Thursday, November 29, 2012

¿Cuáles son las exclusiones de Anti Virus para Windows?

Buenas,
 excelente recopilación aquí

Enterprise Configuration Recommendations:

Windows: 
  • KB822158  Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows
Windows / Active Directory: 
Cluster:
Hyper-V, System Center Virtual Machine Manager (SCVMM):
Virtual PC / Virtual Server:
FRS:
SQL:
IIS:
DHCP:
SCOM / MOM:
Configuration Manager 2007:
Configuration Manager 2012:
Exchange:
SharePoint:
SMS:
ISA:
Windows Update:
WSUS (Windows Server Update Services):
SBS:
 MED-V
System Center:
Data Protection Manager:
App-V
Lync 2010
Dynamics AX
        For versions up to AX 2009 exclude:
  1. All the AOD, AOI, ADD, ADI, KHD & KHI files, or
  2. alternatively, the whole application folder
       See for instance:        http://blogs.msdn.com/b/czdaxsup/archive/2010/05/13/ax-application-files-locked-by-another-process.aspx 
Note: Doing this helps make sure that the files are not locked when the AOS must use them. However, if these files become infected, your antivirus software will not be able to detect the infection.
    
BizTalk Server
See recommendations in BizTalk performance optimization guides:
Mentioned executables used by BizTalk includes EntSSO.exe, MSDTC.exe, BTSNTSvc.exe, BTSNTSvc64.exe, SQLServr.exe, but also others as IIS, Customer WCF services, MSMQ, Rule Engine, SQL Agent, SSIS, SSNS and other applications used in integration scenarios.



Other great compilations








Wednesday, August 29, 2012

NEWS!!! CRITICO - Vulnerabilidad 0-day en Java 7

Vulnerabilidad 0-day en Java 7

Fecha de Publicación: 2012-08-27 11:30:00

Sistemas Afectados
La vulnerabilidad explotada hasta el momento afecta a Java 7 (1.7) Update 0-6. No afecta a la versión 6 de Java ni versiones inferiores. Funciona en todas las versiones de Internet Explorer, Firefox y Opera excepto en Chrome.

Descripción
Se ha descubierto una vulnerabilidad 0-day que afecta a Java 7 (1.7) Update 0-6.

Severidad:
GRAVE

Solución
Por el momento no existe ningún parche oficial. Se recomienda desactivar Java en el navegador hasta que se solucione la vulnerabilidad.
Michael 'mihi' Schierl (schierlm at gmx.de) propone una solución temporal (no oficial) con la que mitigar el exlpoit actual en instalaciones con Java 7. Dicha solución consiste en crear un sub-directorio dentro de lib (dentro del directorio de instalación de Java 7), nombrarlo como endorsed, copiar el parche temporal en dicho directorio y reiniciar el navegador. Para más información sobre esta solución así como para solicitar dicho parche consulte DeependResearch. No obstante se recomienda deshabilitar java hasta que exista un parche oficial.

Detalle
Aunque el número de ataques reportados hasta el momento ha sido relativamente bajo (en FirEye se describe el exploit utilizado en algunos ataques dirigidos), es probable que su número aumente debido a la naturaleza de la vulnerabilidad.
Actualización: según informan en Rapid7, habrá un exploit funcional para Metasploit en un par de horas.

Referencias
Vulnerabilidad 0-day en Java 7.

http://blog.sucuri.net/2012/08/java-zero-day-in-the-wild.html

http://www.informationweek.com/security/attacks/java-zero-day-attack-could-hit-enterpris/240006341
 
Saludos

Friday, August 24, 2012

Guarda con el Sol!!!!!

En las fechas de abajo  se producirá el fenómeno conocido como Interferencia Solar Satelital, que ocurre cuando el satélite de comunicaciones se interpone entre el Sol y la estación terrena.
Este fenómeno produce alteraciones sólo en las comunicaciones vía satélite.La duración máxima de este inconveniente es del orden de los
25 minutos.
El horario de ocurrencia de las degradaciones, que depende de la latitud donde se
encuentra instalada la estación satelital, será
entre las 12:10 y las 15:25 horas en la República
Argentina. Este fenómeno se producirá
entre el 26 de Agosto de 2012 y el 18 de Setiembre de2012
, afectando a distintas localidades en distintas fechas y horarios.
Keep Walking...

Junacito Caminante

Tuesday, July 17, 2012

News!!! NEW Exchange version :Exchange 2013


Increase productivity

  • Give your users an intuitive, touch-enabled inbox experience. Your users can get more done from anywhere with a clean, uncluttered inbox that focuses on the relevant and important information.
  • Allow your users to work better together on teams and projects. Site mailboxes enable your users to collaborate on projects, get up to speed quickly on teams they join, and share information easily. Co-authoring, document storage, and versioning is provided by SharePoint, while messaging is handled by Exchange with a complete user experience, including document access, within Outlook.
  • Customize Exchange by integrating web-based apps for Outlook and Outlook Web App. Help your users spend less time switching between apps and make their communications experience more powerful with an extension model that allows you to provide easy plug-in access to web-based apps within both Outlook and Outlook Web App. With single sign-on to multiple apps, you can reduce complexity for users and give them secure, authorized access for each approved application.

Keep your organization safe

  • Eliminate email threats before they reach your network. Exchange actively protects your communications with built-in defenses against viruses, spam, and phishing attacks.
  • Protect your sensitive data and inform users of internal compliance policies. Prevent users from mistakenly sending sensitive information to unauthorized people. Data Loss Prevention (DLP) features identify, monitor, and protect sensitive data through deep content analysis, and PolicyTips in Outlook inform users about policy violations before sensitive data is sent. Built-in DLP policies are based on regulatory standards such as PII and PCI, plus Exchange can support other policies important to your business.
  • Enable your compliance officers to run In-Place eDiscovery across Exchange, SharePoint, and Lync from a single interface. Ensure internal and regulatory compliance by using the new eDiscovery Center to identify, hold, and analyze your organization's data from Exchange, SharePoint, and Lync. The data always remains in place, so you never have to manage a separate store of data.
Full article: http://www.microsoft.com/exchange/en-us/exchange-preview.aspx

-Dario

Friday, June 1, 2012

¿Cómo es el cableado submarino que nos interconecta mundialmente?

A veces nos preguntamos (o al menos a mi me pasa), como estamos conectados con el resto del mundo, acá les dejo un mapita del cableado submarino con todas las características y los providers:

http://www.submarinecablemap.com/

-Dario

Mirá como el Conficker (Win32/Conficker) sigue haciendo de las suyas!!

Muy completo informe sobre seguridad, y como el Conficker sigue expandiéndose:

Pueden bajarlo desde acá : http://www.microsoft.com/security/sir/default.aspx

-Dario

Wednesday, May 30, 2012

NEWS!! 'Flamer' virus could be most sophisticated malware, warns Kaspersky

Be aware!!
28/05/2012
A new virus referred to as 'Flamer' could be one of the most sophisticated pieces of malware yet, Kaspersky has warned.

According to the internet security giant, the Win32.Flamer "attack toolkit" that is currently targeting Iran and other countries in the Middle East offers much more of at threat than most malware attacks.

This is partially due to the complexity of the program, meaning that it is capable of undertaking a wide number of potentially damaging actions.

Full article :http://www.bcs.org/content/conWebDoc/45237?src=ebcs

-Dario

Sunday, May 27, 2012

Excelentes podscast sobre HyperV v3.0

Buenas,
excelente podcast : Top New Features in Hyper-V 3.0 and Windows Server 2012 - The Experts Conference

http://www.vkernel.com/hyper-v-performance-resources

-Dario
dario.may@gmail.com

Tuesday, February 14, 2012

Released: Update Rollup 1 for Exchange 2010 Service Pack 2

Earlier today the Exchange CXP team released Update Rollup 1 for Exchange Server 2010 SP2 to the Download Center.
This update contains a number of customer-reported and internally found issues since the release of SP2. See KB 2645995: Description of Update Rollup 1 for Exchange Server 2010 Service Pack 2' for more details.
Note: If some of the following KB articles do not work yet, please try again later.
We would like to specifically call out the following fixes which are included in this release:
  • New updates for Dec DST - Exchange 2010 - SP2 RU1 - Display name for OWA.
  • 2616230 Exchange 2010 CAS server treats UTF-7 encoding NAMESPACE string from CHS Exchange 2003 BE server as ASCII, caused IMAP client fails to login.
  • 2599663 RCA crashes when recipient data is stored in bad format.
  • 2492082 Freebusy publish to Public Folders fails with 8207 event.
  • 2666233 Manage hybrid configuration wizard won't accept domains starting with a numeral for FOPE outbound connector FQDN.
  • 2557323 "UseLocalReplicaForFreeBusy" functionality needed in Exchange 2010.
  • 2621266 Exchange 2010 Mailbox Databases not reclaiming space.
  • 2543850 Exchange 2010 GAL based Outlook rule not filtering emails correctly.

Como renombrar una cuenta con powershell

Buenas tardes amig@s,
después de hacer un script para crear cuentas de usuarios, casilla y usuario de lync, me dí cuenta que el nombre de la cuenta estaba mal, debería tener el display name en lugar del samAccountname
Acá el script

$user=import-csv .\saMacc.csv
ForEach ($u in $user)
{
$prop=get-aduser -Identity $u.user -property *|select-object distinguishedName,displayname
foreach ($p in $prop) {

Rename-ADObject -identity $p.distinguishedName -NewName $p.displayname
if($error.count -gt 0){
$error[0].ToString()
Write-host "Rename failed :"   $u.user
$error.clear()
}
else
{
Write-host "Rename success :"   $u.user
}
}

}


Saludos

-Dario