News

Wednesday, January 02, 2008

7 Months with Ubuntu

SECURITY UPDATE
A Penton Media Property
January 2, 2008


If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58109-0-0-0-1-2-207


IN FOCUS

--7 Months with Ubuntu
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
About a year ago, Microsoft released Windows Vista, its most ambitious
desktop platform to date. It's a great improvement over Windows XP
primarily because it brings better security to the overall OS.

Makers of Linux platforms are improving their desktop OSs too. One
company making huge leaps forward is Canonical, the company behind
Ubuntu. In April 2007, Canonical released Ubuntu 7.04, code-named Feisty
Fawn. Prior to the release of 7.04, I'd tested Ubuntu and found it
somewhat acceptable for my needs but not exceptionally great mainly
because it didn't recognize some of my particular hardware and I didn't
want to spend much time finding and installing drivers.

In early June 2007, I finally got around to giving Ubuntu another look
(using a bootable Live CD) and was pleasantly surprised. The new OS
recognized all my hardware immediately, including my printers, wired
Ethernet cards, and half a dozen different Wi-Fi cards. I then poked
around the desktop a little bit and discovered that almost all the tools
I need for day-to-day work are either already installed by default or
are available for easy Internet-based installation with a few clicks of
the mouse. It was at that point that Ubuntu really got my attention. I
found myself thinking that I could quickly install Ubuntu along with all
the tools I need and take the OS for an extended long-term test drive.
And that's exactly what I did.

When I began the test drive, the questions I had in mind were, "Can I
use this OS as my everyday desktop?" and "Can it effectively replace my
Windows desktop?" As it turns out, the answers are yes and no,
respectively. After using Ubuntu as my primary desktop for 7 months
straight, every day of the week, I am thoroughly impressed. I've found
that it's a fantastic platform for regular users. However, there are
obvious problems for Windows security administrators.

Administrators need to run all sorts of third-party Windows-based
security tools as well as the security-related tools built into Windows
itself. I solved those problems in two ways, both of which might be
obvious to at least some of you. The first solution is to use Wine (a
Windows emulation environment), which is installed in Ubuntu by default.
Wine let me run numerous third-party Windows tools directly on the
Ubuntu desktop. The second solution is that I installed a free virtual
machine (VM) platform and then installed Windows Vista as a guest VM. So
when I need to use a tool that won't run properly under Wine or a tool
that's built into Windows, I start the Vista VM and use the tool in that
environment; when I'm done, I shut down the VM.

I've found that Ubuntu is reasonably secure, has decent desktop controls
that help prevent unwanted access (similar to Vista's User Access
Control--UAC), and is relatively quickly patched when security problems
appear in various OS components. Installing those patches is easy too--a
bit easier than typical desktop updates on Windows platforms.

So for the past 7 months, I've been enjoying the best of both the Linux
and Windows worlds. My extended test drive of Ubuntu has been extremely
fun and a great learning experience, particularly in terms of
interoperability.

I wouldn't go so far as to say that any Windows administrator can switch
to Ubuntu (or any other Linux desktop platform), but I do think that
it's a great platform for everyday use by nonadministrative users and
for those administrators that simply need a Linux platform to get their
job done in the best possible manner.

If you're interested in Ubuntu check it out at the URL below.
ubuntu.com (http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58110-0-0-0-1-2-207)

=====

Editor's Note: Security UPDATE is now available in HTML format, as an
alternative to text format. To change your preference to HTML, go to
www.windowsitpro.com/email (http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58111-0-0-0-1-2-207.
Note that you'll need to log on or register on our Web site to change
your format preference.

Security UPDATE will also be mailed from a different IP address range
and will have a different From address. Please adjust your email service
provider and spam filter whitelists accordingly to avoid missing an
issue.

The new IP address range from which the newsletters will originate is:
204.92.180.[85-86]

The new From address is:
Security_UPDATE@email.windowsitpro.com
(mailto:Security_UPDATE@email.windowsitpro.com)


----------------------------------------
ADVERTISEMENT
Lucid8

The Essential Guide to E-Discovery & Recovery for Microsoft Exchange

With more than 75 percent of business-critical information residing in
e-mail today, you are more likely to find evidence sitting in someone's
inbox than in their filing cabinet or on a file share. The growing
importance of e-mail has not been lost on the lawyers, courts, or
government regulators. In fact, e-mail is being placed at the center of
legal discovery requests and is increasingly used in a variety of legal
and regulatory proceedings, from e-discovery for civil lawsuits to
providing the grounds for prosecuting criminal cases. Download this
guide to find out how you can be better prepared.

http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58112-0-0-0-1-2-207
----------------------------------------


----------------------------------------
ADVERTISEMENT

----------------------------------------


SECURITY NEWS AND FEATURES

--Microsoft Launches New Security Blog
The Microsoft Security Response Center team launched a new blog aimed at
offering more in-depth information about vulnerabilities and on-going
attacks, as well as how to possibly mitigate these situations.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58113-0-0-0-1-2-207

--Javelina Releases New AD Security Tool
Javelina Software released a new Active Directory (AD) security tool
that helps automate analysis of Access Control Lists (ACLs).
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58114-0-0-0-1-2-207


GIVE AND TAKE

--SECURITY MATTERS BLOG: Hosted Web Mail Is a Huge Risk--Do You Need
Proof?
by Mark Joseph Edwards
I've said for years that outsourcing mail services is a bad idea,
especially for Web mail. Here's a crystal clear example of what can go
wrong when you do outsource mail services.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58115-0-0-0-1-2-207


----------------------------------------
ADVERTISEMENT
WebSense

How Websense Technology Protects Against Internet-Based Threats

Learn from other people's mistakes, not your own! This web seminar
features an interactive discussion which reveals today's common mistakes
and misconceptions about messaging archiving, regulations, and
e-Discovery. You'll learn why these misconceptions came about, how to
avoid the common mistakes, and what to do to meet today's email
archiving and e-Discovery needs.

Get the latest archiving related trends in messaging, archiving and your
biggest email archiving and e-Discovery questions. View this free web
seminar now!

http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58116-0-0-0-1-2-207
----------------------------------------


--FAQ: Add AD Users with a Script
by John Savill
Q: Is there a script I can use to add a new Active Directory (AD) user
via an LDAP connection?

Find the answer at

www.windowsitpro.com/Article/ArticleID/97816
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58117-0-0-0-1-2-207)

--Announcing the 2008 Windows IT Pro Community Choice Awards!
The nomination period for the 2008 Windows IT Pro Community Choice
Awards has begun! Visitors to the Windows IT Pro and SQL Server Magazine
online forums are encouraged to nominate and vote on their favorite
products and services. Nominate your own favorite products in the
categories listed at:
forums.windowsitpro.com/web/forum/messageview.aspx?catid=96&threadid=88418&enterthread=y
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58118-0-0-0-1-2-207)


RESOURCES AND EVENTS

Tips From David Chernicoff on Backup at Remote Business Sites

Does your business operate in multiple locations? Do stretched IT
resources short-change data protection for your remote sites? Keeping
data at remote sites backed up and secure is a critical component of
business success. In this podcast, David Chernicoff discusses the
problems surrounding data backup to remote sites and offers ideas and
suggestions for successful remote backups. Register now to get the
knowledge you need to protect all your business data.

www.windowsitpro.com/go/podcast/storageguardian/?code=122607er
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58119-0-0-0-1-2-207)

Mobile Users' Backup & Protection Strategies

Traditional business backup solutions don't usually take into
consideration the special case of the mobile or casually connected user,
making it all too easy for these users to get lost in the shuffle of the
daily support responsibilities of most IT departments. This Web seminar
provides ideas, suggestions, and solutions to the problems inherent in
protecting and backing up the data used and generated by the mobile
business user.

www.windowsitpro.com/go/seminars/atempo/mobilebackup/?partnerref=122607er
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58120-0-0-0-1-2-207)

Unified Communications: What Is It? Why Should You Care? And How to Get
There

This white paper breaks the move to UC down into a manageable 3-phase
process that starts with unified messaging (UM). Learn practical tips
and a phased approach for getting started with UM as the first step
toward a UC environment in the future.

www.windowsitpro.com/go/whitepapers/activevoice/um/?code=122607er
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58121-0-0-0-1-2-207)


----------------------------------------
ADVERTISEMENT
Microsoft

Managing Systems Efficiently in a Mid-Sized Business

Understaffed and Constantly Putting Out Fires?

Attend this web seminar to learn how to deal with mid-market IT
management challenges:

* Understand how businesses currently deal with these types of
management problems
* Identify issues that can be addressed by a good set of system
management tools in the mid-size business
* Get an overview of a new integrated management solution from
Microsoft, called System Center Essentials 2007
* See how it can provide direction for simplifying IT management in
the SMB space

In the web seminar, David Chernicoff reviews these IT challenges and
discusses a solution designed specifically for the mid-size business.
Don't miss this opportunity to get a jump on proactive IT management of
your mid-market business.

http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58122-0-0-0-1-2-207
----------------------------------------

FEATURED WHITE PAPER

Ensure Your Company Is Filtering Internet Threats
The proliferation of Web-based threats means you can no longer rely on
basic firewalls as your sole network protection. One effective defense
to Web-based attacks is to deploy a content-aware, perimeter-based
network security device that inspects and blocks Web requests based on
URL destination. This white paper examines the threats of allowing
unwanted or offensive content into your network and describes the
technologies and methodologies to combat such threats.
www.windowsitpro.com/go/whitepaper/stbernard/internetthreats/?code=122607er
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58123-0-0-0-1-2-207)


ANNOUNCEMENTS

Exchange 2007 Mastery Series: January 28, 2008
Three info-packed eLearning seminars for only $99!
Hosted by Windows IT Pro
Mark Arnold--MCSE+M and Microsoft MVP--will coach you through Exchange
2007 storage solutions: planning for archiving and compliance,
optimizing your iSCSI network storage, and finding the sweet spot
between memory and spindles.
www.windowsitpro.com/go/elearning/masteringexchange2007
(http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58124-0-0-0-1-2-207)

CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).

http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58125-0-0-0-1-2-207

http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58126-0-0-0-1-2-207

You are subscribed to this newsletter as boy.blogger@gmail.com

Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58127-0-0-0-1-2-207.

To unsubscribe:
http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58128-0-0-0-1-2-207&list_id=803&email=boy.blogger@gmail.com&message_id=979

Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.

To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58129-0-0-0-1-2-207

About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://ct.email.windowsitpro.com/rd/cts?d=33-979-803-202-62923-58130-0-0-0-1-2-207

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2008, Penton Media, Inc. All rights reserved.

No comments:

Blog Archive