Conflicker

Here’s some more media mania about Conflicker. “Defences bolstered ahead of Conflicker April Fools’ offensive” claims that:

The US Department of Homeland Security released a tool on Monday to detect whether a computer is infected by the Conficker worm.

When you go to the US-Cert site you only find the following “tool” (which isn’t really a tool):

Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. The presence of a Conficker/Downadup infection MAY [my emphasis] be detected if a user is unable to surf to their security solution website or if they are unable to connect to the websites, by downloading detection/removal tools available free from those sites:

http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx http://www.mcafee.com

If a user is unable to reach any of these websites, it MAY [my emphasis] indicate a Conficker/Downadup infection. The most recent variant of Conficker/Downadup interferes with queries for these sites, preventing a user from visiting them. If a Conficker/Downadup infection is suspected, the system or computer should be removed from the network or unplugged from the Internet – in the case for home users.

So if you can, or cannot surf to those web sites you may, or may not have Conflicker. So in other words you still not going to have any idea! As I keep saying, the bad guys are winning.

The Symantec site does have a nice video from 60 minutes in the US about Conflicker. It is well worth watching because it again highlights how the bad guys are beating the good guys hands down.

http://www.cbsnews.com/video/watch/?id=4901282n

Watch CBS Videos Online

In the video you’ll get an understanding of how much information the virus captures about your PC sessions (basically everything – browsing, keystrokes, passwords and so on). You’ll also see how CBS (the makers of 60 Minutes thought they were safe as it turned out they weren’t. Even worse, they still can’t be 100% sure they are clean because Conflicker could simply be lurking somewhere ready to re-infect. Again, bad guys win.

Interesting to see what tomorrow does bring.

Media hysteria

The media appears to be prepping us for the next Y2K technology disaster with the Conflicker worm on the first of April. Headlines like “Conficker worm threatens April Fools’ chaos” are not designed to be informative simply inflammatory. The media hasn’t been in the business of providing balanced reporting for a long time now. If you actually read the article you’ll find the following:

“But researchers who have been tracking Conficker say the date will probably come and go quietly.”

which doesn’t make for a very exciting headline does it? That certainly isn’t going to get people reading your paper is it now?

If you were a bad guy who controlled a whole swag of machines via the Conflicker worm why the hell would you want anyone to know? Simply put, it would spoil your revenue stream because cybercrime these days is much like any commercial business, it is all about making money!

It does however illustrate an interesting issue, where does the average PC user go to get information about keeping their technology secure? The prevalence of Conflicker worm seems to demonstrate that not many understand the need to update their system regularly, given that the patch to prevent Conflicker has been available since October. So where do they turn? The article fails to provide any links or explicit instructions as to what a user can do to even check their systems.

This again plays into the hands of the bad guys, more or less ensuring that their infections will continue to spread. I often wonder what sort of drag the effects of cybercrime have on the economy? The cost of lost time and productivity, the cost of cleaning up infections and potential cost of lost or compromised information. Pro-active security is always cheaper than reactive measures yet judging by the number of Conflicker infections that is the minority opinion.

Why? Where is the system failing? Why aren’t more people being made aware of the potential threats to their systems? Are people, in fact, choosing to ignore these warnings in the belief that it can never happen to them? Why has it become so difficult to protect even the most basic PC installation? Honestly, I don’t know the reasons but the potential end results of this ignorance are clearer everyday yet it seems the world become less and less secure with every machine that is connected to the Internet.

As I have said before, it’s a brave new world and you are the only one responsible for your security, because few out there, media included, are going to provide you with any meaningful or helpful information. Isn’t that nice to know when you’re swimming with the sharks? The only solution I can provide is knowledge. If you don’t understand the threat, learn. If you want to protect yourself and your information, learn. Luckily, that’s is one thing the Internet is good for – information.

Much better Microsoft

At last, finally a decent Microsoft ad! Strangely enough it points out the bleeding obvious (that Mac’s are more expensive than PC’s) but maybe that’s what Microsoft need to do more of.

http://video.msn.com/video.aspx?vid=0bb6a07c-c829-4562-8375-49e6693810c7&ifs=true&fr=msnvideo&mkt=en-US&from=writer

Sure it is controversial, but hey that’s the best way to get people to listen isn’t it?

Companyweb regional settings

Because not all SBS2008 installations are completed in the United States it is necessary to change the regional settings on Companyweb, even though you selected them correctly during the SBS2008 installation process.

Open the Companyweb site as a SharePoint administrator and select Site Actions | Site Settings like shown below:

Select Regional Settings under Site Administration like so:

Change the Locale setting to what ever is appropriate as shown:

Scroll down the page and make any other changes that are necessary and then press the OK button at the bottom to save your changes.

If you return to your Companyweb home page by selecting the Home tab you should find your time and date settings have been updated.

SharePoint databases in action

In a previous blog post about Windows SharePoint Services databases I spoke about what SQL technology was used to hold Windows SharePoint Services content and configuration information. In this post I’ll have a look at these databases in action.

After creating a SharePoint site the information that is now entered into SharePoint is stored in a SQL database. To locate the name of this database you need to go into the SharePoint Central Administration for your site. You do this on the server on which you installed SharePoint via Start | Administrative Tools | Windows SharePoint 3.0 Central Administration like so:

Now select the Application Management tab then the Content Databases from under the SharePoint Web Application Management section. You should now see the name of the database used by SharePoint like that shown below:

If you click on the database name (in this case ShareWebDb) it will bring up further information about the database. As you can see from the above screen shot it is also possible to add additional databases from this window. Another important fact to remember about SharePoint is that you not only have GUI tools like what is shown here but you also have similar tools that can be run from the command line, allowing for scripting if necessary.

In terms of the file system, where exactly is the SharePoint content database stored? It is stored wherever the default data directory is for the SQL instance that you installed on your machine. In this case because we are examining Companyweb on SBS2008, which is using SQL 2005 Embedded Edition you will find those files in C:\windows\sysmsi\ssee\msql.2005\mssql\data like shown below.

Remember that for each SQL database there are normally two associated files, a .MDF (data) and .LDF (index). Both of these files are important for correct database operations. The actual file size of these database files will grow as the information in your SharePoint site increases, to as large as allowed by your version of SQL server or hardware. In this case, because Companyweb on SBS2008 uses SQL 2005 Embedded Edition it can grow by as much free disk space as there is available on the drive.

Note that you can relocate these databases to other locations if required, which is something the SBS 2008 wizards automate for you.

Finally, if we take a look in the SQL management tools we can also see the database. Because I am again using SBS 2008 here these GUI tools have been automatically installed since they don’t, by default, come with SQL 2005 Embedded Edition even though they are a free download from Microsoft. To launch the GUI tools go Start | All Programs | Microsoft SQL Server 2005 and run SQL Server management Studio Express. To connected to the SQL 2005 Embedded Edition instance you will need to use the following connection string

\\.\pipe\mssql$microsoft##ssee\sql\query

Once entered you should see something like:

Now simply locate the database (SharedWebDB) under the databases folder and right mouse click to view the properties.

More detailed information about Windows SharePoint Services databases and Windows SharePoint in general is located in my Windows SharePoint Operations Guide.

Does nobody care?

A couple of posts ago I wrote about Facebook follies and the fact that some scammers were using Facebook as way to attract potential victims. Part of this involved a picture of a man standing next to a bright red sports car. In fact it turns out these pictures are taken from someone’s online photo album as detailed in “Facebook scam: Ferrari man’s true identity revealed”.

Now I don’t use Facebook that often but when I logged in recent I saw the following ad:

Now where have I seen that before? (Firstly, I gotta say if you think he’s standing next to a Lamborghini then you deserve everything you get, it’s a Ferrari Enzo). I clicked on the ad and up came the web site:

with a lovely photo of ‘Tom’ and the pitch about how much money I can make if I just sign up now.

It would seem clear by now that this offer is a scam, so why is it still running on Facebook? As the article says:

“There are numerous reports of people who fell for the scam and were charged hundreds of thousands of dollars after handing over their credit card details.”
So where’s the protection for the Facebook user? It certainly doesn’t appear that there is much. I always used to say that the stock market was the perfect vehicle for transferring wealth from the stupid to the intelligent but now I’m going to have to revise that to being the Internet.

The continuation of these sort of ads again confirm my belief that we are losing the battle against the bad guys. Some may say that what is happening here is not against any law, and that people should always be aware when purchasing ANYTHING from the Internet and I agree. However, the reason that our systems are constantly under threat from viruses and trojans is that most Internet users are totally unaware of how they should be protecting themselves and look at the global problems that has caused. It seems that when it comes to using the Internet, common sense goes right out the window.

Now scams like this are nothing new and they happen on other sites like Ebay and what not but it seems to me that technology is making this easier in so many ways. Every day technology makes it both easier to perpetrate crime and confuse the average user. It amazes me in this so called world of ‘Web 2.0’ interconnectivity that most people are being left to fend for themselves in a pool of sharks. The more connected we think we are the more isolated we become perhaps?

The moral is clearly, every person for themselves and if it seems too good to be true then generally it is.

Yawn

Microsoft has release Internet Explorer 8. Does it really matter anymore? Are many non-techie people actually going to download it? It has some improved features, especially around security but is it really a must have any more? Unless there are some killer features most people are probably going to stick with Internet Explorer 7, until they get a new PC.

Microsoft also has a pretty lame set of videos on its Internet Explorer 8 site. These are no where as good as the propaganda that Apple turns out with its ads. The difference to me really goes to heart of the problem at the moment with Microsoft, they just aren’t in tune with the market and the most likely reason is that they are trying to be everything to everyone. I suppose that is part of become a ‘middle-aged’ company. It would be much better if Microsoft stuck to a core range of products but they need to squeeze revenue out so it is easier to do this across multiple markets. So in some sense the strategy makes sense. It would make more sense if they wanted to be more like Apple to get a new advertising company because this latest video and the Seinfeld video haven’t received a very good reception at all, with which I agree.

In all honesty I don’t use Internet Explorer all that much these days as Firefox, for me, is just better. In all honestly, I think people simply use the browser that comes with their computer. If is Internet Explorer, they used that. If it was Firefox they’d use that and so on. Most people want to get access to the Internet and don’t really care how that happens. So another version of an Internet browser is going to get a decidedly ‘Yawn’ reception in my books.