Strategies for Securing SMB Networks

During the migration webinar, the topic of how to clean up the Active Directory and remove non-existent domain controllers is done came up. Here’s what you should do:

Test active directory replication.

• Run repadmin /syncall this will tell you whether the domain controller is able to communicate with all domain controllers in the active directory.
• Run dcdiag /test:DNS this will tell you whether all of the DNS servers are responding and available. It will also test AD integration.

If there’s a problem.

• Run the SBS 2003 Best Practices Analyzer. This will check your server configuration for errors.
• If you need to remove a non-existent domain controller from your active directory follow the steps in this kb article. http://support.microsoft.com/kb/216498
• Run the Essential Business Server Preparation Wizard. It is available as a separate download. It does not do anything to your network, it does about 100 networking checks to determine is everything is working properly. If there are issues, it provides KB article links to assist you in resolving them.
• If you have Journal Wrap errors. Set this registry key System\CurrentControlSet\Services\NtFrs\Parameters\Enable Journal Wrap Automatic Restore=1 and restart the replication service.

To get ready for migration be sure that your computers, users and servers are in the correct OU’s.

• Servers should be in the SBS Servers. Computers should be in SBS Computers. Users should be in SBS Users. You can drag and drop them into place.
• Delete any old users, computers, servers that are no longer on the network.

When you are finished “fixing” things.

• Test active directory replication again.

For the ISA fans out there.

GFI Webmonitor has a public beta available for Webmonitor 2009 SR2.

http://forums.gfi.com/m_900777363/mpage_1/key_/tm.htm#900777363

As promised, the Third Thursday webinars are returning to their regularly scheduled time this month with a new series. This month we begin Migrating from SBS 2003 to SBS 2008. In this series we’ll go through the migration process from pre to post using the Microsoft method.

Amy will kick off the series by presenting SBS 2003 migration preparation. In this session we’ll review the preparation procedures that have made everyone of our migrations as smooth as silk.

Please join me on Wednesday June 17th at Noon eastern time. Presentation will be for 1 hour with 30 minutes for Q&A afterwards. Bring your migration questions!

When: Thursday, Jun 18, 2009 12:00 PM (EDT)
Scheduled to Occur: Once
Duration: 1:30

Amy Babinchak has invited you to attend an online meeting using
Microsoft Office Live Meeting.

https://www.livemeeting.com/cc/mvp/join?id=W5PMDN&role=attend&pw=T9D2%23s%2Bp9

Meeting time: Jun 18, 2009 12:00 PM (EDT) 

Add to my Outlook Calendar:
https://www.livemeeting.com/cc/mvp/meetingICS?id=W5PMDN&role=attend&pw=T9D2%23s%2Bp9&i=i.ics

This Saturday comes another SBS 2008 Build Day. If you’ve yet to attend one this is your opportunity.

https://www.clicktoattend.com/invitation.aspx?code=138261

Just look at this fabulous agenda! See you there.

Eriq and I spent a delightful hour rambling on about technical support, Third Tier, SBS, the future of our small IT firms, Eriq’s SBS Unleashed book and other topics with Karl Palachuk of Great Little Books. It’s always good to chat with Karl.  We had a great time and after the show Eriq gave away a couple of books. The conference call is recorded and it available at Great Little Books.

Hey Vegas! SBS Build-Day is coming to your town on May 9th. Get signed up now!

Event Code: 137823 (http://www.clicktoattend.com/?id=137823)

5/9/2009

9:30 AM - 4:00 PM PDT

New Horizons CLC of Las Vegas

7674 W. Lake Mead Blvd., Suite 250

Las Vegas, NV 89128

United States

General Event Information

The Las Vegas Small Business Users Group is pleased to announce a special event for Microsoft partners – a one-day Small Business Server 2008 build event and technical education opportunity.
Event Cost: In-Person – $25.00 (includes breakfast & lunch) – Cash Only Please
Live Meeting – Please do NOT register using this link, email suzl@microsoft.com to register for Live Meeting only.
This event will showcase a live step-by-step SBS 2008 build, including joining XP Pro and Vista clients to the domain and a review of the other post-installation Getting Started Tasks. Interspersed throughout the build will be discussions of various topics such as:
• Minimum and recommended hardware requirements
• Use of the Answer File
• Network changes from SBS 2003
• The new Management Console
• Other highly useful information
Following the networking luncheon we will discuss:
• Migration tasks, experiences and caveats

• Edge-Security (Amy Babinchak – Microsoft MVP)

• Securing SBS 2008 with AuthAnvil (Dana Epp – Microsoft MVP)
• SBS 2008 Gotchas (Susan Bradley – Microsoft MVP)
• Licensing (Tim Carney – www.basbits.org)

GFI has announced that one of the best products they make is now available for free for small businesses. As a member of the Elite Technology Team at GFI, I’ve been testing this software. It works as advertised.

There just hasn’t been an affordable security scanner for the SMB consultant to use. Not only does this product scan but it also remediates. Yep, when an issue is discovered you have the KB article and patch available right now at the click of a button to fix the issue. This is going to make my job a lot easier.

There are 3 main components to the software:

Vulnerability Scanning: 15,000+ vulnerability assessments are made across multiple platforms (Windows, Mac OS, Linux) including Virtual Machines.

Patch Management and Remediation: Speaks for itself really. If you are missing a patch it offers to download and install it.

Network and Software Auditing: Network and software auditing tells you exactly what’s on the LAN and what software it’s running. There are a lot of customizable reports to help you explain to the client where the problems are and how you would like to remediate them.

Get it Now: http://www.gfi.com/lannetscan/free-network-security-scanner

GFI LANguard, an award-winning vulnerability management solution, is now available in a 5-IP freeware version.

The economic downturn is forcing more and more businesses to cut budgets and reduce spending, and security is often the first area to suffer. With cybercrime on the increase and threats becoming more dangerous and frequent, businesses can ill-afford to ignore security – on the contrary, they need to beef up their defenses!

This is why GFI Software is giving away a 5-IP freeware version of its award-winning product GFI LANguard™: to assist organizations shore up their defenses and secure their networks – and at no cost. Because we care!

Winner of the Best of TechEd award in 2007, highly recommended by the judges at the SC Magazine Europe awards in 2008 and a finalist at this year’s SC Magazine Europe awards, GFI LANguard allows administrators to scan, detect, assess and rectify vulnerabilities on their network and to secure it with minimal administrative effort.

Over 15,000 vulnerability assessments are carried out when the network, including any virtual environment, is scanned by GFI LANguard. When the scan is complete, GFI LANguard’s Patch Management functionality allows administrators to deploy and manage patches and security updates on all machines across the network. Hardware information can be retrieved and baseline comparisons used to check for unauthorized changes.

I wrote a very short 5 reasons why your clients shouldn’t ignore security. It really only takes 1 reason to make it all worth while.

http://www.gfi.com/documents/articles/Reasons_why_SMB_should_not_ignore_security.pdf

In today’s security round table I mentioned that I had recently read an article that said that SMB’s are the new favorite target for hackers. Here’s the article I was referring to. Click the link to read the whole thing.

http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=215901301

By Tim Wilson

DarkReading

March 19, 2009

WASHINGTON, D.C. — Visa Security Summit 2009 — Hacking banks and large businesses? That’s sooo 2008.

Hackers and computer criminals this year are taking a new aim — directly at small and midsize businesses, according to experts who spoke here today at Visa’s annual security event. The consensus: Smaller businesses offer a much more attractive target than larger enterprises that have steeled themselves with years of security spending and compliance efforts.

"As the security becomes better at large companies, the small business begins to look more and more enticing to computer criminals," said Charles Matthews, president of the International Council for Small Business, in a panel presentation here. "It’s the path of least resistance."

Matthews quoted industry research that states small businesses are far less prepared to defend themselves against cyberattack. "Nearly one-fifth of small businesses don’t even use antivirus software," he said. "Sixty percent don’t use any encryption on their wireless links.

Two-thirds of small businesses don’t have a security plan in place.

These numbers are both surprising and disturbing."

And many small businesses still don’t know they are targets, according to Chris Gray, director of innovation policy at the Canadian Chamber of Commerce and another member of the panel. "According to a brief survey we conducted, about two-thirds of small and medium-sized businesses believe that large companies are the main target for cybercrime," he reported. "Yet 85 percent of the fraud we see in business occurs in small and medium-sized businesses."

[...]