Illinois Statewide Terrorism and Intelligence Center has disclosed a water plant SCADA (supervisory control and data acquisition) system hack that caused a water pump failure.
More here: US Water System Hacked: A Community-Wide Issue
And here: Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says
Friday, November 18, 2011
Friday, October 21, 2011
Tomboy Notes in Windows 7
Tomboy Notes is "THE" note taking and organizing tool! In my humble opinion.
Typically used in Linux systems, but recently using on Windows XP and Windows 7 development workstations.
Came across an error where the "Search All Notes" dialogue window would not open... well, it would open but not be visible on the Windows 7 system.
I found this fix:
Just wanted to share the love with other Tomboy Notes users!
Typically used in Linux systems, but recently using on Windows XP and Windows 7 development workstations.
Came across an error where the "Search All Notes" dialogue window would not open... well, it would open but not be visible on the Windows 7 system.
I found this fix:
- I regularly dock and undock my laptop...so it regularly goes from using dual screens to using the laptops monitor.
- When I booted back up at home, undocked, my prefs.xml went back to:
[search_window_x_pos]-32000[/search_window_x_pos]
[search_window_y_pos]-3200[/search_window_y_pos]
- As a workaround, I picked an x and y location that works for both my dual monitor setup, and my laptop monitor, and then I made the prefs.xml read-only (on a Windows 7 machine, right click on the prefs.xml file, click Properties, check the "Read-only" box, and then click "Apply").
[search_window_x_pos]-250[/search_window_x_pos]
[search_window_y_pos]-250[/search_window_y_pos]
Note: The ramifications of this workaround (I would think) are that I can no longer make changes to my preferences. If I want changes to take effect, I would have to deselect the Read-only box, and then proceed to make those changes.
'Search All Notes' dialog not working in Windows 7
Just wanted to share the love with other Tomboy Notes users!
Thursday, June 9, 2011
Converged Networking
Doing some research for a network upgrade project and thought I would share.
Converged Networking/Infrastructure
Finally really coming of age. I have built custom solutions, in fact I'm operating on one now, but now the vendors are really supporting this at the physical, logical, and application layers.
I always frowned at having to keep two parallel networks operating: one for the LAN (ethernet), and one for the SAN (Fibre Channel). I had started to move to one network, with seperate subnets and vlans. Which was finally supported by FCoE (fiber channel over ethernet), if you didn't want to just use NAS.
Two offerings that I have researched recently now flatten or converge the network even further: Cisco Unified Fabric, and HP FlexFabric. And now with 10GE LAN speeds... yeah, major ROI savings and network reliability.
Any way, I enjoyed some high level business analytical reading and thought I would share. Enjoy the white papers linked above.
Converged Networking/Infrastructure
Finally really coming of age. I have built custom solutions, in fact I'm operating on one now, but now the vendors are really supporting this at the physical, logical, and application layers.
I always frowned at having to keep two parallel networks operating: one for the LAN (ethernet), and one for the SAN (Fibre Channel). I had started to move to one network, with seperate subnets and vlans. Which was finally supported by FCoE (fiber channel over ethernet), if you didn't want to just use NAS.
Two offerings that I have researched recently now flatten or converge the network even further: Cisco Unified Fabric, and HP FlexFabric. And now with 10GE LAN speeds... yeah, major ROI savings and network reliability.
Any way, I enjoyed some high level business analytical reading and thought I would share. Enjoy the white papers linked above.
Tuesday, June 7, 2011
Phishing Emails - Don't Take the Bait!
The DefenseTech.org blog has a great post about the phishing emails from China that were used to penetrate the U.S. State Department.
There is a good lesson here. If you follow the link to the post "you’ll see a screen grab showing what’s apparently the text of one of the phony phishing emails sent to senior U.S. government officials’ Gmail, Hotmail and Yahoo mail accounts by hackers in China." They were very well done! Very legitimate looking! It would be hard to blame the user in a small corporate environment for getting fooled.
("What Those Chinese Phishing Emails Look Like" defensetech.org)
Here is the moral of the story:
- Do Not open attachments from unknown or unverified sources!
If you are not sure who it is from, or if it is legitimate:
- forward the message (don't reply) to the supposed sender after removing any attachments, and ask them if they really sent it.
- or pick of that old tech, the phone, and call the supposed sender and ask them.
Don't take the bait!
More:
Cyber-Attacks on Gmail, Defense Industries Linked to China: Investigators
There is a good lesson here. If you follow the link to the post "you’ll see a screen grab showing what’s apparently the text of one of the phony phishing emails sent to senior U.S. government officials’ Gmail, Hotmail and Yahoo mail accounts by hackers in China." They were very well done! Very legitimate looking! It would be hard to blame the user in a small corporate environment for getting fooled.
("What Those Chinese Phishing Emails Look Like" defensetech.org)
Here is the moral of the story:
- Do Not open attachments from unknown or unverified sources!
If you are not sure who it is from, or if it is legitimate:
- forward the message (don't reply) to the supposed sender after removing any attachments, and ask them if they really sent it.
- or pick of that old tech, the phone, and call the supposed sender and ask them.
Don't take the bait!
More:
Cyber-Attacks on Gmail, Defense Industries Linked to China: Investigators
Tuesday, May 31, 2011
PBS Web Servers Hacked
PBS Web Servers Hacked - fake news story and user login information published!
I share these security breach stories to inform and teach. My hope is that business leaders will give more thought, priority, and budget to security measures. The threat is real, and "black hats are honing in on lower-tier business targets—organizations with less savvy, maturity and investment in countermeasures." (Verizon Report: Hackers Target Small Businesses)
More Security Stories:
Think you safe on Mac? "And Mac users, for all their pretensions otherwise, are as fallible as the next person." Everything you need to know about Mac scareware
7 questions about the Mac malware scare
Lockheed Martin acknowledges 'significant' cyberattack
I share these security breach stories to inform and teach. My hope is that business leaders will give more thought, priority, and budget to security measures. The threat is real, and "black hats are honing in on lower-tier business targets—organizations with less savvy, maturity and investment in countermeasures." (Verizon Report: Hackers Target Small Businesses)
Late Sunday night, hackers gained access to several areas of PBS Web servers and were able publish a fake news story on a PBS news blog. The hackers also published PBS internal user login information that they were able to siphon from PBS databases.
PBS Sites Hacked: Attackers Publish False News Story and Login Data
More Security Stories:
Think you safe on Mac? "And Mac users, for all their pretensions otherwise, are as fallible as the next person." Everything you need to know about Mac scareware
7 questions about the Mac malware scare
Lockheed Martin acknowledges 'significant' cyberattack
Friday, May 13, 2011
Blogger Down!
Sorry folks. Blogger has been down for a little while, and recent blogspot blog posts had to be removed. They are supposed to be restored soon.
"What a frustrating day. We’re very sorry that you’ve been unable to publish to Blogger for the past 20.5 hours... We rolled back to a version of Blogger as of Wednesday May 11th, so your posts since then were temporarily removed. Those are the posts that we’re in the progress of restoring."
Blogger Buzz
"What a frustrating day. We’re very sorry that you’ve been unable to publish to Blogger for the past 20.5 hours... We rolled back to a version of Blogger as of Wednesday May 11th, so your posts since then were temporarily removed. Those are the posts that we’re in the progress of restoring."
Blogger Buzz
Thursday, May 12, 2011
Change Your Facebook Password! Facebook Leaks Personal Information!
Change your facebook password today!
... Facebook applications have been inadvertently handing advertisers access tokens -- strings of numbers and letters that can be used by a browser to access Facebook accounts over the Web. "Access tokens are like the 'spare keys' granted by you to the Facebook applications," Symantec said in a blog post. "Each token or 'spare key' is associated with a select set of permissions, like reading your wall, accessing your friend's profile, posting to your wall, etc." ...Symantec says Facebook applications leaked information
One of these access tokens will keep working until the Facebook user changes his password, so Symantec said that concerned users should change their Facebook passwords, like "changing the lock" on their Facebook account.
Thursday, May 5, 2011
Teachers failing cybersecurity - Parents Responsibility
According to a Microsoft-sponsored survey by the National Cyber Security Alliance (NCSA) teachers are failing to adequately train students on online safety and security. ("Teachers get failing grade in cybersecurity education" 04 May 2011)
Well, that may be so, but concerning matters of childhood education, I always throw the ball back in the parents court. Schools, tutors, and teachers are tools to educate our children, but it is our responsibility as parents. We are solely responsible.
Ok, so back to the tech! Parents, among your other plans for teaching, leading, and nurturing your children, teach them safe cyber habits!
A good place to start might be with the NSA Home Network Security Guide, the Bin Laden Cyberscam Alert, and the Sony Playstation Network Hack I posted about recently. Also, just like stranger danger in your neighborhood and public places, we need to be discussing online dangers with our kids. That's assuming, of course, that we understand them ourselves. We do, don't we?
Well, that may be so, but concerning matters of childhood education, I always throw the ball back in the parents court. Schools, tutors, and teachers are tools to educate our children, but it is our responsibility as parents. We are solely responsible.
Ok, so back to the tech! Parents, among your other plans for teaching, leading, and nurturing your children, teach them safe cyber habits!
A good place to start might be with the NSA Home Network Security Guide, the Bin Laden Cyberscam Alert, and the Sony Playstation Network Hack I posted about recently. Also, just like stranger danger in your neighborhood and public places, we need to be discussing online dangers with our kids. That's assuming, of course, that we understand them ourselves. We do, don't we?
Wednesday, May 4, 2011
NSA Home Network Security Guide
The National Security Agency has released a Home Network Security Guide available at the link below.
Best Practices for Keeping Your Home Network Secure
Here is an overview from InfoSec Island: NSA Issues Guide for Keeping Home Networks Secure
Best Practices for Keeping Your Home Network Secure
Here is an overview from InfoSec Island: NSA Issues Guide for Keeping Home Networks Secure
Monday, May 2, 2011
Beware: Bin Laden Cyber Scams (Updated!)
Sorry I'm getting this out late to my circle of friends, but be cautious of social media (facebook, twitter), emails, and blogs concerning the Usama Bin Laden death.
Be cautious of videos and attachments!
"The world's most wanted criminal was found and killed Sunday. By late that evening, crooks had unleashed a wave of new spam emails, poisoned search results, and specially crafted websites -- all designed to mislead people seeking news."
Read more: Usama bin Laden Death Leads to Rash of Cyberscams
Don't under estimate criminal hackers! They see these events as a way to make money. For instance, a hacker made these comments "on a black hat search engine optimization forum, who encourages the creation of Osama bin Laden is dead fan pages on social networks. 'This is one of those rare opportunities that can build you a great list and a couple of zeros in your profit,' the blog quotes the hacker. 'Use it while the news of bin Laden killed by U.S. forces is hot. I just started one and it had 600 likes in two minutes.'"
Al-Qaida Not Seen as a Cyberthreat (emphasis mine)
"... with any large news event like this, we expect a flurry of e-mails, and likely black hat search engine operations trying to take advantage of the event to distribute malware."
Bin Laden Death Related Malware
Be cautious of videos and attachments!
"The world's most wanted criminal was found and killed Sunday. By late that evening, crooks had unleashed a wave of new spam emails, poisoned search results, and specially crafted websites -- all designed to mislead people seeking news."
Read more: Usama bin Laden Death Leads to Rash of Cyberscams
Don't under estimate criminal hackers! They see these events as a way to make money. For instance, a hacker made these comments "on a black hat search engine optimization forum, who encourages the creation of Osama bin Laden is dead fan pages on social networks. 'This is one of those rare opportunities that can build you a great list and a couple of zeros in your profit,' the blog quotes the hacker. 'Use it while the news of bin Laden killed by U.S. forces is hot. I just started one and it had 600 likes in two minutes.'"
Al-Qaida Not Seen as a Cyberthreat (emphasis mine)
"... with any large news event like this, we expect a flurry of e-mails, and likely black hat search engine operations trying to take advantage of the event to distribute malware."
Bin Laden Death Related Malware
Saturday, April 30, 2011
Ubuntu Linux - Coming Strong!
The New Linux-based Ubuntu operating system, 11.04 ‘Natty Narwhal’ has been released!
I've been using Ubuntu Linux in server environments and as a desktop OS for years. It is rock solid stable and easy to use, and of course, built on the Linux foundation.
This really is a great solution for Small and Medium businesses looking to increase IT productivity while reducing IT cost. It's easy to learn. I converted my wife's laptop to Ubuntu and she didn't even miss a beat!
I'm really excited for and fully support Canonical's Ubuntu Linux.
Ubuntu Natty released, Unity for desktops and netbooks
Ubuntu's marketing kick: Is Canonical the next Apple?
Music, Cloud services, apps and user interfaces take Linux to the next level
I've been using Ubuntu Linux in server environments and as a desktop OS for years. It is rock solid stable and easy to use, and of course, built on the Linux foundation.
This really is a great solution for Small and Medium businesses looking to increase IT productivity while reducing IT cost. It's easy to learn. I converted my wife's laptop to Ubuntu and she didn't even miss a beat!
I'm really excited for and fully support Canonical's Ubuntu Linux.
Ubuntu Natty released, Unity for desktops and netbooks
Ubuntu's marketing kick: Is Canonical the next Apple?
Music, Cloud services, apps and user interfaces take Linux to the next level
Wednesday, April 27, 2011
Sony Playstation Network Hacked - Danger to Children?
The personal information of more than 70 million users of the PlayStation 3 could have had their personal details stolen by a hacker!
If you or your children have accounts in the Playstation Network, be forewarned!
Use basic common sense. Do not follow links in emails that ask for personal information. Be cautious of phone solicitations, banking and credit card activity.
Sony: PlayStation Network personal user data stolen
Credit card data for PlayStation Network and Qriocity users may have been compromised, Sony says
Trouble for Sony after PlayStation security lapse
If you or your children have accounts in the Playstation Network, be forewarned!
Use basic common sense. Do not follow links in emails that ask for personal information. Be cautious of phone solicitations, banking and credit card activity.
"We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network," Sony said in a blog post Tuesday.
Sony now advises users to "remain vigilant" and be on the lookout for e-mail, telephone and postal scams. Hackers will sometimes use personal data they have stolen to target users with phishing attacks or try to trick them into handing over further data.
"Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information," the company said. "If you are asked for this information, you can be confident Sony is not the entity asking."
Sony: PlayStation Network personal user data stolen
Credit card data for PlayStation Network and Qriocity users may have been compromised, Sony says
Trouble for Sony after PlayStation security lapse
Thursday, April 21, 2011
Massive Amazon Server Outage
(Update 5, just before noon here: "8:54 AM PDT We'd like to provide additional color on what were working on right now (please note that we always know more and understand issues better after we fully recover and dive deep into the post mortem). A networking event early this morning triggered a large amount of re-mirroring of EBS volumes in US-EAST-1. This re-mirroring created a shortage of capacity in one of the US-EAST-1 Availability Zones, which impacted new EBS volume creation as well as the pace with which we could re-mirror and recover affected EBS volumes. Additionally, one of our internal control planes for EBS has become inundated such that it's difficult to create new EBS volumes and EBS backed instances. We are working as quickly as possible to add capacity to that one Availability Zone to speed up the re-mirroring, and working to restore the control plane issue. We're starting to see progress on these efforts, but are not there yet. We will continue to provide updates when we have them.")Updated: Amazon says it's getting a handle on EC2 outage
Status Details: Amazon Web Services » Service Health Dashboard
More:
Amazon Server Outage Blanks Popular Websites
Thursday, April 14, 2011
The Service Desk: Common CSI Starting Point
The Service Desk (a.k.a. the Help Desk)
I've been thinking a lot lately on the role of the IT Service Desk in business processes. In many of the processes I've been analyzing lately, the Service Desk is a critical function of a healthy IT Service and Business process. In other words, a great place to start a Continuous Service Improvement process to improve efficiency and effectiveness, and increase value to the business.
One recent example I've encountered were two independently operating and geographically distant business units that were constantly updating and duplicating efforts to keep track of employee responsibilities and contact information for their roles. A centralized IT Service Desk for the corporation that would be the single point of contact for both business units for user (ie. employee) contact management (Request Fulfillment and Access Management) would reduce efforts and increase efficiency.
It doesn't have to be big. One IT person can be the Service Desk function. What is important is to actually have a well defined and operating Service Desk function within well defined and operating Incident Management, Request Fulfillment, and Access Management processes. The Service Desk function doesn't need to make the changes in each independent system, but acts as the conduit and coordinator between different functions to achieve the users (customers) objectives.
This could be a substantial quick win for a small to medium business (SMB)!
I've been thinking a lot lately on the role of the IT Service Desk in business processes. In many of the processes I've been analyzing lately, the Service Desk is a critical function of a healthy IT Service and Business process. In other words, a great place to start a Continuous Service Improvement process to improve efficiency and effectiveness, and increase value to the business.
One recent example I've encountered were two independently operating and geographically distant business units that were constantly updating and duplicating efforts to keep track of employee responsibilities and contact information for their roles. A centralized IT Service Desk for the corporation that would be the single point of contact for both business units for user (ie. employee) contact management (Request Fulfillment and Access Management) would reduce efforts and increase efficiency.
It doesn't have to be big. One IT person can be the Service Desk function. What is important is to actually have a well defined and operating Service Desk function within well defined and operating Incident Management, Request Fulfillment, and Access Management processes. The Service Desk function doesn't need to make the changes in each independent system, but acts as the conduit and coordinator between different functions to achieve the users (customers) objectives.
This could be a substantial quick win for a small to medium business (SMB)!
Wednesday, April 13, 2011
ITIL V3 Foundations Certified!
I completed my IT Infrastructure Library (ITIL) foundations certification today!
ITIL is a framework, a set of concepts, processes, activities, and good practices, for managing IT Services (ITSM) through the Service Lifecycle.
ITIL is not about providing technology, but about organizing and managing people, technology, processes, and functions to provide valuable services to the customer or business.
Learn more: ITIL is the most widely accepted approach to IT service management in the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally.
Cybermick IT Services
ITIL is a framework, a set of concepts, processes, activities, and good practices, for managing IT Services (ITSM) through the Service Lifecycle.
ITIL is not about providing technology, but about organizing and managing people, technology, processes, and functions to provide valuable services to the customer or business.
Learn more: ITIL is the most widely accepted approach to IT service management in the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally.
Thursday, April 7, 2011
Iron Dome worked in live situation
I remember learning about Fuzzy Logic as applied to the patriot missile system in programming class (way too many years ago!). Loved the programming and logic of Fuzzy Logic. Any way, this is a major success of technology today, certainly if it can save lives.
Iron Dome successfully intercepts Gaza rocket for first time
Missile defense system makes world history by intercepting a short-range Grad rocket fired at Ashkelon; IDF launches strike on targets in Gaza following attack on school bus earlier in the day.
Iron Dome successfully intercepts Gaza rocket for first time
Missile defense system makes world history by intercepting a short-range Grad rocket fired at Ashkelon; IDF launches strike on targets in Gaza following attack on school bus earlier in the day.
Ah, Back in the blogo-sphere!
Hello everyone.
I've been out of the blogging business proper for a while working on some other projects. But I'm back.
The blog is a great way to keep customers, friends, and colleagues apprised of my doings, and I've missed writing both my faith and technology blogs.
What you'll see on this blog:
- Anything interesting to me relating to technology
- Current technology projects
- Future technology projects
- Dreaming about technology projects
- etc. . .
No specific commitment for posting frequency, but I anticipate at least 2 new posts a month. I will facebook and twitter when I make a new post.
Hope it's useful for you.
Safe CyberSurfing!
Mick
I've been out of the blogging business proper for a while working on some other projects. But I'm back.
The blog is a great way to keep customers, friends, and colleagues apprised of my doings, and I've missed writing both my faith and technology blogs.
What you'll see on this blog:
- Anything interesting to me relating to technology
- Current technology projects
- Future technology projects
- Dreaming about technology projects
- etc. . .
No specific commitment for posting frequency, but I anticipate at least 2 new posts a month. I will facebook and twitter when I make a new post.
Hope it's useful for you.
Safe CyberSurfing!
Mick
Cybermick Web and IT Services!
Cybermick Web and IT Services! Providing Cyber Solutions since 1998!
Information Technology Consulting.
Est. 1998
Mick Dobra
Peoria, IL
309-231-4542
Specializing in Ubuntu Linux open source solutions, making high end IT solutions affordable for small businesses!
Network Administrator
Currently Serving as the Network Administrator for Vonachen Services Inc., Peoria, Illinois
Responsibilities:
Administer all aspects of corporate IT, from designing, planning, testing, and implementing IT systems to integrate with business processes and objectives to PC support and training.
www.VonachenServices.com
Systems Administrator
Served as a Systems Administrator for MTCO Communications, Metamora, Illinois
Responsibilities:
Lead a team responsible for 24/7 up-time of all internet services for over 20,000 customers.
www.mtco.com
U.S. Navy
Served as an Optical Systems Technician (Opticalman, now Electronics Tech) in the U.S. Navy.
Repaired, maintained, and supported optical electronic equipment.
Navy.mil
Chaplain
Ordained Chaplain. A member of Chaplain Fellowship Ministries since 2006 for the purpose of family ministry.
www.ChaplainMick.com
Servant Leader
Member of Richwoods Christian Church, a Small Group leader and coach, and served on the Greater Peoria Area Fellowship of Christian Athletes leadership board (among others).
www.Richwoods.org
www.PeoriaFCA.org
www.PeoriaKungFu.com
Specialties and Certifications
Information Technology Consulting.
Est. 1998
Mick Dobra
Peoria, IL
309-231-4542
- Systems Design, Installation, and Support Services
- Network Infrastructure and Secure VPNs (virtual private networks). . .
- Redundant Backups and Disaster Recovery Plans. . .
- Security Systems, Policies, and Firewalls. . .
- And more. . .
Specializing in Ubuntu Linux open source solutions, making high end IT solutions affordable for small businesses!
Network Administrator
Currently Serving as the Network Administrator for Vonachen Services Inc., Peoria, Illinois
Responsibilities:
Administer all aspects of corporate IT, from designing, planning, testing, and implementing IT systems to integrate with business processes and objectives to PC support and training.
www.VonachenServices.com
Systems Administrator
Served as a Systems Administrator for MTCO Communications, Metamora, Illinois
Responsibilities:
Lead a team responsible for 24/7 up-time of all internet services for over 20,000 customers.
www.mtco.com
U.S. Navy
Served as an Optical Systems Technician (Opticalman, now Electronics Tech) in the U.S. Navy.
Repaired, maintained, and supported optical electronic equipment.
Navy.mil
Chaplain
Ordained Chaplain. A member of Chaplain Fellowship Ministries since 2006 for the purpose of family ministry.
www.ChaplainMick.com
Servant Leader
Member of Richwoods Christian Church, a Small Group leader and coach, and served on the Greater Peoria Area Fellowship of Christian Athletes leadership board (among others).
www.Richwoods.org
www.PeoriaFCA.org
www.PeoriaKungFu.com
Specialties and Certifications
- 2011: ITIL V3 Foundations Certified!
- 2011: Completed ITIL V3 Foundations Course
- 2004: Microsoft Certified Professional, Windows 2000 Server and Professional
Microsoft Windows 2000 Networking
Microsoft Windows 2000
Subscribe to:
Comments (Atom)