Of course, just as I extol the virtues of cloud computing and talk about how much I've moved into the cloud Amazon suffers an outage. Opps.
Well, yes and no to the opps. A lot of people have been saying that as it was one of five Amazon datacenters that suffered this outage systems and services should have automatically recovered at another site.
Well, that's not true. you have to remember that Amazon operates it's data centers just like virtual copies of a real datacenter.
What I mean by that is that if you have a service you host in your own data center then lose that data center you'll lose the service. It's up to you as the admin/developer/owner of the service to make sure that you have redundancy set up in another location be that another Amazon datacenter or a datacenter under your own control.
As I said in my previous blog posting, cloud computing is not a panacea and you have to be careful how you use it. This outage is a classic case in point of that comment.
Friday, April 22, 2011
Wednesday, April 20, 2011
Renaming local administrator accounts - good or bad?
A lot of the time I hear the following statement 'Renaming the local administrator account makes it secure'.
No, it doesn't. Renaming the local administrator account just leaves you with a renamed local administrator account. It only makes it secure from people who are too dumb to read SID's but overall adds very little in the scheme of security.
In Windows, the local administrator account, no matter what it is named will always have a SID ending -500. Guest is -501
With that information and a couple of tools you can list out the local accounts, find the administrator and attack the account. Of course, if you have physical access to the hard drive and the drive doesn't use any form of encryption there are plenty of password reset tools out there.
No, it doesn't. Renaming the local administrator account just leaves you with a renamed local administrator account. It only makes it secure from people who are too dumb to read SID's but overall adds very little in the scheme of security.
In Windows, the local administrator account, no matter what it is named will always have a SID ending -500. Guest is -501
With that information and a couple of tools you can list out the local accounts, find the administrator and attack the account. Of course, if you have physical access to the hard drive and the drive doesn't use any form of encryption there are plenty of password reset tools out there.
Sunday, April 10, 2011
Moving into the cloud
Without realising it I've found myself moving more things into the cloud. I'm not exactly reliant on the stuff that's in the cloud but I'm certainly using more services out there and it would be an inconvience if I lost those services. I guess you could say that the cloud has been creeping up on me.
It started out just after I got married. The photographer used digital media for the wedding photos and provided them on a DVD. Obviously these needed to be stored somewhere safe and the idea of keeping the DVD in the house where I could lose, throw it away without realising it (would be hard but this is ME I'm talking about) or potentially lose it in an accident/fire/theft not things you want to think about but you must when you are talking about this sort of data.
So, I started looking around for offsite storage. Inititally the thought was to rent a location or something and leave a copy of the DVD there. A bit like a safe deposit box but with easier access then I came across Amazon's S3. This is cloud storage. Absolutely massive cloud storage at that with unlimited space for the user - you pay for what you use and when you look at the amount of data you hold that you really do need backed up it isn't that much.
I have a rule for backup data, I'll only back up data that can't easily be recreated or downloaded. So documents, excel work, password databases, etc, etc and I do this on a monthly or semi-monthly basis with the occasional ad-hoc backup for something specific. So far I'm paying just a few dollars a month for the service and that translates into less than £5 a month. Is your data worth that?
Alongside S3 you've also got Amazon's EC2 (elastic cloud compute) basically virtual servers that you can use. Amazon give you administrator or root access to the machine and lets you get with it. Whilst the server is on you are paying for it. Whilst it's off you pay for the storage. This provides a really nice environment for scenario testing or for externally hosting something a web provider won't allow or like. For example, I'm using an Amazon EC2 service to host a Quake server - just for experimental purposes you understand!
Finally, the last cloud enabled application that I've found that I can't live without is DropBox. For me, this is a killer cloud application.
Dropbox provides an online file storage solution. That's all it does but it does it in such a clever and useful way that it's now invaluable.
All you do is install it and by default you get 2GB for free which you can see via my documents/my dropbox. I've got this installed at home and at work and what it means is that I can drop a document into dropbox and have it available for viewing/editing at home.
This avoids all the complications of having to remember to copy a file to a USB stick and of taking (and possibly losing) the USB stick on the train or in the back of a Taxi. It's out there in the cloud.
The way dropbox works is simply to sync everything in the My Dropbox folder back to the dropbox servers. this means that it'll even work when offline and simply sync the files up when you have an internet connection available again which is an invaluable method and what Microsofts Briefcase and offline files and folders were supposed to have provided.
There have been a lot of questions around security though - i.e. how secure is dropbox and my response to this is simple - it's in the cloud so you need to be careful. Do not put any confidential data on it or if you do encrypt before hand.
Like anything cloud computing is a nice idea and can be used for many things but it's not a panacea and you need to be careful with how you use it.
It started out just after I got married. The photographer used digital media for the wedding photos and provided them on a DVD. Obviously these needed to be stored somewhere safe and the idea of keeping the DVD in the house where I could lose, throw it away without realising it (would be hard but this is ME I'm talking about) or potentially lose it in an accident/fire/theft not things you want to think about but you must when you are talking about this sort of data.
So, I started looking around for offsite storage. Inititally the thought was to rent a location or something and leave a copy of the DVD there. A bit like a safe deposit box but with easier access then I came across Amazon's S3. This is cloud storage. Absolutely massive cloud storage at that with unlimited space for the user - you pay for what you use and when you look at the amount of data you hold that you really do need backed up it isn't that much.
I have a rule for backup data, I'll only back up data that can't easily be recreated or downloaded. So documents, excel work, password databases, etc, etc and I do this on a monthly or semi-monthly basis with the occasional ad-hoc backup for something specific. So far I'm paying just a few dollars a month for the service and that translates into less than £5 a month. Is your data worth that?
Alongside S3 you've also got Amazon's EC2 (elastic cloud compute) basically virtual servers that you can use. Amazon give you administrator or root access to the machine and lets you get with it. Whilst the server is on you are paying for it. Whilst it's off you pay for the storage. This provides a really nice environment for scenario testing or for externally hosting something a web provider won't allow or like. For example, I'm using an Amazon EC2 service to host a Quake server - just for experimental purposes you understand!
Finally, the last cloud enabled application that I've found that I can't live without is DropBox. For me, this is a killer cloud application.
Dropbox provides an online file storage solution. That's all it does but it does it in such a clever and useful way that it's now invaluable.
All you do is install it and by default you get 2GB for free which you can see via my documents/my dropbox. I've got this installed at home and at work and what it means is that I can drop a document into dropbox and have it available for viewing/editing at home.
This avoids all the complications of having to remember to copy a file to a USB stick and of taking (and possibly losing) the USB stick on the train or in the back of a Taxi. It's out there in the cloud.
The way dropbox works is simply to sync everything in the My Dropbox folder back to the dropbox servers. this means that it'll even work when offline and simply sync the files up when you have an internet connection available again which is an invaluable method and what Microsofts Briefcase and offline files and folders were supposed to have provided.
There have been a lot of questions around security though - i.e. how secure is dropbox and my response to this is simple - it's in the cloud so you need to be careful. Do not put any confidential data on it or if you do encrypt before hand.
Like anything cloud computing is a nice idea and can be used for many things but it's not a panacea and you need to be careful with how you use it.
Subscribe to:
Posts (Atom)