Posts

Showing posts from March, 2008

Security Audits

Late 2005 I was working for a consulting company in the Milwaukee area. In an attempt to continue to move from a break-fix environment to a more proactive, managed IT approach, I was asked to develop a security audit methodology, which we would use in conjunction with our "taste-test" approach to new customers. A taste-test was really nothing more than an engineer and a salesman showing a potential client how smart we were, how messed up their environment was, and how we could help them. We decided to use the Security Audit as another layer to enhance what we had to offer. Here is an outline of the methodology I used, which was borrowed in large part from the SANS institute, along with a sample statement of work that was presented to my now employer. Read this doc on Scribd: Security Audit Methodology Security Audits A security audit will use best practice methods to discover, assess, test, and finally, suggest modifications to existing security infrastruc

Symantec Endpoint Protection...is a PIG

I just spent the last few days troubleshooting a Symantec Endpoint Protection migration from Symantec Antivirus Corporate Edition v10.x. What an effort. Much like the last time I upgraded a client from 9 to 10. They conviently forgot to include "May bring your older, underpowered workstations to their KNEES." in the product description. That client had about 25 workstations that were old HP workstations, runnning Windows 2000 on 256kb RAM and 500mHz CPU's. Once they started up, the "Startup Scan" would bring the machine to a crawl, and only perform well when it completed, which for those old things was quite a while. Nice of them to release a registry hack to disable that...then they release a config option in the next patch...NICE. Also forced the client to bump all the workstations RAM to 512. Nice for my billable hours, but not for their non-profit wallet. This time the environment is much different, and I "own" it. That is to say, I'm back to

More Work, Please.

I've been working quite hard at my new job at Integrated Healthcare Business Solutions . Just a small list of what I've been doing in that time: Migrate Windows 2000 Domain to 2k3, which required: New Server and SAN setup. Migrate Aquarius Document Imaging IIS application and SQL databases to new server. Migrate Data to new server. Heavily modify GPO's for new environment. Deploy WSUS for new environment. Set up Terminal Services on old server (complete wipe of 2k and new build of 2k3) This box also does AV (SEPM), Backups (SBE) and supplies us with FlexWiki Lots more I'm sure I've forgotten by now... Deploy 2k DC as backup auth server which also serves as: GFI FaxMaker 12 Fax Server IAS Server (for our ASA 5510) FireFTP Server Deploy a Linux server based on the Debian disto: Hyperic - server, application and network monitoring/metric tool Local Postfix SMTP server (Utility mail for GFI, etc.) Ntop services Intranet web Custom compliance reporting (read:whistleblowe

The Smoke and Mirrors of Server Upgrades

This past semester I had to write a paper for my Technical Reporting class that dealt with communicating technical topics to non-technical persons. This was my attempt. Read this doc on Scribd: Final Guide The Smoke and Mirrors of Server Upgrades Prepared by John Croson Contents Introduction ...........................................................................2 Environment Evaluation .......................................................2 Hardware ...................................................................2 Software ....................................................................3 Server Services ..........................................................3 Operating System and Hardware Selection ..........................4 Server Editions ..........................................................4 Server Licensing .......................................................4 Hardware Considerations ..........................................5 Server Sele