Archive for May, 2009

Sophos IE8 add-on prevents IE8 from loading

Are you having trouble launching IE8 from the desktop icon, the application icon or start menu?

Are you only able to launch it in ‘Administrator’ mode.

Are you running Sophos 7.6.8 on Windows Vista?

The problem might be related to the Sohos add-on. It seems that if you disable it, IE8 returns to working order.

Go to Internet Options and the programs tab. Click on ‘Manage add-ons’

imageFigure 1: Internet Options in IE8

Now disable the Sophos Web Content Scanner

image
Figure 2: Add-on management

Restart all instances of the browser you have open.

Things should now be back to normal.

This is likely to have something to do with the other Sophos issues that are currently related to an update in the last week. See Sophos Antivirus on Windows Vista HP x64 not detected by Windows Security Centre.

SpittingCAML



Organisational communication strategy

How does your organisation work? Does it promote informal communication, blogging and wikis? Do you spend your free time doing most of your research/blogging to help you be a better employee for your organisation?

Do you engage in the community, without backing from your team/department?

There’s some interesting research out there on this particular topic, you’d be right in thinking that Google operates as a type 4 organisation (see below) and that some of the less successful IT companies are type 1 and 2. I’m proud to say that mine is somewhere in between 3 and 4 and hopefully becoming more 4, and given some more time a 5.

Types of organisation (… and typical retention of talent and empowerment profile shown in Figure 1)

  1. Formal organisation
    • Communication top down
    • Communication mediums are controlled top down
  2. Forums, wikis and chat
    • Enablement of online knowledge transfer between workers
    • Efforts to take control of the knowledge capital by structuring top down
  3. Blogging tolerated
    • Value of the voice of the workforce appreciated outside the organisation
    • Blogging code of conduct is defined
  4. Internal social interaction space exists but no funding
    • Internal blogging space supported
    • No official funding for user generated content
    • No top down direction on its use
  5. Social capital integrated into organisation strategy
    • Empowerment of employees is written into company strategy
    • The infrastructure is provided and funded top down.

image 
Figure 1: Empowerment of the employee journey. Adapted from Karen Lawrence, published in BCS ITNOW May 2009

Measuring social capital in the workplace

A way of getting buy in from the owner/CEO/shareholders is to present information as metrics. Lots of metrics are out there, but this is a good basis for a good argument for moving to become a type 5 organisation.

Employee Social Capital (ESC) = Employee * Weighting1
Weighting1 = Knowledge Capital * Linkage * Relationship Building * Information Seeking * Information Sharing
Employee Knowledge Capital (EKC) = Employee competencies * Weighting2
Weighting2 = Intellectual property created * Project specific knowledge * Internal knowledge
Team Social Capital (TSC) = ESC * # team members
Employee worth of Social Capital to Team = ESC / TSC

A team with lots of social capital is going to more successful and content. This is only a taster, and I’ll have to buy the book like everyone else to get the big picture.

Read Karen Lawrence’s book: Virtual Shadows: Your Privacy in the Information Society – I haven’t got a copy myself yet!

Further research in other fields can be found on this topic. A particularly interesting one is an investigation into the correlation of workplace social capital and depression.

SpittingCAML



Resolution to Windows Security Centre not recognising Sophos Antivirus

I gave up in the end (see this post and comments) and went for a new install of Sophos AV, just in case one of the updates made it go pear shaped.

If you have a Sophos support account it should be no issue to go to their site and retrieve Version 7.6.x

image

I downloaded and ran the installer, and it seemed fine just overwriting the version already installed.

image

Security Centre is now happy… but for how long? :-)… I’m just off to tell Sophos support :-) who have been most helpful… this is why I don’t use a free AV :-)

SpittingCAML


By SpittingCAML in Random, Security, Windows Vista  .::. Read Comments (7)

Sophos Antivirus on Windows Vista HP x64 not detected by Windows Security Centre

I want my evening back!

Paranoia set in when I turned my PC on about four hours ago… Vista had been happily reporting that my machine was protected (for the last year+)… and it was, because it is loaded with Sophos Antivirus 7.6.8.. and it updated itself when I turned the machine on..

image

So why would Microsoft make me paranoid with this old chestnut:

image

I ran windows defender full scan, then for good measure the Conficker removal tool… then a full virus check… nothing found… hmm I thought, I’ll give the search engines a go.

Sophos appeared to know all about the issue, but it was stored deep in their knowledge base.

Microsoft also had ‘Windows Security Centre does not detect the antivirus application that is installed on a Windows Vista-based computer’ KB article. KB952923

I’m going to try the hotfix, and will report back if I doesn’t work… I’ll be paying close attention to the Sophos knowledge base as it seems to have more steps that Microsoft originally intended.

SpittingCAML


By SpittingCAML in Random, Security, Windows Vista  .::. Read Comments (12)

SharePoint 2010 – 64bit support only

The preliminary system requirements have been released on the SharePoint Team Blog: here

The key points are:

  • SharePoint Server 2010 will be 64-bit only.
  • SharePoint Server 2010 will require 64-bit Windows Server 2008 or 64-bit Windows Server 2008 R2.
  • SharePoint Server 2010 will require 64-bit SQL Server 2008 or 64-bit SQL Server 2005.

So, what can you do today to get into the best shape for SharePoint Server 2010?

  1. Start by ensuring new hardware is 64-bit.  Deploying 64-bit is our current best practice recommendation for SharePoint 2007.
  2. Deploy Service Pack 2 and take a good look at the SharePoint 2010 Upgrade Checker that’s shipped as part of the update.  The Upgrade Checker will scan your SharePoint Server 2007 deployment for many issues that could affect a future upgrade to SharePoint 2010.
  3. Get to know Windows Server 2008 with SharePoint 2007, this post is a great starting point.
  4. Consider your desktop browser strategy if you have large population of Internet Explorer 6 users.
  5. Continue to follow the Best Practices guidance for SharePoint Server 2007.
  6. Keep an eye on this blog for updates and more details in the coming months.

It might be an expensive migration for my organisation as server real estate is getting a little old now, and I’m unsure on whether they’d support 64bit Windows. Something to get an early grasp of!

SpittingCAML



Sophos Antivirus on Windows 7 RC (Build 7100)

As you may be aware, Windows 7 has a number of beta products and applications that you can download to help protect your Windows 7 RC system.

Dwight Silverman: Getting the Windows 7 RC? You’ll need protection

Sophos is our corporate AV supplier, so it was important that I maintain similar protection on my Windows 7 RC laptop system.

Sophos is not listed amongst the Windows 7 antivirus partners, however, I can happily report that Sophos 7.6.7 (designed for Vista) works great for me on my x86 version of Windows 7 RC. It also worked great on a Virtual Machine running the x64 version of Windows 7 Beta. Pictures shown here are from the x86 version of Windows 7 running on a mid spec laptop.

imageFigure 1: Sophos AV 7.6.7 working on Windows 7 RC

windows7_av_002  
Figure 2: Sophos system tray icon

windows7_av_003
Figure 3: Sophos Antivirus is not totally compatible with Windows 7

As you can see in Figure 3, the only snag with running this in Windows 7 is that is doesn’t report its status in the correct format, however, I’m watching the space for a new version of Sophos to be fully functional very soon.

windows7_av_001Figure 4: Action centre – showing Sophos AV is functioning correctly

Figure 4 shows that whilst Windows 7 acknowledges the fact that Sophos does not report status correctly to it, the application itself is fully functioning.

windows7_av_004
Figure 5: Sophos Antivirus start screen

I know some of you reading this will be asking why I don’t simply pick a free alternative, such as Avast! or AVG… I have considered going that way, but Sophos works great, and why fix it if it doesn’t seem to be broken!

I do hope the lab team at Sophos fix that status issue very soon, as it is the only minor flaw.

I cannot give enough superlatives for this new operating system, it is the most stable RC I’ve ever had the pleasure to use, and works a treat on my mid spec laptop (new in 2005).

SpittingCAML

P.S. please let me know if you are successfully using Sophos on Windows 7 RC :-)


By SpittingCAML in Random, Security, Windows 7  .::. Read Comments (4)

Worming tablets required

I think our IT department learnt a very valuable lesson today!

Most of our servers are behind a fortress of firewalls, VPN connections and yet, today, we find ourselves ashamed of what has happened!

The Conficker grade E worm (Worm:Win32/Conficker.E: identified by the MMPC on April 8, 2009) made its way onto our network. It matters not how it got there, but does point the finger at our inadequate antivirus products, or perhaps it was more complacency…. no single machine is directly linked with the outside world, we use linux and unix based firewalls… it couldn’t affect us… could it?

Well it did… the investigation is on… my detective hat is on, and my finger is pointed at a small section of the network that has an un-patched server infrastructure. The reasons for not patching them almost outweigh the hassle it is to deal with today’s attack… for antiquated pieces of software/hardware that we can’t replace/rewrite* simply don’t run on operating systems with a patch! I’m sure there are other organisations out there with similar problems.

Have a read of what it does: here

It is rather nasty, and has the ability to block access to certain websites, certain applications and certain system administration tasks! (am I the only one to think it is rather clever?… not that I applaud the application of this genius in any way!)

As most of what you’ll read on the internet is about solution to it, I thought I’d share one of the most annoying symptoms

  • Account lockout policies being activated.

This one was a huge issue for us! With just under 7000 active directory users in the entire organisation, roughly 2500 were locked out… and this number kept rising all day. As you’d imagine, frustrated users were on the phone to the helpdesk, and some people, because of this issue did not deliver the service that our customers expect.

So fed up of the issue, and not being able to do our normal tasks today (the source control system went down, all our SharePoint boxes were down to be patched/checked), a colleague and I wrote a windows form application in C# that periodically queried our active directory to look for locked out accounts.

ad_accounts_locked Figure 1: Locked out user account tracker

The progress bar in Figure 1 shows the amount of users affected by this worm. A significant number!

The vet has been called, and a dose of software patches are on the way. Look in the research URLs below if you are yourself scrabbling for a solution. Good Luck :-)

SpittingCAML

* We could replace/rewrite them but it would be far too expensive and disruptive to the business!

Research:

Removing autorun might help prevent spread of the worm
F-secure FAQ on conficker
F-secure technical description of conficker
Conficker Worm: Help Protect Windows from Conficker

Individuals with information about the Conficker worm are encouraged to contact their international law enforcement agencies. Additionally, Microsoft has implemented an Antivirus Reward Hotline, +1-425-706-1111, and an Antivirus Reward Mailbox, avreward@microsoft.com, where tips can be shared.



You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.