Editor’s Corner
In this week’s newsletter we look for el cheapo solutions to server alerting, examine a new tool for keeping Windows updated, talk about a security improvement in MacOS that may make it less secure, and more. We also have a new Ask Our Readers question from a reader who expresses concern about the rise of phishing emails that seem to come from financial service companies. And we have a Factoid about a newly engineered “killer application” for artificial intelligence (AI) that we want your feedback on. And finally, be sure also to check out some really cool videos in the Fun videos from Flixxy section near the end of this issue. Enjoy this week’s issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers 🙂
Cheers,
Mitch Tulloch, Senior Editor
Do people still use pagers for that?
Yes even sysadmins still occasionally use pagers, for example so they can be alerted when one of their servers goes down, or a virtual machine freezes, or a router needs to be rebooted, or a web app becomes unavailable, and so on. More likely they get SMS text messages or receive emails on their cellphones however. Or maybe a carrier pigeon drops something soft on their head, which may be where the phrase “heads up” originates as a way of expressing how you should respond when you receive an alert.
I’m talking here about super-cheap or even free ways of being notified when something goes wrong with your server or site. Asking around my circle of friends and colleagues led me to some possible solutions they have tried and can recommend in this area:
PagerTree provides on-call incident management gives devops teams flexible schedules, escalations, & reliable notifications via email, SMS, voice, & smartphone app and comes in Basic (free), Pro and Elite pricing plans:
Opsgenie is a modern incident management platform for operating always-on services, empowering DevOps teams to stay in control during incidents and comes in Free, Essentials, Standard and Enterprise pricing plans:
Pushover makes it easy to get real-time notifications on your Android, iPhone, iPad, and Desktop (Android Wear and Apple Watch, too!) and comes in various flavors and as a monthly service offering and provides 50 Monitors, Checked Every 5 Minutes, Totally Free!
UptimeRobot provides notifications via e-mail, SMS, voice calls, Telegram, Slack, Microsoft Teams, push, web-hooks etc
Then there’s this totally el cheapo solution which was recommended to me by a friend who heard about it from a network operator somewhere: If you use Gmail for your email you can create a label e.g called “pageme” and have your network monitoring software send its alerting emails to <yourname>[email protected]. Then you just set up label notifications on your Gmail smartphone app to generate a special alert noise whenever you receive an email addressed to this.
These are only a few ideas my colleagues kicked around when I discussed this with them recently. What do our readers recommend for a cash-starved small business that needs a free or ultra-cheap way of being notified when their server, site or app goes down? Email your suggestions to us at [email protected]
Free tool for managing Windows updates
Martin Brinkmann at gHacks recently published a walkthrough review of a free tool called Windows Automatic Updates Manager (WAU Manager) that gives administrators of Windows devices more control over the updating process. If you’re struggling to keep Windows updated properly — and you probably are if you’ve been relying on Microsoft’s Windows Server Update Services (WSUS) for doing this — I advise you to check Martin’s article out:
Windows Automatic Updates Manager review (gHacks)
https://www.ghacks.net/2019/10/03/windows-automatic-updates-manager-review/
WAU Manager isn’t the only third-party tool out there however that’s good at letting you manage software updates for Windows platforms. I recently covered a bunch of other updating tools here in this article:
Unhappy with WSUS? Try these third-party patch management solutions (TechGenix)
https://techgenix.com/third-party-patch-management/
What do our readers use for managing Windows updates in your own environment? Do you use WSUS or a third-party tool? Why and why not? Email your comments and recommendations to us at [email protected]
And speaking of my TechGenix article, here are some other articles by me that were recently published on our site:
Safeguarding your digital identities in a hostile world
https://techgenix.com/safeguarding-digital-identities/
Flight plans: What really drives businesses to the cloud (TechGenix)
https://techgenix.com/businesses-to-the-cloud/
On-premises backup for cloud data and cloud infrastructure protection (TechGenix)
https://techgenix.com/on-premises-backup/
Software-defined perimeter solutions: Why this is the future of security (TechGenix)
https://techgenix.com/software-defined-perimeter/
Will IPv6 ever kill IPv4? If so, when? (TechGenix)
https://techgenix.com/ipv6-kill-ipv4/
Please read any of these articles that interests you and either add a comment to them or send your feedback directly to me at [email protected]
Did this change make MacOS more secure or less secure?
A reader on Slashdot recently discovered something strange about the latest version of MacOS:
Something I discovered today, while trying to change a MAC address on a new MacBook Air (as I did for years on other MacBooks): ifconfig en0 ether “new mac” no longer works. It appears that this is a change made sometime last year, applicable to all Apple newer MacBooks.
Implications of permanently fixed MAC addresses on privacy and security are hard to underestimate. Given that Windows now supports complete Wifi MAC address randomization — I am sad to admit that Microsoft looks like a champion of privacy here.
Someone on the Apple Developer Forums confirmed that this change was made deliberately by Apple:
My ticket has been closed and I pinged a bunch of friends I have that work at Apple HQ.
Final result. This is not a bug. Apple is removing this feature for security reasons. This makes no sense since doing this does not put the individual doing it at a security risk.
You can read more here:
and here:
https://forums.developer.apple.com/thread/106768
This is totally weird to me. What do readers think about this? Email me at [email protected]
Security is *whose* responsibility??
And speaking of Windows updates, have any of you seen this new post by Mark Simos on the Microsoft Security Blog?
Patching as a social responsibility (Microsoft Security Blog)
https://www.microsoft.com/security/blog/2019/10/09/patching-social-responsibility/
What Mark seems to be saying is that socially responsible sysadmins should “do the right thing” and keep their Windows servers and client systems patched and up to date (after testing new patches of course).
But who is really responsible here for how insecure Windows computers generally are these days? Isn’t it the responsibility of Microsoft to properly test their patches *before* releasing them through Windows Update? IMO it’s Microsoft who needs to do the right thing here, not us who administer Windows environments. And it’s Microsoft who is failing to be socially responsible by releasing shoddy patches that break or mess up consumer PCs when they are automatically applied instead of making them more secure. If you’re not convinced, read what Woody Leonhard said in this recent article on ComputerWorld:
Microsoft Patch Alert: Botched IE zero-day patch leaves cognoscenti fuming (ComputerWorld)
And read this article too where Woody shares how enterprise patching veteran Susan Bradley summarizes her Windows update survey results and asks Microsoft management to rethink the breakneck pace of frequently destructive patches:
An open letter to Microsoft management re: Windows updating (ComputerWorld)
What do YOU think about the quality of software updates coming out of Redmond these days? Email us at [email protected]
Tell all your friends about WServerNews!
Please let all your friends and colleagues in the IT profession know about our newsletter. Tell them our latest issues can be found at wservernews.com while older issues dating back to 1997 can be found in our archive. And let them know also that they can receive WServerNews each week in their inbox by subscribing to it here. Thank you!
Ask Our Readers – Phishing emails from banks on the rise? (new question)
A reader named Vern sent us the following question which we’re redirecting to our newsletter readers:
I spend much time with my customers talking about phishing emails and educating them about NOT CLICKING. In this last year I have noticed more and more emails from Wells Fargo and Chase credit cards (and others) that are actually valid, but to most users would be indistinguishable from phishing email. Now I have enough “know how” to copy the url and paste it into notepad so I can see what the url might actually lead to, but few users know how to do this. Nor is it easy to tell some of the time.
Have your other readers noticed this or if they are inside the financial industry can they comment on this?
Keep up the good work.
Would any of our readers like to respond to Vern’s question? Email us at [email protected]
Got questions? Ask our readers!
WServerNews goes out each week to more than 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? Ask Our Readers by emailing your problems and/or questions to us at [email protected]
Subscribe to WServerNews!
Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter each week! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!
Coming up this week in FitITproNews!
FitITproNews comes out this Wednesday and should arrive in your inbox if you’ve subscribed to it — and if you haven’t you can subscribe here. Some of the fitness and nutrition topics and activities we’ll be covering include getting back into triathaloning, how to choose a gym, best wearable gadgets for runners, the food pyramid scheme, when excuses become reasons, and more.
Tip of the Week
>> Got any IT pro tips you’d like to share with other readers of our newsletter? Email us at [email protected]
Windows 10 users fume: Microsoft, where’s our ‘local account’ option gone? (ZDNet)
It’s getting harder and harder to install Windows 10 without using a Microsoft account. This article describes a workaround that lets you create a new local user account during setup:
https://www.zdnet.com/article/windows-10-users-fume-microsoft-wheres-our-local-account-option-gone/
Admin Toolbox
>> Got any admin tools or software you’d like to recommend to our readers? Email us at [email protected]
Read the “Top 10 Best Practices for vSphere Backups” white paper that discusses best practices with Veeam Backup & Replication and VMware vSphere
http://www.wservernews.com/go/fb623ejv/
Need to comply with an email governance policy? It’s simpler than you might think. Start archiving email in minutes with MailStore Server. Try it free for 30-days:
http://www.wservernews.com/go/2na5cj7x/
Saws is a supercharged AWS command line interface (CLI):
https://github.com/donnemartin/saws
A sysmon configuration file template with default high-quality event tracing:
https://github.com/SwiftOnSecurity/sysmon-config
Lithnet Idle Logoff is a simple utility that allows you to log off users after a period of inactivity:
https://github.com/lithnet/idle-logoff
Mailbag
In last week’s newsletter we talked about keeping some skin in the game of IT when you approach or enter retirement by sharing what some of our older readers have been doing in this regard. This drew some more feedback from one of our readers named Jonathan:
I’m now 66 and have been working in IT for over 20 years as a second career. I work for a small company servicing SMBs. I enjoy my job and have a great employer. I remember when I first started working in IT, it was for a large company and I almost couldn’t believe I was getting paid for doing work that seemed like play to me. I no longer quite have that attitude but I still enjoy IT and get a lot of satisfaction fixing people’s problems so they can get on with their own job.
It’s definitely harder now than it was 20 years ago to crawl under a desk to work on a PC or trace cabling. But my job mostly consists of working problems remotely from home which is one the prime aspects of my current job. I don’t miss the office at all.
I plan to cut back from full time to part time within the next year not because I want to stop working but because there are personal things I want to do that I don’t have the time and energy to do while working full time. How long will I then continue working part time? I really don’t know but I would think at least for a few more years.
My wife isn’t yet of retirement age and absolutely loves her job so as long as she’s working full time I don’t have any additional impetus to leave my job entirely. The IT career field has been good to me and I don’t see that changing, at least not for the next few years.
Other readers who would like to comment on this topic can do so by emailing us at [email protected]
Factoid – Killer application for artificial intelligence
Last week’s factoid and question was this:
Fact: Nextdoor launches in Canada, promising a more intimate, neighbourly social network (Financial Post)
Question: How is a platform like Nextdoor going to make the world more neighborly? Isn’t it simply going to further isolate and insulate us from one another instead?
Dennis from Spokane, WA responded to this by saying:
I have a lake place about 45 minutes from my full time house. Nextdoor has been very helpful because it only allows homeowners on that lake (and 2 others close by) to use it in any way. Other than in comments, there is none of that Like and Friend junk. For those of us not living full time there, it allows us to know what is going on (power outages, weather, fishing conditions, prowlers, sunsets, meetings, activities) without being there. If I want to sell, say, a boat, I know that this message only goes to people on my lake, not to Nigeria.
The only downside is, I also belong to the Neighborhood where I live, and Neighborhood system makes it very difficult to switch between the two systems. Also, its user interface is total crap, and completely non intuitive.
Fascinating, thanks. This clearly shows that Nextdoor can at least have some value in sparsely or seasonally populated areas, but I still question its usefulness in urban and suburban settings. Any more thoughts, anyone? Email us at [email protected]
Now let’s move on to this week’s factoid:
Fact: Finally, a useful application for AI — killing ants.
Source: https://hackaday.com/2019/10/05/tracking-ants-and-zapping-them-with-lasers/
Question: Wouldn’t it be great if someone could engineer a similar solution for zapping mosquitos and market it through Amazon? That would be the ultimate “killer application” for AI, wouldn’t it? Email your thoughts on this morbid subject to [email protected]
Conference calendar
>> Got an IT conference or event happening that you’d like to promote in our newsletter? Email us at [email protected]
Microsoft Ignite 2019
Nov 4-8, 2019 in Orlando, Florida
https://www.microsoft.com/en-us/ignite
Other Microsoft conferences
Microsoft Licensing Boot Camps
- Oct 15-16 in Dallas, Texas
- Dec 9-10 in Seattle, Washington
https://www.directionsonmicrosoft.com/training
Infosec conferences
Cyber Security Summit – Oct 17 in Scottsdale, Arizona
https://cybersummitusa.com/scottsdale19/
Cyber Security Summit – Nov 7 in Boston, Massachusetts
https://cybersummitusa.com/boston19/
Cyber Security Summit – Nov 21 in Houston, Texas
https://cybersummitusa.com/houston19/
Cyber Security Summit – Dec 5 in Los Angeles, California
https://cybersummitusa.com/losangeles19/
Other conferences
VMworld – Nov 4-7 in Barcelona, Spain
https://www.vmworld.com/en/europe/index.html
Midwest Management Summit – Nov 11-13 in New Orleans, Louisiana
https://mmsmoa.com/registration/mms-jazz-edition.html
European SharePoint, Office 365 & Azure Conference – Dec 2-5 in Prague, Czech Republic
https://www.sharepointeurope.com/
SharePoint Fest – Dec 9-13 in Chicago, Illinois
https://www.sharepointfest.com/Chicago/
Podcast Corner
Kubernetes security with StackRox CEO Kamal Shah (The T-Suite)
https://techgenix.com/podcast/the-t-suite/
Do too many users have VPN access to your prod environment? (Risky Business — NEW!)
https://risky.biz/netcasts/risky-business/
Ghosts of WIP Past, Present and Future (Windows Insider)
https://insider.windows.com/en-us/podcasts/
Something Cloudy (Microsoft Cloud IT Pro Podcast)
https://www.msclouditpropodcast.com/
Interview With CircleCI & New Support for Windows (Microsoft Cloud Show)
http://www.microsoftcloudshow.com/podcast
Office 365 Security and Compliance with Erica Toelle (RunAsRadio)
New on Techgenix.com
Locking down your Exchange server with cipher suites
Cipher suites are a set of algorithms you need to secure your environment, either by using SSL and TLS. Here’s more on this important security step.
https://techgenix.com/exchange-server-cipher-suites/
Review: Exchange and Active Directory sync tool NETsec GalSync V74
NETsec GALsync is a tool to synchronize global address lists across multiple Exchange forests and Office 365 tenants. Here’s our review.
https://techgenix.com/netsec-galsync-v74/
HIPAA IT compliance: Privacy and security rules you must know
HIPAA is the mandatory health regulation that must be followed strictly. But if you’re an IT pro in the health-care sector, what’s your responsibility?
https://techgenix.com/hipaa-it-compliance/
Ransomware response: What to do after an attack
An effective ransomware response is vital in ensuring your organization can resume operations quickly and with little to no loss of your most valuable data.
https://techgenix.com/ransomware-response/
ENow Exchange Monitoring & Reporting
ENow Exchange Monitoring & Reporting monitors all critical aspects of your Exchange environment from a single pane of glass. ENow visual monitoring approach lets you easily pinpoint the root cause of your outage by monitoring all key messaging services such as Mailflow, Client Access, Database Availability. Additionally ENow solution has over 250 built-in reports and dashboards, that can be personalized for all your key stakeholders.
https://techgenix.com/product/enow-exchange-monitoring-reporting/
Fun videos from Flixxy
World’s Simplest Electric Train
How to build an electric train, using only a copper wire, a dry cell battery and two magnets:
https://www.flixxy.com/worlds-simplest-electric-train.htm
Spectacular Glider Touchdown In The Rain
A spectacular glider touchdown in Pavullo, Italy – in the rain:
https://www.flixxy.com/spectacular-glider-touchdown-in-the-rain.htm
Gernot Bruckmann – Amazing Aerobatic Flying Skills
Four-times World champion pilot Gernot Bruckmann shows off his amazing aerobatic flying skills:
https://www.flixxy.com/gernot-bruckmann-amazing-aerobatic-flying-skills.htm
Microsoft’s New Folding Android Phone
Microsoft surprises with new foldable Surface Duo phone running Android:
https://www.flixxy.com/microsofts-new-folding-android-phone.htm
More articles of interest
Is your VM frozen? Learn how to troubleshoot a frozen VM
Many issues cause VMs to become unresponsive, including invoking particular tasks, such as snapshots or migrations, resource configuration and infrastructure unavailability.
4 steps to check application compatibility with Windows 10
Before a Windows 10 migration, IT admins should make sure all applications are compatible with the new OS. Here are four steps to get started with the process.
What are the limitations of free ESXi?
When choosing a CASB, enterprises face two primary options: a stand-alone service from a third party or a bundled tool set from some of the large cloud providers. It’s important to pick your flavor wisely.
How to accommodate mobile VDI users’ application access
IT faces an uphill battle when deploying virtual desktops to mobile devices due to compatibility issues. Virtualization platforms help IT address these problems.
Send us your feedback!
Got feedback about anything in this issue of WServerNews? Email us at [email protected]