Daily IT Matters [DIM]

Project: RPC over HTTP for Outlook Introduction RPC over HTTP for Outlook 2003 / 2007 is a technique for using Outlook as a mailclient for Exchange remotely from anywhere. But with sporting all the features you have when you are normally sitting at your desk at work (I presume you already have outlook as a client for exchange at work) Advantages: Only one port open at the firewall, port 443. We now have SMTP, POP3 and HTTP (25, 110 and 80) wide open to the outside world, for supporting email, Outlook Web Access and Outlook Mobile Access. The SMTP port can now be configured to only accept mail from from your provider (I have bSMTP setup), this will significantly decrease the number of attacks on our network. SMTP is prone to attacks and is used a lot by spammers (searching for open relays) All data coming in and out of the network is now encrypted through SSL. Disadvantages: The Outlook Client must be version 2003 or later. The OS must be windows XP SP

Well if somehow your wsus 3.0 database becomes corrupt. Due to an Database administrator removing the instance for example. I tried to remove through the Add/Remove programs dialog but all I got back was. Event Type: Information Event Source: MsiInstaller Event Category: None Event ID: 11725 Date: 25-09-2007 Time: 11:17:18 User: Domain\Administrator Computer: WSUSSERVER Description: Product: Microsoft Windows Server Update Services 3.0 -- Removal failed. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 7b 32 43 30 44 37 45 33 {2C0D7E3 0008: 35 2d 45 45 36 45 2d 34 5-EE6E-4 0010: 44 43 37 2d 42 41 31 33 DC7-BA13 0018: 2d 32 43 36 38 41 45 44 -2C68AED 0020: 45 42 35 39 44 7d EB59D} And voila the program was removed from the ADD/Remove Programs dialog. So I had nothing. Inspecting the Wsus installation log at %temp%\wsus*.log Reveals the following: MSI (s) (8C:74) [11:17:38:402]: Product: Microsoft Windows Serve

Well this entry deals with the current security setup I have on my computer. And explains why I have them installed. Security comes in several layers I'm not talking about OSI. 1. Router Firewall / NAT. 2. Software Firewall (Application based firewall) 3. Hostbased Intrusion Protection (HIPS) 4. Antivirus. 5. Anti Spyware. 1. The first one is pretty simple either you have it or you don't. My router I got with my broadband comes with NAT but no Firewall. NAT = Network Address Translation. NAT offers a nice first layer of defense for hackers, because they need to figure out what the internal network is. The internal network can be easy to figure out on a specially crafted website, there are several websites that show your internal IP address on your network. eg. http://ip-lookup.net/lan-address You see its easy to get your local lan address. Here are some Apache logs, I had apache running locally for MRTG and I had NOT done any portf