Michael Bay = Neocon???

OK.  I've never given much thought to all of the 9/11 truth movement, but here is direct proof from the 1998 hit Armageddon.  It's all crystal clear now.......

What the hell is the matter with people?  It's perfectly clear to me how a group of 19 terrorists being backed by a reclusive Saudi Kazillionaire who in turn was being protected by a nation-state could hijack 4 airplanes and cause the amount of damage that we all witnessed on 9/11.  KISS.  While we are at it, why don't we just blame the collapse of the WTC on rogue space lizards operating under contract from the evil emperor Zoog.  It seems just as plausible as Bush Jr. managing to pull this massive conspiracy off and successfully pinning it on some simple cave dwelling goat herders. The YouTube video calls us (you know, normal people who can utilize logic) sheep.  That's certainly better than a retarded jack-ass
-PC

Scouts

So, I was scheduled to take a group of cub scouts on their first campout in the Los Padres national forest this Saturday.  We've been talking about this for a month.  The boys had their menus all planned out.  Equipment was purchased.  Then the Santa Anna winds decided to show up.  I've been notified that the entire Los Padres national forest has been closed.  How do you close a forest?  

Offsite TapeBackup

Our local off-site vendor VanguardVaults was purchased by Iron Mountain a couple of months ago.  We've just rolled over our boxes and everything appears to be functioning as it should be.  The IronMountain webapp is definitely more mature than the crap used by Vanguard.

What is wrong with people

So I'm finally able to say that our incredibly weak password policy is demolished and users are now using complex, full length individual passwords and life is good right?  Wrong!  I get a call from a user who has locked her account out because she has entered in her password wrong too many times.  When I unlock the account she's still unable to log in after putting in her correct password.  On a hunch I ask her if there is or are number(s) in her password and if she is entering them on the number pad.  She states in the affirmative and then proceeds to blurt out for me and everyone in her office what her password is. If I could slap someone over the telephone line I would.  I want to start a IT wall of shame and start having users contribute to end of year party beer fund.  Guess what the original problem was.  The "num lock" key was off.  

Question of the day

Trevor has a question that should be asked by everyone at least once in their lives.  While this blog is a technical blog and it will remain that, I am allowed to digress from time to time.  

Symantec Auto Install

We run Symantec's corporate antivirus on our network and the remote install tool never seemed to work very well.  I wanted a better way to make sure any user who is a member of the domain is included.  So....I created a GPO that runs a machine\startup script.  Here is the script if anyone is interested.  The company_sav.txt and testing.txt were some tests that I ran that I wanted to get rid of. Disregard those.


if exist c:\sav.txt goto end

:install
if exist c:\company_sav.txt del c:\company_sav.txt
if exist c:\testing.txt del c:\testing.txt
echo Keep this document if you don't want Symantec to be reinstalled > c:\sav.txt
msiexec /i "\\%servername%\vphome\clt-inst\win32\Symantec AntiVirus.msi" /qn REMOVE=ALL INSTALLSERVER=0 REBOOT=REALLYSUPPRESS
msiexec /i "\\%servername%\vphome\clt-inst\win32\Symantec AntiVirus.msi" /qn INSTALLSERVER=0 REBOOT=REALLYSUPPRESS NETWORKTYPE=1 SERVERNAME=%servername%

:end
exit

Active Directory Project Update

The worst department, claims, has been completed.  It went alot easier than I thought it would.  This leaves a handful of servers that still need to be transferred over and one of our branch offices.  I'm considering deploying a server (dc/file) out to them so our VPN link to them isn't so hammered.

WTH

And now for something completely different.

-PC

Sorry

I've been meaning to apologize for being too busy to write more posts...but I've been too busy (hahahaha).  No, but seriously.  Check out this link about the Storm worm.  We saw some Peacomm instances pop up, but Symantec took care of it without to much difficulty.  As part of general remediation on threats like this, we push out policy via Netsight Policy that forbids FTP, HTTP, DNS and other daemons from running at the edge.  It is a little scary that there are a group of people actively changing the code, wreaking havoc and still getting away with it.  

Has anyone had much experience configuring SNMPv3?  Being the lazy individual that I am, I've always just configured V2 communities and called it good enough.  I'm looking for advice on the design of a V3 infrastructure and some of the pitfalls I might try and avoid.  I want to make sure that what I put in place grows with my company and I'm not forced to redesign because of lack of foresight.