Archive for May, 2009
Security Advisory 971778 (DirectShow Issue)
0Microsoft had became aware of a bug in het DirectX engine used in Windows 2000, Windows Server 2003 and also Windows XP. As per Microsoft:The vulnerability could allow remote code execution if user opened a specially crafted QuickTime media file. Microsoft is aware of limited, active attacks that use this exploit code.
Microsoft is investigating this issue, and the investigation is ongoing. The investigation so far shows that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable. My research on the internet shows that Microsoft is currently working to develop a security update for Windows to address this vulnerability. Microsoft will release the security update once it has reached an appropriate level of quality for broad distribution.The cause of this threat is that a remote code execution vulnerability exists in the way Microsoft DirectShow handles supported QuickTime format files. This vulnerability could allow code execution if a user opened a specially crafted QuickTime media file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See here for information:
Microsoft Security Advisory (971778) ; Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
Gourami / Farm Commander.
0An old colleague and Citrix consultant who worked for us, has his own Citrix consulting company, it’s called Gourami. His name is Dennis Smith, he is a great Citrix consultant and developer. He makes customized applications for Citrix with usage of the .NET Framework.Combined with his firm knowledge of the Citrix product range he has proven to be a unique and his applications are very good combination with Citrix.
He has just released the beta of a new tool, called Farm Commander. I have just tested this tool, and this is a great tool, to automate things on serveral Citrix servers.You can copy files, and execute commands within an Windows Active Directory domain.With Farm Commander the left Panel is a file system, where you can select files and directories. In the right panel are the Windows 2000/XP/Citrix/Terminal/Domain workstations/servers listed. First you select files in the left panel, and then you select the servers in the right panel. Than you choose your action, copy, move or delete. Farm Commander than copies/deletes/moves the selected files to/from the selected server. In Citrix/Terminal Server environments you need to copy files from or to several servers at once, which is one of the key features of this application.So time is gained here, Farm Commander also features a detailed report of each action. As administrator you must know if there were failures in the taken actions. (read only/not enough rights)
Summary: Great tool for every sytems administrator/engineer, who administer large and complex Citrix enviroments. Is certainly worth to take a look at the website of Gourami. Gourami offers more great applications, which can save a Citrix administrator/engineer/consultant lots of time by using these tools. He also offers very good support on his products in the Gourami forums.
New processor
0For my desktop pc, I just bought a new processor, my current processor doesn’t support Intel VT. A few monts ago I bought a new pc based on the Tweakers.net Best-Buy Guide (Dutch site for ICT people, deep technical). My processor was an Intel Core 2 Duo E5200, which doenst support Intel VT.I’m using VMware Workstation, and with that I can’t run 64 bits hardware (all new server software is only 64 bit. Like Windows Server 2008 R2 and Exchange 2007 R2 for example). I’m a Microsoft geek, thus I wan’t test, you got my frustration? I now bought a Intel Core 2 Quad Core Q9650, which I need to replace next weekend. By the way, that will be my first time replacing a processor! Tips are welcome (just post a comment).
Some personal work experiences with VMware / Server virtualization
0I recently got more into VMware and met some great people who very passionate about this (some of co-workers inspired me for this blog-post)
I found a really great site, with lots of links to great VMware websites. It’s called the VMware Launchpad, its certainly worth checking it out. This site is a collection of great resources and blogs where you find lots of information about VMware and related technologies.
For example, the site of Bouke Groenesheij. He probaly is one the best VMware Trainers, he is also an consultant.My boss called him the world leading VMware Expert. He is also (one of the)founder of the Dutch VMUG, an Dutch VMware Community.He is now working at our company,he and some of my other colleagues, managed to get one of the largest Virtual Enviroments in Europe alive and running. He also trained our colleagues, and I heard they all did a great job. I hope I can follow a training from Bouke the coming year, after finishing my MCSE 2003, which I expected to finish this year in October.
Also the site of Eric Sloof, blogger of NTPRO, is also on of the best VMware trainers in our country. He is also on of the founder of the Dutch VMUG community.Eric Sloof is active as an ICT specialist for more than 15 years. Since 2006 the accent of his services changed from consulting to delivering VMware courses. As a VMware certified instructor he helps organisations who want to maximise the benefits of the VMware virtualisation products. Their IT professionals will benefit from attending in-depth, hands-on courses
Also the person behind the number one link, is working at one of our virtualization projects. His name is Duncan Epping, his blog is called Yellow Bricks. I did not met him yet, but I hope to do that very soon. You can also find Ducan on the VMware VMTN Communities as a user and Moderator.
VMware is the standard for us, and we are going to virtualize about 3000 servers in the coming years.Every server requested by an (internal) customer, will be a virtual instance in our newly VMware enviroment, which is one of the largest enviroments in Europe.We have some very challenging upcoming projects, for example all legacy servers will be P2V-ed to our VMware enviroment, also old bricks and an old bad designed Virtual Enviroment will be a migrated to that enviroment.
I am now trying to get my MCSE 2003 certificates, after I have finished that, there is a big chance that I will be doing the VCP-310 or VCP-400, that Is not sure yet.I’m hoping that Bouke will be my trainer.I’m also going to upgrade my MCSE 2003 to MCTIP on Server 2008. I would like to that right after I passed for my MCSE.I’m one of the persons how loves to certify (myself and really enjoy it(my co-worker found I strange) and learn as much as I can. Knowledge i think is the one powers to success in a job.
Conclusion: The IT is very challenging and I love my job, and every-day I’am learning something new.
Windows 7
0Recently I installed this Windows 7 Release candidate, after working a few months with the Windows 7 Beta.I registered myself also for Windows 7 Beta exam (71-680), but was unable to do the exam on the scheduled date. I was that day really ill,unfortunately. I really like Windows 7. I always make this comparison, Windows Vista was like Windows Me, Windows 7 is like Windows XP. I have the feeling that Windows 7 also run a bit faster then Windows Vista, but have no prove of that (e.g performance logs). Everythings seems to be less complex, a with fewer clicks, I can do the things I always do with my computer. I really like to that I can encypt my usb-stick, with BitLocker Drive Encryption, so nobody is able to sell my private data! Also User Account Control has improved huge.Windows Vista offered two level of User Account, on or off. Windows 7 has now four levels:
Source: What’s New in User Account Control
- Never notify me. You are not notified of any changes made to Windows settings or when software is installed.
- Only notify me when programs try to make changes to my computer. You are not notified when you make changes to Windows settings, but you do receive notification when a program attempts to make changes to the computer.
- Always notify me. You are notified when you make changes to Windows settings and when programs attempt to make changes to the computer.
- Always notify me and wait for my response. You are prompted for all administrator tasks on the secure desktop.
Also see here for more information: What’s New in User Account Control
There has been also some changes on the security,particularly in the Windows Security Auditing. In Windows XP, administrators had nine categories of security auditing events that they were able monitor for success, failure, or both success and failure.
In Windows Vista and Windows Server 2008, the number of auditable events were expanded from 9 to 50, which enables an administrator to be more selective in the number and events to audit. These new audit events were not integrated into the Group Policy and could only be deployed by using logon scripts generated with the Auditpol.exe command-line tool.
In Windows Server 2008 R2 and Windows 7, all auditing capabilities have been integrated into the Group Policy. This allows administrators to configure, deploy, and manage these settings in the Group Policy Management Console (GPMC) or Local Security Policy snap-in for a domain, site, or organizational unit (OU). Windows Server 2008 R2 and Windows 7 make it easier for IT professionals to track when precisely defined, significant activities take place on the network.
Summary: Windows 7 is an great, on of the best Microsoft has ever made.
In the next blog post, I will highligt more changes in Windows 7
Blog Post
0Blog posts, on this blog will continue to be in English, no more in Dutch.I’m also going to translate the old Dutch articles to English in the coming months.
