Category Archives: Windows

Linux ClearOS to rival Microsoft’s SBS

Microsoft has dominated the small enterprise market with its out of the box feature rich SBS (Small Business Server). Linux has always trailed behind it and although most of the technology to rival Microsoft has been in place, it has always been a mammoth task to setup a server from scratch  to do that.  ClearOS came to fill in this gap.

“ClearOS is a powerful network and gateway server designed for small organizations and distributed environments.  Though ClearOS comes with an extensive list of features  and integrated services, the solution is easy to configure thanks to the intuitive web-based interface.” (extracted from Clear Foundation website)
 
Take a look at how ClearOS’ features match the MS SBS:

Microsoft SBS

Centralized Authentication (Active Directory)
Mail, calendaring and instant messaging (Exchange)
Webserver (IIS)
Firewall (ISA)
Content management system (Sharepoint)
Antivirus (Forefront)
Database (MS-SQL Premium version only)
Remote Desktop Services
Virtual Private Network (VPN)

ClearOS Linux

Centralized Authentication (LDAP)
Primary Domain Controller (Samba)
File and Print Services (Samba and CUPS)
Mail (SMTP, POP, IMAP, Webmail)
Calendaring (Kolab groupware)
Webserver (Apache)
Firewall plus intrusion protection (iptables, Snort)
Antimalware (Clam Antivirus, Antiphishing, Antispyware)
Antispam (Spamassassin)
Database (MySQL)
Virtual Private Network (IPSec, OpenVPN, PPTP)
Web Proxy (Squid)

The Linux Magazine published an in depth article comparing and explaining this “new” Linux distro. 

Technorati Tags: , , , , , , , , , , , , , ,

Microsoft Security patches June 09

Microsoft has released its latest security bulletins covering 31 security vulnerabilities. In a total of 10 bulletins 5 turned out as critical, the highest security rating by Microsoft.  See details below:

(extracted from http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx)

MS08-018 (Critical): Fixes two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution.  It is rated Critical for all supported editions of Microsoft Windows 2000 Server, and rated Important for supported versions of Windows XP Professional and Windows Server 2003.

MS09-019 (Critical): Patches seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Affects IE 5.01, IE 6, IE 7 and IE 8 running on all supported editions of Windows.

MS09-020 (Important): Fixes one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user.  Affects all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

MS09-021(Critical): Patches seven privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Microsoft Excel file that includes a malformed record object. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system.  It affects Excel 2000, Excel 2002, Excel 2003, Excel 2007, Office 2004 for Mac, and Microsoft Office 2008 for Mac; Open XML File Format Converter for Mac; and all supported versions of Microsoft Office Excel Viewer and Microsoft Office Compatibility Pack.

MS09-022 (Critical): Covers three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request.  It applies to Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

MS09-023 (Moderate): Patches a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results.

This security update is rated Moderate for Windows Search installed on all supported editions of Windows XP and Windows Server 2003.

MS09-024 (Critical): Fixes a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. Affects Word 2000, Word 2002, Word 2003 with the Microsoft Works 6–9 File Converter,  Word 2007 Service Pack 1, Microsoft Works 8.5 and Microsoft Works 9.

MS09-025 (Important): Covers two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege. An attacker who successfully exploited any of these vulnerabilities could execute arbitrary code and take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users. Affects Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

MS09-026 (Important): Patches a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately. The vulnerability could allow an attacker to execute arbitrary code and take complete control of an affected system.  Rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

MS09-027 (Critical): Covers two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Microsoft Word file. Rated Critical for all supported editions of Microsoft Office Word 2000. For all supported editions of Microsoft Office Word 2002, Microsoft Office Word 2003, Microsoft Office Word 2007, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for Mac, and all supported versions of Open XML File Format Converter for Mac, Microsoft Office Compatibility Pack, and Microsoft Office Word Viewers, this security update is rated Important.

Technorati Tags: , , , , , ,

Windows 7 RC available now

The Release Candidate for Windows 7 is now available to the public. Their servers have been struggling to deal with the demand of downloads according to the ZDnet website. There has been a lot of talk about Windows 7 being the OS that will release Microsoft of the embarrassment of Vista, it’s said to look like Vista but less annoying to use. Well, now you can judge by yourself, download it from…

http://www.microsoft.com/windows/windows-7/download.aspx or

http://technet.microsoft.com/en-gb/evalcenter/dd353205.aspx?ITPID=mscomsc

Technorati Tags: , ,

IE 8 is ready

Microsoft plans to release today the “final” version of Internet Explorer 8. It won’t be added to Windows update yet but the curious IE user will be able to download it from the official IE website once it’s been released. Officials have said that there are only a few changes between the (RC) version and this release. 

IE 8 will be included in Windows 7 as a removable option later this year, but before then I am sure several patches will be released. 

Technorati Tags: , , , ,

Firefox 3 Cookie problem

I had a problem with Firefox 3 on Vista not saving session cookies. The problems were:

  • Freezing when opening iGoogle, Gmail, Facebook, bbc.co.uk
  • Reseting iGoogle and bbc.co.uk to their default settings after browser restart

To fix it you need to remove the cookies.sqlite file from the user profile.

  • Close Firefox
  • Open Windows Explorer – on the top left select Organize / Folder and Search Options / View / Show Hidden Files and Folders
  • Navigate to  C:\Users\”USERNAME”\AppData\Roaming\Mozilla\Firefox\Profile\”SESSION FOLDER” (this is a random alphanumeric name)
  • Delete the file cookies.sqlite
  • Start Firefox and it should work fine

Technorati Tags: , ,