18702 North Creek Pkwy. #208Loading
Volume 3, Issue 9 - September, 2008 - © 2009 by Moose Logic, All Rights Reserved
Cover Story: New Product Releases from Citrix
Product Spotlight: Freedom9 Internet Content Recorder
"Malvertising" - Get Use To It
This Month in TV History
Moose Logic Coming Events
(Moose Views is a monthly newsletter prepared by Moose Logic to bring you information and tips on maintaining a trouble-free network)
New Product Releases from Citrix
Since our last issue, there have been some exciting announcements from Fort Lauderdale. Here’s the quick overview on a few of them:XenApp v5.0 is now available for order. As you know (if you’ve been reading Moose Views), Citrix changed the name of its Presentation Server product line to “XenApp” last February.
The big news about XenApp v5.0 is, of course, its compatibility with Windows Server 2008. There are also some enhancements to the Application Isolation Environment functionality, which is included with the Enterprise and Platinum editions, that enable applications to be packaged separately while still allowing them to communicate with one another. There is also support for pure IPv6 networks.
While XenApp v5.0 can be installed on either Windows Server 2008 or 2003, there are some new features that are available only on Server 2008. One of these is “Preferential Load Balancing” (Platinum Edition only), which allows some user sessions and/or applications to be granted higher priority, and therefore receive more CPU resources.
Resource Manager, which is part of the Enterprise and Platinum editions, has been enhanced with some technology from the EdgeSight product. Server 2003 users can continue to use the older version of Resource Manager, or can choose to deploy the new, EdgeSight-powered version. Server 2008 users must use the new version.
We’ll have to get used to some more terminology changes, too. All of the Citrix clients are now referred to as “plug-ins.”
Web Interface has been given a completely new look and feel, with a sleek new login page, and “bread crumb” navigation aids. It also has a special low-graphics version for mobile devices—accessed by appending “/m” or “/mobile” to the end of the URL.
And, speaking of EdgeSight, there is a new 5.0 version of it as well—available as a standalone product or as part of XenApp Platinum Edition. The primary difference is how the reports are organized, making it much easier to figure out what report to run to get to the data you’re looking for.
XenServer v5.0 has also been released. The big news here is the addition of “High Availability” - meaning that if one of your XenServer hosts should fail, you can have your guest VMs automatically restarted on another XenServer. This, of course, assumes that your VM files are residing on some kind of shared storage (e.g., a SAN) that is accessible by both XenServers.
We’ll have more new product info for you next month, so stay tuned...
Dorm Room Survival Guide
If you have a child who is heading off as a freshman, he or she should be prepared for the new experience of living in a residence hall. Living in tight quarters with strangers can be challenging. Here are some tips that can help keep everyday nuisances from negatively affecting their day-to-day living.Keeping It Clean
Sharing a room can result in a less than tidy experience. No one wants to share a room with a slob, as this can affect your health, social interactions, and study habits. While study time is the most critical use of time, don't neglect your living space. Cleaning products can be purchased rather inexpensively and a little goes a long way. Many dorms provide cleaning supplies for their residents, so take advantage if you are offered the use of vacuum cleaners or brooms. Set aside an hour or two every week to straighten up your dorm room and to do some deeper cleaning. If your roommate is not doing his or her part, be candid and explain why it is important to you to have a minimum level of cleanliness. Offer to alternate cleaning chores or to spend time together cleaning each week.
Protecting Your Personal Space
Make an agreement from the beginning with your roommate to respect each other's personal belongings. You should have an explicit understanding of what is to be shared and what is for personal use only. This agreement should cover food, personal grooming items, electronic devices, reading and study material, sports equipment, and clothing. It is up to you, however, to store things that you are keeping for your own use in their proper places. Have a lock box in your room for personal items such as extra cash, your Social Security card, and other documents. Keep this lock box in a discrete place so that it will not be casually noticed by visitors.
Keeping Your Privacy
One of the biggest challenges of living in tight quarters is the lack of privacy. You need to find ways to be by yourself, not only for some quality study time, but also to allow yourself to reflect and recharge your social batteries. There will be times that you need to have private conversations as well, whether in person or on the phone. Never having any alone time can adversely affect your mental well-being and your grades. Find places on campus that will give you some quiet--in the library, study rooms, or a seldom used part of the dining hall. If you live relatively close to home, plan on a couple of days every month or so to head back home for some needed separation from dorm living. You may also find it beneficial to shift your schedule, so you are getting up earlier when fewer people are awake. However you manage it, remember that some private quiet time is essential to your success and happiness at college.
“Malvertising” - Get Used To It
Last month, we talked a bit about Internet security. This month, we’re going to get more specific about some
of the newest, and scariest, threats and give you some resources on the Web that we strongly recommend you read
and/or view.
There is a very informative video available on YouTube by Mikko Hyppönen, the Chief Research Officer of F-Secure. Frankly, I’m not crazy about his product, but he is a smart guy, and I would encourage everyone to take 10 minutes and watch the video. The URL is: http://www.youtube.com/watch?v=zyJ4KM_bv84.(Or just go to YouTube and search for “Fsecure.”)
He talks about how viruses are evolving. He says, and I quote, “Today, the virus writers aren’t writing viruses for fun, they aren’t writing viruses to get to the cover of the magazine, they write viruses to make money. And that changes everything.”
He stresses the point that we made last month: that where a year or two ago, most viruses were delivered as email attachments, that’s becoming rare—simply because most of us have multiple layers of virus filtering applied to our inbound email, so that attack vector isn’t working well for the bad guys anymore. Instead, the most common approach is to send an email that tries to get the recipient to visit a Web page that will download an exploit—often a keylogger that’s out to harvest your credit card numbers and financial information, or an exploit that will make your PC part of someone’s botnet.
In one notorious case that led to convictions and jail terms for the perpetrators, a keylogger was used to harvest credit card information when the victims visited on-line shopping sites. Then the bad guys would set up a legitimate account at an Internet gambling site that allowed players to bet against one another, and use the stolen credit cards to play and deliberately lose large sums of money to the “front” user—thus “laundering” the money through the gambling site.
Finally, the ill-gotten profits were used for on-line purchases of things like tents, sleeping bags, GPS units, knives, etc., which were then sent by courier to insurgents in Iraq!
This trend away from explicit virus attachments is borne out by our own experience. Our MooseGuardTM virus filtering service blocked 68,000 spam emails just for the mooselogic.com domain in the last 30 days, but only 110 had virus attachments. That’s less than 0.2%.
A typical message had a bold headline that said “Free Update Windows XP, Vista.” It went on to say that I was receiving the email because I subscribed to “MSN Featured Offers,” and included such touches as an “unsubscribe” link, a copyright statement, and Microsoft’s address at the bottom. The “From” address, however, said “Microsoft XP [sid.herron@mooselogic.com]” - which was an immediate red flag to me (I don’t usually send emails to myself, and when I do, I usually remember), but could fool an unsophisticated user.
The actual hyperlink behind the “Free Update…” headline didn’t go to Microsoft, though—it went to imageshack.us, and it was a link to a .SWF file, which was no doubt designed to exploit the flaw that exists in Adobe Flash Players v9.0.115.0 and earlier.
Which brings us to the discussion of our headline topic: malvertising. Late last month, the “Norwegian Honeynet Project” reported that MSN Norway was among the latest victims of malvertising, and was serving up a Flash exploit. It was in the form of a banner ad from bannersrotator.com, and served a malicious ad called tunnel28.swf. If you had a version of the Flash player that had the vulnerability, all you had to do was visit the page that contained the banner ad, and you’d better hope your AV software detected and blocked it.
Think that’s bad? It gets worse if you throw Social Networking (SocNet) sites into the mix. (This is where parents with school-age children should pay particular attention!)
At the BlackHat and Defcon conference last month, Shawn Moyer and Nathan Hamiel presented “Satan is on my Friends List: Attacking Social Networks.” It’s well worth reading their related blog entry at http://tinyurl.com/47nwa5.
In it, they talk about the fact that signing up to be an “App Developer” on a SocNet is “a shockingly trivial process.” To quote them: “On Facebook permission to publish an app means having five friends. On MySpace it means filling out an application form...and providing a few easily-forged bits of personal information.”
Then write your own app, embed it in your page, and infect anyone who views your profile.
In another blog at http://tinyurl.com/6zhfav, you can read about how researchers at the Institute of Computer Science created a proof-of-concept Facebook application that could be used to launch a Denial of Service (DoS) attack. They made no effort to advertise or distribute the application, yet were able to attract more than 1,000 users in the first few days.
The exploit was called “Picture of the Day,” and delivered a different image from National Geographic every day. Hey, they’ve got great pictures! Who wouldn’t want to check that out? But, they “placed special code in the application’s source code, so that every time a user views the photo, HTTP requests are generated toward a victim host. More precisely, the application embeds four hidden frames with inline images hosted at the victim. Each time the user clicks inside the application, the inline images are fetched from the victim...but the user is not aware of that fact (the images are never displayed)” They pointed out that they could just as well have included some JavaScript that continuously requested documents!
What can you do? Well, first make sure you go to http://www.adobe.com/products/flash/about. That will tell you what version of the flash product you’re running, and whether you need to upgrade. Then, as always, make sure your anti-virus software is up to date and your systems have all the critical patches installed.
Finally, be careful where you click! Use common sense. If you use a SocNet site, don’t just accept as “friends” everyone who approaches you if you don’t actually know them personally. Likewise, if you use Linkedin, which can be a very handy business-oriented networking site, don’t automatically accept an offer to link to people you don’t know.
If you are using a fairly recent version of Outlook, and you hover your mouse over a hyperlink in an email message, it will pop up a window that will show you what the URL is of the real hyperlink—which may be quite different from the text you’re seeing!
Likewise, if you use a browser-based email account like hotmail or gmail, your browser will tip you off to what the real hyperlink is if you pay attention.
So before you click that link, make sure it’s going to take you where you think it’s going to take you.
This Month in TV History
September 6, 1955 - Premier of “Wyatt Earp,” the first adult WesternSeptember 7, 1967 - Premier of “The Flying Nun”
September 8, 1966 - Premier of “Star Trek”
September 9, 1956 - Elvis Presley made his first TV appearance on the Ed Sullivan Show
September 10, 1955 - Premier of “Gunsmoke”
September 11, 1967 - Premier of “The Carol Burnett Show”
September 12, 1954 - Premier of “Lassie”
September 13, 1990 - Premier of “Law & Order”
September 14, 1972 - Premier of “The Waltons”
September 16, 1993 - Premier of “Frasier”
September 17, 1966 - Premier of “Mission Impossible”
September 19, 1994 - Premier of “ER”
September 20, 1984 - Premier of “The Cosby Show”
September 21, 1970 - Debut of “Monday Night Football,” with announcers Howard Cosell, Keith Jackson, and Don Merideth (Cleveland Browns won 31—21 over the New York Jets)
September 23, 1962 - Premier of “The Jetsons”
