Microsoft® Expression® Web Free Trial

We recommend the trial version of Expression Web, everyone should become comfortable with the product before laying down your $269.00. The trial is a fully functioning version of the product that will expire 60 days from installation.

Expression Web is a professional design tool that helps you create and work with:

• Standards-based Web sites
• Sophisticated CSS-based layouts
• Extensive CSS formatting and management
• Rich data presentation
• Powerful ASP.NET 2.0-based technology

A few learning videos:

This is what the typical Phish looks like as being sampled from the filtering servers. However the urls below are acutally being redirected to: http://manabi-tai.net/postcard.jpg.exe" in the dumps we have sampled. The links here have been removed.

A Greeting Card is waiting for you at our virtual post office! You can pick up your postcard at the following web address:

http://www.all-yours.net/u/view.php?id=a0190313376667

If you can't click on the web address above, you can also
visit E-Greetings at http://www.all-yours.net/
and enter your pickup code, which is: a0190313376667

(Your postcard will be available for 60 days.)

Oh -- and if you'd like to reply with a postcard,
you can do so by visiting this web address:
http://www.all-yours.net/
(Or you can simply click the "reply to this postcard"
button beneath your postcard!)

We hope you enjoy your postcard, and if you do,
please take a moment to send a few yourself!

Regards,
1001 E-Greetings and Postcards
http:///www.all-yours.net/

We observed large scale spam (mass mailing) of 3 different variants of the W32/Tibs downloader.  The message arrives with the subject “Happy New Year” and an attachment “Postcard.exe”. This is a Trojan/Downloader that downloads additional malware onto an infected machine. The downloaded malware harvests e-mail addresses from a victim machine and uploads it to a remote host to further spam. Detection for this was promptly added and definition files released.

This shot was taken off of just one MX Filter server in our network.

This is the weekly shot which will indicate just how many of these are being trapped for saturday.

12.27.2006 Yahoo's article pointing at the gloom & doom of American broadband.   The U.S. needs to spur greater investment in its broadband network, said Kara Swisher, another Wall Street Journal technology columnist. I am questioning a capitalist based news paper, having a columist writing this. 

The quote that really seemed to have rubbed me is this one. "The government has got to get behind this, like it did with the public highways," Swisher said, referring to the federal government's investment in the interstate highway system beginning in the 1950's".  They have the right to publish whatever they wish though the method which has put America on the forefront of the technology which is home grown will take us into the future with out the government getting envolved.

It seems that while they might be correct with America needing some investment, I am not sure the government is the place to get any of this done. Let's really look at the facts.

I hardly think that the need here should not be compared to the Interstate Highway system. The downside to any government controlling their internet is clear. China who totally controls their users experience is nothing I personally would ralley around.  This type of Federal based logic is running wild in America. I am starting to wonder if there is something in the water. The market and capitalizm have got the internet where it is right now just exactly what is the problem? The only thing the government could do is to help or offer some incentive to installing fiber to every home in america as this is seriously expensive. They did not do well with creating the monopoly called cable. I doubt they could do much better with fiber. If they could build it as a neutral network great, but that would be seem to be mission impossible.

Surely anyone can see that the url is first going to google then gets redirected to HongKong. What I find odd is I have seen at least 20 copies of this email in one day yet the provider in HongKong or Google has not taken action.

Our mail servers are already filtering against this URL. http://www.google.com/url?q=%68%74%74%70%3A%2F%2F566441026785887484-ma.%76%68%61%75%65%6F%2E%68%6B/%48S%42C/%73ec%75%72e/l%6Fg%69n/?id=25&account=61b6USrKjUva-0288.  It would seem that google could at least assure they are not being party to phishing scams like this and break the URL as well.

Many people still believe that anti-spam and anti-virus is best handled client side. We have used our share of client tools too. There simply is no reason to question whether or not server side filtering is the right approach. There are many reasons why sever side is better including the sampling base size. The task can be daunting even for a savvy mail administrator.

Spammers have become sharper, there is money at stake. Providers have alot invested with proper firewalls that remove viruses on the fly and check for spoof and prevent the mail server from coming under any number of attacks. Certain mail servers specifically Merak Mail do a great job and have many levels of filtering mail yet still manage to perform at lightning speed. The newest in v 8.9.1 is the addition of realtime baysian indexing. The sampling of mail to index on a server in itself should be enough even for a novice to understand this method is something they simply cannot acheive client side.

While it is true many 3rd party mail servers claim to have all the features for filtering mail. A good example is smartermail. As a mail server it is a fantasic product but their filtering leaves alot to be desired. There are a couple of solutions which can fix the problems of smartermail and though the product by declude claims to fix those weaknesses. The issue I have observed is making the server misbehave. It seriously cuts the number of users the system has the resources to support. The best way for anyone to really filter mail correctly besides the Merak Mail is to use a MX or Gateway server.

Placing MX servers in front of your mail servers and filtering before it even makes it to the mail server. This has become the preferred method for enterprise mail. There is no magic pill with some client side software bit, which will kill all spam. 

The point here is that desktop software really cannot compete when it comes to filtering mail. Understand and appreciate all that your spam goes through to get to your desktop in the first place. It does not hurt to have some desktop anti-spam, anti-virus software. However it simply is never going to compare to all your emails already go through.

Short for "information technology". Synonymous with MIS or CIS, which is "management/computer information systems." Term used to loosely describe computers and the management of information.

IT professionals are often looked down upon as non-social beings who fix computers all day. IT, in reality, is anything related to using technology to store and analyze information.  "The IT department is full of computer geeks." Urban Dictionary Defined:

Yet it has some how become a catch-all for every idiot who has even slightly more knowledge than the person they represent. I remember this group from the late 90's. Most were webmasters then; and it appears they have little more knowledge today.

Even though I wear many hats and have worked internet servers, and a BGP network for over 10 years there is no way I want to be referred to as a IT guy. Nor do I plan to be a webmaster anytime soon. Inspite of the fact I have developed and manage several web sites. So you got a degree in Informantion Technology, yet it appears from my experience after talking to people daily with support issues who have no concept of the basics.

If you don't know just say you don't know. If you do know please don't try to impress someone with your vast experience. You will likely find that ego's are the root of this problem in the first place.
Tip: Don't start your IT guy conversation with something is wrong with your server to the administrator. Likely you will get negitive results. Perhaps something like: I am having a problem with; "Define the Problem". Will certainly produce better results.

Typically client services and administrators only want to know the facts. Likely they do not have much time for your vast knowledge to be revealed really. Nor will they likely be impressed, since they are doing machine administration everyday.

Tip: Don't be a IT guy and put your corporate mail server on a dynamically assigned IP address. Dynamic DNS is a great service but really can have negitive results for a mail server.
Tip: If you are on a windows DC please make sure the DC dns has had some root servers added. Certainly before you tell someone else there is something wrong with their dns.

ReadyBoost is Windows Vista feature that allows the user to plug a USB flash memory device into a USB 2.0 port on the PC and use it as a cache or virtual memory.  The advantage being that it is much faster to cache to the USB drive than caching to your hard disk, speeding up your system and enhancing overall performance.  Acting as a fast store for frequently accessed data, the average random 4K read from a flash device is about ten times faster than accessing the same information from the hard drive.

Select Use this device.  Here you can also set how much space ReadyBoost should reserve for the cache - the most space you reserve, the faster things go. That’s all there is to it!  ReadyBoost is working.  You can conform this by looking at the contents of the drive through Windows Explorer.  If it’s working you’ll see the ReadyBoost file (which as the .sfcache extension).

There are two ways that you can disable ReadyBoost.  First, you can just disconnect the drive from the system.  This won’t cause any system instabilities or data loss because the flash drive is not used as an exclusive data store, only as a high-speed cache, so the only thing you’ll notice if you remove the drive is a drop in  performance.  (The only drawback to this is that the ReadyBoost cache file will remain on the drive and take up storage space until you deleted it manually.)

The best way to disable ReadyBoost is to shut it down properly.

• Fire up Windows Explorer and find the drive
• Right click and select Properties
• Click on the ReadyBoost tab
• Select Do not use this device.
• Click OK.

This deletes the cache file for you, once again freeing up space on your flash drive.

Here is the latest in a long stream of safety warnings that common sense would have suggested never be necessary. Attack of the Show from G4 TV has a nice video for us that I actually thought was pretty darn funny. I think this was actually the same chick who gave me my warm nuts and a coke on my flight back to visit the folks this year.

More Wii Tips here

Sony BMG Music Entertainment's botched attempt to stop unauthorized music copying has cost the company another $4.25 million.

Two days after reaching settlements worth a combined total of $1.5 million with Texas and California, Sony on Thursday agreed to pay another 40 states the money to end investigations into its use of two copy protection programs: First 4 Internet Ltd.'s XCP (extended copy protection), and MediaMax, written by SunnComm International Inc.

In a statement, Sony said it was pleased with Thursday's settlements. More than 12 million Sony BMG CDs shipped with this software last year, according to a statement from the Massachusetts Attorney General.

Sony's trouble began in late 2005, when a computer science researcher disclosed that XCP used dangerous "rootkit" techniques to cloak itself after installation.

Later, investigators found that even users who declined to install the MediaMax program would have software placed on their computers, and one version of the program created a security issue, the Massachusetts statement said.

Sony has reportedly also reached a tentative settlement with the U.S. Federal Trade Commission in the matter, although nothing relating to that investigation was announced Thursday. Sony settled a class-action lawsuit over the software in May.

As with the California and Texas agreements, residents of the 40 states that settled with Sony are entitled to up to $175 in refunds for damages that may have been caused to their computers. The settlements also limit the ways that Sony can use copy protection software in the future and require that the company notify consumers if it uses this kind of software.

President George W. Bush has signed legislation directing the Environmental Protection Agency to study energy use in data centers.

The bill, passed by the Senate on Dec. 8, authorizes the EPA to analyze the growth of energy consumption at data centers. The issue is a growing concern to companies that operate large groups of servers, storage devices and other computer equipment. Many data center operators find that the cost of electricity and  air conditioning that keeps servers cool rivals the cost of the servers themselves.

The EPA study should help to promote more energy-efficient solutions across the high technology industry, said Steve Kester, manager of the government relations division at Advanced Micro Devices Inc. (AMD), a maker of server processors and one of several high technology companies endorsing the bill.

"We're very pleased that the administration sees this as important," Kester said. The EPA study is expected to take about six months and could result in the agency's establishing measurements to judge the energy efficiency of servers, processors and other data center equipment.

AMD hosted a forum Dec. 6 at its headquarters in Sunnyvale, Calif., with the U.S. Department of Energy  and representatives of major technology companies, including Dell Inc., Hewlett-Packard Co., IBM, Sun Microsystems Inc. and Intel Corp. The DOE's Office of Energy Efficiency and Renewable Energy called the gathering a "tech industry working group" to exchange ideas on energy conservation.

Google overtook Yahoo as the second most popular Internet destination for Web surfers worldwide in November, while Microsoft held on to the top spot, industry tracker ComScore reported.

Slightly more than 736 million people around the world traveled the Internet last month, with 475.5 million of them visiting Google websites and 475.2 million going to Yahoo online properties, according to ComScore.

Websites of Redmond, Washington-based software giant Microsoft were visited by 501.7 million people, the rating tally revealed.

Hot video-sharing website YouTube placed 10th in the ComScore Media Metrix rankings but showed the largest surge in visitors, with the number catapulting by more than 2,000 percent to 107.9 million.

Google's results did not include visits to YouTube, which it bought in October.

The popularity of Google websites was up nine percent from the same month a year earlier, while visits to Silicon Valley rival Yahoo grew by five percent and to Microsoft by three percent in the same comparison.

Online auction pioneer eBay was ranked in fourth place, with the number of visitors slipping by one percent from November 2005 to 250.8 million. Time Warner Network site visits also notched down one percent, totaling 222.1 million.

StopBadware.org and the Center for Democracy and Technology (CDT) have teamed up to file a formal complaint with the Federal Trade Commission (FTC) against FastMP3Search.com.ar for distributing badware to unsupecting Internet users.

FastMP3Search.com.ar is a site that offers MP3s for download -- however, it requires users to download a plugin in order to download these songs. Unfortunately, this plugin comes bundled with a ton of adware, Trojan horses, and other forms of badware -- none of which is disclosed to the user. We've written up an in-depth report on the FastMP3Search Plugin that explains all of the bad behaviors that users are subjected to when they download this application. For a summary of those behaviors, check out our blog post. Prof. John Palfrey has also posted his thoughts on the subject on his own blog.

Related links:
StopBadware and CDT's FTC complaint
StopBadware's report on the FastMP3Search Plugin

With Christmas fast approaching, Santa Claus reached out for a little help from Stopbadware.org this week.

The consumer advocacy group said it was approached by an Incline Village, Nevada, man who had legally changed his name to Santa Claus, who asked them to help figure out why his Web site was being flagged by Google's Web site filters.

It turned out that Santa's Web site had been hacked.

On Friday, the Web site was still downloading malicious software, according to Roger Thompson, chief technology officer with Exploit Prevention Labs. It exploits a bug in Internet Explorer that Microsoft  patched last August, meaning that people running older versions of the browser could be at risk, Thompson said via instant message.

"The site is hacked," he said. "If you are not patched, it uses an exploit to silently install a huge amount of adware and spyware."

The original problem was soon resolved by Stopbadware.org, but on Friday malware had again cropped up on the Web site.

I am constantly presented with some issue, how I do block this or that? It seems that not many people know how to experiment so I will take a couple of examples for Merak Mail server as to how to stop the dynamically generated images and sources that seem to make it past some filters.

Ok so you can see we are using "regular expression" in the "body".

If you view the source of the email you will find a string that will put an end to these annoying emails one by one. Since they are the most offensive emails on the web and costing everyone in time and money.

Microsoft Windows Vista is designed to dramatically improve the computing experience of every kind of PC user—from people at home who use their PCs for simple web browsing, to business people. To make sure that everyone has an offering tailored to meet their specific needs, Microsoft will deliver five different editions of Windows Vista. Each edition is focused on the needs of a specific type of person. Large, global organizations with complex IT infrastructures should consider Windows Vista Enterprise Edition.

Version Comparison

The feature that protects against fraudulent Web sites, new in IE 7, in some cases could bog down computers running Windows, according to an article on Microsoft's support site published Tuesday. This could happen when a Web page contains many frames or when a user browses many frames in a short time, the company said.

"When you use Windows Internet Explorer 7 to visit a Web page, the computer may respond very slowly as the Phishing Filter evaluates Web page contents," according to Microsoft. "Internet Explorer 7 evaluates the whole Web page when you browse a frame. Therefore, CPU (central processing unit) usage may be very high."

Sarah Deutsch is steaming. The attorney for Verizon Communications regularly scours the Web from her Arlington (Va.) office and finds hundreds of new sites that use variations of Verizon's name. A mid-December browse uncovers a constellation of Verizon-inspired domains such as verizonpicture.com, vorizonringtone.com, and varizoncellularphone.com.

What angers Deutsch is that none of the sites have anything to do with Verizon. Instead, they're registered by companies like Nassau (Bahamas)-based Wan-Fu China and Pompano Beach (Fla.)-based Moniker.com. They're engaged in a little-known activity called "domain tasting," a legal practice that lets registrars snatch up Internet domains for five days at no cost. Typically, these companies jam the borrowed Web sites full of ads and pull in money as visitors click on the ads. Because they can use the Web sites for no charge, these firms are registering mass quantities of domain names each day, getting under the skin of companies trying to protect their brands online. "Domain tasting is destabilizing the entire domain name system," says Deutsch. "People are purposefully exploiting trademarks and misleading consumers."

The practice has soared in the past two years. In late 2004, roughly 100,000 domain names were tested on any given day, and now, the number has ballooned to 4 million, according to Jay Westerdal, chief executive officer of the domain consultancy firm Name Intelligence. Experts estimate that less than 2% of the sites that are tried out for a few days are ultimately purchased by registrants. It's a bit like being able to get clothes from a store, wear them for five days, and then return them at no charge.

With an ever-expanding menu of domains on offer, tasting will likely continue its exponential growth. There are more than 250 suffixes besides ".com" to choose from, and more companies are getting in the game of domain registration. Today search engine giant Google announced it will work with top registrants GoDaddy.com and eNom to register addresses ending in ".com," ".net," ".biz" and ".info."

It is that time again and these bogus postcards are appearing once again. By now everyone should mouse over any link they think is questionable in your email. Though if anything is questionable just don't do it. Here is a prime example where clicking the link will try to execute an application. Don't find out just don't! No postcard is worth it. The return address is member@PostCard.ORG is not the same site as postcards.org. Both these domains seem legit but then who cares. No postcard or e-card should want you to run a .exe! Seems both should be warning people about the scam.

It began on Mar. 10, 2004, when a computer programmer from Oak Park, Calif., named Michael Anthony Bradley arrived at Google's offices for a prearranged meeting with the company's engineers, according to a criminal indictment filed two years ago in the U.S. District Court in San Jose. Bradley, then 32, proceeded to demonstrate new software, dubbed "Google Clique," designed to generate false clicks on Google ads. Bradley claimed his program could force Google to pay millions of dollars on false clicks and threatened to release it to others unless Google paid him approximately $150,000, according to the indictment.

Law enforcement, tipped off earlier, taped the meeting from the room next door and soon arrested Bradley. It appeared Bradley would become the first person criminally prosecuted for charges related to click fraud, the Achilles heel of the Internet-advertising industry, which costs marketers as much as $1 billion a year.

One would think that a proper way to validate clicks could be created. An option would be return a minimum of a 10% discount to all pay per click customers of all search engines. This case is pointing at google but it is known that pay per click has had its share of fraud with others as well. Why would the search engine care after all it is not hurting them? In fact they get paid either way so it does not matter to their bottom line at all. In fact it might be the reason the fraud exsits in the first place. Many businesses models do not even have a 10% margin, it would certainly not hurt the pay per click model. Full Story

Connection string for web.config. Attaching your uploaded database to a 2005 SQLExpress server without administrator needing to help. Make sure to insert the name of your database in the areas marked in bold.

<connectionStrings>
    <add name="DBNAMEConnStr" connectionString="Data Source=.\SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|DBNAME.mdf"
providerName="System.Data.SqlClient"/>
        </connectionStrings>

I must post this hack which has come to our attention if for no other reason to save some other administrators some time. First I found the exists of a service called network.exe within System32 though as we all know the name is not important. Look for any unknown service running. Search your regkeys and kill the reference that starts this service.

You will know you have the problem when you cannot click on anything within Enterprise Manager like a database or Logins and go to properties. The error will appear related to xpstar.dll at this point. Well you can copy them from another SQL install or simply run SP4 SQL 2000 again. But this only fixes SQL it does not get to the root of the problem.

The cause is a .bat or .cmd which has been inserted to do the dirty work. Search your system for the offending, in this case it was known as a761.bat but again it can be named anything. So remove the registry entry that tells the bat to run when you logon. Or you have not beat anything yet.

So lets look at the .bat file.

net stop mssqlserver
net stop mssqlserver /Y
DEL C:\Program Files\Microsoft SQL Server\MSSQL\Binn\xplog70.dll
DEL C:\Program Files\Microsoft SQL Server\MSSQL\Binn\odsole70.dll
DEL C:\Program Files\Microsoft SQL Server\MSSQL\Binn\xpstar.dll
del c:\PROGRA~1\MICROS~1\MSSQL\Binn\xplog70.dll
del c:\PROGRA~1\MICROS~1\MSSQL\Binn\xpstar.dll
del c:\PROGRA~1\MICROS~1\MSSQL\Binn\odsole70.dll
net start mssqlserver

So after we are done making sure the bad code has been removed then make sure the files are in place, as I said this can be done either copying them or reinstall SP4 for SQL 2000.

I won't go into how we stop the badguy from returning. That is up to each administrator what method you want to take. I offer this only as a way to get you out of trouble and allow you the time to think about how they did it and how to prevent it.

I recieved a request how do I block my child from going to a specific site. They did not want to load any software or block their childs use. They just wanted stop them from spending hours on MySpace. Well I kind of thought sorry for the kind but it is easy. Just a simple edit to the Host File in this path will make the URL call go right back to the source machine. The example below I added *. so that no matter what the URL of myspace.com they call, it will never leave their local machine. Many kid's would not be fooled by this! However most would just be mad at their parents and give up. This gives the path to where the file is located to edit with notepad and save. It will only trash Myspace.com if you have a list add them.

A critical security vulnerability in an ActiveX control used by Internet Explorer could allow malicious hackers to use Adobe's Reader and Acrobat software to launch PC hijack attacks, according to a warning from Adobe Systems.

The San Jose, Calif., company released a security support advisory with pre-patch workarounds and warned that multiple unpatched flaws could cause software crashes and "potentially allow an attacker to take control of the affected system."

Affected software includes Adobe Reader 7.0.0 through 7.0.8 and Adobe Acrobat Standard and Professional 7.0.0 through 7.0.8 on the Windows platform. The bugs are only triggered when using Internet Explorer. Users of other browsers are not affected.

Adobe said it is working on a comprehensive patch that will ship "soon" and stressed than an upcoming upgrade to the widely used Adobe Reader program is vulnerable to this issue.

Break.com, one of the rising number of Web sites offering user-generated videos to rival the likes of YouTube, said on Sunday it would nearly double the amount of money it pays for video clips to $400.

Back in January 2005, Break.com started paying $50 per video and raised the price to $250 before Sunday's new hike, Chief Executive Officer Keith Richman said.

The money is even better for animated videos which, due to the complexity of their production, will fetch up to $2,000.

Web video payouts and increases like those unveiled by Break.com are being closely watched in the fledgling Internet arena where competitors such as Revver, BlipTV or iFilm are trying to improve content to lure viewers and advertisers.

For the most part, user-generated videos are less than 10 minutes long and show real people talking into their own cameras, dancing, singing or doing stunts. Sites like Google Inc.'s YouTube have not paid people who upload clips.

It appears people still have no ability to know when they are being scammed. It those people we are going to focus on. Since you seem to not know who you are please just read this and of course look at the powerpoint presentation.

Though some useful tips are when you go to a ATM take your cell phone with you. If someone is being overly friendly take plenty of pictures. If the bank is open just go inside. What ever the situation never let your PIN be revealed, NEVER is there a need for a third hand NEVER.

If you have taken plenty of pictures of Mr. friendly trying to help. If you go outside empty handed make sure to take pictures of anyone else out in the open. It will be clear who that person is when Mr. friendly and the other person meetup and leave together. If there is a vehicle take the License number too. Though I doubt once you start clicking the person inside these people are going to feel comfortable enough to drive away. Though you still have the edge since they are assuming you are a chump.

 ATM_THEFTS.pps (557.5 KB)

Transcend's 150X SD Cards achieve outstanding data transfer rates, come in a range of capacities and are highly stable and compatible. For high-performance results from your digital devices Transcend's SD Cards are the perfect choice. In the $80.00 range it makes a great gift for anyone on your list.

Features: