Mar 25 |
Use Group Policy Preferences to Reveal Extensions in Windows Explorer
Posted by Philip Elder on 25 March 2014 11:44 AM
|
We have a number of different default Group Policy Objects that are set up and linked to specific Organizational Units. With the advent of a flat OU setup in Windows Server Essentials we made an active decision to maintain a similar OU structure to Small Business Server Standard as it made more sense from so many perspectives. One of our default GPOs that is created and linked at the domain level is the Default Domain User Security Policy. Once created we edit the GPO’s properties to disable Computer Configuration settings and set a comment in place for the date created and by whom. In this GPO we have a number of settings but the one we are focusing on here has to do with the recent RTF zero-day vulnerability we are hearing about. Under User Configuration –> Preferences –> Control Panel Settings –> Folder Options we see the above. We set Show hidden files and folders and uncheck Hide extensions for known file types. Since these settings are user oriented they will be picked up by users on their next logon. Note that while these settings help users to understand what they are seeing nothing replaces training users to hover over links, not click on links in an e-mail, or be cautious about the sites they visit. Philip Elder Chef de partie in the SMBKitchen ASP Project Read more » | |
Jan 31 |
Protecting Your Yahoo Account
Posted by Philip Elder on 31 January 2014 01:16 PM
|
Original Posted Here: MPECS Inc. Blog: Protecting Your Yahoo Account So, apparently Yahoo has suffered yet another breach. A quick search of the news sites (Bing Search) would bring up more info. Sign in to Yahoo and change the account password as soon as possible. Then, enable Second Sign-In Verification: We suggest using SMS as the primary method for protecting the account as opposed to the security questions. Under Account Info: Once the mobile is confirmed make the following setting: This at least will provide a layer of protection unless the verification system itself also gets compromised. But, if that’s the case Yahoo would probably have bigger problems on their hands! :S While you’re at it please enable 2FA (2 Factor Authentication) on all Microsoft IDs and download the Authentication App to your mobile device and _use_ it! Now that online service providers are starting to allow us to protect ourselves with additional security steps the onus is on us to use those features! Philip Elder Chef de partie in the SMBKitchen Read more » | |
Oct 3 |
CryptoLocker Word Of Caution
Posted by Reprinted Article on 03 October 2013 02:03 PM
|
One of the things we have done from the get-go when it comes to setting up ShadowProtect to stream backups to either a drive set connected to a standalone Hyper-V host or to the standalone DC in a Hyper-V cluster setting is to set the shares to allow the Domain Admin MOD. Inheritance on the folder’s NTFS permission set is removed/copied out then Domain Users/Machine Users group will get removed altogether. We do this for a number of reasons
While we are into our client’s servers on a regular basis sometimes the occasional domain admin account password will expire in the interim. ShadowProtect will start failing to back up to the shared folder as a result of not being able to log on so a small bonus in the mix. We are seeing CryptoLocker problems abound lately where someone clicks on a link in an e-mail or is drawn to a compromised site. What that means is that _any_ file/folder set the user has permissions to access and modify may end up encrypted by the malware. The _only_ way to “recover” from this situation is via Shadow Copies or backup. If the backup drive and/or backup folder destinations for those ShadowProtect backup files, or any other product that lays down files for backup, is open for users to access then we all know what can happen. Point of order: Any backup product that uses the volume snapshot service should have its backup times staggered over the Volume Shadow Copy snapshots as having two snapshots running simultaneously could end up with data toast on both sides. Philip Elder Chef de partie in the SMBKitchen Read more » | |
Oct 3 |
CryptoLocker Word Of Caution
Posted by Reprinted Article on 03 October 2013 02:03 PM
|
One of the things we have done from the get-go when it comes to setting up ShadowProtect to stream backups to either a drive set connected to a standalone Hyper-V host or to the standalone DC in a Hyper-V cluster setting is to set the shares to allow the Domain Admin MOD. Inheritance on the folder’s NTFS permission set is removed/copied out then Domain Users/Machine Users group will get removed altogether. We do this for a number of reasons
While we are into our client’s servers on a regular basis sometimes the occasional domain admin account password will expire in the interim. ShadowProtect will start failing to back up to the shared folder as a result of not being able to log on so a small bonus in the mix. We are seeing CryptoLocker problems abound lately where someone clicks on a link in an e-mail or is drawn to a compromised site. What that means is that _any_ file/folder set the user has permissions to access and modify may end up encrypted by the malware. The _only_ way to “recover” from this situation is via Shadow Copies or backup. If the backup drive and/or backup folder destinations for those ShadowProtect backup files, or any other product that lays down files for backup, is open for users to access then we all know what can happen. Point of order: Any backup product that uses the volume snapshot service should have its backup times staggered over the Volume Shadow Copy snapshots as having two snapshots running simultaneously could end up with data toast on both sides. Philip Elder Chef de partie in the SMBKitchen Read more » | |
Jun 28 |
Some Early Morning, Well Okay it’s Early Here, Secure Browsing Related Reading
Posted by Reprinted Article on 28 June 2013 10:05 AM
|
After posting about the Flash Cache clearing that we usually do via the online control panel we thought it would be a good idea to post some reading on safe browsing habits in general. Security MVP Harry Waldron obliged a request for pointers with the following blog posts:
The following are pointers for Microsoft properties:
The following article has some excellent tips on social networking:
Have a great long weekend for those of us celebrating Canada Day Weekend and have a great Independence Day celebration/break next week to our US readers! Thanks for reading. :) Philip Elder Chef de partie in the SMBKitchen Read more » | |
Jun 28 |
Some Early Morning, Well Okay it’s Early Here, Secure Browsing Related Reading
Posted by Reprinted Article on 28 June 2013 10:05 AM
|
After posting about the Flash Cache clearing that we usually do via the online control panel we thought it would be a good idea to post some reading on safe browsing habits in general. Security MVP Harry Waldron obliged a request for pointers with the following blog posts:
The following are pointers for Microsoft properties:
The following article has some excellent tips on social networking:
Have a great long weekend for those of us celebrating Canada Day Weekend and have a great Independence Day celebration/break next week to our US readers! Thanks for reading. :) Philip Elder Chef de partie in the SMBKitchen Read more » | |