Kurt Shintaku's Blog

The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system.

Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the latest updates have been applied or who get attacked before an update is even available, the results can be devastating: malware, loss of PII, etc.

Security mitigation technologies are designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. EMET allows users to manage these technologies on their system and provides several unique benefits:

1. No source code needed: Until now, several of the available mitigations (such as Data Execution Prevention) have required for an application to be manually opted in and recompiled. EMET changes this by allowing a user to opt in applications without recompilation. This is especially handy for deploying mitigations on software that was written before the mitigations were available and when source code is not available.
2. Highly configurable: EMET provides a higher degree of granularity by allowing mitigations to be individually applied on a per process basis. There is no need to enable an entire product or suite of applications. This is helpful in situations where a process is not compatible with a particular mitigation technology. When that happens, a user can simply turn that mitigation off for that process.
3. Helps harden legacy applications: It’s not uncommon to have a hard dependency on old legacy software that cannot easily be rewritten and needs to be phased out slowly. Unfortunately, this can easily pose a security risk as legacy software is notorious for having security vulnerabilities. While the real solution to this is migrating away from the legacy software, EMET can help manage the risk while this is occurring by making it harder to hackers to exploit vulnerabilities in the legacy software.
4. Ease of use: The policy for system wide mitigations can be seen and configured with EMET’s graphical user interface. There is no need to locate up and decipher registry keys or run platform dependent utilities. With EMET you can adjust setting with a single consistent interface regardless of the underlying platform.
5. Ongoing improvement: EMET is a living tool designed to be updated as new mitigation technologies become available. This provides a chance for users to try out and benefit from cutting edge mitigations. The release cycle for EMET is also not tied to any product. EMET updates can be made dynamically as soon as new mitigations are ready

The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques. These pseudo mitigations are not robust enough to stop future exploit techniques, but can help prevent users from being compromised by many of the exploits currently in use. The mitigations are also designed so that they can be easily updated as attackers start using new exploit techniques.

• DOWNLOAD: Enhanced Mitigation Experience Toolkit v2.0
  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04

Active Directory, Best Practice Analyzer, IIS 7.5 on Server Core and BranchCache

Overview
Windows Server 2008 R2 provides a productive server platform because it offers cost-effective virtualization, power-saving capabilities, and a superior experience for end users. In this hands-on lab, we focus on the enhancements made to Active Directory in Windows Server 2008 R2. We also show you how you can leverage the Best Practice Analyzer to improve compliance with established standards and best practices. Finally, we provide an overview of two new features in Windows Server 2008 R2: the ability to run ASP.NET apps on Internet Information Services (IIS) 7.5 running on Server Core and BranchCache, a technology that can help organization reduce bandwidth utilization.

During this lab, we will cover:

• What’s New in Active Directory: We review some of the enhancements made to Active Directory. Discuss the benefits of the new forest level and how it provides new functionality like the Recycle Bin.  Review the enhanced Active Directory Administrative Center and how the new cmdlets in Windows PowerShell ease Active Directory management.
• Best Practices Analyzer, IIS, ASP.NET, and Server Core: We show how this tool can help you save money by reducing the time it takes to implement an infrastructure that adheres to best practices. Learn how to take advantage of the benefits of Server Core to run the most critical Microsoft ASP.NET applications.
• BranchCaching:  BranchCache can help increase network responsiveness of centralized applications when accessed from remote offices.

Registration:  This event requires registration due to the limited number of seats & resources available online.  If you are a customer of mine, contact me for information about participating.

What is a virtual hands-on-lab:
This isn’t your typical IT class. A hands-on lab online is an invite only event that combines LiveMeeting with a virtual lab.  Attendees and presenters login from anywhere. Attendees watch a brief LiveMeeting presentation, then spend most of the time getting hands-on experience working through all, or just self-selected modules of the entire lab – at their own pace, and receive real–time, personal, one-on-one attention from the presenter.  In addition, there’s a proctor available for technical support and to answer more attendee questions.

Date
Tuesday, February 15^th, 2011

Time
9:00am – 1:00pm Pacific Time

Location
Virtual Hands On Lab Classroom

Target Audience
IT Pro, IT Manager

Registration
This event requires registration due to limited resources,  Please contact me if you are a customer of mine for registration details.

Before the Event

• Check virtual lab for your computer http://test.vlabcenter.com/hv/default.aspx
• Install the ActiveX control. The Microsoft "Virtual Machine Remote Control" ActiveX control is required to start the virtual lab.
• Review system requirements.
• If you have any issues, please contact support.

TRAINING
For ultra-hard core guerilla-intense style training that goes beyond what traditionally is taught – we see a lot of customers going to Critical Path training or SharePoint Bootcamp.  This is a list of their administration courses:

• http://www.criticalpathtraining.com/Courses/
  Pages/AdminItPro.aspx 
• http://www.sharepointbootcamp.com/

The only catch is that the courses aren’t necessarily local to Los Angeles however some are available online.

• (FREE) Clinic 5045: Inside Look at Developing with Microsoft Windows SharePoint Services 3.0
  http://www.microsoftelearning.com/eLearning/gotoResource.aspx?resourceId=2ca702a7-acbe-4a1f-89c4-0e33e82cc439&language=en-US&country=US&locale=en-US 
  In this 2-hour premium clinic you will learn about the rich capabilities that Windows SharePoint Services 3.0 offers to developers. The clinic will focus on Architecture and List Management, Building and Extending Windows SharePoint Sites, and Packaging and Deploying Windows SharePoint services solutions. Having this knowledge will enable you to determine how to incorporate Windows SharePoint Services into your workspace solution development.
• (FREE) Clinic 5046: Inside Look at Building and Developing Solutions with Microsoft Office SharePoint Server 2007
  http://www.microsoftelearning.com/eLearning/gotoResource.aspx?resourceId=73bbe976-dddb-4d3c-bb5e-8a35bf5db755&language=en-US&country=US&locale=en-US
  In this 2-hour premium clinic you will learn about the rich capabilities that Office SharePoint Server 2007 offers to developers. The clinic will focus on Fundamentals of Building Solutions with Office SharePoint Server 2007, Building Business Solutions with Office SharePoint Server 2007 and how to Incorporate Office SharePoint Services into Business solutions.

(FREE) SharePoint Server Webcasts, Virtual Labs, and Podcasts:
http://www.microsoft.com/events/series/sharepointserver.aspx 
Use these online resources today to learn how Microsoft Office SharePoint Server 2007 can help improve organizational effectiveness.

(FREE) Additional SharePoint Virtual Labs and Labcasts (hands on experience with Microsoft hosted SharePoint systems that you can use and administer):
http://technet.microsoft.com/en-us/office/sharepointserver/bb512933.aspx

(FREE) Video demos and training for Office SharePoint Server 2007
http://technet.microsoft.com/en-us/library/cc262880.aspx

(FREE) Microsoft Office SharePoint Server 2007 TechCenter (Great starting point for developers and administrators):
http://technet.microsoft.com/en-us/office/sharepointserver/default.aspx

(FREE) End User Training Kit:
(Install this on your SharePoint portal and users can access this training)
http://blogs.msdn.com/sharepoint/archive/2007/10/11/sharepoint-end-user-training-kit-now-available.aspx

(FREE) Customizable Everyday Productivity Education (EPE) content developed by Microsoft IT for end user training:
http://blogs.msdn.com/sharepoint/archive/2007/09/07/customizable-everyday-productivity-education-epe-content-developed-by-microsoft-it-for-end-user-training.aspx

(SOME FREE) Office SharePoint System – Learning Portal:
http://www.microsoft.com/learning/office2007/default.mspx

(SOME FREE) End-User Training Clips:
http://cbtclips.com/sharepoint3/

Microsoft E-Learning Courses:
http://learning.microsoft.com/Manager/Catalog.aspx?clang=en-US&dtype=Catalog&Sort=TitleAscending&page=1&cats=%7bf9d20670-fa9a-45b8-a017-ba71db81a534%7d%3a%7be1031ff3-3f15-4bfc-840b-defae43c69b7%7d%3a%7b337eb1e4-98e6-480a-a5fb-8b7b3a282c9c%7d

Microsoft SharePoint Academy:
http://www.microsoftsharepointacademy.com/index.htm

Mindsharp Computer-Based Training:
http://www.mindsharp.com/Default.aspx?top=Courseware&left=Computer-Based%20Training

Classroom Training:
http://learning.microsoft.com/Manager/Catalog.aspx?clang=en-US&dtype=Catalog&Sort=TitleAscending&page=1&cats=%7bf9d20670-fa9a-45b8-a017-ba71db81a534%7d%3a%7be1031ff3-3f15-4bfc-840b-defae43c69b7%7d%3a%7badf07500-03ad-4a36-b0ba-81c728d3d717%7d

Southern California-Based Partner-Led Training:

• Apex InfoTech Inc. (Irvine)
  http://www.oneapex.com/microsoft/office.asp
• Global Knowledge
  http://www.globalknowledge.com/training/course.asp?courseid=10223
• Integrated Digital Technologies (Pasadena, Santa Ana)
  http://idt.edu/Education/catalog.aspx?c=947
• Mindsharp (San Diego)
  http://www.mindsharp.com
  · 5-day MOSS Administration
  · 5-day 2007 SharePoint Designer
  · 3-day 2007 SharePoint Power User
  For more information about these San Diego events contact:
  Kristian McKenzie, 952-230-6509, kristian.mckenzieATmindsharpDOTcom
• New Horizons (San Diego, Anaheim)
  http://www.newhorizons.com/content/catalogSearch.aspx?txtSrchTITLE=sharepoint
• Netwin Solutions (Westminster)
  http://www.netwinsolutions.com/courses_view.php?category=10
• QuickStart (Brea, Irvine, Gardena)
  http://www.quickstart.com/courses/technology.asp?type=96
• SharePoint Experts (Anaheim)
  http://www.sharepointbootcamp.com/schedule.htm
• Ted Pattison Group (Irvine):
  http://tedpattison.net/default.aspx
• Vortex (San Diego)
  http://www.vortexdata.com/schedule/default.asp?CategoryID=7&SubCategoryID=8

SharePoint Designer
SharePoint Designer helps you create and customize SharePoint Web sites and building workflow-enabled applications based on SharePoint technologies. Here are a couple of links to get familiar with SharePoint Designer. You can download an evaluation copy here: (http://us20.trymicrosoftoffice.com/product.aspx?re_ms=oo&family=sharepoint&culture=en-US).

• SharePoint Designer 2007 Product Home Page (FREE):
  http://office.microsoft.com/en-us/sharepointdesigner/FX100487631033.aspx
• SharePoint Designer 2007 Help and How-to (FREE):
  http://office.microsoft.com/en-us/sharepointdesigner/FX100646991033.aspx
• A six-part series on getting the most out of SharePoint Designer 2007 (FREE):
  http://office.microsoft.com/en-us/sharepointdesigner/HA102199841033.aspx
• SharePoint Designer 2007 Online Training (By Total Training):
  http://www.totaltraining.com/prod/microsoft/sharepoint2007.asp
  Explore the countless possibilities of SharePoint Designer 2007. In this video series John Jansen teaches you to build very simple or incredibly complex business solutions on the SharePoint platform. Learn about Master Pages, how to modify Cascading Style Sheets (CSS) in SharePoint Designer, and how to integrate Visual Studio with custom Web part deployment and workflow actions.

Books – Microsoft Press

• Office SharePoint Server 2007:
  http://learning.microsoft.com/Manager/Catalog.aspx?clang=en-US&dtype=Catalog&Sort=TitleAscending&page=1&search=%22office%20SharePoint%22&cats=%7b803f37c6-1c6b-4905-812f-7367c606d0aa%7d
• Windows SharePoint Services:
  http://learning.microsoft.com/Manager/Catalog.aspx?clang=en-US&dtype=Catalog&Sort=TitleAscending&page=1&search=%22sharepoint%20services%22&cats=%7b803f37c6-1c6b-4905-812f-7367c606d0aa%7d

Recently I was asked to provide a bunch of information about SharePoint Administrative training & tools.  I thought I’d republish it in two parts here for others to take advantage of.

DEVELOPMENT
I’ve included some of the top links around SharePoint development and best practices to develop apps that are designed correctly and do not hog resources on the SharePoint server.

• Developing SharePoint Applications:  This is our latest guidance on building custom applications in SharePoint.  It provides sample/reference projects and various best practices with various aspects of the development process.  (There is a CHM file in the download for this that is a great place to start.)
• SharePoint Design Basics: This gives some guidance on some of the fundamental challenges that developers will encounter when building SharePoint applications.
• SharePoint Server Developer Center: This is a great starting point for most of our documentation around SharePoint development.  This is just one of those sites that’s good to know for reference on how to accomplish various tasks.
• SharePoint Developer Training Site:  This site contains some really good training and learning materials on various topics related to SharePoint development tasks.  Includes webcasts, online videos, samples, and more.
• Development Best Practices Checklist (non-Microsoft blog post):  Checklist of general things to keep in mind when doing SharePoint development.
• 10 Best Practices For Building SharePoint Solutions: This article is specific to SharePoint solutions (which should always be used in SharePoint development).

UTILIZATION

• Enable Usage Reporting in SharePoint:  This is how to configure the usage report capabilities of SharePoint out of the box.
• Nintex Reporting 2008:  Tool from Nintex that provides various types of reports on SharePoint usage, trends, and system activity.
• Quest Site Administrator for SharePoint:  Tool from Quest Software which gives more detail in the usage and security of SharePoint
• Universal SharePoint Manager v2007:  Tool from iDevFactory that provides reporting on: Account Security Management, Environment Management, Sites Management, List & Item Management, User Management, and more.

OPERATIONS

• Best Practices Resource Center for MOSS 2007:  This site helps with information to keep your system available and performing well.  Includes everything from planning to ongoing maintenance.  Look at the Operational Excellence section for ongoing best practices.
• Microsoft Best Practices Analyzer for SharePoint:  This tool will check for common issues and best security practices. The tool generates a report that can help you optimize the configuration of your system.

If you’re looking to upgrade you SQL Server, you may want to look into the following tools – the Best Practices Analyzer & the Upgrade Advisor – in preparation for the upgrade.

• SQL Server 2000 Best Practices Analyzer
  http://www.microsoft.com/downloads/
  en/details.aspx?FamilyID=b352eb1f-d3ca-44ee-893e-9e07339c1f22&displaylang=en
• SQL Server 2005 Best Practices Analyzer (August 2008)
  http://www.microsoft.com/downloads/
  en/details.aspx?FamilyId=DA0531E4-E94C-4991-82FA-F0E3FBD05E63&displaylang=en
• SQL Server® 2008 R2 Best Practices Analyzer 
  (Works for both SQL Server 2008 & SQL Server 2008 R2)
  http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=0fd439d7-4bff-4df7-a52f-9a1be8725591
• SQL Server 2005 Upgrade Advisor
  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1470e86b-7e05-4322-a677-95ab44f12d75
• SQL Server 2008 Upgrade Advisor
  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f5a6c5e9-4cd9-4e42-a21c-7291e7f0f852
• SQL Server 2008 SP2 Upgrade Advisor
  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=bdd888fa-779f-480c-a85f-7d70b179e3b9

——————

For questions:

• SQL Server Setup & Upgrade Online Forum
  http://go.microsoft.com/fwlink/?LinkID=123371

We have quite a few whitepapers & links from Microsoft on virtualizing SQL Server.  Here’s a few of them:

• WHITEPAPER:  “Running SQL Server 2008 in a Hyper-V Environment – Best Practices and Performance Recommendations”
  http://download.microsoft.com/download/d/9/4/d948f981-926e-40fa-a026-5bfcf076d9b9/SQL2008inHyperV2008.docx
• WHITEPAPER:  “Planning, Implementing and Supporting SQL Server Virtualization with Windows Server 2008 R2 Hyper-V and Live Migration”
  http://download.microsoft.com/download/4/4/D/44DB08F7-144B-4DF6-860F-06D30C6CE6E4/SQL%20Server%202008%20R2%20Virtualization%20Whitepaper.docx
• WEB SITE:  “SQL Server Virtualization”
  http://www.microsoft.com/sqlserver/2008/en/us/virtualization.aspx
• PODCAST:  “SQL Server Virtualization Best Practices”
  http://www.microsoft.com/events/podcasts/default.aspx?seriesID=Series-11bc7f7b-77a6-4e18-ac58-6c9cfbe102aa.xml&pageId=x5112&source=Microsoft-Podcasts-about-SQL-Server-2008:-Access-Your-Data-Any-Place,-Any-Time&WT.rss_ev=a
• WHITEPAPER:  High Performance SQL Server Workloads on Hyper-V
  http://download.microsoft.com/download/D/F/8/DF89D22D-39C8-4728-A990-3BD4467891B7/HighPerformanceSQLServerWorkloadsOnHyper-V_Final.docx

Join Edgile (Microsoft Gold Certified Security Partner) and Microsoft for in-depth training on Forefront Identity Manager (FIM) 2010.

Edgile Identity Education Series offers FREE training on Forefront Identity Manager (FIM) 2010, FIM 2010 Certificate Management and Rights Management Server (RMS).

Forefront Identity Manager 2010
Come and learn how Forefront Identity Manager (FIM) 2010 can help you by delivering simplicity, agility and efficiency while increasing security and compliance within your identity infrastructure.

Forefront Identity Manager 2010 – Agenda

Day 1 Agenda:

• Introduction to FIM 2010
• Managing Users and Groups
• Password Reset
• Customizing FIM

Day 2 Agenda:

• FIM Policy Management
• Sets, Workflows and Policies
• Managing Active Directory
• Incorporating Other Systems
• Incorporating HR Data

The Edgile Identity Education Series will offer additional training events throughout 2011 on Forefront Identity Manager 2010, FIM 2010 Certificate Management and Rights Management Server.

DATE:
Wednesday, February 9, 2011
Thursday, February 10, 2011
9:00AM-4:00AM

LOCATION:
3 Park Plaza, Suite 1600, Irvine, CA 92614

REGISTRATION:
This event REQUIRES registration.  If you are a customer of mine, please contact me for details on how to register.

Want yet another way to win free Microsoft points?  Just for doing the things that you’re likely already doing right now on your Xbox 360? 

Looks like we’re implementing a spiffs program for folks that would like to be rewarded for buying certain items on Xbox Live Marketplace or participating in certain events/promotions.

For example:

• Renew a 12 month Xbox LIVE Gold membership subscription?  Get 200 Microsoft points!
• Newcomer to Xbox LIVE Gold?  Get 100 Microsoft points!
• Buy a special XBox Live Marketplace item?  Get 20 Microsoft points!

Easy right?  And it’s kinda important too because these things can pile up.  For example, 200 Microsoft points doesn’t sound like much but it’s $2.50 which could go to paying for an online movie rental of “Inception” or “The Social Network”, for instance.

So enroll today, and start racking up points.

• LINK:  Xbox Live Rewards Signup
  http://rewards.xbox.com/
• LINK:  Xbox Live Rewards Program Details
  http://rewards.xbox.com/program/
• LINK:  Xbox Live Rewards “Account Summary”
  http://rewards.xbox.com/my-rewards/

As part of the all-up approach to assisting desktop IT professionals Microsoft’s Springboard Series web site has published an Outlook 2010 Resource web site that is invaluable to anyone deploying the new Office 2010 with Exchange/Outlook in mind:

The site includes the following:

• What’s new or different
• Compatibility
• Planning Outlook configurations
• Configuring profiles
• Compliance & security
• Managing & updating Outlook
• Developer resources
• Training & how-to’s
• Whitepapers
• Key reousrces/tools

References:

• Official Outlook Blog
• Official Office IT professional Blog
• Official Exchange Blog
• Microsoft Outlook Discussion Forum

A one-stop shop for everything you need as an IT professional working with Outlook 2010… check it out!

• LINK:  Outlook 2010 Resources – Springboard Series
  http://technet.microsoft.com/en-us/office/gg513879.aspx

Service Pack 4 (SP4) for Microsoft SQL Server 2005 is now available for download. SQL Server 2005 service packs are cumulative, and this service pack upgrades all service levels of SQL Server 2005 to SP4 . You can use these packages to upgrade any of the following SQL Server 2005 editions:

• Enterprise
• Enterprise Evaluation
• Developer
• Standard
• Workgroup

SQL Server 2005 SP4 includes SQL Server 2005 SP3 cumulative update 1 to 11, customer requested fixes, along with instances of the SQL Server 2005 SP4 database Engine support for DAC operations.

Peer-to-peer support is available in the SQL Server 2005 forums.

Note: To obtain SQL Server 2005 Express Edition obtain the SP4 version of Express or Express Edition with Advanced Services.

• DOWNLOAD:  Microsoft SQL Server 2005 Service Pack 4
  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=b953e84f-9307-405e-bceb-47bd345baece&displaylang=en