http://www.prostructure.com/blog A blog about high-end IT Infrastructure and Security Thu, 18 Dec 2008 22:25:20 +0000 http://backend.userland.com/rss092 en Recently, I got an excellent chance to put my money where my mouth is. In the past, I've warned Windows shops to use unique local Administrator passwords wherever possible.  I've even proven the dangers of using the same local Administrator password during a penetration test in 2007.   Combine this with the ... http://www.prostructure.com/blog/2008/12/18/vbscript-code-to-change-the-local-administrator-password-throughout-an-entire-domain/ I was recently interviewed by Michelle Rafter for Inc. Technology about best practices for Administrative Passwords. Article link:  Psst! Whats the Password? http://www.prostructure.com/blog/2008/09/19/interviewed-for-inc-technology/ ProStructure Consulting is pleased to announce the successful conclusion of its IV&V project for the Washington State Ferries Wireless High-Speed Data Network, and the publication of its full report on the website of the Federal Transit Authority! Earlier this year, ProStructure completed a major IV&V (Independent Verification & Validation) project for ... http://www.prostructure.com/blog/2008/09/19/prostructures-major-report-for-wsdot-and-usdot-has-been-published/ As a quick refresher before I make some recommendations to a customer,  I got to revisit the discussion of hard drives and how they like to fail. Three articles on the StorageMojo blog are brilliant and worth a read or a revisit: NetApp Weighs In On Disks - Val Bercovici of Netapp ... http://www.prostructure.com/blog/2008/07/07/hard-drives-magical-complex-and-faulty/ Microsoft has released a security advisory (954462) warning users that automated SQL injection attacks against ASP and ASP.NET based sites are escalating.  Unlike about 5 years ago, most web developers I talk to today understand what SQL injection is and how to defend against it. The new automated attacks are mostly ... http://www.prostructure.com/blog/2008/06/25/asp-and-aspnet-still-easy-targets-for-sql-injection/ Early this year, I pulled the Windows Server 2008 Feature Components and Active Directory posters out of TechNet Magazine and hung them up over my desk. I then excitedly installed Windows Server 2008 on my test server using my TechNet subscription. I was eager to try out the many enhanced ... http://www.prostructure.com/blog/2008/06/13/adventures-with-windows-server-2008/ Last week, quite a few major vulnerabilities were discovered in some of our customer's favorite products, namely: VMWare (all products, from ESX Server all the way down to VMware Player) Cisco PIX and ASA (versions 7.1, 7.2, 8.0 and 8.1) Mac OS X (Both Server and Client editions, 10.4 and 10.5 are ... http://www.prostructure.com/blog/2008/06/09/heads-up-big-vulnerabilities-in-cisco-pix-vmware-and-mac-osx/ I switched ProStructure over to Zimbra about a month ago.   The good news is that we are absolutely loving it.   The sad part is that this is our 4th open source based workgroup/calendaring solution in 5 years of doing business. The Backstory We started out with Webcal.pl for 2 years, then "upgraded" ... http://www.prostructure.com/blog/2008/05/16/thinking-about-switching-to-zimbra/ Welcome, readers! Here at ProStructure Consulting, we're extremely enthusiastic about technology and the trials and tribulations of its implementation in the field.  We are fortunate enough to get to build, manage and secure some of the most sophisticated IT environments in the Pacific Northwest.  As a result of our position, we ... http://www.prostructure.com/blog/2008/05/14/welcome-to-the-prostructure-blog/