THE OFFICIAL BLOG OF THE SBS DIVA

http://www.bgr.com/2012/04/23/security-firm-identifies-origins-of-flashback-mac-virus/
On the news lately has been how Wordpress blogs have been used to infect Macs.  On the wordpress side of the blog site (http://blogs.msmvps.com) we had an interesting event the other day.

We started getting reports from bloggers and readers that Eset,MSE and other virus engines kept alerting of a malicious javascript on the site.

Did multiple scans, did a Windows Online forensic analysis and found no malicious code actually "on" the box.  What I did find was that it appeared that plug ins on the site appeared to be calling javascripts.  It even appeared that possible googleapis were involved.  We rebuilt the Wordpress side, leaving off all googleanalytics plug ins.  And making sure that all timthumbs on the site were updated.  Several themes from paid sites I downloaded still had vulnerable timthumb files in there.

But bottom line I'm not feeling warm and fuzzy.  I put in a url blocker to block any .class urls called into the blog to ensure that if there's any plug ins had any malcious javascript they would be blocked.  But the site had the latest wordpress.  Bottom line, I'm not feeling warm and fuzzy that one can really secure a wordpress site.  So be careful when surfing... EVEN on this web site.

In the 2008 era of backups I've not seen that the reregistering of DLLs helps.  What does help is merely listing the VSS writers and looking deep into the log flles and seeing what it's complaining about.  Spotted this blog post that may also provide more info when you are trying to debug VSS backup issues.

How to: VSS Tracing - Ask the Core Team - Site Home - TechNet Blogs:
http://blogs.technet.com/b/askcore/archive/2012/04/29/how-to-vss-tracing.aspx

ZERO DAY A film about cybercrime and threats to the Internet by Charles Koppelman — Kickstarter:
http://www.kickstarter.com/projects/1175064326/zero-day-a-film-about-cybercrime-and-threats-to-th

Want to help back a documentary about cybercrime and Internet threats?

Donate any amount and be an official backer of a documentary about cybercrime.

The Microsoft SMB Parallax | Looks Cloudy:
http://www.lookscloudy.com/2012/04/the-microsoft-smb-parallax/
“It seems that MS heads are just in the Clouds. Feels (and sounds) like they are only listening to a small subset of partners and are not listening to any other feedback, especially from clients (end users), through their partners. Very sad. Feels like they have their eyes and ears covered.”

I hate it when Vlad blogs a post that is spot on with what I see others feel.  When he touches a nerve he tends to spear it with a knife and make it bleed a bit.   And I'm not convinced Microsoft is actually even listening to partners, unless those partners are by the names of Dell and Geek squad. 

I also don't like it when I'm told that I have no choice.  I do think they are choices, but as someone said the other day, we've all gotten soft and lazy and flabby and not exercised our muscles to devise our own solutions.

So how about we start talking about some of those options -- Kerio (www.kerio.com ) is one

http://www.clearfoundation.com/Software/overview.html is another.  Thoughts?

Ouch.  Well I can guess who will be getting that competency.  Larger firms and Geek Squads.

What are the requirements to earn the Microsoft Partner Network Small Business Competency? - Microsoft SMS&P Partner Community Blog - By Eric Ligman - Site Home - MSDN Blogs:
http://blogs.msdn.com/b/mssmallbiz/archive/2012/04/26/what-are-the-requirements-to-earn-the-microsoft-partner-network-small-business-competency.aspx

$1850 a year?  And requiring the Office 365 exam when nearly every partner I hear doesn't like Microsoft billing their clients direct?

Man, I could be wrong but but nearly every SMB partner I know will consider this to be a slap in their face and only for the big partners.

More details:

Why you should care about the Small Business competency:
http://www.digitalwpc.com/GetInvolved/MSPartnerPerspectives/JonRoskill/Pages/Why-you-should-care-about-the-Small-Business-competency.aspx#fbid=1l4Dwk_W3Pd
Details on the Microsoft Partner Network Small Business Competency announced - Microsoft SMS&P Partner Community Blog - By Eric Ligman - Site Home - MSDN Blogs:
http://blogs.msdn.com/b/mssmallbiz/archive/2012/04/17/details-on-the-microsoft-partner-network-small-business-competency-announced.aspx

In case this hits anyone.....

MS12-017: Vulnerability in DNS Server could allow denial of service: March 13, 2012:
http://support.microsoft.com/kb/2647170/en-us?sd=rss&spid=12925
*Symptoms*
After you install this security update, the DNS Server service may not start, or you may receive an access violation error message shortly after the service starts, or after the operating system starts.

*Cause*
This issue may occur if DNS is configured to have a CNAME and a SOA record that both exist for the "@" record. The "@" record identifies the root of a DNS zone. This can frequently be identified in the DNS Manager as a record with the "(same as parent folder)" name. The SOA and NS records are allowed in this folder. RFC 2181 describes name uniqueness checks for CNAME records. According to RFC 2181, the CNAME may not exist in the “same as parent folder" ("@") of a zone.

*Workaround*
To avoid this issue, identify and remove the "@" CNAME record that is causing the issue from the misconfigured zone before you install security update 2647170

Several folks have reported DNS issues in the last couple of weeks and it appears that root hints are freaking out for whatever reason.

If you are running SBS 2008 or SBS 2011 and not using forwarders, make sure you put the registry key noted in this blog post on your boxes.

http://blogs.technet.com/b/sbs/archive/2009/01/29/cannot-resolve-names-in-certain-top-level-domains-like-co-uk.aspx

The migration documentation for going from SBS 2003 to SBS essentials has always been a bit lacking.  Check out Robert Pearman's guidance instead!

Migrating to SBS 2011 Essentials eBook « Title (Required):
http://titlerequired.com/2012/04/23/migrating-to-sbs-2011-essentials-ebook/

(MCTS): Microsoft Windows Small Business Server 2011 Standard, Configuring (70-169) Certification Guide | Packt Publishing Technical & IT Book and eBook Store:
http://www.packtpub.com/mcts-microsoft-windows-small-business-server-2011-standard-configuring-certification-guide/book

Check out Robert Crane's book for an excellent resource!

I have a standalone godaddy hosted wordpress blog for the smbtnfresno group and my goodness is it a spam catcher.  Lately I've noted that netvibes.com is also a spam maker as well as it's now a place where drugs are advertised on the back end of this site.

Nice, huh!

Looks like there's a new SBS Essentials box?

http://www.itbusiness.ca/it/client/en/home/News.asp?id=67108

The Acer AC100 server just went across my radar.

Got another candidate for a patching tool  http://www.vmware.com/products/datacenter-virtualization/vcenter-protect/overview.html

Bad news you can only buy it in lots of 10.  So if you don't have 10 servers, you have to buy 10 seats.

I Am The 42 % | NoGeekLeftBehind.com:
http://www.nogeekleftbehind.com/2012/04/16/i-am-the-42/

Good post to read.  I'm hearing from many partners that the actions of Microsoft are alienating them.

Windows Intune 3 Preview:
http://www.winsupersite.com/article/windows-7/windows-intune-3-preview-142871

Intune now has Mobile device management (uh I've had that since SBS 2003), but it still doesn't have one of the things that IMHO it really needs - patching of servers and support of third party patching.  That's right we're in v3 of this and still no support of servers. 

So I'm on my review of patching solutions for small businesses that support third party patching and vendors have started pricing with a minimum amount..

Vmware Go pro is a minumum purchase of 50 devices at $1 per device per month.  So $600.

Secunia is 1-100 seats is $2,700 http://secunia.com/vulnerability_scanning/corporate/request_quote/ 

Intune doesn't patch third party.

Anyone else got ideas?

When you do a migration and the Exchange setup fails, there's a trick to reading the log file.

Open up the Exchange setup log file and scroll ALLLLLL the way to the bottom.

Now look for a place in the log file where the items indent --

I've highlighted the indentation area you should look for as the clue of where the barfage occured.

Right above that indentation is where you should look for hints for errors.  Look for some key phrases and words and google/bingle the words.

In this case there was an email address policy that was causing the block  "on Address List or Email Address Policy "ABC Email Address" is invalid".

But the key is scrolling all the way to the bottom and reading from the bottom up.

Winners | 2012 SMB 150 Awards:
http://smb150.com/page.php?page=winners

To all those who voted for my two nominees...thank you!

Both Eriq Neale and Damian Leibaschoff made it to the SMB 150 awards!

If you blow up the iphone taken photo....that's a cloud being installed in my office complex, better known as a Comcast line being pulled into the complex.

The red arrows are the workers putting the cable under the walkway.

So as of today we know it's Windows Server 2012 officially now. 

http://redmondmag.com/articles/2012/04/17/system-center-2012-announced-at-mms.aspx

You know what I'm concerned about?  I don't see small solutions here.  I see people wanting private clouds but up on the consultants datacenter and not in just any old cloud.  They want their data separated and not comingled.  They want what the enterprises want, but don't have the funds to pay for what the enterprises pay.  I want part of a cloud, I just don't want it in a cloud where I can't get response and support. 

So what about you?  What sort of cloud do you want?

Finding a smidge more room on your Server drive?  If you have enabled indexing so that your Win7's can index and search better you need to remember to move your index away from your C drive.

Go into the control panel and change (select new) to move the indexing to another location.  Stop the Windows Search and restart it.

You know what's sad?  I've heard of several consultants say that they are having to justify to their clients the solutions they are providing to them.  Even if the client has a slow DSL, has a big fat thick client requirement that the marketing of the cloud, the overwhelming "You are dumb to be having an on premise solution" is impacting perceptions of customers.  Even if an on premise solution is the best solution, consultants are starting to have to justify this.

Cloud solutions are v1.  (seriously even if Office 365 is the second cloud version for Microsoft).  They still need a lot of work.  See this for a good write up on where they need work:  http://redmondmag.com/articles/2012/04/01/3-reasons-office-365-could-ultimately-fail.aspx

But obviously that need for large firms to have monthly revenue streams means that they are putting their marketing dollars behind it and it's having an impact.

http://support.microsoft.com/kb/2671605

The turbo tax issue of Friday is now documented:

Known issues with this security update
•We are currently aware of an issue with printing from a Windows Forms application. After the installation of these security updates, certain Windows Forms applications may not print, or may not honor specified printer settings when they do print. There is no impact on systems that do not use printing functionality from a .NET Framework Windows Forms application. The investigation into this issue is ongoing.

Workaround

 To print from an affected Windows Forms application, print the content to a file on your computer instead of directly printing to a printer device. For example, print to a PDF, XPS, or any other supported format file. You can then open the file that you created and print directly from there.