What is IaaS?

Infrastructure as a service (IaaS) is a form of cloud computing that provides virtualized computing resources over the internet.
In an IaaS model, a cloud provider hosts the infrastructure components traditionally present in an on-premises data center, including servers, storage and networking hardware, as well as the virtualization or hypervisor layer.

The IaaS provider also supplies a range of services to accompany those infrastructure components. These can include detailed billing, monitoring, log access, security, load balancing and clustering, as well as storage resiliency, such as backup, replication and recovery.

IaaS customers access resources and services through a wide area network, such as the internet, and can use the cloud provider’s services to install the remaining elements of an application stack. For example, the user can log in to the IaaS platform to create virtual machines; install operating systems in each VM; deploy middleware, such as databases; create storage buckets for workloads and backups; and install the enterprise workload into that VM

SSD Hard Drive

A hard drive is essentially a metal platter with a magnetic coating that stores your data.  A read/write head on an arm accesses the data while the platters are spinning.

An SSD does functionally everything a hard drive does, but data is instead stored on interconnected flash memory chips that retain the data even when there’s no power present.
SATA drives come in varying speeds and capacities and SSD drives come in varying capacities. SSDs so much quicker than conventional SATA drives because there are no moving parts, there is no spinning disk like you would find in a SATA drive that has to read and write data to an actual disk. Boot up time is much quicker, cutting it down by 50 percent or more. SSDs are also lighter than the average SATA drive which makes it a great choice for a laptop drive. The one drawback to buying an SSD is cost, as these are pricey hard drives.

Types of SSL/TLS Certificates

Today there are three types of certificates that offer 3 levels of user trust for SSL/TLS negotiations:
Domain Validated certificates (DV), Organization Validated certificate (OV) and Extended Validation certificates (EV).

Domain Validated Certificate
This type of certificate validates that the domain is registered and someone with admin rights is aware of and approves the certificate request. The validation can take from a few minutes to a few hours. The Domain Validated SSL certificate is the most common SSL certificate type because it’s fast to purchase. This validation type is sufficient for the majority of businesses and cheaper compared to Company or Extended validations.
If the certificate is valid and signed by a trusted authority, the browsers indicate a successfully secured HTTPS connection.

Organization Validated Certificate
Organizational certificates are Trusted and they are authenticated by real agents against business registry databases. Additional business documents may be required and the business may be contacted during validation to prove the right of use. OV certificates therefore contain legitimate business information. This is the standard type of certificate required on a commercial or public facing website.

Extended Validation Certificate
The Extended Validation certificate requires an extended validation of the business. It validates domain ownership and organization information, plus the legal existence of the organization. It also validates that the organization is aware of the SSL certificate request and approves it. The validation requires documentation to certify the company identity plus a set of additional steps and checks. The order can take from a few days to a few weeks, due to the extended validation process. The Extended Validation SSL Certificates are generally identified with a green address bar in the browser containing the company name.

 

WHOIS Protocol

Le WHOIS est un protocole de requête / réponse qui est largement utilisé pour interroger des bases de données contenant des informations sur les ressources Internet telles que les noms de domaine et les allocations d’adresses IP.

Créé dans les années 1980, WHOIS a commencé comme un service utilisé par les opérateurs Internet pour identifier les personnes ou entités responsables du fonctionnement d’une ressource réseau sur Internet. Le service WHOIS est depuis devenu un outil utilisé à de nombreuses fins.

De nos jours, le protocole WHOIS est principalement utilisé par les déclarants et les utilisateurs pour interroger les bases de données du registre de domaine afin d’obtenir des informations sur les noms de domaine et vérifier la disponibilité des noms de domaine.

Un serveur WHOIS écoute sur le port TCP 43 pour les requêtes des clients WHOIS. Le client WHOIS envoie une requête de texte au serveur WHOIS, puis le serveur WHOIS répond avec du contenu textuel. Toutes les demandes sont terminées avec ASCII CR puis ASCII LF. La réponse peut contenir plus d’une ligne de texte, de sorte que la présence de caractères ASCII CR ou ASCII LF n’indique pas la fin de la réponse. Le serveur WHOIS ferme sa connexion dès que la sortie est terminée. La connexion TCP fermée est l’indication au client que la réponse a été reçue.

Hyper-V: How to add more than 4 cores to a virtual machine

Windows Server 2008 R2 Hyper-V supports 4 cores per VM. Windows 8 Server will give us a lot of new features and upgrades, and will also support more than 4 cores per VM. They might even add multiple core support to the next SP for Server 2008 R2.

There is a way to add more cores to your VM by editing your VM’s XML file:

Step 1: Shut down your virtual machine
Step 2: Locate and open the XML configuration file of your VM. You can find the (default) location in the Hyper-V settings in the actions pane.

 Step 3: Edit the <count type=”integer”> setting and change the number in the desired amount of cores.

<processors>
<count type=”integer”>8</count>
….
….
< /processors>

 Step 4: Save the file
Step 5: Start the server and check in the task manager if your server has the correct amount of cores.

Wi-Fi KRACK Vulnerability – WPA2

There is a new security flaw in Wi-Fi protocols WPA2 known as “KRACK” that has recently been discovered. This vulnerability is widespread and affects a large number of wireless infrastructure devices (whether at home, in a coffee shop, at a hotel or in an office).
In essence, this vulnerability allows an attacker to read information that was previously assumed to be safely encrypted over Wi-Fi. Although it is difficult for the average person to hack your system, this is a weakness that is worth being aware of.

Companies including Apple, Microsoft, Google and others have already begun issuing security patches, and it is imperative that you keep your devices up to date to prevent this vulnerability from being exploited. If you have not already done so, please install the latest updates available for your mobile devices (phones, tablets and computers). This will help remedy the situation.

Also, if you use Wi-Fi at home, feel free to check with your provider to ensure that they are addressing this issue as well and that you are protected.
When connecting to a wireless network that you don’t know for sure is secure, avoid accessing and sharing sensitive information (passwords, banking information, etc…) until systems have been patched on a more global scale.

Email Threats

Just to reminder to be cautious when dealing with emails received from both known and unknown sources. You are probably familiar with phony shipping notices, fake lottery notifications and fake invoice documents.  Added to that, there have been instances of legitimate businesses email system being compromised, resulting in malicious emails being sent from the accounts of current or old employees of those companies.

So, just because you receive an email from what appears to be one of your genuine contact doesn’t necessarily means that the email is safe. Analyze the content of the email, do not click on links or open attachments unless you know what they are about or expect them. If you are unsure about the trustworthiness or authenticity of a particular email, please contact your IT team and we’ll advise accordingly.

Keep in mind that these threats affect both your work and personal email accounts. Because you receive an email from a relative doesn’t necessary mean that they sent it or that it is genuine.

Disable or Remove Mailbox in Exchange 2010

Disable: will remove the Exchange attributes for the user account but leave the user account in Active Directory. The mailbox is then also left in the Exchange mailbox database until the retention period (30 Days) has passed, then it is removed permanently.

Remove: will remove both the Exchange mailbox and the user account from Active Directory.

Note: Disable is the safest option, because you can quickly reconnect the mailbox to the user again if it is still within the retention period.

1
i. Go to Exchange Management Console >> Microsoft Exchange >> Microsoft Exchange On Premises >> Recipient Configuration:
ii. Right Click on Mailbox, you will see two options, Disable or Remove.

 

What is DLP (Data Loss Prevention)?

Data loss prevention (DLP) is a strategy for detecting and preventing potential data breaches. It makes sure that end users do not maliciously send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a IT professionals control what data end users can transfer.

DLP software products use business rules to classify and protect confidential and critical information, so that unauthorized end users cannot accidentally or maliciously share data whose disclosure could put the organization at risk.

Differences between 2.4GHz and 5GHz Wireless

The primary difference between the 2.4 GHz and 5GHz wireless frequencies is range as the 2.4GHz frequency is able to reach farther than the 5GHz frequency. This is a result of the basic characteristics that waves attenuate much faster at higher frequencies. So if you are more concerned with the coverage, you should select 2.4GHz rather than 5GHz.
The second difference is the number of devices on the frequencies. 2.4GHz suffers more interference than 5GHz.
  1. The older 11g standard only uses the 2.4GHz frequency, majority of the world is on it. 2.4 GHz has fewer channel options with only three of them non-overlapping, while 5GHz has 23 non-overlapping channels.
  2. A lot of other devices are also on the 2.4 GHz frequencies, the biggest offenders are microwaves and cordless phones. These devices add noise to the medium that can further decrease the speed of wireless networks.
In both aspects, choosing to deploy on the 5GHz frequency is the much better option as you have more channels to use to isolate yourself from other networks and there are far fewer interference sources.
But the radar and military frequency is also 5GHz, so 5GHz wireless may also have some interference, and many countries require that wireless devices working on 5GHz should support DFS(Dynamic Frequency Selection) and TPC(Transmitting Power Control).
Summary:
  1. 5GHz has a shorter range compared with 2.4GHz;
  2. The 2.4GHz frequency is way more crowded than 5GHz, devices on 2.4GHz suffer much more interference than the ones on 5GHz;
  3. Fewer devices are capable of using the 5GHz channel than the 2.4GHz channel.

If there is too much interference around and your clients support 5GHz, it’s recommended to use 5GHz wireless network, otherwise you’d better select 2.4GHz.