danielowen.com

First let’s get some assumptions out of the way.

• This is geared toward a relatively well connected organization. What well connected means will greatly depend on the size of the organization but for a relatively small company with maybe a few hundred GB of storage that you want to backup online a business class cable connection will probably meet the bandwidth requirements but DSL or T1 will not. The quality (downtime etc.) is actually much less important than the raw amount of data you can upload.
• I implemented a solution in an environment I previously worked in and it worked well. Watch the caveats I add throughout the document.

At work we have decided to backup some of our Hyper-V servers to disk using the built in Windows 2008 tools and then back that up to tape for rotation. You will find instructions for this process in this article.

Enable VSS on the Hyper-V server

Install Windows Server Backup (WSB) feature

start /w ocsetup "WindowsServe Backup"

Edit the Registry

From command line:

reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\WindowsServerBackup\ApplicationSupport\{66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE}"

This is presented in the same vein as Lenny Zeltser’s How to Suck at Information Security.  If you have not read Lenny’s article it is highly recommended.

What makes a good backup solution?
Part 1 of 4
Critical Elements of a Backup Plan

This came out of a discussion on the NLUG list about making sure that Windows boxes are not infected with malware. This goes beyond that and tries to look at what technologies are out there to protect and monitor your machines. It is somewhat Windows centered but the concepts are the same for any OS (OS X, Linux, *BSD etc). I’ll throw in here my regular comment about OS security. All operating systems have bugs. Some have less than others but any OS must be regularly patched or you will be vulnerable.

This is aimed toward the business market but many of the concepts still hold true for the home user.

For as long as I would say that I truly understood computer security I have believed that security in depth is one of the most important elements of security. Coming from this perspective I often find it interesting how many relatively easy elements are not implemented by practitioners. Some of these are the same practitioners that will go to extraordinary lengths in other areas to secure their systems.

This paper looks at the major spam filtering techniques in current use. In looking at methods both success rates and possible problems with each method are explored. Methods discussed include key word filtering, open relay filtering, open proxy filtering, dial-up filtering, non conforming mailing list filtering, cooperative sharing of spam samples, known spam origin filtering Bayesian filtering, Markovian discrimination, gray listing and challenge response.

This paper reviews the current state of Intrusion Detection Systems (IDS) with a particular emphasis on Network-Based Intrusion Detection systems (NIDS). Many of the topic covered will be applicable for any size business, but issues specific to the Small/Medium Business (SMB) sector are emphasized. The paper covers what an IDS is followed by implementation issues that should be considered when considering an IDS solution.

This paper was originally written in November of 2005. The concepts still hold true today. This article will be a good, no marketing spin, introductory overview of IDS technologies.

A recent study revealed that 73% of mobile users said they are not always aware of security threat best practices. To me this seems like a recipe for disaster. I consider security best practices akin to the rules of safe driving. I don’t think we would accept a society in which 73% of users said they are not aware of driving safety regulations.