Malware Fighting Fun - IE-AV

{ August 14, 2008 @ 4:02 pm } · { Internet Explorer, NAV, Security, software }
{ Tags: , } · { Comments }

Have spent a full day this week tracking down and getting rid of some crap one of my users got while watching videos online.  I wanted to document where I found help for this as it may help others and I don’t want to forget what I did.

The problem was that everytime my user (let’s call him John) went to the internet. . he could get a site, but if he tried to click on a second link, he was directed to a bogus website that told him he needed to install the ie-av program.  John had Norton, so I ran that and it found nothing out of the ordinary, so I then did a quick install of Ad-Aware and Spybot.  They found lots of things, but didn’t really help my problem much.  So it was off to Google and a search for IE-AV which led me to a great site where there was ample information and instructions.  NOTE:  I found the comments at the end of this blog most helpful in getting this off John’s PC.

It turns out, that all I really needed to do was uninstall the .dll files that had been dumped in the WINDOWS\System32 directory.  Now, an interesting if not disturbing sidenote is that, when I went into the \WINDOWS directory and the \System32 directory it popped up IE and the same annoying site.  For me, I had three files (g2tool.dll, gtool~1.dll and Gtool.dll) that I needed to delete, and I did have to go into Safe Mode to delete one of them.  A reboot and all was good.

I still want to rebuild that computer, as I am not at all convinced it is “clean” but for now, John is happy and thinks I do great work. . .today a Hero. . .tomorrow?  Who knows?

Must Have Book for New Admins

{ July 23, 2008 @ 8:40 pm } · { Computer Management, Network Administration }
{ Tags: } · { Comments (1) }

I have been reading a book the past couple of days called The Practice of System and Network Administration by Thomas A. Limoncelli, Christina J. Hogan and Strata R. Chalup that I really want to recommend to any new system or network administrator. I have really felt like I am all alone out there a lot over the past year and a half that I have been a new admin, and I wish I had this book a year ago. It looks to be a top level, yet very practical step-by-step guide on how to get your IT Department (no matter how big or small) into to shape. It also focuses on those areas which are important no matter what your industry. I really can’t recommend this book highly enough. I got it for the move I am planning, but I already see that it will help in many other areas as well.

Desktop Support - Linking Contacts in Office 2007

{ July 15, 2008 @ 1:25 pm } · { Microsoft, Office 2007, software }
{ Tags: , , } · { Comments }

When working for a small company, I am finding that it is often necessary for me to be the desktop support  technician as well as the backup gal, server dudette, and network wirer.  I guess this is perfect for me, since I have always been more of a jack of all trades, master of none type of person anyway.   I can also usually track down the answer to any question, if given enough time and resources (usually 2 minutes and Google).

That is what it took to find the answer to the question for today.  I had a user ask me today how to link contacts in Office 2007.  He said he had done it in the older version, but could not find any information on how to do in 2007.  I personally have never linked contacts, so I had no idea what he was talking about, but as he seemed quite distressed, I jumped on Google to see what I could find.  Thankfully, this article by Jennifer Kershaw was just what I needed to be the hero today.

Here is the quick rundown; Open Outlook 2007, go to Tools –> Options –> Contact Options –> check the box next to “Show Contact Linkin gon all Forms” and wallah!  Now each contact has a box at the bottom right allowing you to link contacts to other contacts in your list.

I Am a Geek At Heart

{ July 1, 2008 @ 2:20 pm } · { fun, gifts }
{ Tags: } · { Comments }

I love this wall deco from ThinkGeek:

I guess I really am a Geek at heart!  Oh well, if you can’t beat them, join them!

Exchange Trouble Leads to Learning

{ June 30, 2008 @ 8:21 pm } · { Exchange, Microsoft, Network Administration, software }
{ Tags: } · { Comments }

Why is it that I always learn best by fire?  Why can’t I sit down with a tech book and read about issues, problems and tools BEFORE I have a fire to put out?  Oh well, I don’t.  I usually only learn tech tricks by  having to put out fires on the job.  This was the case last week when our main Exchange server stopped sending mail and started to hold all the messages in the queues. 

I had not had to track anything in the queues before this, so looking at and using the Message Tracking Center Tool was new to me.  I found some useful information on how to do this at two sites; Computer Performance and Amset.info.

But for quick information on how to get to your queues, what you should see, and some quick troubleshooting tips I recommend these sites to get you started.  And by all means, check out you queues, see how messages normally flow so that when you do  have a problem you will know how things should work and may just be able to quickly resolve your trouble.

I’m Going to Community SANS!

{ June 18, 2008 @ 2:53 pm } · { Career, Network Administration, Risk Assessment, Security }
{ Tags: , } · { Comments }

I am going for training finally.  I have only been in my current position for a year and a half now slugging my way through, figuring everything out on my own for the most part before finally getting approved for training.  To say that I am excited really is an understatement.

I did think that my first training would be Microsoft Certification training of some sort, but it turns out it will be SANS Institute training, and I am sooooo jazzed about it.

I will be attending the SEC401: SANS Security Essentials Bootcamp Style, which looks pretty intense, but does cover a bunch of topics that I have been trying to study and work on for the past year and a half.  I am going to be a facilitator at this event, which is really exciting and is honestly the only way my small company can afford to send me.  I will help the instructor and the people at SANS for a reduced tuition price.

Adding a Secondary Server to Symantec Corporate Version 10

{ June 5, 2008 @ 6:04 pm } · { NAV, Network Administration, software, symantec }
{ Tags: } · { Comments }

Someone mistakenly made one of our oldest, most ready-to-die servers the Secondary Server at our location a year ago, so I needed to rectify that quick this week since that server is really ready-to-die now.  I could not find any great documentation really on how you go about doing that, but was able to get it working anyway.

I logged into the Symantec System Center that installed on my main server and really did almost everything from there.  I first had to unlock my server group, and then I chose Tools -> AntiVirus Server Rollout.  I followed the wizard that came up, basically I had to choose my new server, identify the group I wanted to associate with it, and then install it on the new server.  After restarting the server it was installed on, I only had to drag and drop my clients from one server to the other.  It couldn’t have been more simple.

Based on some instructions I found, I could have also installed it from a CD, but since I don’t have those here at our location, this was the way to go for me.  I am off now to disable the old server and then uninstall Symantec from that system.

Security Certifications Are the Way to Go

{ June 4, 2008 @ 3:11 pm } · { Network Administration, Risk Assessment }
{ Tags: } · { Comments (2) }

I read an interesting article this morning over at NetworkWorld.  It seems that while the value of many certifications is dropping, security certification value is on the rise.  For that matter, it seems demand for security related skills in general are on the rise.  For most of us in IT, that is no big surprise.  It seems there is a new data breach scandal weekly, and most of our managers are clammoring for risk assessments.

There are some specific certifications mentioned, like the Certified Information Security Manager and the GIAC Security Expert, both of which I have been thinking about myself, since my boss wants me to delve into the risk assessment process here.  I will be looking into both of these in the coming days.  I believe I have to get in a couple of years of practical experience before I really tackle either of these certs, but it is still something I can set as goal.

Backup Exec and Exchange 2003

{ May 28, 2008 @ 2:05 pm } · { Exchange, Network Administration, Server 2003, backups, software, symantec }
{ Tags: , } · { Comments }

So I had a bit of a panic attack over the weekend after our VP of IT called Friday to ask me to send him over a copy of our backup procedure.  I had the procedure ready (in my head at least, just needed to put it to keyboard and paper) but I also realized that in our backup of our Exchange server, we were not doing mailbox backups.

We use Backup Exec version 9, and we are backing up the drives and the Information Store and the Shadow copy Components, but not the mailboxes and public folders.  So, I started worrying and reading as frantically as I could.  What I found after reading quite a bit and trying (and failing) some test backups was that I didn’t need to backup the mailboxes.

According to the Help, “mailboxes and public folders are already included in the Exchange server database backups, but if you want to make the restore of a mailbox or folder easier, you can also select one or more mailboxes or public folders for backup seperately from the database.”  Now, ideally, I do want to backup the mailboxes seperate.  However, until I get that figured out, I am still backing up the data and can restore it in the event of a failure.

Now, back to getting the account setup correctly so I can backup the mailboxes individually. . .more on that later.

Risk Assessment

{ May 9, 2008 @ 8:09 pm } · { Network Administration, Risk Assessment }
{ } · { Comments (3) }

Out of the blue this week our GM asked me to begin doing a thorough Risk Assessment of our network and out data. Being fairly new to the whole Network Admin role, I quaked in my shoes a bit, and then started with Google. 

What I am finding is that this is a HUGE responsibility that could easily take up most of my time. I also found that I rather enjoy reading about this topic and planning for how we will do this at our small company. I also recognize that this could lead to a much deeper understanding not only of our network but how our company runs.

I started with a well written document from Network Computing called Risk-Assessment Strategies.  Now, I realize that this article is 8 years old, but if I remember correctly from college, methodology doesn’t change much.  Also, this document has been very helpful in giving me a birds-eye view of what I need to do for each area of concern. This turned out to be a great starting place for me, and I will continue to seek out other such help as I begin this immense task.

I also found, through refereneces in the above article, some helpful websites. The SANS Institute has a class that I am very interested in, and while I may not be able to convince the GM to spend this kind of money for training, the outline of what is taught gives me some ideas for what I need to be studying. I am specifically looking at the Security 401: SANS Security Essentials Bootcamp Style class, as it seems like a pretty comprehensive one and one that would be good for someone like me.

I also found that there are cheaper routes to go to get started with Risk Assessment instruction.  For example, here in the Chicago area they are offering a class called ”How to Complete a Risk Assessment In 5 Days or Less” at the Secureworld Expo hosted by Microsoft.  This is three sessions of instruction that promise to provide methods and tools to use “an industry standard process in just five days.” 

As I learn and find more information, I will post it here, and please feel free to send along any links that you have used or have heard are helpful.

« Older entries