Why can’t I email zipped executables like all the worms and viruses do?

Posted: 6:19 am
June 4, 2007
ExchangeDefender
1 Comment

The #1 source of frustration and anger with ExchangeDefender is directly related to the way it handles executable content – with a shotgun. Through the years, we’ve seen executable email content damage so many computers and networks that we outright ban that content at the gate, nothing executable comes in or goes out. We go a few steps further too – You can’t zip it, you can’t rename it, you can’t rename it and zip it. We eval the file not just for the filename pattern but for the filetype MIME match as well. Then we check if it has multiple extensions trying to hide the .exe at the end. Then we check the length of the filename, then… Well, let’s just say we’re thorough.

Yet every Monday morning there are the unfortunate few customers that will have an urgent, critical business need to receive an executable file. The reason? You’ve guessed it:

My vendor distributes the software updates through email.

While ordinary ExchangeDefender users have a right and even an excuse to be ignorant of this, software vendors do not. Let me explain the ginormity (new word of the day) of this stupidity in somewhat plainer terms. Your software vendor is trying to behave like 98.3% of all worms and viruses out there. And after years and years of “Here is your Microsoft update, attached.” exploits there are still people under the rock about this. Here is how we like to translate your business need to patch applications that only receive updates through email:

My pharmaceutical distributor only sells this drug in a dark alley between 2 and 6 am.

My butcher will only sell that piece of meat after hours, and always locks the door after I come in.

My electronics dealer has the cheapest and newest stuff around, but only seems to have one piece of each model. He also only takes cash payments and asks me if I’ve seen any cops around on my way in.

Please, end this stupidity. There is no circumstance, whatsoever, under which we will ever allow executable content that we cannot validate through our network. Even if you’ve spent last 260 years in network security, have written books on it, have a pending Nobel prize in World Peace category for helping save starving African villages through your ability to keep orphanages running with software that only distributes patches via executable email attachments… even then we will block your ability to receive refuse to hand you a loaded gun to play Russian roulette with.

In closing, if this software vendor absolutely cannot deliver their software through anything but email…. Go get a gmail, yahoo, hotmail, etc account and have your patches sent there. Then download those directly onto the box running the said software, but ask yourself this:

If this software vendor has put so little thought into the distribution of their patch management and cannot even figure out how to put up an authenticated web page for their file distribution, which is a job of a jr system administrator…. what other holes have they left in their application if they can’t grasp these simple concepts?

The preceeding Monday morning rant is brought to you curtesy of Own Web Now Corp support.

Vladfire 21: TechEd 2007 Preday

Posted: 9:48 pm
June 3, 2007
Events, Vladfire
1 Comment

You can officially stop the whining, Vladfire is back! You won’t see this on Virtual TechEd, behind the scenes of the TechEd the day before the start. Look at the enormity of it all, the setup, the changes and more.

Vladfire21

Runtime: 7:38 minutes

Download a WMV (Microsoft Windows Movie) | (41 Mb)

Stream Quicktime (Fast, Streaming, Requires Quicktime) |  (19 Mb)

It’s been almost four months since the last Vladfire episode, I hope you enjoy the comeback and enjoy whats coming soon. Told you the Vladville rewamp was done for a reason, so that things like this take a lot less time and you get access to more of them, faster. There is of course one obvious question still seeking an answer: Where is the new episode of No Geek Left Behind? Tim? For more TechEd videos you can always check out Kevin Remde’s blog.

BOF03 – Life and Times of SMB ITPRO Consultants

Posted: 4:50 pm
June 3, 2007
Events
1 Comment

Speaking of TechEd, I’m moderating a birds of feather session tomorrow at noon. Yes, it cuts into your lunch a little, but you can come and meet your peers that work in the same sector. Then you won’t have to eat lunch with your coworkers

So… tomorrow. At Noon. S320 E

BOF03 – Life and Times of SMB ITPRO Consultants

Monday, June 4 12:00 PM – 1:00 PM, S320 E

Moderator: Vladimir Mazek

Get together with your peers to discuss the platform changes affecting the SMB world: the new Centro solution, the upcoming Cougar/Small Business Server 2007 solution, the Windows Home Server, and more. Share the pains and best practices of balancing a small business consulting practice, ITPRO lifestyle, migrations, support and staying informed. Thinking about going out on your own – find out from others that have done it and let’s update last years “top 10 mistakes consultants make in SMB.”

TechEd 2007 – The Rub-in Begins

Posted: 4:32 pm
June 3, 2007
Events
2 Comments

TechEd 2007 rub-in officially begins – Why aren’t you here? Whatever the reason, let me give you a little bit of a taste of whats going on.

IMAGE_00008

First of all, the big thing this year is the Unified Communications, more specifically, VoIP. You can always tell what the focus is by looking at the Microsoft free soda fridges:

IMAGE_00009

There is also a lot to do with Security and Windows Server 2008. They updated the banners since last year, now they are more precise about what Forefront can actually protect you from – Ninjas.

IMAGE_00010

In the crowd of 12 – 15, 000 (thats 12–15 thousand) its hard to get lost – so look for the sign below. If you need a Koolade detox come over and meet an MVP:

IMAGE_00057

And finally, since you’re reading this blog, come over and meet me. I’ll be in the UNC (Unified Communications) area almost all week, blogging away about the Microsoft geek Mecca that is TechEd.

IMAGE_00005

The Messaging/Unified Communications booth is in the TLC (The Learning Center) green section, directly accross the food area.

So again, welcome, and if you couldn’t make it stay tuned, I’ll be bringing you sights and sounds from the Microsoft TechEd 2007 all week long.

Orlando welcomes TechEd

Posted: 2:20 pm
June 3, 2007
Microsoft, System Admin
Comments Off on Orlando welcomes TechEd

Welcome to Orlando! Today is the pre-day at TechEd, people are flying in, checking in, enjoying the sun and fun that Orlando and Central Florida offer. Welcome, have a great time!

There aren’t many things that will get you in trouble in Central Florida, we’re a 24/7/365 tourist destination. However, here are a few things to avoid to make sure your stay here is easier and cheaper:

  • There are no deals in Orlando. This isn’t Las Vegas, this is Orlando – there are no discount tickets, no discount meals, no great opportunities – everything that seems like it’s too good to be true probably is.
  • Do not go into camera stores. If you need a new SD card, spend a few extra bucks and buy it at Walgreens. Do not go into electronics stores with sharp-dressed immigrants, they are known for very antagonistic pressure sales, not allowing customers to leave the store, etc.
  • Don’t accessorize like MC Hammer. This is a tourist destination, not a gold and diamond exibition. If you’re wearing a few car payments on your neck it might be a good idea to leave that stuff in the hotel room.
  • Don’t drink in public. It’s against the law in Orlando, so if you have a drink do it in the restaurant, bar, hotel. Don’t walk around the street with it, you will get arrested.
  • You can just walk there.” Nobody walks in Florida. If you try, you’ll find out why very quickly. It’s hot and everything is far.
  • Don’t buy a time share. Don’t go swimming in a lake. You’ll just have to trust me on these two.

Things to do:

  • Always bring a bottle of water. No matter where you’re going, once you leave the A/C and feel that humidity combined with a 30–40 degree temperature differential you will dehydrate. Quickly. Just bring a bottle of water with you.
  • Shower at night. Weird one, eh? Here is the problem – if you shower in the morning you will never dry off. As you hop between climate controlled environments, cabs, busses, outdoors, conferences, etc you will likely end up with a cold by the end of the conference.
  • Enjoy the attractions. Orlando is famous for the many world-class attractions, check them out. No, Disney World is NOT just like DisneyLand.
  • Hit the outlets. Don’t hold me to this but it’s likely that Microsoft will bus you to Premiere Outets. You can get some really nice things for a tiny fraction of the retail price. These outlets usually sell discontinued stuff (sneakers, etc) or designer clothing from last year. So if you want something nice but don’t want to pay for it, thats your best bet.
  • If this is your first time at TechEd… sleeeeeeeeeeeeep. Really, try to get a few hours each night. The schedule is brutal, the amount of information is overwhelming. If you hope to survive and make it to the conference on Wednesday and Thursday take a few hours to sleep on Sunday, Monday and Tuesday.

Oh.. and have fun! Congratulations on getting your managers to part with the funding to send you to TechEd, this year will certainly be a great mix of fun and learning unparalleled by any other event.

Welcome to Orlando!

Forget Beta, Have you started training for Windows 2008?

Posted: 11:10 am
June 2, 2007
Deals, System Admin
1 Comment

The good news about Windows Server 2008 just keeps on piling up. Even without the WinFS and Virtualization features built in, Windows Server 2008 looks great and the IIS and infrastructure improvements are making a lot of us drool already. How will you roll it out is an easy question to answer, just work with the betas now and you will have a handle on it by the time it ships. But how do you prove to others that you can roll it out, correctly, securely and the first time? Through a little thing called professional industry certifications.

For that you have to listen to Trika Harms zum Spreckel, lady with a long name and lots to say about Micrsoft Certifications. Trika talks about training, certifications, Microsoft Learning and other cool stuff that separates professionals from… well.. hobbyists. And it’s darn important in SMB as well. If your company stands for more than its ability to scheme customers into buying Microsoft solutions then it ought to be getting you one of the leading technology certifications – MCSE on Microsoft Windows Server 2008.

This week Trika is offering a 40% discount on the upgrade exams to MCSE on Windows Server 2008. Sign up now, these are by no stretch of the imagination “easy”;

Shockey Monkey Live! Activations Saturday Night

Posted: 12:35 pm
June 1, 2007
Shockey Monkey
Comments Off on Shockey Monkey Live! Activations Saturday Night

I’ll be doing the second live activation evening for people that have been in the queue waiting to get activated on Shockey Monkey and for the people that signed up over the last week or so. The nice thing is that I’ve automated about 90% of the account provisioning process so it should go smoothly. I start at 8 PM EST Saturday, finish by midnight.

Just reviewing for the people that are seeing this for the first time:

  • Shockey Monkey is free.
  • You must be a legitimate incorporated entity with a live (that means not under construction) web site and a logo. (no hobbyists)
  • You need to sign up for it.

That’s all, add shockeymonkey@ownwebnow.com to your MSN IM and we’ll git ‘r done tomorrow night. 8 PM. Pass it on.

Update: What an evening.Thanks to all the people that showed up on a Saturday night to get hooked up. I also got a chance to work on a ton of other requests because things are so streamlined now. Hopefully the days of waiting for days or weeks for Shockey Monkey activation are long gone.

TechEd 2007 – Welcome to Orlando

Posted: 11:01 am
June 1, 2007
Exchange, Microsoft
Comments Off on TechEd 2007 – Welcome to Orlando

It’s officially just a day away.. TechEd 2007 in Orlando!

Sub_hero

So, on behalf of my home town, I’d like to welcome the worldwide technical experts to Orlando. If you need anything while you’re here (short of a place to sleep) give me a ring.

If you’re attending make sure you stop by and say hello in the Messaging area (not the sponsor area, the Microsoft Technical Expert section with the big signs and stuff) – I’ll be there on hand Tuesday, Wednesday and Thursday answering any and all Exchange questions you may have. I might even have some special swag for the Vladville fans

Does today’s arrest end or diminish the SPAM problem?

Posted: 9:02 pm
May 31, 2007
Exchange, ExchangeDefender
1 Comment

God I hope so. The SPAM levels have been steadily increasing over the last 8 months or so and we could use a break. But we’re not going to get one. First of all, tguardian was not one of the biggest spammers around, but you have to admire law enforcement for blowing it out of proportion. He was just a scamming little script-kiddy that banged SpamAssassin until he could get a score low enough. Doubt that? Take a look at the graph below:

Messages-go

That is the global message load over at ExchangeDefender, last 24 hours. You can clearly see the spikes as our customers in Europe, USA and Asia/Pacific open for business. You can also see that the trends for today are up when compared to yesterday. Why is this bad news for everyone involved?

Well, if this guy was as big as the law enforcement leads us on to believe that US mid-day spike in activity would be significantly lower. But it wasn’t. Here is what happens when the feds bust you for cybercrime activities (long live Razor 1911).

First, all of your computer equipment, electronic equipment, electronic media, etc gets confiscated and certainly cracked in minutes. From there they try to get into the botnets, try to do discovery, capture any contacts, communications, business dealings, etc. The feds try to get as many people red handed as possible.

And these scumbags know this! So how do you explain the “enormous bust, sign of a SPAM kingpin crackdown, the end of UCE” that the media and some bloggers are hoping for?

Easy, they are wrong. tguardian always was and always will be a little scriptkiddy, bulk of whats coming up is done through organized crime from abroad.

My friend the top 10 spammer of all time – Arrested

Posted: 6:10 pm
May 31, 2007
Friends
Comments Off on My friend the top 10 spammer of all time – Arrested

Always a good day when one of your friends ends up on the news for being one of the biggest criminals / scumbags around. Robert Soloway, aka tg, aka theguardian used to be one of the guys on #ice on IRC that picked on me about being able to get around every SpamAssassin recipe I could write.

Hey bud, cover your cornhole. I win.

/me waves