My concern is much more basic than that. I just thought maybe you all would want to think about where your old drives are going when you decide to get rid of a computer! Even if you reformat the drive, much of that data can be recovered with the right tools, and that’s assuming the recycling place you dropped it off at actually takes the time to do the reformat. We’ve all seen too many stories of drives not being wiped at all when they’ve been resold. Surely we all take steps to prevent that, right? On the other hand, how many people do you know who do a quick format and assume it’s clean? It’s not. Do some research, ask around,  find a secure way to wipe that drive, or, as one of my listmates suggested take the ultimate secure HD tool to it, a 12-gauge shotgun.

What other tools do you recommend to your users?  Hammers, screwdrivers to the plates, metal shredders? Let us know!

Links Mentioned:

• Ultimate WRT54G Hacking Book
  
• http://wrt54ghacks.com/

Tags: Hacking, WRT54G, Paul+Assadoorian, Larry+Pesce

It is the return and refresh of the Friends in Tech Child Safety Flier. Feel free to share this flier with anyone whom has kids and is concerned with online safety. We have links for everything from blogging, cyberbullying to advice for parents. We managed to toss in a couple of software and podcast picks that are family friendly. The flier looks great printed out as well as the electronic PDF. Please respect all the sites we cover and do not modify the flier if you share it. FiT nor any of its members derive any financial benefits from this flier or its mentioned sites. We are simply tech geeks with children, nieces, nephews and young friends we want to be safe and happy.

Links Mentioned:

• http://www.blogsafety.com/
• http://www.stopcyberbullying.org/
• http://www.safekids.com/
• http://wiredsafety.org/
• http://www.csn.org/
• http://www.netsmartz.org/
• http://www.thesafeside.com/
• http://www.fbi.gov/publications/pguide/pguidee.htm/
• http://www.openoffice.org/
• http://free.grisoft.com/
• http://www.microsoft.com/defender
• http://picasa.google.com/
• http://www.clamxav.com/
• http://www.grapefruit.ch/iBackup/index.html
• http://www.dlink.com/products/securespot/
• Podcast – Tech Savvy Girlz
  
• Podcast – The Radio Adventures of Dr. Floyd

Tags: FiT, Child, Safety, Online, Cyberbullying, Podcasts, Dr.+Floyd, Techsavvygirlz

Links Mentioned:

• eEYE Blink Personal Edition

Tags: eEye, Antivirus, Antispyware, IDS, Security+Suite

So, I want to know. Have any of you been involved in a “hold” situation, or had to appear at a deposition to describe what electronic storage is available and can be searched? Leave a comment, tell me about it, and be sure to change names, dates, places, etc. Wouldn’t want any of you to be back dealing with the lawyers again. Even if you’ve never been involved in something like this, tell us what you think about it. Does your organization have good policies in place? Are you aware of what to do if it happens, has anyone identified who the key people are ahead of time? I’m curious to see how these best practices are playing outside the legal community.

Tags: ElectronicDiscovery, Litigation, SysAdmins

From my analysis of the network (after the gotcha was revealed) it was discovered that the previous administrators had been lazy and actually added everybody to all of the groups in  the domain so they wouldn’t have to worry about people not being able to do things. I removed them all from the domain administrators group to lock down security (they would need to be in the power users for some old applications to work)
So now you know all the relevant details that may lead you to the gotcha, what do you think is the problem?

You come to upgrade a domain from nt4 to sbs2003 and do a swing migration. This transfers all the existing users, groups, email address’s and configuration to a new hardware platform with the minimum of downtime. The old network domain was previously set up by a different IT company so you thoroughly document the setup prior to the upgrade. As part of this routine you notice that all the users are in the domain administrators group. You know this is a very bad idea and plan to remove the users from this domain administrator group.

Judging from the fact that all users are in the domain administrators group, this could imply a certain procedure for how users were setup in the past. What could this procedure be, how risky is it to remove users from the domain administrators group and what unforseen consequences could this have?

Please comment to this post or in the Friends In Tech Forums and an answer will be posted after a week and a clue given if nobody gets it. The idea of this post is to stimulate discussion, brainstorm ideas and warn others of a potential pitfall! You may want to subscribe to the comments feed to see what other suggestions have been made.

A customer needed to switch to a dsl line for their internet connectivity which meant a disruption to their website, incoming email and outgoing internet so it had to be done out of hours. As it also involved changes to externally hosted dns it was better to do it at a weekend so that by the time users came back to work on Monday all the dns servers would be returning the correct data.

I picked up the key for the building earlier on in the week and agreed with the customer that they would not set the alarm that night (I’d be arriving shortly after they would have left for the weekend) and I’d just have to arm it when I left.

Friday night I turned up at the client site, unlocked the front door and hear a beeping noise coming from the alarm control unit – this was not going to be a good start to the evening.  I fumbled in my coat pockets for my phone and also for the customers cell phone number on a piece of paper to try and get the code before the alarm went off – those alarm sound bombs are painful. I literally dropped everything and ran out of the door to where I could stand without my ears hurting. Fortunately I still had the key in my possession and the phone was in my jacket pocket (as I hadn’t been able to get it out in time).

I called the contact number for the client and received a “hello” and then the connection died. When I redialed I just received the voicemail so I then called our office to see if someone had a home phone number but they didn’t. In the meantime the client calls me
back but each time I call them I have to wait ages for them to answer. By the time I get to speak with them the alarm has stopped ringing but I didn’t want to open the door in case it set the alarm off again. The client gives me the code to enter and I go inside, reset the alarm and then hang up the phone.  Just as I do this the police show up! I explain what is going on, show them that I have the key to the building so I’m not a burglar and have to produce id for him.

The cop leaves and I go and apologise to the cat that must have been in
REAL pain (turns out there is actually two pet cats in the building), and
start work. As I have to sit on the floor as there is no desk space I
spread my stuff out and the cats promptly come and sit on the pieces of paperwork making it hard to read the various passwords and details needed to complete the job. The job was actually a bit more complicated than I expected but I obtained some pdf’s from the manufacturers website and was able to move their internet connection across ok.
A very memorable evening but there are several things to learn from this.

• Ensure you ALWAYS have the alarm code for a customer site if working out of hours – do not rely on them turning it off before you arrive.
• Ensure you have at least one contact number for a client – preferably two in case the first does not answer.
• Carry some id with you – a company business card is good to prove that you are not just a member of the public – although I didn’t have a business card to hand (they were all in the computer bag inside the building) I had driven the company car with all of the advertising stickers on it.
• Cats love to sit on papers spread out on the floor – try and organise a desk to sit at when working – it can also get uncomfortable sitting on the floor for long periods of time.
• If you are allergic to pets check that customers don’t have animals roaming around the premises (especially if the customer is a zoo!)
• An external source of internet connectivity is great for testing and looking up results on the internet without having to revert to the customers network (which may or may not be working properly at the time)

Symantec, you really need to make your upgrade process less painful, have a well publicised mailing list (and web page) of patch releases and have an update mechanism built into the product.

Tags: Symantec, antivirus, yellow, worm, EEye