Every operating system could stand some tweaking. No matter how many developers you throw at an OS as complicated as Windows Vista, power users will always find something they can modify or hack to make it run faster, or better, or just differently. Here are just a few of the Windows Vista tweaks, tricks, and hacks we have discovered so far.

1: Add the Run command to the Start Menu

Beginning way back with the release of Windows 1.0, Microsoft has been all about the GUI interface (more or less effectively). But sometimes you just want to run a program without having to navigate the GUI maze of menus and folders. Windows Vista, by default, does not include the Run command on the Start Menu. This was a common and favorite feature of Windows XP.

To add the Run command back to the Vista Start Menu, follow these steps:

1. Right click the Taskbar in an open area
2. Click on Properties

Click on the Start Menu tab (See Figure A)

Figure A

Taskbar and Start Menu Properties

3. Click the Customize button to get to the Customize Start Menu

Scroll down the list until you find the Run command checkbox and check it (See Figure B).

4. Click OK and the Run command will now appear on the Start Menu.

Figure B

Customize Start Menu

2. Disable the Welcome Center and Sidebar

The Windows Vista default setting is to show the Welcome Center on startup. While the Welcome Center is mildly interesting the first time you see it, you will quickly tire of it appearing every time you boot your Vista PC. This behavior is easily changed by unchecking the Run a Startup button located at the bottom of the Welcome Center as shown in Figure C.

Figure C

Welcome Center

Similarly, the Vista Sidebar is also on by default. While some users will find the Sidebar and its widgets useful, many will desire the desktop real estate and underlying resources for other more productive uses. You can turn the Sidebar off by:

1. Right clicking the Windows Sidebar icon in the system tray
2. Click Properties
3. Uncheck the Start Sidebar when Windows starts checkbox (See Figure D)
4. Click OK

Figure D

Windows Sidebar Properties

Continue Reading »

Tech Sanity Check

by Jason Hiner, Executive EditoBecause of the breakneck pace of change in the technology world, there is so much information that most of us need to keep up with on a daily basis. Unfortunately, I don’t have enough time to read as much as I would like. As a result, podcasts are one of the most valuable tools that I use to stay current in tech, because of the fact that I can multi-task while I’m listening to podcasts.

I listen to podcasts while I drive to work. I listen to podcasts while I work out. I listen to podcasts on airplanes. I listen to podcasts when checking my e-mail. I listen to podcasts when I’m doing the dishes. If it weren’t for podcasts, I simply wouldn’t be able to keep up with as much news, information, commentary, and perspectives on technology and the IT industry.

I’ve put together a list of what I consider to be the top 10, based on podcasts that are informative, concise, and not boring. Of course, I’m also biased toward stuff that has relevance for IT and business technology, and not just consumer tech and gadgets. I’ve also limited this list to audio-only podcasts. Next week, I’ll cover video podcasts.

10. TechnologyIQ

I’m sure that 99% of you have never heard of this podcast. It’s done by Douglas Welch, an IT consultant in Southern California. He provides some short tips for IT pros based on anecdotes from his work with clients. He also includes recordings from an Internet Seminar he does at his local library — those episodes are safe to skip. However, this guy provides a nice perspective of an IT professional working in the trenches. I should hire this guy to write and do podcasts for TechRepublic.

9. Security Now!

Steve Gibson — a legend in IT security and host of grc.com — teams up with former TechTV host Leo Laporte for this weekly podcast that includes security updates, security tips and best practices, and a spotlight on various security technologies. Steve does a regular question-and-answer session based on submissions from listeners. Continue Reading »

 

10 Wi-Fi security tips

Wireless networking can be kind of scary from a security standpoint. It opens up whole new attack vectors that were not present with wired network infrastructures. That doesn’t mean you can’t do it securely, however, and I aim to give you some ideas that can help you in that regard.

Many of these tips are likely to be inapplicable to a lot of people. For instance, if you’re running a wireless network that has to allow connections from a changing lineup of computers so that the specific computers on the network will not be constant, the point about restricting access by MAC address is unlikely to do much good. As always, you must exercise some common sense when reading through a list of security tips like this. You have to determine what options apply to you, and whether the fact that your plans make a given suggestion unusable means your plans are wrong or the suggestion simply is not relevant in your case.

1. Use a strong password. As I pointed out in the article A little more about passwords, a sufficiently strong password (on a system with decent password protection) makes the likelihood of cracking the password through brute force attacks effectively impossible. Using a sufficiently weak password, on the other hand, almost guarantees that your system will be compromised at some point.
2. Don’t broadcast your SSID. Serious security crackers who know what they are doing will not be deterred by a hidden SSID — the “name” you give your wireless network. Configuring your wireless router so it doesn’t broadcast your SSID does not provide “real” security, but it does help play the “low hanging fruit” game pretty well. A lot of lower-tier security crackers and mobile malicious code like botnet worms will scan for easily discovered information about networks and computers, and attack those that have characteristics that make them appear easy to compromise. One of those is a broadcast SSID, and you can cut down on the amount of traffic your network gets from people trying to exploit vulnerabilities on random networks by hiding your SSID. Most commercial grade router/firewall devices provide a setting for this.
3. Use good wireless encryption. WEP is not exactly “good” encryption. With a freely available tool like aircrack, you can sniff wireless traffic protected by WEP and crack security on that network in a matter of minutes. WPA is the current, common encryption standard you should probably be using — though, of course, you should use something stronger as soon as it becomes available to you. Technology is advancing every day, on both sides of the encryption arms race, after all.
4. Use another layer of encryption when possible. Don’t just rely on wireless encryption to provide all your security on wireless networks. Other forms of encryption can improve the security of the systems on the network, even if someone happens to gain access to the network itself. For instance, OpenSSH is an excellent choice for providing secure communications between computers on the same network, as well as across the Internet. Using encryption to protect your wireless network does not protect any communications that leave the network, so encryption schemes like SSL for dealing with e-commerce Websites is still of critical importance. The fact you’re using one type of encryption in no way suggests you should not be using other types of encryption as well. Continue Reading »

Have you ever crossed your mind about 802.11n especially when you’re out for an IT Shopping…just suddenly when you’re searching for a networking products especially the wireless. Normally we’ve been bombared with the 802.11 a/b/g or even Super G which is double the performance of your Standard G…it’s now is 108Mbps..

During the time I was searching for an easier reading materials for the explanation on 802.11n, below is the newlly posted articles on 802.11n which I found on Techrepublic.com

802.11n is being touted as the networking standard that will unwire the network world. Most people are not convinced, yet curious to see how one defends such a claim. The 802.11n standard has two top-level mandates (unwiring the world not being one of them): Achieve higher data rates and retain backward compatibility with legacy 802.11a/b/g devices.

The significance of requiring backward compatibility shouldn’t be taken lightly since it complicates the development process exponentially. Yet the 802.11n group has come up with a soon-to-be-ratified standard that meets both objectives.

In a previous post: 802.11n, MIMO, and multipath environments I discussed MIMO smart antenna technology, which is by far the most visible improvement being leveraged by 802.11n. In this post, I will touch on how MIMO and other 802.11n technological advances dramatically improve data rates, system stability and reliability. Maybe even convince some that it is a viable alternative to a wired connection/network.

802.11n’s improved technology

802.11n’s version of OFDM: 802.11a/g already uses OFDM (Orthogonal Frequency-Division Multiplexing) to achieve data rates of 54 Mbps. 802.11n OFDM technology builds on 802.11a/g OFDM modulation by creating support for multiple channels (MIMO), allowing more bandwidth per channel, and higher code rates. This brings the maximum data rate of a single 802.11n OFDM channel to 65 Mbps. Continue Reading »

Spam, viruses, and malware: the bane of any network administrator’s life. This is not only due to the inherent risk they pose to overall network security, but also because of the additional load they place on your network.The detection and processing of junk e-mail puts quite a bit of stress on mail systems; some people claim the extra burden doubles their load. I wouldn’t be at all surprised if that were accurate. But not only do these threats place additional load on servers, they also put stress on the network; the bandwidth consumed by unsolicited bulk mail and worms can be quite substantial. If you notice that your Internet connection seems to be a little slow, then check your mail logs-it’s likely you’re being hit by a dictionary spammer trying to deliver image spam!

I think there are two ways to approach the problem of junk e-mail:

• Run antispam and antivirus software on smart-gateway
  o Build a custom gateway
  o Buy an appliance
• Run antispam and antivirus software on mail server

In my opinion, it’s best to tackle this problem with a balanced combination of both of these strategies. A smart mail gateway is essential if you want to stop your mail system from being bogged down with processing junk. Depending on your configuration, the gateway can bounce messages to invalid addresses before processing any of its content and deny SMTP sessions to IPs known to be used by spammers and botnets. Spam and viruses can be identified and quarantined without touching your mail servers, which keeps things tidy and gives at least some peace of mind.

While a smart gateway will be able to filter out almost all incoming threats, I would always want to run virus protection software on the servers holding user mailboxes. It could well be that the antivirus on your mail server never fires, but, if something were to slip through the gateway or enter the system internally then you’d be glad of the additional protection.

I’m currently using a custom built mail gateway; it runs on a Linux base with Postfix, amavisd, ClamAV, SpamAssassin, and Policyd. By combining these relatively simple apps, I have a powerful e-mail defence system which has yet to hit a false positive. When I introduced grey-listing via Policyd, it had a huge impact on both the amount of spam slipping through and the load put on the gateway. Grey-listing meant that spam messages, which would normally be processed by SpamAssassin, were being dropped before they hit the antispam engine.

Ready-built appliances are becoming more and more popular these days. I think the biggest reason for their popularity is the reduction in the amount of administrative attention required — once the initial setup has been done, the gateway will pretty much look after itself. I have been interested in the Barracuda Spam Firewall for quite some time and will soon be replacing my custom gateway. Why the Barracuda? Used by the U.S. Treasury department, IBM, and NASA, the Barracuda Spam Firewall has taken home numerous awards; it won the Windows IT Pro ‘Community Choice Award’ and the Lotus Advisor Magazine Editors’ Choice for two years running.

Features offered by the Barracuda appliance include:

• Graphical reporting
• Automatic updates
• Rate Control
• IP Reputation Analysis
• Sender Authentication
• Recipient Verification
• Virus Scanning
• Spam Fingerprint Check
• Intent Analysis
• Image Analysis
• Bayesian Analysis
• Rule-based Scoring
• Single sign-on with Active Directory integration
• Per-user, user managed quarantine

I’m looking forward to getting my hands on the Barracuda Spam Firewall and will report back once I’ve had a chance to check it out properly. If you’re using one of these already, then I’d love to hear your experiences; leave a comment and let me know how you’ve gotten on.

Maybe you’ve chosen to take a completely different approach to dealing with spam and e-mail borne threats? Again, leave a comment and share your views.

Source: Techrepublic.com

Security research group Dreamlab have released a new white paper entitled 27Mhz Wireless Keyboard Analysis Report aka “We know what you typed last summer“. The paper, written by Max Moser & Philipp Schrödel, describes the inherent design flaw which leaves a majority of consumer grade wireless keyboards wide open to keylogging.

The two major consumer brands affected by this vulnerability are Microsoft and Logitec. In fact Microsoft’s Wireless Optical Desktop 1000 and Wireless Optical Desktop 2000 products are specifically mentioned as being vulnerable. It’s also assumed that other 27Mhz products such as the Wireless Optical Desktop 3000, 4000 and the Laser Desktop series are open to attack in a similar way.

Due to the widespread use of these wireless devices, the huge security implications, and the fact that there is no quick fix for this design flaw — Dreamlab have decided not to release a public proof of concept. Despite this, I’m sure it won’t be long until code is readily available online. Dreamlab have released a video of an attack in progress.

It’s quite worrying to see just how easy it is to sniff and extract keystrokes from these ‘consumer’ grade devices with no need for dongles, trojans or specialist equipment. The 27Mhz keyboards only use 8bit encryption which can be cracked relatively quickly with quite modest hardware. From what I can tell, all that’s required is a 27Mhz capable receiver, a sound card, and a computer. The range will obviously be dictated by the receiver and its antenna.

I started using a Bluetooth keyboard quite some time ago as I find it’s much more reliable, but I still have one of the Microsoft Wireless Optical Desktop sets buried in the back of a cupboard somewhere. I’m quite tempted to dig it out and see what I can pick up!

Source: Techrepublic.com 

Let’s face it — sometimes things go wrong, especially when you are dealing with computers, networks, and the people who use them. When it comes to saved files on a hard drive, users have been known to delete, modify, and otherwise render useless important documents and then want them restored to their previous condition.

The shadow copy feature in Microsoft Windows Vista goes a long way toward making that restoration just a few mouse clicks from reality. That is, if you have turned shadow copy on and have it configured properly. Configuring and using Vista shadow copy is not complicated, but it does require some specific knowledge about where these features are located.

Shadow copy configuration

Before you can use the shadow copy feature, you must make sure it is enabled. Shadow copy does require additional system resources, so you should weigh the benefits of file restoration with the availability of system resources. For most, the benefits will outweigh the additional system requirements, but your situation may dictate a different approach.

Configuration settings for shadow copy can be found in Vista System Properties. Navigate to the Control Panel and click the System Properties icon, as shown in Figure A. You can also type system into the Desktop Search box on the Start Menu.

Figure A

Vista System Properties

In the System Properties window (Figure B), click the System Protection link on the left-hand side of the screen. It is odd, but I could find no keyword that would lead me directly to the System Protection screen from the Desktop Search. The intermediate step to System Properties seems to be required.

Figure B

Link to System Protection

Once you get to the System Properties dialog window, click the System Protection tab to reach the configuration screen for shadow copy (Figure C). Make sure to check the drives for which you would like shadow copy to be available. If you want, you can create a restore point immediately by clicking the Create button. Under normal conditions, a new restore point is created as part of the shutdown/boot process. Continue Reading »

If in Windows XP you typically maximize a too-small Internet Explorer window, every subsequent time you launch Internet Explorer, its windows may remain too small. By default, Internet Explorer is supposed to open at the same size it was at the last time it was closed; however, sometimes the default setting gets out of whack, and you need to manually reset it. Here’s how:

1. Launch Internet Explorer.

2. Click one of the window corners and drag it out to completely fill your screen. Do not use the Maximize button.

3. Press [Alt] to view the menu bar (if you are using Internet Explorer 7).

4. Press and hold down either [Ctrl] or [Shift] while selecting Exit from the File menu. Do not use the Close button.

Now when you launch Internet Explorer, it should open in a full window. If it opens in the same small window, repeat the steps but hold down the opposite key in step 4, that is either [Ctrl] or [Shift].

(resource: Techrepublic.com)

For those who already bought my eBook or even received my newsletter, you might probably remember about my notes on disabling your default running services.

Each version of MS Windows provides different services, of course, so any list of services to disable for security purposes will be at least somewhat particular to a given version of Microsoft Windows. As such, a list like this one needs to be identified with a specific Microsoft Windows version, though it can still serve as a guide for the knowledgeable MS Windows user to check out the running services on other versions as well.

If you are running Microsoft Windows XP on your desktop system, consider turning off the following services. You may be surprised by what is running without your knowledge.

• IIS – Microsoft’s Internet Information Services provide the capabilities of a Webserver for your computer.
• NetMeeting Remote Desktop Sharing — NetMeeting is primarily a VoIP and videoconferencing client for Microsoft Windows, but this service in particular is necessary to remote desktop access. Continue Reading »

In today’s connected world, hacking is a 24/7 business. Whether approaching it as a job or a hobby, hackers don’t punch a clock.By developing a methodical, comprehensive task list that can provides you with the most efficient means of securing your network. you can jump-start your planning, here are eight simple tasks you should make sure to check off every day.

In the morning

After arriving at work, get some coffee, check your e-mail, and do the following:

1. Verify the current connections: There’s nothing like catching malicious behavior while it’s occurring. Inspect all the connections going through your firewall — both in and out. Look for anomalies and investigate them; this could include outbound FTP or inbound Telnet/SSH sessions. You’re looking for things that aren’t normal.
2. Look at network traffic statistics: How much activity took place while you weren’t there? What type of traffic was it, and what was the destination and source?
3. Look at your antivirus logs: Did a virus hit your e-mail system last night? Are the antivirus signatures up to date?
4. Read the security logs on your domain servers: Did the system lock out any accounts last night? Pay special attention to any accounts with administrator access. Verify that lockouts were human error — and not part of a breach attempt.
5. Check for new security patches: Determine whether any of your vendors released patches for any software in your baseline. (If you don’t have a baseline, I highly recommend developing one.) If a new patch is available, read the release notes thoroughly. Then, make a decision or recommendation whether to implement it now or wait for scheduled system downtime.

In the afternoon

When you arrive back from lunch, there’s still a lot left to do: Continue Reading »