Monday, October 24, 2011

How to find drivers for Unknown Devices

Usually, when you buy any hardware the drivers come along with it on a disc. If you lose the driver disc you can always download the necessary drivers from the manufacturer's website. But what do you do when you are not sure of the manufacturer of the hardware? This is quite a possible situation and there is an excellent trick to deal with it.


Every device has a Vendor and Device id associated with it. If you can find this ID, you can find the manufacturer. In Windows it's easy to find the vendor and device id.


1.Open Device Manager (Control Panel>System>Hardware>Device Manager)

2.The hardware whose drivers are missing will appear as Unknown device, so it's easier to locate the device.

3.Right click on the unknown device and click on Properties.

4.Under the Properties window click on Details tab and select Device Instance Id from the drop down box.

5.You should see a code similar to this
PCI\VEN_8086&DEV_27DC&SUBSYS_30868086
&REV_01\4&1E46F438&0&40F0

6.The portion of the code highlighted in RED is the Vendor ID and the portion highlighted in GREEN is the Device ID. In this example:

Vendor ID = 8086
Device ID = 27DC

7.Once you have obtained both the IDs, proceed to PCI Database {URL:http://www.pcidatabase.com/}. There you can either search for the vendor from the vendor ID or directly get information about the device along with the vendor name by searching with the device ID.

Great isn't it? Now you will never have to go hunting for correct drivers.

Source : Internet

Tuesday, July 12, 2011

Disaster Recovery Planning

1- Get Started:- It is important to be prepared as you will need to cost justify by presenting some number that identifies the cost of downtime and how much company revenue is at risk if business systems become unavailable for an extended period.

2-Why need a plan- for asset protection, and the rapid recovery and restortaion of business critical systems.

3-Defining the right plan-understanding what keeps the business running and prioritising the recovey of different systems.

4-Spot the mistakes-insufficient time spent identifying,planning or preparing for the design,implementation and exercising the system."Every time a system update or change control process is sinitiated,the business continuity plan should be retested to see if it has been impacted and still functions as designed."

5-Learn from real life-What happens when the UPS doesn't kick in?"Even though you have a backup plan you don't necessarily have a backup!"

6-Understand your business-don't skip the initial business impact analysis: not all servers have equal priority.think Communications, messaging and customer-facing systems.

7-Know the cost of downtime-it will help you sell the need for network and infrastruture improvements to executives.

8-Getting data out of the building- whether you outsource or invest in a secondary datacentre."You have to plan for the worst case scenario,and if you don't you are doing your company a disservice and putting it at risk.

9-Think beyond tape-Many companies are replacing tape backup solutions with disk-to-disk backup solutions because the data is readily available and it greatly reduces the recovery time typically associated with tapes.

10-Consider enhancing business continuity with virtualization-"The biggest excuse for not testing is the usual downtime required of the production systems in order to test the failover and recovery process."Virtual machines allow you to test virtual infrastructure as if it is part of your disaster recovery centre.

Source:- Internet

Thursday, June 16, 2011

MSXML 6.0 Parser failed to install

MSXML6 (msxlm6.msi) install fails giving following error
“the system administrator has set policies to prevent this installation …”

Resolution :

Open regedit.exe from
1.“Start->Run”

2. Find the path via “HKEY_CLASSES_ROOT -> Installer -> Products”

3. Delete all the subkeys if they don’t contain anything (there is no “+” before their folder icons ) under “Products”.

4. Re-run msxml6.msi it works successfully.


Source: Internet

Monday, January 10, 2011

Common Ways of Malicious Code

Introduction


As of 2010, there are nearly three million unique forms of known malicious code, and thousands of new ones are discovered daily. The risk of being infected is greater than ever. The damage caused by an infection can range from a minor annoyance to a catastrophic disaster. The old wisdom continues to ring true: an ounce of prevention is worth a pound of cure.

Most computer users are aware of the importance of security to reduce the threats that could potentially harm a computer or network. For example, anti-virus and anti-spyware are essential defenses in the war against malicious code. However, technology cannot compensate for poor and risky behavior. Thus, proper training and understanding, along with behavior changes, are needed to facilitate a reduction of malicious code infections.

10 Common ways malicious code can reach our private network that we need to be aware of:

1.EMAIL ATTACHMENTS:

Attachments to e-mails are a common method of distribution of malicious code. E-mail is inherently insecure due to its use of SMTP, a plain text-forwarding protocol, and its lack of strong authentication of message senders.The source of an e-mail address can be easily spoofed or falsified as someone that you trust. Often, this alone is enough to trick a recipient into opening an attachment.Generally, avoid using attachments as a means to exchange files. Instead, use a third-party file exchange system (such as DropBox, Box.net, Drop.io, MediaFire, Windows Live SkyDrive, Foldershare, RapidShare, MegaUpload,Dropload, YouSendIt, SendThisFile, etc.). Thus, when an attachment does arrive, it is suspicious for being abnormaland not the standard method by which common communications take place.If you receive an attachment and need to determine if it is legitimate, you still need to verify it before opening it. Create a new e-mail (do not reply to the message with the attachment) to the sender and ask for confirmation that they sent the file. Maybe even ask the filename, size, and hash value if you are really concerned. Or, call the person and ask if they sent you an attachment on purpose. If the sender does not confirm the attachment,DELETE it.

2.PORTABLE MEDIA:

Portable media includes any device that can store information. This includes optical discs (CD, DVD, HD-DVD,Blu-Ray, etc.), tapes, external hard drives, USB drives, and memory cards. Any storage device can support both benign and malicious content. The less you know about or trust the source of a device, the more you should be cautious about accepting the device and connecting it to your system. Any media from outside the organization should be highly scrutinized, especially if obtained from a questionable or unknown source.

A possible defense is to use a dedicated scanning system. Every new-to-you media can be scanned at this standalone system before it is used on any production system. Assuming the stand-alone scanner system is updated regularly, it will greatly reduce the risk of malware distribution via media. Another option would be to limit data exchanges to file sharing services that do not involve portable media.

3.VISITING MALICIOUS WEB SITES:

The Web browser is the primary tool used to interact with the Internet, which is a dangerous place. Thus, many threats breach our organizations’ defenses through this seemingly innocent client software. Popular and wellknown sites are generally not a significant threat; however, any site can be the victim of an attack, which in turn could leave you at risk.

Following hyperlinks sent to you by e-mail or chat could lead to malicious locations. Additionally, some search results might not lead to legitimate locations. Always be cautious about following Web links to domain names you don’t generally recognize.

It is difficult to always be aware of the reputation of a Web site are visiting, but you can reduce the risk by using an updated browser, limiting auto-execute features of mobile code, and running anti-malware scanners.

4.DOWNLOADING FILES FROM WEB SITES:

Even when visiting generally trustworthy Web sites, there may be additional risk if you elect to download content to your local system. Take ever greater caution when choosing to download material from any site. Seek out only those locations that are known to be safe and trustworthy. For example, download.com, managed by CNet,is a safe location to download software, because they test and verify every file available through their service.


5.PARTICIPATION IN P2P FILE SHARING SERVICES:

Concern over downloaded, malicious content grows when that code isobtained through a peer file-sharing system.This is not a condemnation of efficient, distributed transmission solutions, but rather the sources of the files exchanged through them. By not knowing or having control over the source of a file, it is possible that malicious code could be included along with the content being sought.

6.INSTANT MESSAGING CLIENTS:

One increasingly popular communication medium is that of IM or instant messaging. Through chat systems,especially those using installed software clients instead of Web interfaces, the exchange of files is possible. There
have been security breaches that allowed remote hackers to upload and/or download files through holes in IM client software. Even with a patched client, it is possible for a user to accept an offered file from an unknown
source or follow an offered hyperlink to a malicious Web site.

7.NEW DEVICES & PERIPHERALS:

A risk that is often overlooked due to its rarity is malware found on brand new devices, right out of their packaging.Mobile phones, digital photo frames, and even media players have been compromised during manufacturing,resulting in malware that makes its way to a customer’s computer. This has happened with a well-known,commercial, shrink-wrapped, anti-virus product.
Vendors often outsource the actual construction and pre-production of their products to external manufacturers and assemblers. When computer parts are the product being constructed, especially those with storage
capabilities, malware can make its way onto the new device while it is loaded with its software elements if the manufacturer’s system is infected. One way to reduce this threat is to not be an early adopter of a product nor the first to grab an updated version of an existing product. Give the rest of the market a few days or weeks to discover malware and other concerns before adding the new device or peripheral to your repertoire.

8.SOCIAL NETWORKING SITES:

Social networking sites offer up several situations that could allow malware to make its way onto your network.First, there are the social engineering attacks that trick users into accepting fraudulent information that, when acted upon, could compromise an account or the security of a computer. Second, with the proliferation of message posting and exchange services, it is easy to follow hyperlinks to malicious Web sites. Third, some in-site applications, written by malicious entities, attempt to hijack accounts or distribute malicious code.

9.SOCIAL ENGINEERING ATTACKS:

Social engineering is the art of convincing someone to either give up information or perform a task that results in the reduction of security. Large organizations are the most common targets of social engineering attacks;however, mass e-mail-based attacks could show up in anyone’s inbox.

Be aware that attackers are trying to trick you into following hyperlinks, downloading files, performing configuration changes, or typing in esoteric commands. Doing so could lead to the direct infection of your system with
malware.

10.NOT FOLLOWING SECURITY GUIDELINES & POLICIES:

The last and probably most significant cause of how or why malicious code reaches our private network, or even just your personal computer system, is by not following proper security guidelines and policies. Most organizations of moderate size have made the effort to design a secure infrastructure. This includes prescribing user access policies and providing at least some level of security awareness training.

Failing to abide by security guidelines or purposefully violating security policies will lead to compromised security, often the distribution of malicious code. Security policies are written and implemented for a reason –to reduce the likelihood of a security breach. If a worker fails to abide by the company security policy, they put themselves and the entire organization at risk.

Bypassing filters, using storage devices from outside resources, using unauthorized peripherals, blocking software updates, opening e-mail attachments, participating in unethical file exchanges, and using non-approved software clients are all security policy violations and increase the chance of malicious code infesting the organization.

Every organization and every individual has a vested interest in operating with common sense security guidelines.This will assist in reducing the risk of malicious code infection and allow the organization to be productive in accomplishing missions, goals, or sales, without having to spend resources on recovery.

As an IT respresentative task to do:
1.Write security policy.
2.Define the acceptable use policy.
3.Train users on how to perform their jobs within the confines of security.
4.Use automated tools to detect and defend.
5.Monitor the environment for abuse, misuse and compromise.



Source: Internet & Myself.