Search

The Life of Josh

Computer Engineer, Security Consultant, and Tech Nerd.

Category

Work

False positives in Symantec Endpoint Security

The other day I started noticing that our SEP clients were saying that install_flash_player.exe was a Trojan Horse. I got a lot of alerts like the below;

 At least one security risk found: 

Risk name: Trojan Horse
File path: C:\Documents and Settings\username\My Documents\Downloads\install_flash_player.exe
Event time: 2010-01-28 09:35:13 GMT
Database insert time: 2010-01-28 15:25:05 GMT
User: SYSTEM
Computer: XXXXXXXXXX
IP Address: 0.0.0.0
Domain: system
Server: XXXXXXXXXX
Client Group: My Company\XXXX
Action taken on risk: Quarantined

Continue reading “False positives in Symantec Endpoint Security”

Advertisements

GoToAssist Express vs. LogMeIn Central for IT Consultants

Everyone who has ever supported either their mom or a business client knows that it’s hell to try to and visualize what a user has on their screen, and even worse to understand the user’s interpretation of what they see on their screen. At my primary job we use a product called Bomgar which I know and love. That product requires an appliance device and really isn’t a good fit for me running a tiny consulting business. One of the most important features of a remote support solution is the ability to reach a machine that is behind a firewall. Both GoToAssist and LogMeIn fit that requirement, and both also support Mac and Windows which is my other main requirement.

Continue reading “GoToAssist Express vs. LogMeIn Central for IT Consultants”

OS X Installer Relocation vs. InstaDMG

I have been using InstaDMG for a long time to make my Max OS X 10.5 Leopard and 10.6 Snow Leopard images. It always worked without flaw until recently. A technician mentioned to me that /Applications/Mail.app would not launch on my 10.5.8 image. I later also had some issues with the Finder that I just couldn’t figure out. On an email list someone said they saw the same thing on 10.6 with the following error;

You have Mail version 4.0 (1075/1077). It can’t be used on Mac OS X Version 10.6.2 (Build 10C540)

Continue reading “OS X Installer Relocation vs. InstaDMG”

Consulting for $ ?

I’m finally thinking I’m going to be a little more professional about my computer consulting work. I do it all the time, but all too often I waffle on actually charging people. Sure it’s good to help a friend out. I definitely still believe that, but if I brought my car to a mechanic friend or myself to a doctor friend I would assume they would need to charge me. Sure the doctor friend might waive the $15 co-pay, but he’s still going to get the rest from insurance. I think computers should be the same. I’ll not rip off a friend, but I should get something for the work.

Continue reading “Consulting for $ ?”

Verizon Droid and Eris evaluation

So at work I got to play with a Verizon Droid and an Eris phone. The Droid runs Android 2.0 and the Eris has Android 1.6. I had hopes we could use ActiveSync on them to connect to our Exchange environment. Sadly it seems like because we have a password policy in Exchange for mobile devices, the phones won’t get mail. Seems like the Global Address list isn’t available no matter what. All I could get on the Android 2.0 phone (I didn’t bother with the Eris since it’s an older OS) was my calendar. I don’t know why Google did this so half-assed, but Palm did the same thing with the Pre. We couldn’t get the Pre going with ActiveSync either unless we turned off the password policy. I don’t know if that is still the case for the Pre’s WebOS.

Do people really deploy Smart Phone devices with no password policy? Is anyone that stupid?

So we’ll continue to be a Blackberry / iPhone shop, and these 2 phones go back to Verizon. I really loved the Droid’s display, camera and it was fast. I was not a fan of the weight, dimensions, and flat keyboard. It felt heavy and awkward to hold. The iPhone is still king for me as far as Smart Phones even if AT&T sucks ass for voice service.

 

Locked out

I woke up at 5:30am today thinking I’d be really productive. Caught the 6:05am bus to the city. Got in to the office at 6:30am and found a note on my office door saying that they cleaning people couldn’t open the door. Here at work we have these stupid sliding doors that normally would go in a pocket, but here they don’t. So a box fell over somehow and ended up in the space where the door slides making it so the door only opens about 1/2″. Great start to the day. No way to open the door. I called maintenance but they get in at 8am so I’m sitting in an empty cubicle in front of my office waiting for maintenance to come try to take my door off the rails or something.

Is there a lesson here? Sure it could be not to put a box in my office near my door, but I think the lesson is not to wake up at 5:30am to work an extra 2 hours. Better to stay in bed since nobody cares that I came in early anyway, and it’s not like there won’t always be more work to do no matter how hard I work.

 

HP Mini 1101 Audio & Ubuntu NetBook Remix

If you have an HP Mini 1101 and try loading Ubuntu Netbook Remix and are sad your audio doesn’t work because it uses ALSA 1.0.18 then just follow these easy steps in this article to move to 1.0.20 and bam… sound… listening to Last.fm right now.

 

Spybot Search & Destroy in the enterprise

[ An update to this: They don’t make it very obvious but you need a license for Enterprise use of this product. So much for leveraging this at work. I’ll have to pull back on my installs and figure out about purchasing it for some. I hope this note helps some folks to make sure they have a proper license.]

In the battle against malware at work I have finally decided to use Spybot. For years everyone has always used it to clean up a machine after someone complained about a problem, but I thought maybe I could use it proactively, and hopefully silently. I did a lot of Googling but it is so very hard to find all the information in one place so I thought I’d share the commands I use to install and update Spybot.

Continue reading “Spybot Search & Destroy in the enterprise”

OS X cron job to launch LiveUpdate

So I decided I would share. 🙂 This is the cron job I use to keep OS X machines up to date with LiveUpdate and Norton AntiVirus 9.0.1. It’s a fairly simple script. I put this in /sw/etc/cron.daily/ because I use anacron that I installed with Fink. If you don’t want Fink on your system then there is a system cron that is in /etc you can use, but it requires that the machine must be on when the cron job should run. This condition was not acceptable to me. Read on to see the script…

Continue reading “OS X cron job to launch LiveUpdate”

Blog at WordPress.com.

Up ↑

%d bloggers like this: