10. July 2008 by admin.

I feel kinda lucky I am able to write this blog entry… or at least to upload it to this site… This morning I woke up, fired up the old laptop, clicked on IE7 … and …. nothing.  Everything just kept timing out.
Huh… what to do…what to do… I tried different browsers…Firefox, Opera, Safari, Polstergeist… same ole … same ole…

The first troubleshooting step I tried was ipconfig… Yep… I did indeed have a valid IP address all right, and in the right range too…huh… Let’s try…  ipconfig /release;  ipconfig /flushdns;  ipconfig /renew… I got the same IP address I originally had and the same problem too… No web browsing happening here.

Then I tried pinging one of the web sites for my Delaware network support company;  good old www.adminassociates.com …. Huh… weirder and weirder… no lost packets… ping works, so apparently the DNS server is servin’ too but still, browsers don’t work.

Then I tried disabling my Zonealarm Pro Firewall (but turned on the Windows firewall, just in case).  Wow… the browser now works fine… so what’s up with Zonealarm?  I looked at everything and nothing seemed out of  spec. I felt it was odd since this particular firewall has never a problem for me… very reliable; very easy to configure…very trustworthy.  I re-enabled  Zonealarm, disabled the Windows firewall, moved the “Internet Zone” slider down from high to medium and the browser started working again. Move the slider back up and the browser stopped working again.

Like I said… weirder and weirder…so it’s definitely a Zonealarm problem, but why…What could have happened?   Aha… yes… two days ago was patch Tuesday. I’ll have to Google this, but first, what else I need to find out what else is happening in my world.

I went back to my working combo of Windows Firewall on and Zonealarm off and started my email client.  About the third message I received was from Microsoft talking about a major bulletin revision … not a patch revision mind you, just the bulletin:

Bulletin Information:
=====================

* MS08-037 - Important

- http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
- Reason for Revision: V2.0 (July 10, 2008): Bulletin revised to
inform users of ZoneAlarm and Check Point Endpoint Security
of an Internet connectivity issue detailed in the section

So, in the final analysis, downloading a newer version of Zonealarm (that apparently wasn’t available before today) solved my problem, but can you imagine if this happened at a corporate office with a couple hundred workstations?

I know not too many offices use Zonealarm, but what if they did?  What a pain to update 200 workstations, in emergency mode (read pressure), and probably with the expectation that it would (could) be completed in one morning.

This is just another example of why all patches should be thoroughly tested on a lab unit before being put into a production environment.

Now, I became a victim by not following my own advice, but that was on my personal laptop.  I create an image of the drive at least every couple of days and sync important files to my basement server so I am never in danger of losing too much, but it’s a real balancing act when you are responsible for for than your own machine.

On one hand, you want to wait for version 2 of all the patches… let someone else report the pain…and at the same time you know “Day Zero” is a real threat and today might just be that day.

I always make sure I get a really good full backup, especially on Monday nights… just in case.

Good luck and good networking !

From way down in the trenches…. I’m Tom

Custom Search

Posted in Patch Tuesday, patch testing, drive imaging, Patches, Worm, Malware, Trojan, Virus, Networking | No Comments »

2. July 2008 by admin.

I just read a story where is was stated that one in three technology professionals admitted to snooping on their fellow colleagues. Here is the story.

I know I am opening myself up for criticism from the geek community, but I find that absolutely reprehensible. The epitaph “Holier then thou” comes to mind, but I really mean it… using your administrative privileges to snoop on others is not only immoral but usually illegal.

All that is required is a little self-discipline with a smidgen of empathy thrown in, and those urges can be shoved aside.  Believe me… I’ve been tempted, but realizing the potential for abuse I have set my mind on operating at a higher plane.   Integrity costs you nothing…dishonesty can cost you everything.

This is not to say that users should not be monitored.  If the company has a valid Acceptable Use Policy in effect, then it may become your job to monitor their actions.

It simply has to be done fairly and across the board…everyone or no one, and with no personal interest.

I have found Spectorsoft (Spector CNE) to be a great monitoring system.  It meets the criteria for automated monitoring of all employees’ actions. Here at my Wilmington Delaware network support company, Admin Associates, we have been using and recommending it for several years.  You can see exactly what a specific user is doing in near-realtime and you have a history of past actions as well. The monitoring is done on a user by user basis and is not machine specific.

You don’t need to read an employee’s mail to see they are receiving more non-business mail then legitimate correspondence. Usually the subject line can give it way.  If you MUST read the mail to ascertain it relevance, a brief scan will almost always clue you in to what the message is all about.

If company policy says IM’s are too much of a security risk, then you don’t need to read the individual IM’s to know the user is violating the rules.

You can see who is browsing to eBay more then to the company Intranet…it’s not necessary to see what they were bidding on, or if they won!

When it becomes your unpleasant duty to drop a dime on the offending user, you can usually pass along the decision to carry out further “snooping” activities to a higher pay grade.  They often have err…less stringent standards then we admins do.

Good Luck and Good Networking

From way down in the trenches … I’m Tom

Custom Search

Posted in honesty, integrity, Acceptable Use, Monitoring, Networking, Administration, Computers | No Comments »