In May, the National Security Agency (yes, that one) published a guide in PDF form (818KB PDF file) called "The 60 Minute Network Security Guide - First Steps Towards a Secure Network Environment."

It's good stuff. Sure, it's not a 100% guide to everything you need to know and do, but it covers the bases quite well. Some have balked at the complex password and rotation requirements and made the requisite "that won't work in the real world" noise, but those of us who actually do operate in the real world know it can be done and that 90 days is a bad number (it's too long IMO, and lacks usability - it should be either 84 or 42 days). Sure, a few people will complain (it's human nature and it takes all kinds), but the vast majority are more than happy to do their part. Don't let the vocal few chase you away from what is proven over and over to be right.

There are always good and effective ways to accomplish goal while meeting requirements: For example, the use of passphrases instead of regular passwords makes complex, long passwords a cinch, and all it takes is about 5 minutes of user education to show people how well it can work (use your all-hands meetings and you'll be amazed what you'll get accomplished in a short period).

Read the guide, use it, and you'll be better off. A variety of other security configuration guides from the NSA can be found here. There are more than 80 guides covering server and client operating systems, network infrastructure, database platforms, and more.

(via lifehacker.com)

I've decided after juggling multiple remotes for a bunch of different equipment for far too long that it's time to go on the search for an advanced universal home theater remote that will let me control my projector, surround system, various components like DVD players and XBOXes and whatnot, as well as my room lighting. Programmable one-button setups for multiple devices is what I have in mind. I want to be able to hit a button and have al these systems lines themselves up, set the volume, turn down the lights, etc. In fact, bonus points if it can also control other items in other parts of the house and if I can set up enough macros to where my roomie can have his own preferences for lighting, volume, etc.

In my early searches, I have found a number of very expensive models that I would have to take a new mortgage out for in order to acquire. People actually spend that much money on remotes? Holy cow! We're talking in the thousands of dollars for some of these things. It's ridiculous. There is no way in the world I can spend more than say $800, and even that would really be way too much unless it does everything I am looking for. I'd hope to be able to do some Froogling and find some street prices that get it all under $500. I'm not holding my breath.

Anyhow, what do people recommend? There are a number of home theater geeks at my work and I am sure they'll each have their opinions and experiences, and I hope to get some more ideas before diving into the water myself. Please leave a comment with your thoughts and experiences, or with descriptions of remotes you may have run across in your own research. Thanks!

Scott tagged me and four others on this tell-me-something-new meme, so now it's my turn. In no particular order, here are my five things you (seriously) didn't know about me. Not the easiest thing to do, but as they say, I am bound by honor to post and tag...

1. I took only one computer class in college, and didn't pass it. In fact, it was so boring and elementary I could not stand to be there. Instead I spent the semester figuring out how to get an Appletalk network to communicate with a bunch of IBM 5150s that we had networked with 10-Base-2 coax. The grade killed me, but the alternative experience was worth so much more.
2. I was a foster parent for many years. Fourteen kids, over about eight years. Single parent style, almost all of them special needs kids. All of them were terrific in their own ways. I lived in a foster home for a very short time when I was a teenager, and the people who I lived with I have never thanked. I need to do that. They influenced me in a unique way that no one else ever did, for the good. Their selfless act motivated me to do a lot of things that I hope helped others in some way. My desire (or need, or whatever you chose to call it) to help others in ways similar to the manners in which others have helped me has been the root of both pain and passion for me over the years.
3. My senior year in high school I played Tony in West Side Story. Like as in the lead, sang all the songs and did all the dance and acted all the lines. Orchestra in the pit, chain link fence massive set, the works. Yes, I can still sing the songs. People look at me with a blank stare when they hear this. I was also an all-state tenor that year. These days I limit myself pretty much to singing with my guitar at home and the occasional church hymn from the pews.
4. I've been a halftime highlight on ESPN and a major television network twice, and I was injured both times. Once was when I was photographing a NCAA tournament I was landed on by a player who was fouled (hard) under the basket. The other time I was pummeled by a football player who was out of control coming off the field while being tackled. He tackled me, but good. Oh, and I used to be a photojournalist and did a lot of sports and news photography for about eight years.
5. After working as a photojournalist, I was a police officer for about 7 years. You could say I chased ambulances and then did something close to driving them, I guess. It was a great experience and I have nothing but the utmost respect for the good people who do that job. I was pretty good at the job, but it was not so good for me. So, here I am - a professional computer jock. Or manager thereof, I suppose. Ah, how I long for the days of doing respectable, real work. Heh.

That's it.

Oh, wait... I'm tagging Brent, Matt, Rich, Simon and Alex. Alright guys - You're it!

Just a few goofballs hanging out on New Year's Day. We watched WWE, played the 20Q game, did party poppers, ate nachos, and whatever. And hey, goofball is fun.

I'm in the process of moving my email for the greghughes.net domain to a new mail server, and I've realized - once again - just how complicated spammers have made our lives. Especially from a technical standpoint.

PTR records in DNS and RBL records on services that no one ever heard of and which have no set rules to determine what gets on the list or how to engage them in getting off a list. What a mess. Luckily I am not on any RBL lists (with the exception of one idiotic one that everyone seems to be on, and which I certainly hope no one ever uses). But I have friends and acquaintances who have been in that boat before and it's not fun.

But the biggest pain with moving a mail server has to be DNS propagation and the wrenches people throw into it. Enough time has passed that all locations should be pointing to the new mail server, because the old DNS records have expired. Yet there are a significant number of (large and prominent) email and Internet service providers (including my own) that are apparently caching longer than the record provides. Fun. That means I am checking two mail servers (and that's a bit of a challenge, let me tell you), and that I cannot send email to pretty much anyone until the planets align and the name server records line up.

Even my web site still has a few bots and spiders and other systems munging through it. I wonder if they'll notice when I turn it off?

One other thing I have observed. The spammers also don't respect caching of DNS records, but in the opposite manner. Instead of caching a record for too long, they completely ignore the cache settings to make sure they can flood your new mail server with as much crap as possible, as quickly as possible.

Ah, gotta love it!

MS has released v6 of it's Remote Desktop Connection client.

Remote Desktop Connection (Terminal Services Client 6.0) provides a way to use any new Terminal Services features introduced in Microsoft Windows Vista and Microsoft Windows Server Code Name “Longhorn” from a computer running Microsoft Windows XP with Service Pack 2 or Microsoft Windows Server 2003 with Service Pack 1.

The features in this release are really about Vista and Longhorn server for the most part. But, one feature that works in XP while connecting to Windows Server 2003 (and I was prompted to do this by default after upgrading, by the way) is the option to provide the username and password in the client before logging on, and the option to save that information so you don't have to re-enter it each time (not sure I like that specific idea for security purposes, but it has its place, and there are several security enhancements when connecting to Vista and Longhorn server).

Download it from Microsoft here. Read the KB article here (which includes links to versions for OSes other than 32-bit XP, as well).

(via Omar)