Wednesday, November 10, 2010

Disabling right click - (or the context menu) via Group Policy

To disable the right click you enable a setting in Group Policy called  "Remove access to context menu".

This option is available for Internet Explorer, Windows Explorer, Start Menu and Taskbar.

If you allow access to the right mouse button the students will be able to access other systems that might compromise the network at the school.

When changing settings to the Group Policy ensure you make changes to the relevent Group Policy object - such as "Student Security settings".

The settings in Group Policy for "Remove access to context menu" are in:


User Configuration | Administrative Templates | Start Menu and Taskbar

User Configuration | Administrative Templates | Windows Components | Windows Explorer

User Configuration | Administrative Templates | Internet Explorer | Browser Menus

Tuesday, August 10, 2010

Telnet Joggler

The following information can be used to configure the Joggler to allow Telnet connections:
http://jogglerwiki.info/index.php?title=Installing_Telnet

If using Windows Vista or Windows 7 you will need to install Telnet from the "Turn Windows features on or off" option in Control Panel - Programs.

Connect to the Joggler:
Start Telnet.

In the command prompt type Open 192.168.1.x  (Where 192.168.1.x is the IP address of your Joggler - obtained from the Settings - Network)
Password -- letmein

Change directory:
cd /media/appshop or cd tv

Make directory:
mkdir tv

Copy file from internet to folder.
wget http://www.location.com/Program.tar   (Ensure you use appropriate capitals)

Expand compressed archive
tar xvf Program.tar

Delete compressed archive
rm Program.tar

List files in the folder
ls

Copying file
cp applications.xml applications.backup


Edit file
vi applications.xml

Insert/edit the file
i

esc to exit insert mode
:x to write and exit
:w to write changes
:q to exit
:q! to exit and discard changes

Reboot the Joggler
reboot

Tuesday, July 27, 2010

Microsoft Office 2010 KMS Licensing

Taken from Microsoft Site:


Brief Description
Volume licensing editions of Microsoft Office 2010 suites and applications, Microsoft Project 2010 and Microsoft Visio 2010 require activation. Key Management Service (KMS) is a local volume activation method. To activate your Office 2010 client installations with KMS, you will need to set up a KMS host. KMS Licensing is recommended if you have 50 or more workstations.


Overview
An Office 2010 KMS host is required if you want to use KMS activation for your volume license editions of Office 2010 suites or applications, Microsoft Project 2010 or Microsoft Visio 2010. When Office 2010 volume edition client products are installed, they will automatically search for a KMS host on your organization’s DNS server for activation. All volume editions of Office 2010 client products are pre-installed with a KMS client key, so you will not need to install a product key.

The download contains an executable file that will extract and install KMS host license files. Run the file on either 32-bit or 64-bit supported Windows operating systems (Windows 7, Windows Server 2003 Service Pack 2, Windows Server 2008 R2). These license files are required for the KMS host service to recognize Office 2010 KMS host keys. It will also prompt you to enter your Office 2010 KMS host key and activate that key. After this is done, you may need to use the slmgr.vbs script to further configure your KMS host.

Microsoft Office KMS clients are only activated when five or more than five computers with MS Office installed attempt to get activated using the KMS host. In case of operating systems (e.g. Windows Vista and Windows 7), activation starts after 25 or more than 25 computers with Windows client request for activation.


Instructions
Follow these steps to set up a KMS host:


  1. If you are running Windows Server 2003, you will need to perform this extra step. You will need to download and run the files below:
    Windows Server 2003 32-bit 
    Windows Server 2003 64-bit
  2. Download and run the KeyManagementServiceHost.exe file on this page on a supported operating system.
  3. Enter your Office 2010 KMS host key when prompted. 
  4. Click OK to continue with activation. 
  5. Open port 1688 and allow the KMS host service through the firewall.
    Windows 7 volume editions or Windows Server 2008 R2.
    Open Control Panel and click on the Windows Firewall icon.
    Click on the “Allow a program through Windows Firewall” link.
    Click on the Change Settings button.
    Check the box for Key Management Service. 
  6. Read the documentation to learn more about configuring your KMS host (including activation by telephone) with slmgr.vbs at TechNet.

Monday, March 29, 2010

Anatomy of an Attack - How Hackers Threaten your Security

Late last year I attended a seminar titled “Anatomy of an Attack – How Hackers Threaten your Security” by Sophos – stay with me it is important.
Malware (Viruses, spam etc.) used to be distributed by running programs or accessing Word documents they were designed to specifically attack your systems and cause problems with your network. Sophos have now seen a change where theft of data is now the focus and most malware attacks come from infected web pages.
“There is now more new malware per day, than there were for the whole of 2006”
“83% of malware infected web pages are on legitimate websites”
Sophos’ experience has shown that:
  • Networks that use forums or blogs are getting inundated with links to fake antivirus and other malware sites.
  • Very professional looking fake antivirus sites falsely identify viruses on your local machine then recommend you install their fake antivirus to clear them, thus installing the malware.
  • MAC malware is now a reality, and malware sites differentiate between operating systems and attack them with appropriate malware.
  • Targeting of applications, especially the growing Web 2.0 applications, including Adobe, PDF and Flash, Quicktime and Java.
  • Malware distributers are aware that users now install updates and multimedia plug-ins regularly so build websites that require these, getting the site user to install the malware.
  • Hackers are targeting un-patched unsecure websites, especially the ones that are database driven.
There are a number of ways to limit the possibility of malware attack.
  • Ensure not just the Windows operating systems and applications are kept up to date, but also the applications that are used regularly, Internet browsers, Adobe Flash, Adobe Acrobat Reader, Quicktime and Java etc. Hackers know which applications are used, which versions have vulnerabilities and then target their attacks.
  • Set the workstations to operate at user level, do not get the users to logon with workstation administrator access rights.
  • If hosting websites ensure the server is secure and patched to block all know vulnerabilities.
  • Ensure passwords are appropriate; the administrator passwords should be at least 8 characters long, with a mix of alphanumerical characters and a mix of upper and lowercase characters. (The Conficker virus spread from one computer to another over local area networks using a database of standard passwords.)
  • Ensure the Anti-Virus client is up to date with the latest update.
    For Sophos:
    • On Standalone versions of Sophos:
      To update, double click the Sophos shield in the bottom right of the task bar.
      To check the update, right click on the Sophos shield and click Open Sophos Anti-Virus. The Sophos Status section is displayed on the left.
    • On network installations of Sophos, check Sophos Enterprise console. (Ensure your network team is monitoring this.)
New malware term:
Server-side polymorphism.
New hacking techniques are emerging making malware increasing difficult to detect and clear one of these is server-side polymorphism. Polymorphism based malware included a polymorphic engine that allowed the malware to replicate and change making it more difficult to identify and block. Server-side polymorphism is where the engine of the malware is not left on the system so the engine can now also be altered, and allowing the malware to change rapidly and harder to detect, making content analysis not enough to clear the malware.

Using Twitter

I have recently been exploring Twitter and looking at using it to publish some of the things I am interested in.

I have found some blogs very useful:



Link:

http://twitterfeed.com