Bill Kam of Trend Micro is coming to Cincinnati to give a FREE live in-person training on Trend’s Worry Free products – best practices for install/configure and how to protect from things like “fakeav”, and new tools for the partner/IT Pro to use as well.  He may cover some of the Worry Free 7 info shown recently in Taipei.  There are some PPT’s comparing Trend with the competition on a level playing field showing memory and CPU utilization that he will go over.  Bill will talk about all the features in Worry Free (some that many probably are not aware of). 

After the class, you can go online and take a “Certification” test (FREE) and with passing, you can get some benefits like showing up in a search on their site for a reseller in the area, website badges and marketing materials (think SBSC program).  Good stuff!

Lunch is included for this event!

Event: Cincinnati SBS SIG – Trend Micro Live Training
Date: Saturday May 22, 2010
Time: 9:00 AM – 4:00 PM EDT
Venue: Max Technical Training
4900 Parkway Drive, #160
Mason, OH 45040
Registration URL: http://cinpa20100522.eventbrite.com/

One of the not-so-fun jobs as an IT Pro is handling the issue of employee turnover at client sites. It’s one of those facts of life. Whether the employee exit is friendly and planned or angst-ridden and a bombshell, there are a lot of things that have to be done. And, as with most things in life, having a checklist helps make sure nothing is missed.

As an outsourced IT provider you should have a standard operating procedure to help your client get through this process as quickly and easily as possible. Below is a sample “Employee Termination Checklist” you can use. The top half contains things the company personnel need to handle, and the bottom half are responsibilities that fall under the IT Department (probably you).

File name: Employee_Termination_Checklist.doc (28 KB)

Depending on the size of the client, there are things you may need to add or remove, but this document should be a good starting point. If there’s something that you feel is blatantly missing, please feel free to add it to the comments below.

Invitation – January 2010 KYSBSUG Meeting #71
Meeting Date: Wednesday January 20, 2010
Time: 6:30 PM Eastern
Location: Money Concepts
Address: 323 Townpark Circle, Suite 100, Louisville, KY 40243
Topic: “Password Security and Password Cracking”

Guest Presenter: Dana Epp, MVP (Enterprise Security)
Founder & President of Scorpion Software (makers of AuthAnvil)

Website: http://www.scorpionsoft.com/
MVP: https://mvp.support.microsoft.com/profile/Dana.Epp
Blog: http://silverstr.ufies.org/blog/

Description: Dana Epp is an industry-recognized expert in security and Microsoft MVP (2006-2010). Dana will talk about local and remote password security in SBS and SMB networks. He’ll also talk about topics such as two-factor authentication and tell you how you can implement this technology for your employees and customers.

Following Dana’s presentation, we’ll have a hands-on lab to demonstrate some of the tools on the market and methods to test (and break) passwords.

6:30 – 6:45 – Local events & introductions
6:45 – 7:30 – Dana Epp presentation (via GoToMeeting)
7:30 – 7:45 – Dana Q&A
7:45 – 8:20 – Hands-on Lab
8:20 – 8:30 – Door prize drawing and wrap-up

Door Prize: This month our door prize is an NFR copy of Windows 7 Ultimate.

This question comes up a lot:

“I have the free Adobe Acrobat Reader, but not Acrobat Professional – can I still create a password-protected PDF?
I don’t feel like paying $360 for Acrobat Professional
just for the ability to do encryption or password protection.”

The short answer is ‘yes’, but you’ll need another program to do it.

I recommend the FREE open source program PDF Creator 0.9.8 (16.8 MB).

Below are detailed instructions you can share with your employees and clients: 
– (Part A) PDF Creator program installation instructions
– (Part B) Creating the password-protected and encrypted PDFs
– (Part C) PDF opening instructions

PART A – PDF CREATOR INSTALLATION (Boring Part)

1. Download PDF Creator 0.9.8 from SourceForge
   http://sourceforge.net/projects/pdfcreator/ 
2. Double-click the PDFCreator-0_9_8_setup.exe file and choose Run.
     
   (If User Account Control pops up in Vista or Windows 7, click Allow)
3. Select your language (English) and click OK.
   
4. When the setup Wizard launches, click Next.
   
5. Accept the license agreement, and click Next.
   
6. For Type of Installation, choose Standard installation, and click Next.
   
7. For Printer name accept the default of “PDFCreator”, and click Next.
   
8. On Select Destination Location, accept the default and click Next.
   
9. The installation will install the PDFCreator Browser Add On (annoying) but you can later uninstall via the Control Panel.
   Uncheck “Yahoo!” and click Next.
   
10. Under Select Components, accept the defaults and click Next.
    
11. On Select Start Menu Folder accept the default and click Next.
    
12. On Select Additional Tasks accept the defaults and click Next.
    
13. And then click Install and click Finish when the installation is complete.
    

Now that the PDF Creator program is installed, it’s time to convert a file into a password-protected PDF.

PART B – CREATING A PASSWORD-PROTECTED PDFs
(Interesting Part)

1. Make sure the document that you want to convert is CLOSED.
2. Right-click the icon of the document you want to convert, and choose
   Create PDF and Bitmap Files with PDFCreator from the pop-up.
   
3. At the “It is necessary to temporarily set PDFCreator as defaultprinter” prompt click Don’t ask me again checkbox and click OK.
   
4. The document will open and then close again, and you will be left with a PDFCreator 0.9.8 dialog box, as shown below.

   Click the Options button.
   

5. On the Options page, expand the Formats tab on the left.
   
6. Click the PDF icon on the left, click the Security tab on the right, and check the Use Security checkbox.
    
7. Choose the following:
   – Encryption level (40-bit or 128-bit)
   – Password to open (user password)
   – Password to change permissions (owner password)
   – Any other user restrictions you want to set
    
8. Hit Save on the bottom right of the Options page, and then Save again on the main PDFCreator 0.9.8 page (seen in Step 4 above). 
9. When the Save as dialog box comes up, give the file a name and
   click Save.
    
10. PDF Creator will pop-up a small animated splash screen…

    

    …and prompt you for the password you want to use to create your document. Enter the password twice and click OK.

    

11. If you leave the ‘Owner Password’ blank (which fine if you want to) you will get an additional dialog box letting you know that it’s blank.
    
    Click Yes to leave the Owner Password blank, or click No to go back and add an Owner Password.
12. Once the document is saved, it immediately tries to open in your preferred PDF reader (I use Foxit Reader) and prompts your for a password. Type the User Password and click OK.
    
13. You should now be able to see your password-protected PDF.
    

Congratulations – That’s a few hoops to jump through!

PART C – WHAT THE CLIENT / RECIPIENT SEES
(The most important part)

1. E-mail them the password-protected PDF document
2. They open the attachment and get prompted for a password 
   
3. Once they enter the password and click OK, the PDF opens.

RECAP

• Part A is just a one-time thing.
• Part B is every time you want to CREATE a password-protected PDF
• Part C is what the client (recipient) and does each time they want to OPEN the protected PDF.

As if PDF attachments weren’t already suspicious enough thanks to UCE, now you have to be concerned about PDFs that can allow someone to take control of your PC.

Yesterday (10/22) Adobe released an update to fix a critical vulnerability in the following software:

• Adobe Reader 8.1 and earlier
• Adobe Reader 7.0.9 and earlier
• Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions
• Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier

Security bulletin URL:
http://www.adobe.com/support/security/bulletins/apsb07-18.html

Here’s the interesting part:

This issue only affects customers on Windows XP with Internet Explorer 7 installed. (Vista users are not affected).

Take that, H8Rs.

I’ve gotten numerous calls about this piece of spam today, so I thought I’d blog it:

From: Administrator <sender changes>
To: <client name>
Sent: Sun Jul 08 18:15:22 2007
Subject: Worm Alert!

Dear Customer,

Our robot has detected an abnormal activity from your IP adress on sending e-mails. Probably it is connected with the last epidemic of a worm which does not have official patches at the moment.

We recommend you to install this patch <url omitted> to remove worm files
and stop email sending, otherwise your account will be blocked.

Administrator

According to PC Tools’ ThreatExpert service, the trojan copies itself to the Windows system folder as ‘windev-72b5-203e.sys’ (md5: 8e2410698872f116620cbd7846adfa34) and registers the file as a service in order to load when Windows is started.

Detection names among vendors vary greatly and include the following:

• TR/Small.DBY.DB (AntiVir)
• Win32:Tibs-BAC (Avast)
• Downloader.Tibs.6.K (AVG)
• Trojan.Peed.OQ (BitDefender)
• W32/Tibs.MV@mm (Fortinet)
• Packed.Win32.Tibs.ab (Ikarus, Kaspersky)
• McAfee 5069 07.06.2007 W32/Nuwar@MM (McAfee)
• Worm:Win32/Nuwar.JT (Microsoft)
• Win32/Nuwar (Nod32)
• Tibs.gen124 (Norman)
• Mal/Dorf-A (Sophos)
• Trojan.Packed.13 (Symantec)
• Possible_Nucrp-3 (Trend)

Recommended Action:

Don’t download it - update your anti-virus signatures. 

According to the latest Apple security update (2007-005), Macs need patches just like any other personal computer.  And these aren’t soft and fuzzy patches for iPods. 

This security update corrects 17 vulnerabilities affecting software packages that ship as part of OS X 10.3.9 and 10.4.9. Some of these vulnerabilities allow attackers to execute any code they choose on your OS X machines.

Three of the fixed vulnerabilities include remote code execution in CoreGraphics, local privilege elevation in PPP, & Denial of Service vulnerability in Bind.   

Here’s the complete list:

1. Alias Manager
2. BIND
3. CoreGraphics
4. crontabs
5. fetchmail
6. file
7. iChat
8. mDNSResponder
9. PPP
10. ruby
11. screen
12. texinfo
13. VPN

As my good friend Ron always says, “It’s easy to say you’re bullet-proof when nobody’s firing at you.”  I use both Macs and PCs, and somehow I don’t think they’ll make a Mac vs. PC ad out of this, do you?

Usually, technology and convergence of digital devices are wonderful things.  But when a Best Buy Geek Squad employee abuses technology to *allegedly* use his cell phone to video record a female customer showering in their own home, that’s disgusting.  Just imagine if that was your wife or sister – it’s unbelievable! 

Best Buy does background & credit history checks before they hire people.  Yet with over 90,000 employees, there are obviously some rotten apples in the bunch.  How many other bad apples are out there (at GS & other companies).  Have you done background checks on your employees?

I’ve got to wonder what the backlash and ramifications for everyone in the SMB market will be.  It seems like industry regulations for IT can’t be far behind.

One thing is for sure, this dude will never be a “Sleeper“, and that’s a good thing.

Source:  Gizmodo

(I use the word ‘allegedly’ for legal purposes.)

How many new viruses come out per month?  Back in the day we quoted 300 per month, then 400.  And today some say 1,968 per month.  That’s 64 new viruses per day / 21 each night while you sleep / 2.6 per hour.  Sobering thought, isn’t it?

Fortunately, you’ve got anti-virus software to protect you.  But how good is it?

Austrian firm AV Comparatives unleashed 1,000,000 virus samples on the top anti-virus products in their 13th comparative test of on-demand detection of malicious software.  The 17 victims were:

• Avast! Professional Edition 4.7
• AVG Anti-Malware 7.5
• AVIRA AntiVir Personal Edition Premium 7.03
• BitDefender Professional Plus 10
• Dr.Web for Windows 95-XP 4.33.2
• eScan Anti-Virus 8.0
• ESET NOD32 Anti-Virus 2.70.23
• Fortinet FortiClient 3.0
• F-Prot for Windows 6.0.5.1
• F-Secure Anti-Virus 7.01
• G DATA AntiVirusKit (AVK) 17.0
• Kaspersky Anti-Virus 6.0.2
• McAfee VirusScan 11.1
• Microsoft OneCare 1.5
• Norman Virus Control 5.82
• Symantec Norton Anti-Virus 14.0
• TrustPort Antivirus Workstation 2.5

Obviously, some AV companies are MIA from that list.  How did your favorite AV software stack up? 

Hit the jump to the PDF report to find out (9 pages – 0.6 MB).
http://av-comparatives.org//seiten/ergebnisse/report13.pdf

Breaking the law just got even easier kiddos.  Now any idiot with $59.95 can violate trust between parents & kids, spouses, employees or co-workers by simply plugging in a USB stick.

Enter “SnoopStick” from CYBERsitter, or as I like to call it, “Yet another reason to lock down those USB ports in Windows Vista.”

“Oh,” you say, “that’s stuff’s been around forever.”  True - but it’s never been this easy before.  Any AOLer could pull this off.

Keep in mind, I have no problem with internet usage monitoring and reporting.  I’m a huge fan of ISA and sharing the reports with the business owners, employees, and even family members on the home network.  What I take issue with is surreptitious snooping and monitoring.

Read on.

The SnoopStick takes under 60 seconds to install, has no commands or passwords to remember, and lets you monitor PC activity in real time from any PC across the web. 

Here are some of the ‘major features’:

• Monitor all web site access (Works with all browsers and web enabled programs.)
• Monitor both sides of all “instant messenger” communications (all popular IM programs.)  
• Monitor all email access:  SMTP, POP3, IMAP (to & from info.)
• Monitor activities in real time, or retrieve activity logs from recent activity.
• SnoopStick records EVERYTHING, whether you are monitoring in real time or not.
• Store up to 12 months of activity logs.
• All program modules are updated completely automatically. 
• Send the user a pop up message alert. A good way to tell them they’re busted!
• Turn off/on Internet access with the SnoopStick locally or remotely.
• Set allowable times for Internet access.
• Prevent users from using certain types of Internet programs.
• Block access to specified ports.
• Block access to web sites.
• One click “Block Social Networking” option instantly blocks access to sites like MySpace.com.
• Completely secure. Only your SnoopStick can access your computer or change the settings you have chosen.
• Works with Windows 2000, XP, 2003, and is Vista ready.

Of course, this is all completely legal according to their website FAQ, as long as you own the computer?  And nobody would ever install this without telling their spouse / employees / etc. right? 

And nobody would ever install this on an employee’s home computer without them knowing about it.  You know, the computer they use to access OWA, RPC over HTTP, http://companyweb and the corporate VPN, right?  Of course not! 

Just imagine the possible ramifications:  One of your employees who telecommutes every other Friday ends up in a custody battle.  The spouse pull out their trusty little SnoopStick that is filled with IM conversations and sensitive corporate info labeled ‘Exhibit C’.  Projected right up there on the big screen.  No PR nightmare there. 

“HIPPA, party of two, your table is ready…”   Good times.