharing and actions to third party apps (the options available on Share Sheets), enabling photo filters and editing tools to present themselves in other apps, access to the Today view in Notification Center for third party widgets, iCloud Drive and DocumentPicker so your files can be opened in any app that supports them, as well as the ability to specify an alternate storage provider, if you so wish, and support for third-party custom keyboards, system-wide.
Messages
In addition to the Continuity SMS/MMS sending and receiving, and interactive notifications, Messages has gained several other new features. Thanks to new touch-and-hold radial controls, you can quickly create and send video and audio messages. You can also lift to your ear to listen. For existing photos and videos, you now get large thumbnails making them easy to add, even in volume.
There's a new Details section that lets you see and share location as well as all photos and videos that are part of the conversation. In addition, for group messages, you can now easily invoke do-not-disturb on specific conversations, and even drop out entirely with just a couple of taps.
Family Sharing
With Family Sharing, up to 6 people can co-mingle their iTunes music, movies, TV shows, books, apps, and games, all together, all at the same time. It doesn't matter if you have different Apple IDs and passwords, all that matters is that you have the same credit card on all the shared accounts.
If you have children, you can also approve every in-app purchase they make — a notification appears on your iOS devices telling you a child wants to make an in-app purchase on one of their iOS devices.
What's more, Family Sharing automagically sets up a shared Photo Stream, shared Calendar, and allows shared location and shared Find my iPhone/iPad when and if you choose to enable it.
Photos
iCloud Photo Library is the big new feature in Photos. In theory, every photo and video you take with your iPhone or iPad gets store in iCloud so you can access it from any iPhone, iPad, Mac, or Windows PC, anywhere and any time you want. Apple even promises RAW files will be stored, if that's the original format. In practice, however, the amount stored will depend on how much space you have in your iCloud account, which still starts at a paltry 5GB.
What's more, iCloud Photo Library also stores non-destructive edits, so if you make a change to a photo or video on one device, those changes are synced to any and all other devices logged into the same Apple ID.
Smart search and smart suggestion tries to make it easier for you to find your photos later, with time, location, and album sorting.
There's a new time-lapse mode for the Camera app, and smart composition tools so you can quickly crop and straighten photos. There are also smart adjustments so you can either automagically fix a photo, or manually tweak brightness, contrast, exposure, highlights, shadows, and colors.
Thanks to Extensibility, you can now access third-part filters as well. Thanks to manual camera controls for third-party apps, you will also be able to set everything just the way you like it as well.
iCloud Drive
iOS doesn't expose, and doesn't need to expose a file system. They're horrible relics of inhuman computing days past. However, iOS has always needed a file repository so that documents weren't jailed inside apps. iCloud Drive provides just that. Create a document in any app, on any Apple device, and access it from any compatible app on any other Apple device.
It works for text files. It works of iWork documents. It just works.
Health
Much like Passbook collects all your passes, cards, tickets, etc. all in one place, Health promises to collect all your health and fitness information in one app. In addition to sections of fitness, nutrition, sleep, medication, and more, you can also create an emergency card for first responders so any critical information about you is readily available when you need it most.
HealthKit, the developer side of Health, will make it easy for App Store apps and accessories to share their information, and for you to share it with medical professionals if and when you so choose.
Spotlight
Spotlight has gotten much smarter, and much more able, in iOS 8. In addition to the classic on-device results we've all come to know and expect, Spotlight now provides Wikipedia results inline. So too news and even Maps data like landmarks, restaurants, and movies. iTunes Store, App Store, and iBooks Store results are provided for both stuff you've already downloaded and stuff you haven't, in case you want to buy or download it immediately.
It's not quite Siri's sequential inference engine, at least not yet. But it's getting there.
Multitasking
Where previously you could double-click the Home button to get the card-view interface for recently used apps, now you can do the same to get a horizontal list view of favorite and recent contacts as well
Mail gets new, more powerful gestures so you can mark as read, flag, or trash. Data detectors get highlighted right at the top of an email so you can more quickly and easily add contacts, calendar events, and more. There's also a new, special multitasking mode for mail so you can keep multiple drafts open at the same time in a new, tabbed interface.
Safari
Safari on the iPad gets the same visual tab feature that the iPhone version got in iOS 7, and the same new transparent sidebar OS X Yosemite enjoys, better organizing bookmarks, reading list, and shared links.
Enterprise
S/MIME has now been enabled on a per-message basis, and Calendar, Contacts, Reminders, Notes, and Messages apps, as well as account credential are now, like Mail and App Store apps, encrypted following a reboot unless and until a passcode is entered.
Meeting availability is now shown in Calendar and there are now new tools available to manage PDFs and books. IT can manage which apps can open enterprise documents, MDM in general has been made better and more granular.
You can even AirPlay directly, without having to get on the business network first.
Developers
In addition to everything mentioned above, developers also get HomeKit to better integrate with home automation and connected devices, and CloudKit to store key values and blobs on Apple's servers. SceneKit, for easier 3D game creation, has now been ported from OS X to iOS, and Metal, for writing more directly to the GPU, promises Apple A7 — and future A-series processor — performance never before possible.
There's also Swift, a brand new programming language that promises to take the C out of Objective-C, and provide REPL and Playground features to make programming more accessible to everyone.
Reference:
iOS 8
http://www.imore.com/ios-8
Tuesday, 16 September 2014
Microsoft: Easily Compare Two Lists in Excel
The example below is going to guide you how to compare two lists using conditional formating in Excel.
1. Select the range A1:A18 and name it firstList, select the range B1:B20 and name it secondList.
2. Select the range A1:A18
3. On the Home tab, click Conditional Formatting, New Rule...
4. Select "Use a formula to determine which cells to format".
5. Enter the formula =COUNTIF(secondList,A1)=0
6. Select a formatting style and click OK.
7. As a result, Miami Dolphins and Tennessee Titans are not in the second list.
Note: =COUNTIF(secondList,A1) counts the number of teams in secondList that are equal to the team in cell A1. If COUNTIF(secondList,A1) = 0, the team in cell A1 is not in the second list. As a result, Excel fills the cell with a blue background color. Because we selected the range A1:A18 before we clicked on Conditional Formatting, Excel automatically copies the formula to the other cells. Thus, cell A2 contains the formula =COUNTIF(secondList,A2)=0, cell A3 =COUNTIF(secondList,A3)=0, etc.
8. To highlight the teams in the second list that are not in the first list, select the range B1:B20, create a new rule using the formula =COUNTIF(firstList,B1)=0, and set the format to orange fill.
9. As a result, Denver Broncos, Arizona Cardinals, Minnesota Vikings and Pittsburgh Steelers are not in the first list.
Reference:
Compare Two Lists
http://www.excel-easy.com/examples/compare-two-lists.html
1. Select the range A1:A18 and name it firstList, select the range B1:B20 and name it secondList.
2. Select the range A1:A18
3. On the Home tab, click Conditional Formatting, New Rule...
4. Select "Use a formula to determine which cells to format".
5. Enter the formula =COUNTIF(secondList,A1)=0
6. Select a formatting style and click OK.
7. As a result, Miami Dolphins and Tennessee Titans are not in the second list.
Note: =COUNTIF(secondList,A1) counts the number of teams in secondList that are equal to the team in cell A1. If COUNTIF(secondList,A1) = 0, the team in cell A1 is not in the second list. As a result, Excel fills the cell with a blue background color. Because we selected the range A1:A18 before we clicked on Conditional Formatting, Excel automatically copies the formula to the other cells. Thus, cell A2 contains the formula =COUNTIF(secondList,A2)=0, cell A3 =COUNTIF(secondList,A3)=0, etc.
8. To highlight the teams in the second list that are not in the first list, select the range B1:B20, create a new rule using the formula =COUNTIF(firstList,B1)=0, and set the format to orange fill.
9. As a result, Denver Broncos, Arizona Cardinals, Minnesota Vikings and Pittsburgh Steelers are not in the first list.
Reference:
Compare Two Lists
http://www.excel-easy.com/examples/compare-two-lists.html
Microsoft: Inherited Permissions Are Not Automatically Updated When You Move Folders
In Windows, when you move a folder, the ACL is not changed, and the inherited permissions are not updated.
When you move a file or folder, the ACL is also moved and is not changed in any way. Even when inheritance is enabled for this folder, the inherited permissions are not automatically updated. The ACL will be updated the next time you change permissions, and this forces the parent to propagate its permissions.
This behavior can also be caused by:
Reference:
Inherited permissions are not automatically updated when you move folders
http://support.microsoft.com/kb/320246
When you move a file or folder, the ACL is also moved and is not changed in any way. Even when inheritance is enabled for this folder, the inherited permissions are not automatically updated. The ACL will be updated the next time you change permissions, and this forces the parent to propagate its permissions.
This behavior can also be caused by:
- Setting the permissions of a parent folder by using CACLS does not propagate to the subfolders. Note that the /T option does not mean to propagate the rights by using inheritance, but to overwrite all ACLs.
- Setting the permissions of a parent folder by using an API that does not automatically propagate inheritance (like Adssecurity.dll).
- Restoring from a backup to a different location.
Reference:
Inherited permissions are not automatically updated when you move folders
http://support.microsoft.com/kb/320246
Apple: An USD 999.99 Apple Apps - Real or Typo...
There is an USD 999.99 ( RM 3228.97 ) Apple Apps called Vizzywig 4K. Is it real or typo?
The Apps is more expensive than a MacBook Air!
Reference:
Vizzywig 4K
https://itunes.apple.com/my/app/id913424818?mt=8
The Apps is more expensive than a MacBook Air!
Reference:
Vizzywig 4K
https://itunes.apple.com/my/app/id913424818?mt=8
Monday, 15 September 2014
IT Technology: Replacing SHA-1 with SHA-2 certificates
Microsoft and Google announced SHA-1 deprecation plans that may affect websites with SHA-1 certificates expiring as early as after December 31, 2015. According to Google’s blog on “Gradually Sunsetting SHA-1”, Chrome version 39 and later will display visual security indicators on sites with SHA-1 SSL certificates with validity beyond January 1, 2016. The production release of Chrome 39 is expected to be in November, 2014. The sites will be treated with one of the following indicators: “secure, but with minor errors” (lock with yellow triangle), “neutral, lacking security” (blank page icon) and “affirmative insecure” (lock with a red X). In order to prevent online users on Chrome version 39 and later from experiencing these indicators, SHA-1 SSL certificates expiring after December 31, 2015 must be replaced with SHA-256 (SHA-2) certificates.
Microsoft’s SHA-1 deprecation plan differs in the activation time and browser behavior. Microsoft’s security advisory on “Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program” informed us that Windows will cease accepting SHA-1 SSL certificates on January 1, 2017. To continue to work with Microsoft platforms, all SHA-1 SSL certificates issued before or after this announcement must be replaced with a SHA-2 equivalent by January 1, 2017.
The SHA-1 deprecation plans also impact SHA-1 intermediate certificates; SHA-2 end-entity certificates must be chained to SHA-2 intermediate certificates to avoid the adverse browser behaviors described above. SHA-1 root certificates are not impacted.
As technology evolves, it is critical to stay ahead of those who wish to defeat cryptographic technologies for their malicious benefit. Symantec is helping to make the Internet more secure by proactively enabling, promoting, and elevating strong cryptographic standards within SSL/TLS and code-signing certificates. As part of this effort, Symantec has made available SHA-2 replacement certificates at no additional charge to our customers.
The initiative to migrate from SHA-1 to SHA-256 (SHA-2) is the next proactive phase to better secure websites, intranet communications, and applications. Organizations need to develop a migration plan for any SHA-1 SSL and code signing certificates that expire after December 31, 2015.
Reference:
SHA-1 Hash Algorithm Migration for SSL & Code Signing Certificates
http://www.symantec.com/page.jsp?id=sha2-transition
Microsoft’s SHA-1 deprecation plan differs in the activation time and browser behavior. Microsoft’s security advisory on “Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program” informed us that Windows will cease accepting SHA-1 SSL certificates on January 1, 2017. To continue to work with Microsoft platforms, all SHA-1 SSL certificates issued before or after this announcement must be replaced with a SHA-2 equivalent by January 1, 2017.
The SHA-1 deprecation plans also impact SHA-1 intermediate certificates; SHA-2 end-entity certificates must be chained to SHA-2 intermediate certificates to avoid the adverse browser behaviors described above. SHA-1 root certificates are not impacted.
As technology evolves, it is critical to stay ahead of those who wish to defeat cryptographic technologies for their malicious benefit. Symantec is helping to make the Internet more secure by proactively enabling, promoting, and elevating strong cryptographic standards within SSL/TLS and code-signing certificates. As part of this effort, Symantec has made available SHA-2 replacement certificates at no additional charge to our customers.
The initiative to migrate from SHA-1 to SHA-256 (SHA-2) is the next proactive phase to better secure websites, intranet communications, and applications. Organizations need to develop a migration plan for any SHA-1 SSL and code signing certificates that expire after December 31, 2015.
Reference:
SHA-1 Hash Algorithm Migration for SSL & Code Signing Certificates
http://www.symantec.com/page.jsp?id=sha2-transition
Apple: How to Manage Photos on Your iPhone or iPad...iCloud Isn’t Backing Them All Up!
Are the photos you take with your iPhone or iPad backed up in case you lose your device? If you’re just relying on iCloud to manage your important memories, your photos may not be backed up at all.
Apple’s iCloud has a photo-syncing feature in the form of “Photo Stream,” but Photo Stream doesn’t actually perform any long-term backups of your photos.
<< iCloud’s Photo Backup Limitations >>
Assuming you’ve set up iCloud on your iPhone or iPad, your device is using a feature called “Photo Stream” to automatically upload the photos you take to your iCloud storage and sync them across your devices. Unfortunately, there are some big limitations here.
It’s clear that iCloud’s Photo Stream isn’t designed as a long-term way to store your photos, just a convenient way to access recent photos on all your devices before you back them up for real.
<< iCloud’s Photo Stream is Designed for Desktop Backups >>
If you have a Mac, you can launch iPhoto and enable the Automatic Import option under Photo Stream in its preferences pane. Assuming your Mac is on and connected to the Internet, iPhoto will automatically download photos from your photo stream and make local backups of them on your hard drive. You’ll then have to back up your photos manually so you don’t lose them if your Mac’s hard drive ever fails.
If you have a Windows PC, you can install the iCloud Control Panel, which will create a Photo Stream folder on your PC. Your photos will be automatically downloaded to this folder and stored in it. You’ll want to back up your photos so you don’t lose them if your PC’s hard drive ever fails.
Photo Stream is clearly designed to be used along with a desktop application. Photo Stream temporarily backs up your photos to iCloud so iPhoto or iCloud Control Panel can download them to your Mac or PC and make a local backup before they’re deleted. You could also use iTunes to sync your photos from your device to your PC or Mac, but we don’t really recommend it — you should never have to use iTunes.
<< How to Actually Back Up All Your Photos Online >>
So Photo Stream is actually pretty inconvenient — or, at least, it’s just a way to temporarily sync photos between your devices without storing them long-term. But what if you actually want to automatically back up your photos online without them being deleted automatically?
The solution here is a third-party app that does this for you, offering the automatic photo uploads with long-term storage. There are several good services with apps in the App Store:
Use any of these services and you’ll get an online, automatic photo backup solution you can rely on. You’ll get a good chunk of free space, your photos will never be automatically deleted, and you can easily access them from any device. You won’t have to worry about storing local copies of your photos and backing them up manually.
Reference:
No, iCloud Isn’t Backing Them All Up: How to Manage Photos on Your iPhone or iPad
http://www.howtogeek.com/175416/no-icloud-isnt-backing-them-all-up-how-to-manage-photos-on-your-iphone-or-ipad/
Apple’s iCloud has a photo-syncing feature in the form of “Photo Stream,” but Photo Stream doesn’t actually perform any long-term backups of your photos.
<< iCloud’s Photo Backup Limitations >>
Assuming you’ve set up iCloud on your iPhone or iPad, your device is using a feature called “Photo Stream” to automatically upload the photos you take to your iCloud storage and sync them across your devices. Unfortunately, there are some big limitations here.
- 1000 Photos: Photo Stream only backs up the latest 1000 photos. Do you have 1500 photos in your Camera Roll folder on your phone? If so, only the latest 1000 photos are stored in your iCloud account online. If you don’t have those photos backed up elsewhere, you’ll lose them when you lose your phone. If you have 1000 photos and take one more, the oldest photo will be removed from your iCloud Photo Stream.
- 30 Days: Apple also states that photos in your Photo Stream will be automatically deleted after 30 days “to give your devices plenty of time to connect and download them.” Some people report photos aren’t deleted after 30 days, but it’s clear you shouldn’t rely on iCloud for more than 30 days of storage.
- iCloud Storage Limits: Apple only gives you 5 GB of iCloud storage space for free, and this is shared between backups, documents, and all other iCloud data. This 5 GB can fill up pretty quickly. If your iCloud storage is full and you haven’t purchased any more storage more from Apple, your photos aren’t being backed up.
- Videos Aren’t Included: Photo Stream doesn’t include videos, so any videos you take aren’t automatically backed up.
It’s clear that iCloud’s Photo Stream isn’t designed as a long-term way to store your photos, just a convenient way to access recent photos on all your devices before you back them up for real.
<< iCloud’s Photo Stream is Designed for Desktop Backups >>
If you have a Mac, you can launch iPhoto and enable the Automatic Import option under Photo Stream in its preferences pane. Assuming your Mac is on and connected to the Internet, iPhoto will automatically download photos from your photo stream and make local backups of them on your hard drive. You’ll then have to back up your photos manually so you don’t lose them if your Mac’s hard drive ever fails.
If you have a Windows PC, you can install the iCloud Control Panel, which will create a Photo Stream folder on your PC. Your photos will be automatically downloaded to this folder and stored in it. You’ll want to back up your photos so you don’t lose them if your PC’s hard drive ever fails.
<< How to Actually Back Up All Your Photos Online >>
So Photo Stream is actually pretty inconvenient — or, at least, it’s just a way to temporarily sync photos between your devices without storing them long-term. But what if you actually want to automatically back up your photos online without them being deleted automatically?
The solution here is a third-party app that does this for you, offering the automatic photo uploads with long-term storage. There are several good services with apps in the App Store:
- Dropbox: Dropbox’s Camera Upload feature allows you to automatically upload the photos — and videos — you take to your Dropbox account. They’ll be easily accessible anywhere there’s a Dropbox app and you can get much more free Dropbox storage than you can iCloud storage. Dropbox will never automatically delete your old photos.
- Google+: Google+ offers photo and video backups with its Auto Upload feature, too. Photos will be stored in your Google+ Photos — formerly Picasa Web Albums — and will be marked as private by default so no one else can view them. Full-size photos will count against your free 15 GB of Google account storage space, but you can also choose to upload an unlimited amount of photos at a smaller resolution.
- Flickr: The Flickr app is no longer a mess. Flickr offers an Auto Upload feature for uploading full-size photos you take and free Flickr accounts offer a massive 1 TB of storage for you to store your photos. The massive amount of free storage alone makes Flickr worth a look.
Reference:
No, iCloud Isn’t Backing Them All Up: How to Manage Photos on Your iPhone or iPad
http://www.howtogeek.com/175416/no-icloud-isnt-backing-them-all-up-how-to-manage-photos-on-your-iphone-or-ipad/
Symantec: Receiving Symantec Mail Security for Microsoft Exchange (SMSMSE) notification that the "Quarantine date limits specify not to keep data more than 90 days. Currently at least one Quarantine item is older than this limit."
<< Problem >>
Receiving an alert that the quarantine threshold has reached a set limit on data being older then the 90 days in quarantine. From the Windows Application Event Log:
Log Name: Application
Source: Symantec Mail Security for Microsoft Exchange
Date:
Event ID: 236
Task Category: Quarantine
Level: Warning
Keywords: Classic
User: N/A
Computer: COMPUTERNAME
Description: The Quarantine directory has exceeded a set limit.
Limit Information:
Quarantine date limits specify not to keep data more than 90 days.
Currently at least one Quarantine item is older than this limit.
<< Cause >>
The default setting for the SMSMSE quarantine is to retain items for 90 days. A notification is sent out when it goes beyond the threshold setting, prompting the mail administrator to delete or release the items. A well-maintained SMSMSE quarantine is important to the health of the mail server.
<< Solution >>
In the SMSMSE Console, click on Monitors, Quarantine Settings. You can change quarantine limits, notifications can be enabled or disabled, and other configuration options set here.
To delete quarantined items rather than send notifications, follow the steps below:
1. Login to the Console for the SMSMSE
2. Once open click on the 'Monitors' Tab
3. Now click on the 'Quarantine Settings'
4. Under the section 'When a threshold is met' you will see a box that you can check that has 'Delete oldest items'
5. You will want to put a check there and Deploy the changes to save the setting
From that point onward, any quarantined items older than 90 days in quarantine will be deleted.
To stop the system from sending a notification to the administrator, you can uncheck the "Notify Administrator" option here.
Reference:
Receiving Symantec Mail Security for Microsoft Exchange (SMSMSE) notification that the "Quarantine date limits specify not to keep data more than 90 days. Currently at least one Quarantine item is older than this limit."
http://www.symantec.com/business/support/index?page=content&id=TECH95655
Receiving an alert that the quarantine threshold has reached a set limit on data being older then the 90 days in quarantine. From the Windows Application Event Log:
Log Name: Application
Source: Symantec Mail Security for Microsoft Exchange
Date:
Event ID: 236
Task Category: Quarantine
Level: Warning
Keywords: Classic
User: N/A
Computer: COMPUTERNAME
Description: The Quarantine directory has exceeded a set limit.
Limit Information:
Quarantine date limits specify not to keep data more than 90 days.
Currently at least one Quarantine item is older than this limit.
<< Cause >>
The default setting for the SMSMSE quarantine is to retain items for 90 days. A notification is sent out when it goes beyond the threshold setting, prompting the mail administrator to delete or release the items. A well-maintained SMSMSE quarantine is important to the health of the mail server.
<< Solution >>
In the SMSMSE Console, click on Monitors, Quarantine Settings. You can change quarantine limits, notifications can be enabled or disabled, and other configuration options set here.
To delete quarantined items rather than send notifications, follow the steps below:
1. Login to the Console for the SMSMSE
2. Once open click on the 'Monitors' Tab
3. Now click on the 'Quarantine Settings'
4. Under the section 'When a threshold is met' you will see a box that you can check that has 'Delete oldest items'
5. You will want to put a check there and Deploy the changes to save the setting
From that point onward, any quarantined items older than 90 days in quarantine will be deleted.
To stop the system from sending a notification to the administrator, you can uncheck the "Notify Administrator" option here.
Reference:
Receiving Symantec Mail Security for Microsoft Exchange (SMSMSE) notification that the "Quarantine date limits specify not to keep data more than 90 days. Currently at least one Quarantine item is older than this limit."
http://www.symantec.com/business/support/index?page=content&id=TECH95655
Thursday, 11 September 2014
Google: Google Apps iOS Sync
Google has announced a new tool for its iOS Google Apps users this evening that makes it easier to manage accounts and settings. Called iOS Sync, the feature will be integrated directly in to the company’s iOS Gmail and Drive apps and offer a variety of new management tools.
For one, the service allows administrators to easily prompt their employees to enroll their devices when they log into a Google Apps service like Drive and Gmail. iOS Sync also allows admins to easily distribute WiFi passwords and certificates, letting employees seamlessly connect to valid networks. Finally, iOS Sync allows for management of password requirements, data and camera policies, as well as a variety of remote wiping and activation tools.
- Manage Google Apps: Set a policy that prompts employees to enroll their device when they log into Google Apps such as Google Drive and Gmail.
- Configure WiFi networks: Distribute WiFi passwords and certificates to employees so they can easily connect to trusted networks.
- Support for existing policies: Manage password requirements, data encryption and camera policies, as well as actions like remotely wiping a device, activation approvals and blocking devices.
iOS Sync will be available for Google Apps for Work, Education, and Government beginning next week. Administrators can go to the Admin console to enable it.
Reference:
Google announces new ‘iOS Sync’ features for Google Apps users
http://9to5mac.com/2014/09/10/google-announces-new-ios-sync-features-for-google-apps-users/?utm_medium=referral&utm_source=pulsenews
Wednesday, 10 September 2014
Apple: iPhone 6, Apple Watch and Apple Pay
Apple surprised exactly nobody on Tuesday by announcing a new generation of iPhones: the iPhone 6 and iPhone 6 Plus. And it proved the rumormongers right by unveiling the new Apple Watch. But despite the predictability of those announcements, there were some surprises in the details.
<< iPhone 6, iPhone 6 Plus >>
As was widely expected ahead of the event, Apple unveiled two new iPhone models, the 6 and the 6 Plus. Both sport bigger screens than the last generation iPhone 5s: 4.7 inches and 5.5 inches respectively (compared with the 5s’s 4-inch display).
Both models will be available at three different storage tiers: 16GB, 64GB and 128GB models. The iPhone 6 models will sell for $199, $299 and $399, respectively, while the iPhone 6 Plus will cost $299, $399 and $499. Both models will be available on September 19th, and preorders should open up later this week.
Those displays aren’t just bigger, they’re sharper, too: Apple calls the new screens Retina HD. The iPhone 6 has a resolution of 1334 by 750, with a pixel-density of 326 pixels per inch (ppi); the 5.5-inch 6 Plus goes to 1920 by 1080 and 401 ppi. Apple says both screens are more durable than before (though they aren’t made of sapphire, as had been rumored).
Inside, both phones have a new generation 64-bit Apple A8 chip and an M8 coprocessor. The former is 25 percent faster than its predecessor, the A7, according to Apple; graphics processing should be even better than that. Apple says iPhone 6 will get the same battery life as the 5s, while the iPhone 6 Plus (thanks to a bigger battery) should be better.
The camera has been improved on both models (without getting more megapixels), and they both get more advanced wireless capabilities (including 150 Mbps LTE and 802.11ac Wi-Fi)
<< Apple Watch >>
Meanwhile, Apple’s introduction of the Apple Watch is the first time since the iPad in 2010 that the company had entered a brand new product category.
While the appearance of a smartwatch wasn’t a huge surprise, the new wearable will sport some intriguing features when it finally ships in early 2015. Perhaps the most intriguing is its support for Apple’s new Apple Pay system (see below), which means you’ll be able to quickly purchase items at select retail stores with a flick of your wrist. Its “taptic” feedback system can notify you of incoming phone calls or help you navigate by applying pressure to your wrist.
Otherwise, the Apple Watch does stuff that other smartwatches do: It can track your steps and heart rate, it displays smartphone notifications, and so on. Apple will argue that its watch does so better than those from other vendors, of course. To navigate through its apps, you use the crown (the dial you used to adjust the time or date on an old-fashioned analog watch). (Note that left-handers may not appreciate that particular bit of UI.)
Apple Watch will come in three different models—from a baseline version to an ultra-luxe 18K gold edition—with two case sizes (38mm and 48mm thick) and six different bands will allow a wide degree of personal customization. And, yes, the gadget will require an iPhone to work.
<< Apple Pay >>
The one less expected bit of news at Apple’s event was the launch a new potential wallet-killer: Apple Pay.
It’s a new payment system that works using NFC (near-field communication technology). The idea is that you’ll be able to hold your Apple phone up to a sensor at a store’s cash register, then use TouchID to complete the purchase. The catch there: Apple Pay will be exclusive to the iPhone 6 and 6 Plus, which are equipped with the requisite NFC radio antenna.
To start using Apple Pay, you’ll need either a credit card on file with iTunes or a card that you photograph with your new iPhone. Either way, you verify the card, then store it to Passbook. Apple has built a couple of different security features into the process. For one thing, it doesn’t store your card number on your phone or in iCloud. Instead, Apple uses encryption to disguise your payment information.
Furthermore, when you hold your phone up to a store’s NFC sensor, the cashier can’t see your card number, security code, or even your name. And Apple itself will turn a blind eye to your transactions, so it won’t know where you’re shopping or how much you spend. If you lose your phone and are worried about someone using to pay for thind, you can shut down payments from that device using Find My iPhone.
We’ll know a lot more about Apple Pay, along with the new phones and the Apple Watch when they all ship. In the meantime, keep an eye on Macworld for continuing coverage of Apple’s latest fall product blitz.
Reference:
Summary: Apple introduces the iPhone 6, the Apple Watch, and Apple Pay
http://www.macworld.com/article/2604357/summary-apple-introduces-the-iphone-6-the-apple-watch-and-apple-pay.html
<< iPhone 6, iPhone 6 Plus >>
As was widely expected ahead of the event, Apple unveiled two new iPhone models, the 6 and the 6 Plus. Both sport bigger screens than the last generation iPhone 5s: 4.7 inches and 5.5 inches respectively (compared with the 5s’s 4-inch display).
Both models will be available at three different storage tiers: 16GB, 64GB and 128GB models. The iPhone 6 models will sell for $199, $299 and $399, respectively, while the iPhone 6 Plus will cost $299, $399 and $499. Both models will be available on September 19th, and preorders should open up later this week.
Those displays aren’t just bigger, they’re sharper, too: Apple calls the new screens Retina HD. The iPhone 6 has a resolution of 1334 by 750, with a pixel-density of 326 pixels per inch (ppi); the 5.5-inch 6 Plus goes to 1920 by 1080 and 401 ppi. Apple says both screens are more durable than before (though they aren’t made of sapphire, as had been rumored).
Inside, both phones have a new generation 64-bit Apple A8 chip and an M8 coprocessor. The former is 25 percent faster than its predecessor, the A7, according to Apple; graphics processing should be even better than that. Apple says iPhone 6 will get the same battery life as the 5s, while the iPhone 6 Plus (thanks to a bigger battery) should be better.
The camera has been improved on both models (without getting more megapixels), and they both get more advanced wireless capabilities (including 150 Mbps LTE and 802.11ac Wi-Fi)
<< Apple Watch >>
Meanwhile, Apple’s introduction of the Apple Watch is the first time since the iPad in 2010 that the company had entered a brand new product category.
While the appearance of a smartwatch wasn’t a huge surprise, the new wearable will sport some intriguing features when it finally ships in early 2015. Perhaps the most intriguing is its support for Apple’s new Apple Pay system (see below), which means you’ll be able to quickly purchase items at select retail stores with a flick of your wrist. Its “taptic” feedback system can notify you of incoming phone calls or help you navigate by applying pressure to your wrist.
Otherwise, the Apple Watch does stuff that other smartwatches do: It can track your steps and heart rate, it displays smartphone notifications, and so on. Apple will argue that its watch does so better than those from other vendors, of course. To navigate through its apps, you use the crown (the dial you used to adjust the time or date on an old-fashioned analog watch). (Note that left-handers may not appreciate that particular bit of UI.)
Apple Watch will come in three different models—from a baseline version to an ultra-luxe 18K gold edition—with two case sizes (38mm and 48mm thick) and six different bands will allow a wide degree of personal customization. And, yes, the gadget will require an iPhone to work.
<< Apple Pay >>
The one less expected bit of news at Apple’s event was the launch a new potential wallet-killer: Apple Pay.
It’s a new payment system that works using NFC (near-field communication technology). The idea is that you’ll be able to hold your Apple phone up to a sensor at a store’s cash register, then use TouchID to complete the purchase. The catch there: Apple Pay will be exclusive to the iPhone 6 and 6 Plus, which are equipped with the requisite NFC radio antenna.
To start using Apple Pay, you’ll need either a credit card on file with iTunes or a card that you photograph with your new iPhone. Either way, you verify the card, then store it to Passbook. Apple has built a couple of different security features into the process. For one thing, it doesn’t store your card number on your phone or in iCloud. Instead, Apple uses encryption to disguise your payment information.
Furthermore, when you hold your phone up to a store’s NFC sensor, the cashier can’t see your card number, security code, or even your name. And Apple itself will turn a blind eye to your transactions, so it won’t know where you’re shopping or how much you spend. If you lose your phone and are worried about someone using to pay for thind, you can shut down payments from that device using Find My iPhone.
We’ll know a lot more about Apple Pay, along with the new phones and the Apple Watch when they all ship. In the meantime, keep an eye on Macworld for continuing coverage of Apple’s latest fall product blitz.
Reference:
Summary: Apple introduces the iPhone 6, the Apple Watch, and Apple Pay
http://www.macworld.com/article/2604357/summary-apple-introduces-the-iphone-6-the-apple-watch-and-apple-pay.html
Google: Search a File in a Google Drive Folder
There are two methods for you to search a particular file in a Google Drive folder:
- Google Drive Client - https://tools.google.com/dlpage/drive
- Google File Picker - https://support.google.com/drive/answer/2375114?hl=en
Google: Table of Contents for Google Docs
A table of contents makes it easy for you, your collaborators, and viewers to quickly navigate to a section of your document. Each item in your table of contents links to the titled sections of your document that use the heading styles. Here's how to add one to your document:
Note: If you want to change the text of the table of contents, edit the headings in the document body rather than in the table of contents. Once you update the table of contents by clicking the Refresh button, any manual edits you made in the table of contents will be cleared.
Reference:
Table of contents in documents
https://support.google.com/docs/answer/106342?hl=en
- Go to the Format menu and select Paragraph styles to add headings to sections of your document. There are six different heading sizes to choose from.
- Place your cursor where you'd like to insert the table of contents.
- Go to the Insert menu, and select Table of contents.
- If you need to move the table of contents, select it as you would select text and either move it with your cursor or cut it and paste it.
- You can continue to add headings to your document or change current headings. However, if you'd like a change to become part of the table of contents, you need to click first the table and then the Refresh button.
Note: If you want to change the text of the table of contents, edit the headings in the document body rather than in the table of contents. Once you update the table of contents by clicking the Refresh button, any manual edits you made in the table of contents will be cleared.
Reference:
Table of contents in documents
https://support.google.com/docs/answer/106342?hl=en
IT Technology: SSL Certificates for Internal Server Names
An internal name is a domain or IP address that is part of a private network. Common examples of internal names are:
You may get the SSL certificates for your internal server names from any Certificate Authorities ( CAs ) - GlobalSign, DigiCert, etc. However, Certificate Authorities (CAs) must immediately begin to phase out the issuance of SSL Certificates for internal server names or reserved IP addresses and eliminate (revoke) any certificates containing internal names by October 2016.
Reference:
SSL Certificates for Internal Server Names
https://www.digicert.com/internal-names.htm
- Any server name with a non-public domain name suffix. For example, www.contoso.local or server1.contoso.internal.
- NetBIOS names or short hostnames, anything without a public domain. For example, Web1, ExchCAS1, or Frodo.
- Any IPv4 address in the RFC 1918 range.
- Any IPv6 address in the RFC 4193 range.
You may get the SSL certificates for your internal server names from any Certificate Authorities ( CAs ) - GlobalSign, DigiCert, etc. However, Certificate Authorities (CAs) must immediately begin to phase out the issuance of SSL Certificates for internal server names or reserved IP addresses and eliminate (revoke) any certificates containing internal names by October 2016.
Reference:
SSL Certificates for Internal Server Names
https://www.digicert.com/internal-names.htm
Tuesday, 9 September 2014
Google: Photo Sphere
Photo Sphere is a 360-degree panorama feature Google added in Android 4.2 (and originally with the Nexus 4) that lets you take immersive pictures with your phone, then share them online. You can pan and zoom, much like you can with the Street View feature we've all come to know on Google Maps. Only, these are our images.
Photo Sphere started on the Nexus, but it didn't stay there for long. LG for a time had its own version, called VR Panorama. Samsung's got one as an optional download, and HTC has included a "Pan 360" mode in its latest camera software. And Google has released its own camera app that includes Photo Sphere functionality. In August 2014, Google released a Photo Sphere app for iOS.
Photo Spheres can be uploaded to Google Maps or Google+ to be shared with the world. They also can be embedded onto Websites with the same sort of code you'd use to embed a YouTube video.
The trick to making a Photo Sphere really is in the embedded metadata. That also means that traditional cameras can take a series of images, stitch them together in a photo editing program and then present them as Photo Spheres. There is a budding Photo Sphere community on Google+ that shows off all sorts of remarkable work.
Reference:
Photo Sphere
http://www.androidcentral.com/photo-sphere
Photo Sphere started on the Nexus, but it didn't stay there for long. LG for a time had its own version, called VR Panorama. Samsung's got one as an optional download, and HTC has included a "Pan 360" mode in its latest camera software. And Google has released its own camera app that includes Photo Sphere functionality. In August 2014, Google released a Photo Sphere app for iOS.
Photo Spheres can be uploaded to Google Maps or Google+ to be shared with the world. They also can be embedded onto Websites with the same sort of code you'd use to embed a YouTube video.
The trick to making a Photo Sphere really is in the embedded metadata. That also means that traditional cameras can take a series of images, stitch them together in a photo editing program and then present them as Photo Spheres. There is a budding Photo Sphere community on Google+ that shows off all sorts of remarkable work.
Reference:
Photo Sphere
http://www.androidcentral.com/photo-sphere
Google: Dual Delivery and Split Delivery for Google Apps
If you’re using multiple mail servers, it may be important to note the distinction between dual delivery and split delivery.
In dual delivery, a copy of every message is sent to two separate servers. On a successful dual delivery, both mail servers receive a copy of a message. You can implement dual delivery in Delivery Manager using these instructions.
In split delivery, incoming mail is routed to one of two servers, based on your user settings. On a successful split delivery, only one mail server receives the message. Which server receives the message is based on the address of the recipient. Set up split delivery by creating multiple email config organizations, setting Delivery Manager for each email config to route to the appropriate server, and adding appropriate users to the user orgs under these email configs.
You can use dual delivery and split delivery together, but plan your delivery settings carefully. For instance, you could set up two separate email configs to use split delivery, and then set up Dual Delivery on each email config, in order to deliver a copy of the message to Gmail.
For more information regarding dual delivery, go to https://support.google.com/a/answer/173534?hl=en
For more information regarding split delivery, go to https://support.google.com/a/answer/173534?hl=en
Reference:
Google Postini Services
https://www.google.com/support/enterprise/static/postini/docs/admin/en/admin_ee_cu/deliv_dual.html
In dual delivery, a copy of every message is sent to two separate servers. On a successful dual delivery, both mail servers receive a copy of a message. You can implement dual delivery in Delivery Manager using these instructions.
In split delivery, incoming mail is routed to one of two servers, based on your user settings. On a successful split delivery, only one mail server receives the message. Which server receives the message is based on the address of the recipient. Set up split delivery by creating multiple email config organizations, setting Delivery Manager for each email config to route to the appropriate server, and adding appropriate users to the user orgs under these email configs.
You can use dual delivery and split delivery together, but plan your delivery settings carefully. For instance, you could set up two separate email configs to use split delivery, and then set up Dual Delivery on each email config, in order to deliver a copy of the message to Gmail.
For more information regarding dual delivery, go to https://support.google.com/a/answer/173534?hl=en
For more information regarding split delivery, go to https://support.google.com/a/answer/173534?hl=en
Reference:
Google Postini Services
https://www.google.com/support/enterprise/static/postini/docs/admin/en/admin_ee_cu/deliv_dual.html
Monday, 8 September 2014
Google: Hapara Teacher Dashboard
While the Hapara Teacher Dashboard isn’t aimed specifically at sysadmins, it does make our lives easier. Hapara builds tools that let teachers monitor how their students are using Google Apps, distribute and collect homework, even keep an eye out for bullies and other sorts of creeps. This sort of self-service for teachers translates to fewer support calls and better security, with less need for sysadmin interaction. It’s a win-win.
Youtube: player.vimeo.com/video/78360339?title=0&byline=0&portrait=0
Reference:
Hapara Teacher Dashboard
http://blog.synergyse.com/2014/05/top-10-tools-for-admins-switching-google-apps.html
Youtube: player.vimeo.com/video/78360339?title=0&byline=0&portrait=0
Reference:
Hapara Teacher Dashboard
http://blog.synergyse.com/2014/05/top-10-tools-for-admins-switching-google-apps.html
Google: FlashPanel for Google Apps
If you’ve administered a Google Apps domain using only the default Control Panel, you know that something’s… missing. Managing user profiles is a pain, automation is tough to come by, and generating useful reports is almost impossible. This is where FlashPanel comes in, with the ability to create and manage users, groups, OUs, shared contact lists, monitor usage of communication tools, generate canned reports, and the list goes on. The Basic version is free, the Enterprise version is $10/user/year, and there are discounts for education and nonprofits.
Youtube: http://www.youtube.com/watch?v=3pJKKa2_idM
Reference:
Top 10 tools for admins switching to Google Apps
http://blog.synergyse.com/2014/05/top-10-tools-for-admins-switching-google-apps.html
Youtube: http://www.youtube.com/watch?v=3pJKKa2_idM
Reference:
Top 10 tools for admins switching to Google Apps
http://blog.synergyse.com/2014/05/top-10-tools-for-admins-switching-google-apps.html
Google: Google Now
Google Now is an intelligent personal assistant developed by Google. It is available within the Google Search mobile application for the Android and iOS operating systems, as well as the Google Chrome web browser on personal computers. Google Now uses a natural language user interface to answer questions, make recommendations, and perform actions by delegating requests to a set of web services. Along with answering user-initiated queries, Google Now proactively delivers information to the user that it predicts they will want, based on their search habits.
Google Now is implemented as an aspect of the Google Search application. It recognizes repeated actions that a user performs on the device (common locations, repeated calendar appointments, search queries, etc.) to display more relevant information to the user in the form of "cards". The system leverages Google's Knowledge Graph project, a system used to assemble more detailed search results by analyzing their meaning and connections.
Specialized cards currently comprise:
Reference:
Google Now
http://en.wikipedia.org/wiki/Google_Now
Google Now is implemented as an aspect of the Google Search application. It recognizes repeated actions that a user performs on the device (common locations, repeated calendar appointments, search queries, etc.) to display more relevant information to the user in the form of "cards". The system leverages Google's Knowledge Graph project, a system used to assemble more detailed search results by analyzing their meaning and connections.
Specialized cards currently comprise:
- Activity summary (walking/cycling)
- Boarding pass
- Concerts
- Currency
- Developing story and breaking news
- Events
- Event reminders
- Fandango
- Flights
- Friends' birthdays
- Hotels
- Location reminders
- Movies
- Nearby attractions
- Nearby events
- Nearby photo spots
- New albums/books/video games/TV episodes
- News topic
- Next appointment
- Packages
- Parking location
- Places
- Product listing
- Public alerts
- Public transit
- Research topic
- Restaurant reservations
- Sports
- Stocks
- Time at home
- Time reminders
- Traffic and transit
- Translation
- Weather
- Website update
- What to watch
- Your birthday
- Zillow
Reference:
Google Now
http://en.wikipedia.org/wiki/Google_Now
Google: Search with Omnibox
An Omnibox is similar to the traditional browser address bar with additional features. For example, in the Google Chrome browser, the Omnibox (address bar) not only displays the address of the web page you are using, but also can be used to search the Internet. As seen in the picture, the Omnibox in Chrome can also perform mathematical calculations and even answer questions such as "how many cups are in 2 liters?"
Reference:
Omnibox
http://www.computerhope.com/jargon/o/omnibox.htm
Reference:
Omnibox
http://www.computerhope.com/jargon/o/omnibox.htm
Friday, 5 September 2014
IT Technology: Nimble Storage
Nimble Storage's Adaptive Flash platform is the first storage solution to eliminate the flash performance and capacity tradeoff. The Adaptive Flash platform is based on Nimble's CASL architecture, and InfoSight, the company's data sciences-based approach to the storage lifecycle.
<< Key Benefits >>
1. Performance and Capacity
2. Seamless Scalability
3. Integrated Data Protection
4. Proactive Wellness
Reference:
Nimble Storage Products Overview
http://www.nimblestorage.com/products/overview.php
<< Key Benefits >>
1. Performance and Capacity
- Virtual Desktop Scalable Storage and Performance Capacity Flexible scaling of storage resources to satisfy the changing demands of business-critical applications
- Five times greater performance and capacity density than legacy storage systems
- Up to a 75% reduction in data footprint, and a 10x reduction in datacenter rack space
2. Seamless Scalability
- Non-disruptive and independent scaling of performance and capacity, within a single array or a cluster
3. Integrated Data Protection
- As many as 90 days of hourly snapshots on a single array
- WAN-efficient replication of snapshot data for disaster recovery
4. Proactive Wellness
- Peak storage health driven by powerful data sciences
- Greater than five nines system uptime
Reference:
Nimble Storage Products Overview
http://www.nimblestorage.com/products/overview.php
Wednesday, 3 September 2014
IT Technology: Backoff POS Malware
One of the earliest most persistent forms of cybercrime today focuses on the highly successful Point-of-Sale (POS) hack, prevalent in many variations. Organized gangs and some led by notable individuals, such as Albert Gonzalez (who was convicted in 2010 and is serving a 20 year sentence), have used sophisticated orchestrations of small changes and detectable breach activity to steal vast amounts of credit card and personal data over long periods of time.
“Backoff” Point-of-Sale (POS) malware techniques have been found across a number of recent investigations, and Friday, August 22, 2014, US-CERT issued an updated Alert TA14-212A with the stated purpose “…to provide relevant and actionable technical indicators for network defense against the POS malware dubbed ‘Backoff,’ which has been discovered exploiting businesses’ administrator accounts remotely and exfiltrating consumer payment data.”
<< BACKOFF IMPACT >>
According to the Secret Service, Backoff malware has affected an additional 1,000 businesses, hit by the same type of cyberattack that stole the personal information of millions of Target customers last year. “There are a lot of retailers out there that have been compromised by this and they simply don’t know it yet,” said Tripwire security researcher Ken Westin.
Westin added that many businesses simply don’t have the tools in place to monitor for these types of attacks. Furthermore, it’s clear that nearly any retailer conducting business with credit card transactions could be a target for Backoff malware, including hospitals, universities, hotels, restaurants, government organizations, etc.
<< WHAT IS IT? >>
Backoff is a recent discovery, but upon forensic investigation has been seen as early as October 2013. It’s a family of malware that scrapes memory of POS devices and has been seen across three separate forensic investigations. It continues to be seen in operation and in various versions.
Researchers have identified three specific variants of Backoff: v1.4, 1.55 (multiple flavors of this one), and 1.56. Across the capabilities of all the variations, it has been seen to have the capacity to install itself, get its own software updates, can inject malicious code into the explorer.exe process (thereby making it persistent and able to access other processes), exfiltrate data and delete itself.
<< STEP 1 – INFILTRATION >>
First of all, and especially important, cybercriminals frequently do not have access to the POS device directly in their initial infiltration activity. This is typical of so many attacks on critical assets – they infiltrate often through phishing emails with a malware payload and then make their way to the customer data environment (CDE).
In the case of Backoff, recent investigations showed that the primary attack vector used was through a variety of remote desktop applications to brute force the login feature. Applications included Microsoft Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop 2, Pulseway and LogMEIn Join.Me. Once a valid set of credentials are in hand, the attacker just looks like an insider.
These factors make a case for installing an agent and monitoring all systems, including desktops, not just critical assets. Further, Westin advises segmenting POS systems away from more sensitive portions of their infrastructure and installing monitoring software that can detect and notify them of any changes made to their systems. He adds that organizations must make sure customer credit card information is always encrypted.
<< STEP 2 – TRAVERSING THE INFRASTRUCTURE >>
Following a successful payload, there are indicators to look for all along the path as the Backoff malware executes and the attacker makes way to the goal of POS systems. What they’re searching for is customer data environment (CDE) – any people, processes and/or technology that store, process or transmit cardholder data (CHD) or sensitive authentication data (SAD). Once inside the CDE, malware can be executed to steal card data from the POS systems.
<< WHAT TO SEARCH FOR >>
Seeking out any desktop or other system using one of the remote desktop login applications would be a smart start, since that’s the prime attack vector for Backoff. Assure that password hygiene in your organization is hardened, making credentials more difficult to compromise. Setting monitoring software to look for specifics typical of Backoff malware is also a good idea, both for the initial investigation and for future possible attack.
Here’s a list of specific files and system changes that can be indicators of compromise (IOCs) when attackers are using Backoff malware. Checking for these can be added to network security systems like Tripwire Enterprise to search for whether these are already in place.
Even if these IOCs are not found on initial investigation, it would be prudent to have continuous monitoring with real-time alerting on these changes if credit card information is being processed. These and other IOCs are available directly from the US-CERT Alert TA14-212A:
<< SUMMARY >>
Improvements in credit card security technologies and infrastructure (EMV chips or Point-to-Point encryption); the continuous security configuration monitoring required of the current Payment Card Industry Data Security Standard (PCI DSS) version 3.0; and stronger corporate internal security, infrastructure and maintenance are all needed to combat this cyber threat and others like it.
Payment systems expert Slava Gomzin discusses different components of payment systems, terms and protocols in his new book, “Hacking Point of Sale: Payment Application Secrets, Threats & Solutions,” in a way that is easily understandable by business leaders and technical audiences alike. A free chapter is available here, covering overall payment system architecture, vulnerabilities and threats in retail payment systems.
Reference:
BACKOFF POS MALWARE: ARE YOU INFECTED AND DON’T KNOW IT?
http://www.tripwire.com/state-of-security/incident-detection/backoff-pos-malware-are-you-infected-and-dont-know-it/
“Backoff” Point-of-Sale (POS) malware techniques have been found across a number of recent investigations, and Friday, August 22, 2014, US-CERT issued an updated Alert TA14-212A with the stated purpose “…to provide relevant and actionable technical indicators for network defense against the POS malware dubbed ‘Backoff,’ which has been discovered exploiting businesses’ administrator accounts remotely and exfiltrating consumer payment data.”
<< BACKOFF IMPACT >>
According to the Secret Service, Backoff malware has affected an additional 1,000 businesses, hit by the same type of cyberattack that stole the personal information of millions of Target customers last year. “There are a lot of retailers out there that have been compromised by this and they simply don’t know it yet,” said Tripwire security researcher Ken Westin.
Westin added that many businesses simply don’t have the tools in place to monitor for these types of attacks. Furthermore, it’s clear that nearly any retailer conducting business with credit card transactions could be a target for Backoff malware, including hospitals, universities, hotels, restaurants, government organizations, etc.
<< WHAT IS IT? >>
Backoff is a recent discovery, but upon forensic investigation has been seen as early as October 2013. It’s a family of malware that scrapes memory of POS devices and has been seen across three separate forensic investigations. It continues to be seen in operation and in various versions.
Researchers have identified three specific variants of Backoff: v1.4, 1.55 (multiple flavors of this one), and 1.56. Across the capabilities of all the variations, it has been seen to have the capacity to install itself, get its own software updates, can inject malicious code into the explorer.exe process (thereby making it persistent and able to access other processes), exfiltrate data and delete itself.
<< STEP 1 – INFILTRATION >>
First of all, and especially important, cybercriminals frequently do not have access to the POS device directly in their initial infiltration activity. This is typical of so many attacks on critical assets – they infiltrate often through phishing emails with a malware payload and then make their way to the customer data environment (CDE).
In the case of Backoff, recent investigations showed that the primary attack vector used was through a variety of remote desktop applications to brute force the login feature. Applications included Microsoft Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop 2, Pulseway and LogMEIn Join.Me. Once a valid set of credentials are in hand, the attacker just looks like an insider.
These factors make a case for installing an agent and monitoring all systems, including desktops, not just critical assets. Further, Westin advises segmenting POS systems away from more sensitive portions of their infrastructure and installing monitoring software that can detect and notify them of any changes made to their systems. He adds that organizations must make sure customer credit card information is always encrypted.
<< STEP 2 – TRAVERSING THE INFRASTRUCTURE >>
Following a successful payload, there are indicators to look for all along the path as the Backoff malware executes and the attacker makes way to the goal of POS systems. What they’re searching for is customer data environment (CDE) – any people, processes and/or technology that store, process or transmit cardholder data (CHD) or sensitive authentication data (SAD). Once inside the CDE, malware can be executed to steal card data from the POS systems.
“WEAK, STOLEN, OR MISUSED CREDENTIALS – THE ATTACKER’S CHOICE NEARLY 80% OF THE TIME.”– 2013 VERIZON DBIR
The most effective and least sophisticated method of traversing the network is through valid user credentials – essentially becoming an “insider threat.” Methods used include keylogging, password hash extraction, cracking, replaying login sequences, or even brute force can ultimately help an attacker reach administrative level credentials, domain controllers which would give them powerful access to all the computers in the network.
<< WHAT TO SEARCH FOR >>
Seeking out any desktop or other system using one of the remote desktop login applications would be a smart start, since that’s the prime attack vector for Backoff. Assure that password hygiene in your organization is hardened, making credentials more difficult to compromise. Setting monitoring software to look for specifics typical of Backoff malware is also a good idea, both for the initial investigation and for future possible attack.
Here’s a list of specific files and system changes that can be indicators of compromise (IOCs) when attackers are using Backoff malware. Checking for these can be added to network security systems like Tripwire Enterprise to search for whether these are already in place.
Even if these IOCs are not found on initial investigation, it would be prudent to have continuous monitoring with real-time alerting on these changes if credit card information is being processed. These and other IOCs are available directly from the US-CERT Alert TA14-212A:
BACKOFF V1.4Packed MD5: 927AE15DBF549BD60EDCDEAFB49B829E
Unpacked MD5: 6A0E49C5E332DF3AF78823CA4A655AE8
Install Path: %APPDATA%\AdobeFlashPlayer\mswinsvc.exe
Mutexes:
uhYtntr56uisGst
uyhnJmkuTgD
Files Written:
%APPDATA%\mskrnl
%APPDATA%\winserv.exe
%APPDATA%\AdobeFlashPlayer\mswinsvc.exe
Static String (POST Request): zXqW9JdWLM4urgjRkX
Registry Keys:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\identifier
HKCU\ SOFTWARE \Microsoft\Windows\CurrentVersion\Run\Windows NT Service
User-Agent: Mozilla/4.0
URI(s): /aircanada/dark.php
<< SUMMARY >>
Improvements in credit card security technologies and infrastructure (EMV chips or Point-to-Point encryption); the continuous security configuration monitoring required of the current Payment Card Industry Data Security Standard (PCI DSS) version 3.0; and stronger corporate internal security, infrastructure and maintenance are all needed to combat this cyber threat and others like it.
Payment systems expert Slava Gomzin discusses different components of payment systems, terms and protocols in his new book, “Hacking Point of Sale: Payment Application Secrets, Threats & Solutions,” in a way that is easily understandable by business leaders and technical audiences alike. A free chapter is available here, covering overall payment system architecture, vulnerabilities and threats in retail payment systems.
Reference:
BACKOFF POS MALWARE: ARE YOU INFECTED AND DON’T KNOW IT?
http://www.tripwire.com/state-of-security/incident-detection/backoff-pos-malware-are-you-infected-and-dont-know-it/
Subscribe to:
Posts (Atom)