If you are looking for a Trusted 3rd Party SSL Certificate that you can install on your server, is cheaper than a GoDaddy SSL Certificate and means you don't have to install the certificate on your computers or hand-held devices, then you can buy one from:
http://www.exchange-certificates.com
Got a question – talk to me now.
Help Bring Clean Water to Ethiopia
Excellent Price / Performance Anti-Spam Software
If you are looking for some Excellent Anti-Spam software that is priced per server not per user and that will reduce your spam dramatically, then I can recommend Vamsoft ORF (http://www.vamsoft.com). I personally use this on my own server and have installed it successfully on the majority of my customer's servers and we are all incredibly pleased with the results.
If you would like to purchase this software at a very competitive price, please drop me an email to alan@it-eye.co.uk.
There are emails doing the rounds at the moment asking you to Upgrade Adobe PDF Reader which are completely bogus and should be ignored / deleted immediately as no doubt there is an unwanted element to clicking on the link that you are presented with.
Adobe are not in the habit of emailing customers advising them of newer version of their software, just as Microsoft and most of the other big companies don’t. Beware such messages claiming to come from well-known companies and always look upon such emails as suspicious.
If you have Anti-Spam software that can be customised to reject messages based on Subject or Content, you would be highly advised to add a new rule to block this type of message from coming through.
The Subject of the Email is: Activate Your New Adobe PDF Reader
The body of the email is:
ADOBE PDF READER SOFTWARE UPGRADE NOTIFICATION
This is to remind that a new version of Adobe Acrobat Reader with enhanced features for viewing, creating, editing, printing and internet-sharing PDF documents has been released.
Over the past few months I have seen a noticeable increase in the number of servers that I look after that have alerts raised due to large number of Hacker Attempts trying to pass Usernames and Passwords to the server in the vague hope of eventually finding a combination that actually works.
Once a combination of Username and Password is successfully found, the server will invariably be used to send out vast amounts of spam, which will ultimately result in the innocent victim having problems sending mail because the fixed IP Address that they have will be listed on one or more Blacklist websites.
One such server that I was called to that had suffered from such an attack had been sent about 380,000 spam emails to send out in a very short space of time. Identifying the problem account and cleaning up the mess caused can be a tricky process, but with the right information to hand, an understanding of why this has happened and the optional use of software such as Vamsoft ORF which has excellent logging capabilities, the problem can quickly and easily be identified, the account being used either disabled or the password changed and the SMTP service restarted.
What can you do to prevent such an attack from hitting your server?
Well, there are several preventative measures that you can take to reduce the risk:
1. Configure Passwords to be complex (to include Uppercase letters, Lowercase letters, Numbers and Special Characters e.g., !”£$%^&*()_+}{][#’@~?></.,)
2. Make sure passwords have a minimum length – the longer the better but at least 7 or 8 characters as a minimum.
3. Force passwords to be changed regularly (at least every 30 – 60 days)
4. Enable account lockouts after a low number of invalid login attempts (between 3 and 5 invalid attempts). Make sure the accounts are locked out for approx 15 minutes to slow down the hacker.
5. Make sure your firewall is configured to only allow the protocols that you need allowed through and close off any others that are not needed.
6. Regularly review your firewall settings to verify the open ports are needed.
7. Make sure your firewall logs all access to your systems so that you can track down the source IP Address that requests are coming from. The logs will be invaluable in determining the source of multiple login attempts.
8. When the firewall logs get full, make sure you have them emailed to you and keep them in a safe place.
9. Setup alerts for the Security Log and make sure you get notified of multiple invalid login attempts. The sooner you act, the less chance the hackers have to probe your security, usernames and passwords.
10. Make sure you don't have an account called Administrator on your server that is active. If you do, create a new Server Admin account, copying the Administrator account and then disable the Administrator account – it is an obvious target account and hackers will try this account almost every time.
11. Regularly review your user accounts and make sure you either disable or delete ones that are no longer needed.
12. Make sue that all your server user accounts are easily located in Active Directory, ideally in a single OU, so that you don't have to hunt around for accounts and thus can easily overlook and account that is located in an obscure OU that you never look at.
If you currently don't implement any form of password security, you may meet stiff resistance from staff to enforcing the above changes to passwords, but the first time you are hacked and suffer problems sending mail as a result of being hacked in this way, your users might actually understand why these settings are needed.
If you implement some or all of the above, you should limit the possibilites of being hacked and used as a spammers relay to spew forth their rubbish. If you don't – then you can't say I didn't warn you : )
Anyone who has an HTC HD2 mobile phone and syncs it to an Exchange Server that forces a PIN for security reasons has probably been frustrated as much as I have with having to key in the PIN every single time the phone is turned on.
Having used numerous HTC mobile phones over the past 6 or 7 years, and not having had this problem with any of their phones before, even when connected to an Exchange Server, I spoke to HTC about the issue and left the problem with them to hopefully find a fix and allow me to use my phone properly.
Well, that was in early August when I got back from holiday.
It is now September 23rd and having not heard a peep out of HTC, decided to chase them up and see what progress they had made.
After putting the phone down to HTC after one conversation, they suggested that I call my airtime provider (O2) as the software on the phone was an O2 branded version and that they must have changed something to cause the problem. Well, my business partner has an O2 HTC HD2 phone and it came from O2 and does not have the O2 branding all over it and it has the same problem, so a further call to HTC to discount O2 as the root of the problem left them a little bit perplexed, but me even more annoyed because I had to explain myself again to the support person at the other end of the phone.
One support guy escalated the call to a 2nd line person who basically advised me the fix was to Hard Reset the phone (which I had already done, so had my business partner, and it was no better). Well, that was useful advice!
To cut a long story short, after several phone calls to different HTC support staff, each time having to explain the problem to them, which they clearly did not understand and after much persuasion that it was not an Exchange issue, not an issue with the settings on the phone, but that the settings were simply getting ignored, I finally spoke to one person there who basically said that they were not going to do anything about it because it was not a problem, more like a “Security Feature”! Well – it is a Security Feature that I can do without.
After the final phone call, I rang O2 and asked if they could change my handset to one that worked. They advised me that I was not able to upgrade (having just done so), and could not change phones, so I was stuck with the annoying handset until next time renewal was due (10 months away). At that point, I asked to be put back onto an iPhone tariff and will continue to use the iPhone.
Not wanting to let this problem go, I surfed the web and after scouring through some forums, decided that I was not alone in having this problem, music to my ears, but no doubt something that HTC won’t want to hear, or maybe that should be ‘couldn’t care less’?
Buried within one forum was a Registry Tweak that could be made which looked like it might solve the problem and one user reported that it had worked for them (hurrah!).
So, I downloaded CERegEditor and installed it, then hooked up my HD2 via the USB cable and opened up the registry.
The suggested key to change / add was:
HKCU\ControlPanel\Keybd REG_DWORD DeviceLockWhenSuspend – Value = 0
After adding that key, because it was not already present, soft resetting my phone and testing the phone lock timeout, the phone did not ask me for the PIN every time I turned the phone on. Eureka!
So – tomorrow I may call HTC and advise them of the ‘fix’ to the problem they don’t seem to care about and hopefully they will add this to future ROM versions so that others may stop being as annoyed as I was about this little issue that seems to be frustrating the life out of every HTC HD2 owner.
One drawback of this registry “tweak” is that the phone will start working in your pocket as there now i sno lock facility. This was a minor setback and can be fixed by installing the following free App:
Today Microsoft released Update Rollup 1 for Exchange 2007 Service Pack 3 (after I just installed SP3 on an SBS 2008 box today!). Thanks Microsoft – perfect timing (LOL).
This update can be downloaded from the following link:
Microsoft has announced today that their next Mobile Phone Operating System (Windows Phone 7 Series), has been released to manufacturing.
As with most Mobile Phone Operating Systems, if you have a phone that has been tied to a particular carrier, it will be a few weeks before you can download and upgrade your Windows Mobile 6.5 phone.
Windows Phone 7 Series has been a complete re-write for Microsoft and it promises to be very different to the past versions.
Personally, I hope they bring out a Windows Phone 7 Series Home User version and a Windows Phone 7 Series Professional version, so that people have a choice and can use their phones for business (as I do), or use it for social networking, which I don’t.
The new version is all geared around people and what they are doing / up to, not something I will be rushing to update my phone to (he says), but then I said I wasn’t going to get an iPhone and then did (although I don’t use it any more).
Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited.
Excerpts and links may be used, provided that full and clear credit is given to Alan Hardisty and "Alan Hardisty's Blog - All Things IT Related" with appropriate and specific direction to the original content.
About Alan Hardisty
I am a seasoned IT Support Professional who has worked in the IT Industry for the past 20+ years and am currently running my own IT Support Company in Orpington, Kent (UK) with my business partner Mark Sitwell, who has also been in the IT Industry for the past 20+ years.
I can be found regularly answering technical questions on Experts Exchange where I am currently sitting at 47th position out of 115,218 Experts worldwide (see below).
IT Eye primarily focus on the Small to Medium Business Sector (SMB) and have a wealth of experience supporting single users up to and including customers with multiple servers and 60+ workstations.
Distance is not a problem as we use a variety of Remote Support Tools to support our customers and have worked numerous times on servers in the US, Canada and other countries around the globe, as well as across the UK.
Alan Hardisty's Blog - All Things IT Related 