Daily IT Matters, this is the place where I post my daily findings on IT.

Thursday, February 14, 2013

How to stay ahead with your home pc security

This article is about security and how to minimize your exposure to malware / virusses / trojans.
Keep in mind that this article is written for the home user and not for the large companies with for example Checkpoint Firewalls with IPS blades, and with SCCM 2012 with integrated CSI, forefront etc....

This is about the average joe who wants to stay secure while browsing the World Wide (War) Web.

The first thing to achieve the above goal, is to keep you off from malicious sites who deploy trojans, try to run botnets etc etc.... for this I use OpenDNS.

  • Speed up your Internet experience
    OpenDNS’s 12 global data centers are strategically located at the most well-connected intersections of the Internet. Unlike other providers, OpenDNS’s network uses sophisticated Anycast routing technology, which means no matter where you are in the world, your DNS requests are answered by the datacenter closest to you. Combined with the largest DNS caches in the industry, OpenDNS provides you with DNS responses faster than anyone else.
  • Make your Internet more reliable
    With our extensive data center footprint and use of Anycast technology, the OpenDNS network has built-in redundancy ensuring zero downtime. SmartCache technology, an OpenDNS innovation, enables you to access sites that may otherwise be inaccessible due to authoritative DNS outages, providing you with the most reliable Internet possible.
  • Improve your security
    OpenDNS owns and operates PhishTank, the largest clearinghouse of phishing information on the Internet. OpenDNS incorporates PhishTank into its services to protect you from fraudulent websites that attempt to steal your personal information and money. In addition, OpenDNS provides protection against two of the most pervasive Internet security threats that continue to infect millions of users — Conficker, the largest botnet, and Internet Explorer exploits.
  • Gain visibility into your network usage
    OpenDNS’s reports provide you with visibility on your networks' Internet activity, giving you needed insight into how your Internet resources are being used.


RDP Authentication issues Windows 2008 R2

Today we had a nasty encounter with sudden access denied on RDP connection to our Terminal Server Farms.

The day started that users could not connect to our Navision environment, this environment constists of an Terminal Server farm with an SQL 2008 Cluster. After analyzing first symptoms we saw that the SQL Cluster had failed over but that the quorum disk was stil on the Node that had "sudden" issues.

Thus we gracefully brought the faulty node down through Cluster Manager and started it up again.
In the meantime we were notified that there were still issues, then we saw profile redirection errors caused by a faulty location and permissions of the user profile location. We left the profiles at default location and focussed on the permissions we fixed them, and users started to report that they could log in again.

But now problems started to appear out of now where users could not connect to our other Terminal Servers farms for other application, we where now more then 3 hours after the initial problems appeared.
While trying to find several causes for these issues we focused on the first symptoms that were reported, we should not have done that but that is with hindsight.


We focussed on Kerberos issues because we have a mixed 2003 and 2008 forest and 50 domains, we sometimes run into the infamous KDC ticket being to large. We now set it to 48000 as per microsoft recommendation for windows 2012 with its base http encoding that it no longer can be set at its largest dword value it can take.
Read this for Kerberos changes in 2012 it will save you in large environments.
http://technet.microsoft.com/en-us/library/hh831747.aspx

But we came to the conclusion it was not the rootcause, simultaniously we started to suspect group policy changes but checking the change date for all applied policies ruled that out rather quickly.

After pinpointing the problems to a single datacenter we realized what just had happened, it was the BlueCoat that was causing the problems, the day before it was put back in service after former issues.

Bypassing the Bluecoat solved the issues.....

pwhmmmmwwwwweeh.. what a day in the office

How to Upload to multiple stocksites at once for free with Adobe Lightroom [Part 1 of 2]

Ever since I've starting to upload my photo's to some microstock sites I always have been looking for the easiest and fastest way possible to upload them to the microstock sites I'm on.

The reason I upload my photo's to multiple microstock sites lies in the fact that you only can make some money if you upload either a lot photo's or some photo's to a lot of microstock sites. Since I don't have a lot of photo's to upload to microstock sites I choose the latter, I upload to a lot of microstock sites.

When you do the math it becomes obvious. Lets say I have 20 photo's that are good enough to upload to microstock sites and I upload them to 25 microstock sites I have effectively the same exposure as with 500 photo's But do it with 500 photo's and you reach a whopping 12500 photo's online. So in order to put in a year 12500 photo's online you only have to shoot 5 decent pictures in a weekend that you can upload to a microstock site.

I almost forgot to tell you how I came by the number 5, A year has 365 days divide that by 7 weekdays ~ 52 multiply that number by the days of a weekend 2 and you get 104 days. In 104 days you have to shoot 500 pictures to get 12500 pictures online. In fact you have to shoot 5 every weekend. That is more manageable than the sheer amount of 12500.

Requirements:

Photoshop Lightroom
Photoshop Lightroom Development Kit
Export Manager

Stocksites:







Google