Monday, November 3, 2008

What's your plan on Windows 7 and new PC?

Several weeks ago, one of my customers that I am mostly volunteering (he is over 80) asked me to assist him in buying the new PC. He brought several brochures from HP and Dell. To my surprise, ALL of them where 64-bit systems. The surprise was unpleasant since I did not shop for the new PC for at least 2 years since I bought Dell 8400 with 3GHz processor. Why unpleasant? Did you try to install Office 2003 on 64-bit machine? How about a bunch of other applications that you get used to but CANNOT use with 64-bit hardware?

Do you see where I am pointing to? The PC manufacturers force the consumers to buy the 64-bit systems and, at the same time, force to update ALL applications, games, utilities because they are no longer compatible... What amazes me that I did not see the articles that scream aloud about this situation?

There were many discussions about reasons to skip an upgrade to Vista in favor of coming Windows 7, the newest Microsoft’s desktop OS coming in the beginning of 2010. I have contributed to several articles where I explained why I am NOT going to upgrade to Vista but what I would like to discuss is what to do with Windows XP now.

*** Windows 7 is being dubbed "Vista done right" ***

Plenty of sources have detailed the exciting changes that Microsoft is bringing to Windows 7, the successor to Vista. Microsoft heard the screams of PC users who said they hate Vista, and therefore the new version focuses on the user experience heavily.

Here is what I found on the net:
"While some of Microsoft's competitors focus first on flash, then on the underlying architecture, Microsoft took the reverse route this time. Now, at least, the roads come together. Windows 7 is sexy, usable, and streamlined. It was demonstrated on an ultra-lite computer with a 1GHz processor and 1GB of RAM... the OS can run in less than 512MB and boots up much faster. It's likely to have fast boot options that will provide functionality for watching DVDs or other media without requiring the full OS. And because Windows 7 is built on the same kernel as Vista, we won't suffer from vendors who leverage a Windows upgrade to obsolete their drivers and hardware… in other words, no compatibility problems. Thank goodness!" Check this out also:

At the same time, you know, I am happy about Windows 2008 server, and particularly, Windows Server 2008 R2 that is also on the horizon. It really makes sense to add the power to the servers. The updated version of Win2K8 R2 comes with significant improvements to virtualization and virtual machine (VM) management. What is interesting, this upgrade is 64-bit only (the fact is known since Microsoft did not make a secret from it). The new PowerShell 2.0 and the new PowerShell-based consoles will be added, including the Active Directory Administration Console. Check this out:

*** Is it a Great Time to Buy a New Computer?!**

All the major vendors have just released brand new models based on the very latest, thinnest, most power-friendly Intel (and AMD) chipsets. New models offer more storage, better power utilization, and key new interfaces including eSATA. On the "high end", there are some laptops that even can edit High Definition video and burn it to a Blu-Ray disc. By the way, about the Blu-Ray. I see that it did not gain mainstream due to high cost of licensing for manufacturers and high retail cost.

How would you justify spending $150/$200 for a new player if you can buy pretty decent quality copies of HD movies that can be played on most of the DVD players? The market of Blu-Ray players is barely 4-5% of total market (and it is after defeating the HP with their own HD format!). I believe that the new format will be introduced by some of the known firms in the closest future.

Since Windows 7's hardware requirements might actually be lower than Vista's, the new PC 2010 could be a power horse.

I don't know about you but I am not going to upgrade my 3GHz system until Windows 7 (or whatever name it will have) will be available along with thousands of utilities and applications compatible with 64-bit system.

How about you?

Monday, October 6, 2008

3 new NIST documents

There were 3 new documents released by NIST - The US National Institute of Standards and Technology. One of them was related to the Bluetooth Security with suggestions on how to implement the Bluetooth technology securely. It will help those IT professionals who are responsible for Bluetooth communications. If you want to download it, here is the link:

The second document is a Technical Guide to Information Security Testing and Assessment. The finalized document provides a guidance to designing, conducting, and analyzing the data generated by those tests.

The 3rd document is just a draft, and at this momnet is not so significant (A Guide to Industrial Control Systems (ICS) Security.

Tuesday, August 19, 2008

DDoS attack from Russian hackers... again


To confirm my point of view regarding Russian hackers and their employers, read the article above.
The actions described in the article are clear demonstration of knowledge in cyber security used to suppress the web site of a defined enemy (in this case, Georgia - former USSR republic). There are no doubts in my mind that it was pre-designed by the Russian Government. mentioned that there is no proof that the Russian Government was behind that attack. However, ask yourself why would you try to suppress the Georgian President's web site unless it's your enemy's web site?

As you can see, when the war began, all weapons in your dispositions are used. The cyber hacking or DoS attacks are the new battlefields, and it must be taken seriously.

Finally! Cheaters are punished... kind of...

Please read my comments below regarding this article from InfoWorld.

Microsoft sues site to stop certification test leaks

Microsoft claims Freetech Services was selling actual exam questions on its certification test help-site

* By Robert McMillan, IDG News Service
August 18, 2008 |

A federal court in Connecticut has ordered a certification test help-site to stop publishing Microsoft-related materials after the software maker sued the company, claiming that it was selling actual certification exam questions.

In a preliminary injunction signed Thursday, U.S. District Court Judge Warren Eginton ordered and its parent company, Freetech Services, to stop distributing the materials.

Pass4sure sells "high quality IT exam practice questions and answers," according to its Web site. The company promises a full refund to anyone who does not pass an IT exam on their first try after using its testing engine.

However, Microsoft says that the company is selling actual exam answers. Company investigators downloaded the Pass4sure practice exams for a variety of tests in early May and found that they were "identical or substantially similar" to Microsoft's own certification exams, Microsoft said in court filings.

Pass4sure sells questions for many certification tests, including those offered by Cisco Systems, Oracle and IBM. The tests cost between about $80 and $125.

These kinds of professional certifications are an important measurement of professional advancement amongst IT professionals and can translate into bigger salaries for those who earn them.

Although Pass4sure no longer lists Microsoft tests on its Web site, cached pages linking to dozens of tests can be found on

[My Comments] This company along with several others like TestKing are long due to panishing for unfair practice, stealing the revenue from competitors by engaging in the provocative Search Emgine Optimization technique (using the competitors products' keywords), cheating the Google and Yahoo with saturating their pages with hundreds of keywords related to their own products, selling the programs that repeat actual exams questions, and even selling the IT Certification certificates for a nominal fee. In order to stop their activity and bandit methods to conduct business, they have to be panished financially.

I can almost guarantee that they will announce a new web site under a new name and will do the same! Why am I so sure? They have already created the web sites with the Microsoft exams numbers as the domain names. All the links are being redirected to and or (Example: I guess, Cisco must follow the Microsoft's steps.

Friday, June 20, 2008

My reply to the Article about CISSP certification

I posted the reply to the Article about CISSP certification at TS/SCI Security.

Well, I have written an article in 2002 when the certification craziness was in its highest spot ( If you spend 10 min to read the article you will understand my point regarding who particularly benefits from all 5000 existing certifications. It is still the case with some exceptions. I have been an employer and I am an employee, so I know both sides of job market. There are many cases when the certification is a big plus if you want to be hired for certain positions, and as much as I don't like certifications I have to admit that I have few including CISSP that I got last year.
While I was learning the material for about 4 months, I got my horizon expanded. I learned about risk management, disaster recovery strategies, and cryptography. I know for sure that I would never touch those topics otherwise. The CISSP certification is intended mostly for managers who plan the security and risk management within their firms. It is not in any way a substitution for hands-on experience. In fact (and many folks know it) the CISSP certification is about two inches in depth knowledge about 10 CBK domains but two miles wide (a little bit about everything). So, we are talking about generalists here, not hands-on professionals - if you are talking about hands-on knowledge, it has nothing to do with it.

Why it became a popular certification? Mostly due to the good marketing by the ISC(2) marketing team. They were able to penetrate the DoD to make CISSP a standard for any security professional. All other vendors including CompTIA failed to reach such a degree of popularity.
I passed the exam to prove something to myself, and currently I have no benefits of having it in addition to $500 exam, and $85 yearly fees. But you'd be surprised that my resume with the magic letters attracted many job recruiters. The CISSP certification may bring some benefits to job seekers.

Feel free to look for CISSP certification resources here:

Thursday, June 19, 2008

The lost war in a progress…

It’s been said a lot about a war with hackers, virus creators, spammers, etc. The war that is in continuous mode – had some start dates but with a high degree of certainty will never have the end date until we use computers connected in the networks.

Unfortunately, we still have a reactive approach to the spyware/virus problems even if there were numerous advances in the anti-virus and anti-spyware technology that deal with sophisticated technique to cause you damage on your desktop or server.

I have recently updated my free AVG anti-virus program with the latest version 8.0. I don’t have a lot of disk space (total probably around 400GB) but the program took about 15 hrs to scan through my files. I was amazed with amount of discovered infected files, registry entries, cookies, etc. It would not surprise me if I’d not use the AVG or any other anti-spyware or anti-virus program before, but after upgrading to the latest version that includes all available protection (even the web links) and the amount of discovered vulnerabilities (keyloggers, Trojans) I was surprised with a level of detecting that was greatly improved with a new version. Of course, all the sophistication of the software comes with a price of being very slow. Agree that 15 hrs of scanning and slowing down the processor to 50% of its capacity is not the best feature of any anti-virus software.

With hundreds of new viruses and spyware program being created and purged in the net, the virus databases are swelling. It takes more and more time to compare each file on your system with thousands of known and possible infections. It is like to have a heavy armory on your body that becomes heavier every hour slowing you down in your quest to fight with an army of virus creators.

Recent news about utilizing the strong 1024-bit RSA encryption that is impossible to crack to screw up your desktop files is a proof of lost war in a progress. Look how shameless the enemy is. To encrypt your data files with 1024-bit encryption and to sell the private key to decrypt it is not something that can be taken easily ( ).

Imagine you have the reports or financial spreadsheet files and then suddenly you realize that you cannot open them. Instead of getting the files opened on the screen you are getting a popup message with an e-mail address where you have send money to buy the decryption software. No, you cannot find who the perpetrators are – believe me, they are the same smart to hide their identities as smart to write the software. What would you do?
Some of the folks mentioned that good backup is a protection against this vulnerability. But others properly argued that you usually never check if you can open EVERY file after you performed the backup. It means that you can overwrite them next day with encrypted file if you use the large capacity hard drives or tape to perform the backup operation. There is only one way to preserve the original files if you burn the CD/DVD and collect them day after day.

Something similar happened in a past. If you run Google search you may find the following links:,

Many folks put their two cents about this story. The one comment from Duncan I like I want to re-post here:
“*ransom note received composed of random letters clipped from newspaper*
"We have encrypted your illegally copied music files. Put $5000 in unmarked bills in a plain brown paper sack and mail it to: RIAA Washington, D.C. no later than midnight tonight or you'll never listen to your music again"
..but seriously, folks, this starts to sound like some sort of weird 419 scam. They're not going to decrypt your files even if you pay them, and I'll bet you a whole DOLLAR that if you're stupid enough to contact them, they accept only CREDIT CARDS as payment. Chances are that the data isn't even really encrypted, it's just plain overwritten and GONE, copied over with gobbledygook random data, and you'll just get your identity stolen on top of never getting your files back. On the other hand they think they're being really clever, I'm sure, and the ones that think they're clever are usually the ones that get caught quickly and go to jail for a long, long time.”
I just hope that Duncan is right and the smart a%%$$ will be caught quickly.

Monday, May 12, 2008

COFEE - "Computer Online Forensic Evidence Extractor"

I think it is a quite significant event... Yes, Microsoft helps Big Brother to sneak into your PC for forensics evidence with a software that is not available to the general public. From one point of view, it's a great help to those folks who are working for FBI. From another point of view, it's a good idea to remember that the Big Brother is watching: don't use your employer's PC for personal (and sensitive!) information as it can be easily extracted any time even if you have emptied your trash can.
Read below.

Microsoft is now talking about COFEE, a tool they have released to some law enforcement agencies to let them take a look at Windows computer in a faster, less intrusive way that's easy to use. COFEE stands for "Computer Online Forensic Evidence Extractor" and details about what it can do are thin on the ground. That's understandable from a law enforcement perspective but when you combine a lack of hard facts to a distrust of Microsoft and some government agencies you get plenty of rumor, guesswork and outright paranoia all across the Internet. Office Watch has the whole story:

Friday, April 25, 2008

My war with a Spam. Continue...

First of all, my apologies to those who bookmarked this blog. I have no time to post new articles since January, and you can blame me for that, I know...

On another note, I have something interesting to discuss. One of the Forms at RTEK 2000 web site is dedicated to those who want to order the Self-training packages (DVD or CD based tutorials for IT certifications). Recently, RTEK 2000 webmaster began receiving the messages with obvious SPAM information filled out through that form. It is nothing unusual, so the webmaster has re-designed the form adding the captcha code requirements, used Flash for coding, as well as renamed the form header but preserved the file name. After uploading a new file, to his surprise, the spam did not stop. The same information was sent over e-mail with the same form fields from the old file.

How could it be? Of course, we know that it is called e-mail spoofing, however the old Form does not exist but the spammers still use it to push the spam. Could the code in the Form be downloaded to the spammer's web site and then re-used? Possible.

I spoke to the technical support of RTEK 2000's ISP. They mentioned that the spammers could use the cached copy of the file from Google.
In fact, when the webmaster provided me with the files that you might find interesting (see below), I am kind of in doubts about cached file but inclined to believe that that copy of the code was re-used from the spammer's web site. Correct me if I am wrong.

Before you look down on the content of the files, for those who uses my list of spamming web sites and the filtering based on a provided information, I have updated the content of the file and included a bunch of additional IP addresses. Find the file here:


My COMMENTS: Pay attention that the IP address of the sender is Also, I have replaced all HTTP with HTP in order not to promote the spammer. (:-)

Delivery-date: Fri, 25 Apr 2008 04:37:06 -0600
Received: from eigzerz9 by with local-bsmtp (Exim 4.68)
(envelope-from )
id 1JpLIf-0008NP-M4
for; Fri, 25 Apr 2008 04:37:06 -0600
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on
X-Spam-Status: No, score=-0.6 required=5.0 tests=ALL_TRUSTED,BAYES_00,
Received: from localhost ([]
by with esmtp (Exim 4.68)
(envelope-from )
id 1JpLIf-0008NE-Gf
for; Fri, 25 Apr 2008 04:37:05 -0600
Date: Fri, 25 Apr 2008 04:37:05 -0600
Subject: [Video Package Order Form]
X-Identified-User: {} {sentby:program running on server}

Below is the result of a form submission from ht tp://, ht tp://, ht tp://, on 4/25/2008 at 4:37 AM:

title: Video_Package_Order_Form
print_date_in_db: 1
print_blank_fields: 1
a_name: ins01
jobposition: ins01
organization: ins01
address1: ins01
address2: ins01
city: ins01
state: ins01
zip: ins01
zip_foreign: ins01
phonenumHome: htp//
phonenumBusiness: ins01
software: ins01
software_price: ins01
shipping_fee: ins01
total_price: ins01
certify: ins01
comments: htp// [url=htp//] [/url] htp// geic0 [url=htp//] geic0 [/url] htp// esursance [url=htp//] esursance [/url] htp// wawanesa auto insurance [url=htp//] wawanesa auto insurance [/url] htp// geico.ocm [url=htp//] geico.ocm [/url] htp// stae farm [url=htp//] stae farm [/url] htp// progreessive insurance [url=htp//] progreessive insurance [/url] htp// giecoautoinsurance [url=htp//] giecoautoinsurance [/url] htp// cheap health insurance [url=htp//] cheap health insurance [/url] htp// cigna health insurance [url=htp//] cigna health insurance [/url] htp// wawanessa [url=htp//] wawanessa [/url] htp// guardian dental insurance [url=htp//] guardian dental insurance [/url] htp// etna insurance [url=htp//] etna insurance [/url] htp// auto ins quotes [url=htp//] auto ins quotes [/url] htp// [url=htp//] [/url] htp// allsatate [url=htp//] allsatate [/url] htp// ww.aiginsurance [url=htp//] ww.aiginsurance [/url] htp// progressive.vom [url=htp//] progressive.vom [/url] htp// progreesive [url=htp//] progreesive [/url] htp// [url=htp//] [/url] htp// progresive insurance [url=htp//] progresive insurance [/url] htp// [url=htp//] [/url] htp// [url=htp//] [/url] htp// aflac insurance quotes [url=htp//] aflac insurance quotes [/url] htp// alstate [url=htp//] alstate [/url] htp// primerica insurance [url=htp//] primerica insurance [/url] htp// progressive.c0m [url=htp//] progressive.c0m [/url] htp// home insurance [url=htp//] home insurance [/url] htp// statfarm [url=htp//] statfarm [/url] htp// assurion [url=htp//] assurion [/url] htp// arrp insurance [url=htp//] arrp insurance [/url] htp// giecocarinsurance [url=htp//] giecocarinsurance [/url] htp// atena insurance [url=htp//] atena insurance [/url] htp// atnea [url=htp//] atnea [/url] htp// geicio [url=htp//] geicio [/url] htp// proggressive [url=htp//] proggressive [/url] htp// alstate insurance [url=htp//] alstate insurance [/url] htp// infinity auto insurance [url=htp//] infinity auto insurance [/url] htp// gieco insurance [url=htp//] gieco insurance [/url] htp// eshurance [url=htp//] eshurance [/url] htp// life insurance [url=htp//] life insurance [/url] htp:// car insurance [url=htp://] car insurance [/url] htp:// home insurance [url=htp://] home insurance [/url] htp:// life insurance [url=htp://] life insurance [/url] htp:// auto insurance [url=htp://] auto insurance [/url] htp// online casino [url=htp://] online casino [/url] htp:// insurance [url=htp//] insurance [/url] htp// urlcorrector [url=htp//] urlcorrector [/url] htp:// blackjack [url=htp//] blackjack [/url] htp// dating [url=htp://] dating [/url] htp// online casino [url=htp://] online casino [/url] htp// online casino [url=htp://] online casino [/url] htp:// credit cards [url=htp://] credit cards [/url] 3pZkFg0rsp
submit_button: Submit Request---------------------------------------------------------------------------

Date: Thu, 24 Apr 2008 05:22:20 -0600 [05:22:20 AM MDT]
Subject: [Video Package Order Form]
Headers: Show All Headers

Below is the result of a form submission from htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp//, htp// on 4/24/2008 at 5:22 AM:

title: Video_Package_Order_Form
print_date_in_db: 1
print_blank_fields: 1
a_name: online casino
jobposition: online casino
organization: online casino
address1: online casino
address2: online casino
city: online casino
state: online casino
zip: online casino
zip_foreign: online casino
phonenumHome: htp//
phonenumBusiness: online casino
software: online casino
software_price: online casino
shipping_fee: online casino
total_price: online casino
certify: online casino
comments: htp// zurich insurance [url=htp//] zurich insurance [/url] htp// zurich car insurance [url=htp//] zurich car insurance [/url] htp// [url=htp//] [/url] htp// [url=htp//] [/url] htp// wawanesa car insurance [url=htp//] wawanesa car insurance [/url] htp// wawanesa auto insurance [url=htp//] wawanesa auto insurance [/url] htp// village auto insurance [url=htp//] village auto insurance [/url] htp// valley forge life insurance [url=htp//] valley forge life insurance [/url] htp// usaa insurance [url=htp//] usaa insurance [/url] htp// unum life insurance company [url=htp//] unum life insurance company [/url] htp// united health care insurance [url=htp//] united health care insurance [/url] htp// united automobile insurance [url=htp//] united automobile insurance [/url] htp// unicare health insurance [url=htp//] unicare health insurance [/url] htp// unemployment insurance [url=htp//] unemployment insurance [/url] htp// travelers insurance [url=htp//] travelers insurance [/url] htp// travelers car insurance [url=htp//] travelers car insurance [/url] htp// travel insurance uk [url=htp//] travel insurance uk [/url] htp// travel insurance quote [url=htp//] travel insurance quote [/url] htp// transamerica occidental life insurance [url=htp//] transamerica occidental life insurance [/url] htp// the hartford insurance [url=htp//] the hartford insurance [/url] htp// the guardian life insurance company of america [url=htp//] the guardian life insurance company of america [/url] htp// texas department of insurance [url=htp//] texas department of insurance [/url] htp// td auto insurance [url=htp//] td auto insurance [/url] htp// [url=htp//] [/url] htp// state farm insurance [url=htp//] state farm insurance [/url] htp// state farm insurance [url=htp//] state farm insurance [/url] htp// state farm car insurance [url=htp//] state farm car insurance [/url] htp// standard life insurance [url=htp//] standard life insurance [/url] htp// stae farm auto insurance [url=htp//] stae farm auto insurance [/url] htp// spectara insurance [url=htp//] spectara insurance [/url] htp// slade smiley title insurance [url=htp//] slade smiley title insurance [/url] htp// infinity auto insurance [url=htp//] infinity auto insurance [/url] htp// california involuntary unemployment insurance [url=htp//] california involuntary unemployment insurance [/url] htp// sedgewick insurance [url=htp//] sedgewick insurance [/url] htp// second to die life insurance [url=htp//] second to die life insurance [/url] htp// safeway auto insurance [url=htp//] safeway auto insurance [/url] htp// renters insurance [url=htp//] renters insurance [/url] htp// reliastar life insurance company [url=htp//] reliastar life insurance company [/url] htp// reliastar life insurance [url=htp//] reliastar life insurance [/url] htp// reliance standard life insurance [url=htp//] reliance standard life insurance [/url] htp// life insurance [url=htp//] life insurance [/url] htp// car insurance [url=htp//] car insurance [/url] htp// home insurance [url=htp//] home insurance [/url] htp// life insurance [url=htp//] life insurance [/url] htp// auto insurance [url=htp//] auto insurance [/url] htp// online casino [url=htp//] online casino [/url] htp// insurance [url=htp//] insurance [/url] htp// urlcorrector [url=htp//] urlcorrector [/url] htp// blackjack [url=htp//] blackjack [/url] htp// dating [url=htp//] dating [/url] htp// online casino [url=htp//] online casino [/url] htp// online casino [url=htp//] online casino [/url] htp// credit cards [url=htp//] credit cards [/url] 3pZkFdkf3r
submit_button: Submit Request

Ouch! 177 links!

Be aware!

Friday, January 18, 2008

Create complex passwords that are easy to remember

I just have reviewed the following article from TechRepublic:
"Help users create complex passwords that are easy to remember"
Date: January 16th, 2008
Author: Mike Mullins
While I agree with an author that adding the characters to your favorite password is a good way to straighten it, the password like L0u!$ville is not an easy thing to type and to memorize. There were numerous discussions on how to straighten the password to make it less “breakable“ by the brute force software including usage of a “new kid on the block” – image passwords.

I personally use the password system that is more bullet proof against the brute force and at the same time is easy to remember. I use the long phrases.

Well, it quite easy. Let’s say you like the password badboy99. To transform it to the long password, let’s type something like ialwaysabadboy99. The 16-character password is twice as stronger as 8-character password above. You can make it even stronger if to type: IAlwaysaBadBoy99

Some of the systems accept the space a password character, then you can type a regular phrase like this: Never Drink and Drive!99.

Isn't it better?