Monthly Archives: March 2012

Words of Security Truth

As anyone in IT knows, security remains to be more farce than function, in respect to design and implementation.  When one of the Gov’t Cyber Security advisers confirms your opinions, you want to tell yourself more businesses will pay attention.

Another article here.

Mr. Henry said FBI agents are increasingly coming across data stolen from companies whose executives had no idea their systems had been accessed.

“We have found their data in the middle of other investigations,” he said. “They are shocked and, in many cases, they’ve been breached for many months, in some cases years, which means that an adversary had full visibility into everything occurring on that network, potentially.”

Mr. Henry said that while many company executives recognize the severity of the problem, many others do not, and that has frustrated him. But even when companies build up their defenses, their systems are still penetrated, he said. “We’ve been playing defense for a long time. …You can only build a fence so high, and what we’ve found is that the offense outpaces the defense, and the offense is better than the defense,” he said.

So true.  The attempts from DCMA and beyond to ‘illegalise’ these attacks, is likely to be about as successful as the War on Drugs.  From a consumer standpoint, computers will become more and more awful to protect from random spyware / botnet infections.  Targeted attacks?  You would be so utterly helpless.

Hopefully more people will give some advisement to these warnings.  The fact of a quoted ‘~400+ days’ before most companies know they are penetrated is a seriously critical fault.  Either way you look at it, the exploit game by far has outpaced the white hat show.

All we can do is try to keep up as much as possible.  Patch Schedules and Port Scans are a nice process to get into.

Windows Server 2008

Good Lord!  I’ve recently been requested to administrate some Server 2008 machines.  They sure did change up the Group Policy access methods.  ADSI Edit is the new name of the Group Policy Administration game.

adsiedit.msc

To get an overview of ADSI Edit, give this link a run so you can see how to do what you were likely used to beforehand.

You can also do what you need via command line.  Full Info here.

Check your current policy via this command:

net accounts /domain