Microsoft exams

Last August, I did a beta exam for Microsoft. I didn’t pay for it, but I didn’t get a score either; the idea was just to test out their new software for doing simulations in the exam (rather than multiple choice questions). As a “thank you”, Microsoft then sent me three vouchers, each one corresponding to a free exam. These expire at the end of June, so I’ve finally had to stop procrastinating and start studying.

Today I did two exams: 70-236 (MCTS: Configuring Exchange Server 2007) and 70-431 (MCTS: SQL Server 2005 – Implementation and Maintenance). According to the booking website, the Exchange exam lasts 4½ hours, and the SQL exam lasts 4 hours, so this looked like quite a long day! Fortunately, I didn’t need all the time that was allocated, so I ended both exams early, and I was at the test centre for about 3 hours altogether.

Continue reading “Microsoft exams”

Exchange 2007 – firewall problems on Windows 2008

In Windows 2003, the local firewall was turned off by default. You could enable it, but you had to be careful about defining all your exceptions; unlike a PC running Windows XP, you presumably want people to be able to connect to your server! Finding a list of all the relevant ports/protocols could be difficult, and Microsoft sometimes advised people not to enable the firewall at all. SP1 introduced the Security Configuration Wizard (SCW), which helps you to configure the firewall, but you have to specifically install this as an extra component.

In Windows 2008, this changed: the firewall is turned on by default, and the SCW is installed automatically. You can still turn the firewall off, but that’s not ideal from a security point of view: it’s better to configure it so that only certain traffic can get through.

Continue reading “Exchange 2007 – firewall problems on Windows 2008”

MazeBot 1

Today, I have mostly been breeding robots…

Back in my undergrad days, I learnt about “genetic algorithms”. The basic idea is that rather than designing a computer program yourself, you allow one to evolve: the equivalent of natural section. I’ve taken advantage of the break between Christmas and New Year to experiment with this; I’m trying to get robots to find their way through a maze. Just to clarify, this is all virtual: I’m writing programs on my computer, rather than building things out of Lego.

Continue reading “MazeBot 1”

SSL certificate errors

I’ve just been along to the PruHealth website. Unfortunately, it turns out that their SSL certificate expired last night, so I get a big warning message when I try to access the site. I’ve reported the problem to them, and they should be able to fix it fairly easily, i.e. renew the certificate. However, I’ve now seen how different web browsers handle this problem, and I think Internet Explorer does a better job than Firefox overall.

Continue reading “SSL certificate errors”

How to short-circuit a network…

Most modern networks use a star topology: each computer plugs into a separate port on a switch, either directly or via a patch panel, and larger networks will have multiple switches connected together. However, what happens if you plug both ends of a patch cable into the same switch? I’ve encountered this situation a couple of times.

Continue reading “How to short-circuit a network…”

Downloader-UA.h

There have been a couple of virus warnings in the news today:
Half a million infections of latest Trojan (MSN)
Fake media file snares PC users (BBC)

The basic gist is that there are fake mp3/mpeg files circulating on peer-to-peer filesharing networks. I.e. if you use a program like LimeWire to download a music file or video clip, you may not actually get what you thought. Instead, when you try to play the file, it installs adware on your machine.

I’m sure that I’ll have several people contacting me about this tomorrow, so how bad is it?

Continue reading “Downloader-UA.h”

Open source software

Free software is a funny thing, partly because it tends to spark off “holy wars”, so it can be hard to focus on the practical issues when you’ve got people shouting about their vision of purity. I like this blog post (a parody), which applies those principles to cars: The transmission tax.

Most of the people reading this are probably aware of the basic principles, but here’s a quick recap. If you get a piece of software for your computer, it can be “closed source” or “open source”. Closed source is something like Microsoft Office or Adobe Reader: you get the application itself, so you can run it on your machine, but you don’t get the source code that the programmers used to create it. Open source means that you get the source code too, and there are some (theoretical) advantages to this:

Continue reading “Open source software”

Password security

Last year I signed up with Facebook, and the “find friends” page asked me to give them the password to my GMail account so that it could log in as me and look at my list of contacts (address book), then see whether any of those people are already registered. I, however, was disinclined to acquiesce to their request; with my password, they would be able to impersonate me (sending emails on my behalf), intercept incoming emails, and even lock me out of my own account. I’m not saying that the Facebook programmers in particular would necessarily do any of these things, but I prefer to be cautious about handing out that type of information.

This may seem a bit paranoid, but I read an interesting post today at Coding Horror: A Question of Programming Ethics. Basically, somebody wrote a shareware program called “G-Archiver” that will store a backup copy of your GMail messages on your hard drive; in order for this to work, you obviously have to provide your password. However, it turns out that the program was emailing all these passwords back to the programmer. Oops.

In fairness, you need to type your password into your computer somehow if you want to get at your email; this could be through a web browser or a dedicated email application (e.g. Outlook Express). So, you have to make the trade-off: who do you trust? Personally, I’m willing to trust Microsoft applications, although I know that other people disagree. I’m also willing to trust Firefox. However, open source isn’t a panacea; just because something can be read, that doesn’t mean that anyone has actually read it, particularly if it’s obscure. It’s also worth mentioning that the same thing could be done on other platforms (e.g. a Mac); this isn’t a virus, it’s the program doing exactly what it was designed to do.

Integrated Windows authentication in web browsers

A while back, I was setting up an internal website (on a Windows domain with Active Directory), where I needed to identify each person who connected to it. IIS has an option for “integrated Windows authentication”: the idea is that if you’re already logged into the domain then you don’t have to provide a new username and password (or retype your Windows password) because the webserver will recognise you. This is similar to the way that permissions work on a fileserver, and I’ve used the same approach for desktop applications. One scenario is that you might want to use Outlook Web Access internally.

However, in order for this to work, the web browser actually has to send the relevant information to the webserver. The website doesn’t actually get your password, just your username, e.g. “example.com\john”. Opinions may vary about whether this type of authentication is a good idea; personally, I think it is, because I don’t want people to get into the habit of typing in their password whenever a pop-up dialog box asks them for it. Still, whatever your views, it makes sense to be able to control this setting.

Continue reading “Integrated Windows authentication in web browsers”

70-621

On Monday morning I took the Vista upgrade exam (70-621). I passed it with a healthy margin (pass mark was 700/900 and I scored 820/900), so I’m happy with that, and it gives me two extra certifications:

  • Microsoft Certified Technology Specialist (Microsoft Windows Vista: Configuration)
  • Microsoft Certified IT Professional (Enterprise Support Technician)

Continue reading “70-621”