You are insecure. I’m not talking about your need to own a SUV even though if you ever had to move something you’d need to rent a truck to avoid damaging the leather seats. Its your computer that is insecure.
According to statistics gathered from Secunia Personal Software Inspector users, pretty much all computer with Secunia PSI have at least one vulnerable application installed. A vulnerable application is defined by them as an application where an update is available.
I would comment that Secunia reports on old versions of Flash installed. Adobe reports that those old installs are not vulnerable. I bet that trips up the most conscientious user. Others haven’t taken the time to exclude archive directories. When I first installed Secunia PSI it complained about old versions of files in system archives.
Even with that minor quirk, these numbers are amazing. If you’ve installed Secunia PSI, you probably care about keeping your non-Microsoft applications patched. Yet it still isn’t happening. I think Secunia could help by scanning more often and getting more in your face about it. Currently they seem to scan once a week an pop up a balloon immediately after the scan.
I would still recommend Secunia PSI to all home machines. It is really important to keep these applications patched, and Secunia helps out a lot in that.
Join the many Secunia PSI users – download the PSI and secure your computer today:
https://psi.secunia.com/
Archive for January 2008
You are insecure
Protect your Tech
Smash and grab thefts performed on parked cars have been in the news more recently. People purchase GPS, ipods and satellite radio units and leave them in their car. This allows thieves easy access to resell-able items.
This week, we received notice that one of the other parking garages in our office park had been hit.
AAA World magazine has a good article on that issue this month. (page 33)
Obviously, you bought these gadgets to use them. You need to take it with you or keep it out of plain site. The problem with hiding it, is you still have that suction cup mount on the windshield advertising goodies inside the car. Do you really have time to take that down too? What about the obvious residue of the suction cup ring? That advertises as well. That seems like too much to deal with to me. At a minimum hide the valuables.
With GPS devices, use the PIN lock if one is included. This protects your important addresses. The thief may not be interested in all the Ci-Cis Pizza locations in the U.S. but he might want to see what toys your have at home since he knows you’ll be at work.
Record the serial number, original cost, and save the receipt. This could aid in recovery or with insurance.
These kinds of thefts are on the rise in commuter parking lots, malls, and other garages. Take heed and avoid being a victim.
IRPStackSize
I have a whole bunch of Windows XP sp2 systems that give me an error when I attempt to connect to their c$ or admin$ shares: “Not enough server storage is available to process this command.”
The remote system’s event log records: Event ID : 2011 Source : Srv Description: The Server’s configuration parameter “IRPStackSize” is too small for the server to use a local device. Please increase the value of this parameter.
I checked a couple of Microsoft Knowledgebase articles and did a bunch of googling searching the Internet. It seems that a lot of people have latched onto http://support.microsoft.com/kb/177078 as the only cause and concluded if you have the error message “Not enough server storage is available to process this command” than it must be Symantec’s fault. As I searched, I found person after person with this error message being told they needed to uninstall symantec. The person with the issue responded they had another antivirus product, they never had Symantec installed and they still had the issue. The Symantec blame had specifically to do with NAV 7.6 and 8 which hardcoded the IRP stack size to 8, roughly half of its default value in Windows XP. That doesn’t have a lot to do with the issues i’m having. I dont have that registry value at all.
http://support.microsoft.com/kb/285089 is a more helpful article. It describes what the IRP Stack is and why you might have a problem with it. The problem is, you’re left guessing at what “an appropriate value for my network is”. I also wondered if I could configure this setting globally instead of having to manually configure it on systems exhibiting issues.
I spoke with a Microsoft contact and decided that we were having the problems because of the high number of file filtering applications (AV, AS, encryption, backup, etc) and concluded it is safe to adjust this globally. Currently we’re using SMS to change the IRPStackSize to 18 (decimal).
This error is really a big problem. Its not very noticeable by itself. But on the systems with the error, SMS seemed to not be working. This effects software update distribution. It also hurts the vulnerability scanners ability to check file versions. Hopefully we are on are way to fixing this problem on a permanent basis.
BCC
The condo board asked all owners to update their contact information. This time I decided to give them my email address. As I gave it to them, I asked them to please use the BCC function to preserve our email address privacy. I dont need all my neighbors knowing my email address.
The property manager didn’t know about BCC, but she certainly knew of the dangers when BCC isn’t used. Previous they had difficulty with “reply all” storms.
Since she didn’t have access to a listserv (and that would have been too complicated for her) I showed her how to use BCC in Outlook. Hopefully that will prevent future issues. I left feeling like I’ve done my security good deed for the day. Sometimes its hard to put yourself in the users shoes and realize they just need some gentle suggestions to do the right thing. (of course my spidey sense is telling me that I’m going to be the new helpdesk/security guy for her whether I like it or not).
Burned Feed
I’ve enabled feedburner. The way its setup you dont have to change your config. It should redirect transparently. Let me know in the comments if you see any issues.
