Contact Information

  • Mickler & Associates
  • Vancouver, WA
  • Voice: 360.601.0818
  • Fax: 360.397.0468

MsOffice Accounting Express 2007

Written on October 30, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Microsoft has released a free, crippled version of its Accounting Professional application called MsOffice Accounting Express 2007. The application functions like QuickBooks for the small business and looks and feels like an Office application but is integrated with other Office products. It also has Payroll functionality through ADP subscription services.

The beta for Accounting ends on October 31, 2006. Personally, I’ve been risk-adverse and haven’t tried it, relying on my QuickBooks 2005 instead. However, MsOffice Accounting looks like a serious contender for my next upgrade. The integration with Office would save me tons of time not having to re-manage my business clients in a separate database.

What’s also very interesting about this version is its integration with eBay and PayPal. This product looks geared for the web-based soloprenuer. PC Magazine rated it four out of five stars while it was in beta.

Free Product Download: http://www.ideawins.com/index.html
Demo on the Product: http://www.ideawins.com/expressdemo/

Microsoft’s official Accounting 2006 site hasn’t updated to 2007 yet, but this looks like something to keep an eye on.

R
www.micklerandassociates.com

A DoS Explainer

Written on October 28, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Bots and botnets are in the news – so I thought I’d take a few minutes to talk about DDoS attacks.

A DoS (Denial of Service) attack is characterized by one computer transmitting a lot of meaningless requests to another computer, typically a server. In attempting to respond to every meaningless request, the server is unable to provide its regular services to its client computers. While the server struggles to keep up with the high volume of meaningless requests, things like web services, email services, or database services are effectively denied from operating.

DoS attacks are nothing new and have been around since the dawn of modern Internet computing. Some of the most famous DoS attacks involved operating system vulnerabilities like TearDrop or Nuke attacks, which sent malformed data and choked-up Windows9x, causing it to freeze up or restart on a user. More frequently, DoS attacks involve starving a target server of network resources to cripple its capability to service its users. To an administrator, the attack may look like a general network failure and some time may be taken to diagnose the downtime as a legitimate attack.

There are a few variations on the DoS theme:

Distributed Denial of Service (DDoS) attacks are when multiple computers – often infected by a form of a virus called a bot – are instructed to launch a DoS attack a single target all at once. Slave computers infected with the virus immediately respond and begin passing garbage network instructions to the target server. Tens of thousands of computers may attack all at once, clogging all of the target company’s available bandwidth and effectively shutting down their Internet connection. There’s a reporting structure to a DDoS attack whereas a Master computer (the general of the attack) instructs a few Handler computers (Lieutenants) to launch the attack, and the Handlers instruct the Daemons (Foot Soldiers) to begin. The virus infecting the machine may be operating in Handler or Daemon capacity; there is generally only one or two Masters.

Reflected Denial of Service (RDoS) attacks are DDoS attacks that bounce forged (spoofed) attacks to a huge number of computers that then reply to the request back to the target victim. Essentially, the malicious attacker spoofs, or, impersonates, the target server and sends a request to thousands of computers, who then reply and flood the target server. In this way, the attacker gets numerous uninfected computers to perform a DDoS simply through the way the Internet works.

Echo Requests are a form of RDoS attacks that send ICMP (ping, or, echo requests) packets to a broadcast address which encourages a large number of responding computers to send ICMP responses to the target victim computer.

DNS Amplification is another, more recent and more popular form of DDoS that increases the packet size of responses. For example, a packet that would usually be only 20 bytes in length can be “amplified” to become 8,500 bytes in length through manipulating network services, in this case, the Domain Name System of the Internet. Using DNS tools, you can ask a DNS server to return “any” content that it has in its database for a particular website. If a hacker can insert a large text record into the authoritative DNS server for the domain (several kilobytes), all of this content could be sent to the victim computer with an ANY command through spoofing. Throw in the fact that several thousand DNS servers could be contacted to perform the attack, the attacker effectively has a botnet (a group of daemons) by which to attack the victim computer. This flood of bogus data overwhelms the target computer. Amplification attacks are hard to overcome. Services like DNS are critical to the ongoing operation of your network and turning it off isn’t practical.

Think it takes a serious programmer or a rocket scientist to pull this off? Think again: there are easily downloaded and free programs that would allow your kids to do it. Here are a few examples:

Trinoo

Stacheldraht

TFN/TFN2K

Think twice, though, if you wanted to download a few of these and play backyard hacker. Wee – it’s fun, but DoS attacks are a federal crime under the National Information Infrastructure Protection Act of 1996. Penalties include but aren’t limited to fines and imprisonment. That would be an anti-climatic ending to your hacker career.

How can you tell if your PC has been conscripted into becoming a zombie-daemon computer? You can’t! At least, not very easily, but do try to install the recent anti-virus package updates on your computer and scan regularly.

Some believe that setting up a firewall remedies this problem of DoS or DDoS attack. Well, yes and no, and mostly no. Modern firewalls can employ something called ingress and egress filtering which authenticates traffic prior to routing it which prohibits multiple daemons from effectively crossing the firewall’s filter to the trusted network. However, the firewall’s presence is all that must be worried about – the sheer volume of traffic being sent across the Internet connection renders the firewall useless. Clogging the line is just as effective as downing a server. Therefore, the presence of a firewall is a moot point: you still haven’t the bandwidth to see the outside world during an attack, and attacks can go on for hours or days.

Instead, administrators would be encouraged to capture the packets being transmitted for posterior analysis. Literally, we can dump the traffic to a file so we can see who is transmitting a DoS and follow-up with our ISP or law enforcement. If the attacker is very stupid and uses their own IP to attack a target, then there’s a chance they could be discovered and prosecuted. Most times, in particular with DDoS, the daemons are just conscripted computers whose users have no idea their PC is engaged in malicious activities… it just seems, to them, the Internet is a bit slower today.

Your company’s ISP can firewall the offending IP addresses before the flood gets to your Internet connection. The ISP may even involve the FBI to investigate the attack. However, ISP’s are often resource challenged and leave much of the preventative measures and corrective action to you.

To overcome DDoS attacks, companies may setup networks within networks (DMZ’s – Demilitarized Zones), or, setup load balancing gateways that filter traffic through various tests and security programs before it’s allowed to touch the actual server. Either way, it’s more investment and administration – and a strategy – that allows a company to overcome these kinds of attacks.

Those who believe that they’re under attack do have some recourse – if they’re able to access the Internet, they can contact the National Infrastructure Protection Center (http://www.nipc.gov) to file a complaint and work through the investigation process. This isn’t entirely ineffective, however, it doesn’t solve the immediate problem of stopping the attack and restoring business services. The broader fix to this is improving Internet security but this isn’t likely to happen any time soon.

R

Russell Mickler works a technology consultant in Battle Ground, WA, USA. With over thirteen years of experience, Mickler holds a CISSP, MCSE, a Masters Degree in Information Technology, and is pursuing his Doctorate at Walden University. His website can be found at www.micklerandassociates.com; he can be contacted at mickler@micklerandassociates.com.

Control Online Privacy (COP) Methods

Written on October 21, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Take Control of Your Online Privacy

Okay, you probably already know this: the Internet is really insecure. The stuff that drives the Internet was originally designed to interconnect teletype machines on military bases and wasn’t designed for security in mind; security, in fact, came later in the form of network filters and encryption solutions. Security, and the protection of your online privacy, was a huge afterthought in the design of Internet Protocol but it should be in the forefront of your mind every time you use it. Every time we use the Internet, even from behind a firewall, we have the potential of voluntarily releasing Personal Private Information (PPI) that could allow an unscrupulous party to compromise our identity.

I developed Control Online Privacy (COP) Methods in the course of teaching information system security courses to undergraduates in the fall of 2002. In the future, our computer systems and networks will be made ever more secure. That would be a more desirable solution that automates the complexity and risk of securing your online privacy. However, until that happens, COP Methods are simple techniques you can use, right now, to protect your privacy while using Internet resources.

COP Methods

1. Protect your real email address. Setup a bogus web-based email account.

Google, MSN, and Yahoo! all allow you to create a free online email account. Setup an email account and use it whenever you are filling out forms, questionnaires, or surveys online. Use this email account on your website or MySpace pages. Use this email when responding to people you do not know or when making online purchases. This practice creates a controlled space where spam and other undesirable correspondence will be directed to for safe review – on the web rather than downloaded to your computer. It keeps your real email address “clean”. Meanwhile, Google, MSN, and Yahoo! free anti-virus, anti-spyware, and anti-junk tools will work against the content of this inbox. Periodically check this email account and delete its contents. If the amount of spam becomes intolerable, delete the bogus email address and startup a new one.

2. Do not voluntarily reveal Personal Private Information (PPI) anywhere in public.

In group discussions, blogs, MySpace, enticing online contests and drawings, or on Instant Messengers, we may be encouraged to post something about ourselves: our real name, age, physical address, email, pictures, even a telephone number. Tools are continuously used to “scrape” this information off of websites, organize it, and resell the information to infomediaries or as public spam lists. If find you must share information, use deliberately fictitious pseudonyms and the bogus email account. Never post your real PPI. When posting pictures, try to post images that obscures or partially reveals your face, or, puts your face into an unnatural angle that couldn’t be used with a driver’s license or other form of picture identification. In short, reveal nothing about yourself in cyberspace to anyone – if at all possible, reveal information about yourself only to people you know in the real world.

3. Setup a special credit card for online purchases.

Isolating online spending to a specific bank account, or, to a specific credit card does several things. One, it protects your true credit card and can isolate your true account from fraud or abuse. Two, it provides an easy mechanism to track and oversee online spending that isn’t blurred with your household or daily expenses conducted on-ground. Three, you can control the amount of money available in a dedicated online account, protecting the extent of your liability and shielding your other assets. And four, thresholds and other banking mechanisms can be placed on this card that restricts its use in the online world.

4. Limit online shopping and use of online services to reputable firms.

Online shopping can sometimes take you to places you’ve never been. The website looks legitimate and the price is too good to pass up – and, often, what is too good to be true really is. When shopping online, limit your activity to specific sites that have a recognizable brand, strong reputation, and an established Privacy Policy. These firms will often have a default presumption of privacy when establishing your account with them, or, an opt-out clause in their privacy practices that can exclude your PPI from being traded to others. Take advantage of this by excluding your PPI from being shared with others.

5. Install and use Internet browsers at their highest version release.

Mainstream browsers today have built-in privacy protection that obscures your name and email address, and monitors the use of cookie information automatically. Cookies are files that contain information about you which re stored on your computer – modern browsers manage this information ubiquitously. Further, modern browsers have built-in anti-phishing and anti-spamming tools, pop-up blockers, and other forms of security that protects your online experience.

6. Do not use any 3rd party toolbar in your Internet browser.

Toolbars from Google, Yahoo!, or MSN provide quick access to search engine technologies, email, and other resources on the web and may seem like a reasonable piece of software to download and install. However, in the EULA (End-User License Agreement), in consideration for this free functionality, you are involuntarily surrendering information about you and your computing habits to these firms. Avoid this entirely by just not installing them.

7. There is no guarantee of privacy whatsoever at your workplace.

It is important to realize that employers have a right – and sometimes an obligation – to completely monitor all aspects of your online experience. Where you go, what you do, who you read, what email you send, is completely transparent to your company. You cannot hope to sneak around this or hide your activities; the tools that allow IT departments to control user activities are extremely invasive and work very well. There is no presumption of privacy on your computer and in how you use network resources; in most US states, there are little if any privacy protections for employees and employers have full jurisdiction over their assets. Therefore, keep private information, correspondence, and files at home. Do not bring them in for storage or use at any time on corporate assets. Never post anything related to your corporate identity online in public spaces.

8. Use modern email applications that use junk filters, anti-spyware, and anti-virus.

Through installing and using modern anti-virus tools, concerns of spam, spyware, and viruses are taken care of through ubiquitous means that protects your inbox from malicious mail and questionable content. Stay up on your updates and subscriptions for these services.

9. Never reply to spammers.

Even if you attempt to click on a hyperlink to remove you from a mailing list, understand that the spammer is still going to be spamming you because there is no ability for the government to enforce a remove feature. Instead, never reply to a spammer for any reason – this just tells the spammer you’re reading and acknowledging them, and they will send you more spam. Instead, rely on junk filters, anti-spyware, and anti-virus tools to filter this content to the greatest extent.

10. Secure your home computers just as you might your business computers.

Time should be taken to secure home resources just as business resources; businesses even have a vested interest to make sure that their employees computers follow similar protection guidelines as corporate assets. I always illustrate this need when I ask a class how many students connect to their office network from home or a laptop using a VPN (Virtual Private Network). Many raise their hand. When a home computer uses a VPN, it immediately becomes a trusted computer on the company’s network, bypassing all firewall and security considerations. Therefore, an infected home computer has immediate access to a clean corporate network, and a back door by which to infect other corporate computer systems. If employees are using home computers to access corporate resources, it’s imperative for the business to consider those home computers at just as much risk as their own assets. Develop proactive policies and procedures that mitigates and manages this risk – sometimes, even denying home PC access to corporate resources isn’t a bad idea. At a minimum, your PC should be running:

1. A personal software firewall.
2. A modern operating system, fully patched.
3. A modern Internet browser.
4. A modern anti-virus program, hopefully also anti-spam.
5. A modern email solution with junk mail filters.

11. Use encryption.

Contents of your hard drive can be encrypted. Right-click on the file, go to Properties, and in the Attributes section, click Advanced. Under Compress and Encrypt Attributes, select Encrypt, and press OK twice to clear the dialogs. The color of the file’s text should now change. The contents of this file are now encrypted so that, if anyone was to gain access to your computer system without your knowledge, this file cannot be read or copied. Even as a computer technician, if I attempted to bypass Windows security and access this file, I would be patently unable to. Do not encrypt everything – just specific files that are of significant importance to you (example: a QuickBooks, Microsoft Money, or Quicken file, a spreadsheet of your financials, or a Word document revealing particularly damaging PPI). Also, consider encrypting email. Email is inherently insecure as it travels as plaintext on the Internet. Several programs do this automatically for us, and modern editions of Microsoft Outlook allows you to use Class 1 Digital Certificates that verify your identity and encrypt the contents of your email. You needn’t use encryption all the time, but use encryption with email when sending PPI. You can also use PGP – Pretty Good Privacy – to encrypt email.

12. Do not download or use peer-to-peer file sharing systems.

Napster, KaZaa, BitTorrent, and other peer-to-peer music sharing systems are not only suspect in sharing copyrighted files, but grant access to your computer system by others. This access can be exploited and materials unintentionally shared grabbed by others. Usually, this software will install spyware and other Trojan viruses that attempt to monitor your computing experience and can expose you to risk. Completely avoid these programs. Instead, use a reputable vendor like Rhapsody or iTunes to secure digital content.

13. Teach your kids.

COP Methods are easy to learn, teach, and practice. Kids have a propensity to trust what they see on the Internet and will violate all of the COP Methods out of ignorance, or, peer pressure. You must do what you can to educate your teen on the dangers not only to themselves, but members of your entire family, if COP Methods are skirted or broken. In my professional experience, teenagers are the number one vulnerability within a household – forget the technology, if there is a teen lurking around, the computer is in more jeopardy from it than from anything else.

COP Methods may seem like practical, common-sense ideas that protects your privacy without having to know a lot about computers, and you’re right. That’s precisely what COP Methods are all about – practical and usually transparent means of protecting PPI without having to understand how complex tools and technologies work. Best Practices for Privacy, if you will. Employ them regularly and you will take a huge step in protecting your private identity from theft, fraud, or abuse.

R

Choice of Linux

Written on October 20, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

From a reader:

Hi,I was just reading your blog and since I am building a new computer from the ground up, I have been toying with the idea of using Linux Fedor Core 5/6 (?). What are your thoughts on Linux and what version if any would you suggest for a person who at time can be very dangerous to his own system?

Thanks,
Fred
Sr. Faculty Coordinator for CS/IT/MIS

My response:

Why, hello Fred! Good to see you around the blog here!

I’d recommend Knoppix (http://www.knoppix.net/). If you want to really geek-out with toys, widgets, accessories, and tools, Knoppix (in my opinion), is the way to go.

If you want a cake-walk sort of installation – Linux, but easy to use and install – I’d recommend Open Suse (http://en.opensuse.org/Welcome_to_openSUSE.org). Note that this isn’t Novell’s commercial version but the freebie open source version.

Red Hat (Fedora Core) is a great o/s but in my experience, I’ve frequently encountered driver installation and compatibility issues with Fedora. This caused me a lot of troubleshooting headaches. That made me switch to SUSE, in fact, which was more of a brainless installation (grin). Then, I found how great it was to use Knoppix for a self-contained, direct boot option from a CD ROM – especially for recovery and just toying around with the o/s – and then I was hooked!

I use Knoppix for disaster recovery purposes, Fred. If I need to mount a hard disk with USB support, so I can connect a USB dynamic disk and then the local hard drive, bypassing Windows security mechanisms to have direct access to the partition, I use Knoppix. Knoppix is a great UI, even has RDC (Remote Desktop Connectivity) so I can still “run” Windows on top of it by accessing a Windows box on the network. I can’t speak more highly about it. Easy to use, run, install, and like I said, a lot of widgets for the techno-enthusiast.

Best of luck -
R

www.micklerandassociates.com

Avoid the Smelly eBay Phishing Scam

Written on October 20, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

The subject today is eBay phishing!

It seems like this thing is going around more and more. I think everyone knows what phishing is: scammers attempt to get someone to click on a hyperlink in an email that brings to them to a private server which attempts to collect PPI (Personal Private Information).

What a better target than eBay where a lot of people have setup accounts and may react quickly to a message telling them their account is about to be disabled. It usually arrives with some official-looking logos and even a quaisi-official email address (accounts@ebay.com). For example, here was the content of a phish addressed to me:

Password change required!

Dear sir, We recently have determined that different computers have logged onto your eBay account, and multiple password failures were present before the logons. We strongly advice CHANGE YOUR PASSWORD. If this is not completed by October 24, 2006, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. Thank you for your cooperation.

A couple of things stand out here. First, look at the grammar, mechanics, spelling, choice of vocabulary, and sentence construction – a dead give away: clever as the thieves are, their lack of experience with the English language is dead apparent.

Second, eBay phishing has been around for a while. Here is a notice from PrivacyRights.org concerning this brand of scamming. Before clicking look up some of the wording, subject header, or key words from the message and search for them on Google, or, at a location like PrivacyRights.org to see if there are known articles.

Third, and for you techies out there, one can always look at the hyperlink they want you to click on and check out it’s IP address. Using an IP Checker, I was able to conclude that the target server they wanted me to talk to was in Quito, Equidor…


I doubt that eBay has a server farm over there. Plus, maybe I can learn more about this scammer by using a reverse WHOSIS lookup utility from DNSstuff.com:

inetnum: 200.105.240/20status: allocatedowner: PUNTONET S.A.ownerid: EC-PUSA-LACNICresponsible: Enrique Quiroz R.address: Amazonas y Pereira, 4545, Of. 401address: 0000 – Quito – PIcountry: ECphone: +593 02 2260760 [125]owner-c: RFCtech-c: RFCinetrev: 200.105.240/20nserver: SERVER.PUNTO.NET.EC nsstat: 20061016 AAnslastaa: 20061016nserver: DNS2.PUNTO.NET.EC nsstat: 20061016 AAnslastaa: 20061016created: 20040716changed: 20040716nic-hdl: RFCperson: Roberto Falconi Cardonae-mail: *******@PUNTO.NET.ECaddress: Amazonas 45 45 y Pereira Of. 401, 4545, address: 0000 – Quito – PIcountry: ECphone: +593 22 2989900 [125]created: 20030221changed: 20060112

Look at that. Roberto Falconi Cardonae. I don’t like Roberto anymore – he’s trying to steal my information, or, hosting phishers who’re trying to steal who I am! Well, I think that’s more likely a false name and phone number, or an unaware ISP provider, but I bet I just might be able to give him a call if I wanted to so that I could express my dissatisfaction – there’s an international phone number right there. Well, I don’t speak Spanish so I might be out of luck there, anyway.

Lastly, use some caution and common sense. Why would eBay want to contact you via email anyway to change your password. That seems a little odd. Quell the emotional response in favor of critically analyzing the message for legitimacy.

Good luck!

R

Russell Mickler works a technology consultant in Battle Ground, WA, USA. With over thirteen years of experience, Mickler holds a CISSP, MCSE, a Masters Degree in Information Technology, and is pursuing his Doctorate at Walden University. His website can be found at www.micklerandassociates.com; he can be contacted at mickler@micklerandassociates.com.

iPods Shipped with RavMonE.exe Virus

Written on October 18, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Today, Apple admitted that, since September 12, approximately 1-percent of their video iPods have been shipped with a virus capable of infecting Windows-based PC’s.

RavMonE.exe is a harmful spyware that also goes by other aliases (WORM_SIWEOLA and worm.win32.r.jump.a) that operates like a trojan. It opens up a computer so that other computers can see that the subject computer is vulnerable to attack on the Internet.

Apple says, “What, you worry? Use your anti-virus package to catch and delete it.” And of course, they were quick to point out that RavMonE.exe only affects Windows-PC’s, not Apple’s OS/X Macintosh platform. Go figure…

Those who’ve installed new iPod’s since September 12 would do well by updating their anti-virus definitions and by running a manual scan to catch the problem.

R
www.micklerandassociates.com

Five Reasons Why Microsoft’s Support Constraints are Good for Small Business

Written on October 13, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

By mid-October 2006, Microsoft had announced the end of support for Windows XP Service Pack 1. Over the last few years, Microsoft has taken steps to abandon support for Windows9x, ME, and NT 3.x. Some may balk at Microsoft’s decisions to constrain support in this way as it prevents Microsoft’s web-based update service from downloading new patches and bug fixes, but this is great news for the small business and here’s why.

1. Regular Patching Discipline. Small businesses are often incapable of independently developing a strong patch regimen for their microcomputers. When overlooked, weak patch management extends vulnerability. Through forcing users to upgrade to Service Pack 2, the small business is forced to adopt more stringent update strategies.

2. Stronger Security with Limited Backwards Compatibility. Finally, after twenty-five years, Microsoft is realizing that they can’t support everything forever; they cannot be everything to everybody. It is too costly to promise full backwards compatibility on all products, and, too risky to support those who still desire to run legacy, antiquated applications. Limiting support is great news for the small business because it will make the Windows platform more secure and less vulnerable to the design weaknesses.

3. Ubiquity. The user experience, the look and feel of a computer’s user interface, should be consistent, repeatable, and intuitive – at least, this is what we teach in programming courses. Maintaining support on older operating systems and applications that used antiquated metaphors for navigation, file access, or application use drives up complexity and down ROI on the desktop investment. Having a consistent, modern, ubiquitous experience is important to the small business so that less time is consumed remembering how an older piece of software worked.

4. Constrained Long-term Support/Product Cost. If Microsoft is able to dedicate more time and resources to supporting modern operating systems this (feasibly) could translate to lower production and licensing costs. This means more capability, more security, and more functionality at capped cost levels for the small business consumer.

5. Lower TCO via Purchasing and Support Standardization. Finally, the small business can standardize its microcomputer assets and lower Total Cost of Ownership by eliminating support variability between operating systems. Instead of having to manually address patching and fixes in Windows 9x/ME/2000, small business can leverage XP’s automation to contain their support dollars.

Arguably, to some, Microsoft’s aggressive moves to limit legacy support may represent the monolithic software giant against flexing its muscle to limit consumer choice, but I’d call that a Red Herring: the cries of anti-competitive behavior are meant to illustrate a larger principle of democratization sweeping computing. A valuable idea in the broader discussion but irrelevant to the small business: the goal is to contain technology expenses not increase expenses through allowing more complexity and variability. Indeed, I applaud Microsoft’s recent actions – the small business benefits substantially when Microsoft takes dramatic steps to limit exposure and risk for their customers.

R

Russell Mickler works a technology consultant in Battle Ground, WA, USA. With over thirteen years of experience, Mickler holds a CISSP, MCSE, a Masters Degree in Information Technology, and is pursuing his Doctorate at Walden University. His website can be found at www.micklerandassociates.com; he can be contacted at mickler@micklerandassociates.com.

Microsoft Releases Vista Update Tool

Written on October 11, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

A couple of Microsoft Vista links:

1. Microsoft Upgrade Advisor

A downloadable upgrade advisor application is available from Microsoft:
http://www.microsoft.com/windowsvista/getready/upgradeadvisor/default.mspx

This tool can be used to analyze the target computer’s readiness for Vista.

2. Vista Minimum Requirements

http://www.microsoft.com/windowsvista/getready/capable.mspx

3. Download Vista

Download Vista and install the Release Candidate to your own computer. WARNING: This is a crippled release and would expire after some point requiring a re-format of your hard drive; not recommended for amateur users.

http://www.microsoft.com/windowsvista/getready/preview.mspx

R
www.micklerandassociates.com

Bring IE7 into a Compatibility State

Written on October 11, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Many end-users may not prefer the new look and feel of the Internet Explorer 7 Browser. Unlabeled icons, small icons, unnecessary icons like the RSS feeds, multiple tabs, and a missing toolbar may truly irritate some users. Here’s how to put IE7 into a reasonable compatibility look and feel to IE6.

1. Open IE7 and press Alt-F. Go to VIEW, TOOLBARS, and select Menu Bar. This will now force IE to display the familiar Toolbar Menu each time that it is opened.

2. From Tools, go to Internet Options.

3. Under the Tabs section, press the Settings button.

4. Uncheck “Enable Tabbed Browsing”. Save these changes by pressing OK. Press OK again on the Internet Options dialog. Now, close IE.

5. Restart IE. The tabs feature has now been removed. Now, anywhere on a gray spot of a tool bar to the upper right hand side of the screen, right-click. A context menu for the Toolbars will appear.

6. Select “Use Large Icons”. Now the Icons become larger.

7. Repeat the same process and select “Customize Command Bar”.

8. Select “Show All Text Labels”. This now labels each of the Icons.

9. Repeat the same process and select “Customize Command Bar”. Select “Add or Remove Commands”.

10. In the right-hand listbox, find Feeds up at the top of the listbox. Select Feeds and press the Remove Button. Hit the Close button to save the change.

Now the system is in a reasonable compatibility mode with the previous version of Explorer. It should look something like this:


It’s not perfect but it does bring the browser back to a little more familiar state.
R

Russell Mickler works a technology consultant in Battle Ground, WA, USA. With over thirteen years of experience, Mickler holds a CISSP, MCSE, a Masters Degree in Information Technology, and is pursuing his Doctorate at Walden University. His website can be found at www.micklerandassociates.com; he can be contacted at mickler@micklerandassociates.com.

Microsoft Announces End of Windows XP SP 1 Support

Written on October 11, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

According to a US-CERT security bulletin on October 10, 2006:

On October 10, 2006, Microsoft will end all public assisted support for Windows XP Service Pack 1 (SP1). After this date, Microsoft will no longer provide any incident support options or security updates for this retired service pack under the policies defined by the Microsoft Support Lifecycle policy. We strongly encourage Windows XP users to upgrade to Windows XP Service Pack 2 (SP2) as soon as possible.

R
www.micklerandassociates.com

Next Page »