A tool like Spider 3 can protect sensitive data with little effort or cost.

—————————————————————————————

There are many reasons why you would want to do a thorough scan on a PC for specific data. You could be recycling computers, bringing in new employees (to take over previous employees’ machines), or simply removing sensitive information from a permanently networked machine. Regardless of your reason, a 120GB hard drive is a large drive to manually search for strings of data. But with the help of Cornell University’s Spider tool, this task becomes quite a bit easier.

Spider works by scanning archive, normal, compressed, and temporary files (so long as the file isn’t locked for use or encrypted) for data types such as U.S. Social Security numbers, Canadian Social Security numbers, credit card numbers, U.K. National Health Insurance numbers, and any data type for which the user supplies a regular expression. Spider can be run in two different ways: GUI and command line. And best of all, Spider is open source and crossplatform (Windows, OS X, UNIX.)

This blog post is also available in PDF format in a TechRepublic download.

Getting and installing

You first need to download the correct binary package (which includes the source) from the download Cornell University security tools page. For Windows you will be downloading a compressed .zip archive. Uncompress that file, and you will have a new directory called “Spider_release.” Inside this folder is a README, a installation binary, and a directory containing the source code. Double-click on the installer package to install Spider 3.

The installation is a no-brainer. Just let it do its thing, and you will wind up with a new entry in your Start menu. This entry, Spider 3, contains three subentries:

Starting Spider 3

From the Spider 3 menu, click the spider_3.0.exe entry to fire up Spider 3. The first window you will see is the main window (there is no initial configuration). Figure A shows the main window ready for a scan.

Figure A

Not much to it on the outside. It’s what’s on the inside that counts.

If you click Run Spider, you are going to initiate a default scan that will scan drive and network shares for strings matching: 15-string credit card numbers and U.S. social security numbers. This scan will create a log on your local drive (it is critical that this file be deleted when you are finished examining Spiders’ findings).

So click Run Spider. The window will only change by showing what file the application is scanning (see Figure B).

Figure B

If Spider is taking a long time on a particular file, you can skip that file by hitting the Esc key.

During the scan you will probably notice when Spider locates any multimedia files because it will slow down. This is only because of the size of the file. As stated above you can skip this file by hitting the Esc key. If you have a lot of these, this process can be a pain. Fortunately Spider 3 has a way around this.

Configuring Spider 3

From the main window, click on the Configure menu and select the only entry: Settings. From this window (Figure C) you can take care of every possible Spider configuration you could hope for.

Figure C

Any time you feel you have monkeyed with the options beyond recognition you can reset to default.

Say you do not want Spider 3 spending too much time with your music collection (and any file associated with said collection). To avoid this, you will want to go to the File Extension Management tool. To get there, cialis costs click on the Scan Options tab and then click the File Extension Management button (see Figure D).

Figure D

As you can see the default skip list is fairly lengthy.

By default most media extensions are already included in the skip list. But say you have another type of file (or even an in-house file type) that you want to skip. To add a new extension to skip is simple. Click on the Add button under File Extensions to Skip, which will open up a new window (Figure E).

Figure E

Once you have added the new extension, click OK and the window will close.

Naturally, depending on the size of the drive and the amount of files on the drive, the scan can take quite some time. But once the scan is done, the log viewer will open to show you the complete results of the scan.

Viewing the results

Once the scan is complete, the Spider 3 log viewer will automatically open. This log viewer is a very helpful tool in that it gives you instant information on each file and what hit type Spider 3 has found. Take a look at Figure F. You will see a number of files that drew flags from Spider 3.

Figure F

I actually had more hits than I thought I would.

When you highlight a suspected file, below the file listing you will see all the information you will need to have. In the example above you can see that the file klein.pdf is flagged with a credit card number. I happen to know this is a false positive, so I can ignore that file. However there were file listings (not shown) that did have bank account information. Those files had been backed up, and their location was mostly obfuscated. So I most likely would have completely forgotten of their existence. Thanks to Spider 3 I can delete them.

Taking action

To take action on a file (which basically means to delete the file), you do not have to open up Explorer and navigate to said file. Instead you can simply highlight the file within the log viewer and click the Erase or Delete File button.

Now the Run button is interesting. Say the file flagged has an associated application (for example Adobe Reader for PDF files). If you have a PDF file highlighted, clicking the Run button will open that highlighted file in Adobe Reader. This is a quick way to view the file to make sure Spider hasn’t hit a false positive.

Final thoughts

Without applications like Spider 3 many people would be exchanging PC hard drives with very sensitive data on them. But thankfully applications like this do exist and they are simple to use. I would highly recommend Spider 3 to any IT admin (or even home user) who wants to make sure sensitive data is not found on their hard drives.

Your network administrators have to be able to incorporate Windows, Apple, and Linux workstations.

—————————————————————————

Love ‘em or hate ‘em, Macs are likely to be on your network. Fortunately, advances within Apple’s OS X operating system simplify connecting Windows XP and Macs on the same network. Windows administrators can follow these steps to add Macs to Windows workgroups.

This blog post is also available in the PDF format in a TechRepublic download.

Verify the PC side

After confirming the Windows and Mac systems all have Ethernet connections and required switches or wireless connectivity, begin by verifying the Windows workgroup name (Figure A):

Figure A

Verify the Windows workgroup name by right-clicking My Computer, selecting Properties, and clicking the Computer Name tab.

Next, confirm the Windows workgroup is sharing the appropriate files within the workgroup:

1. Click Start.
2. Double-click My Computer.
3. Verify the appropriate folders are shared (look for the folder held by a blue hand icon (Figure B), thereby indicating the resource is being shared).

Figure B

The blue hand icon notes shared resources.

Once you’ve confirmed the right Windows files are being shared, or if you only wish to share a printer, check to ensure a printer or printers are being shared by:

1. Clicking Start.
2. Clicking Printers and Faxes.
3. Confirming a printer is being shared (look for the same blue hand icon indicating the printer is a shared resource).

 Before connecting the Mac units to the workgroup, you need to review the users/groups and permissions associated with the shared resources (to ensure you can properly configure the Macs to connect to the resources). For each shared resource:

1. Right-click the shared resource and select Properties from the pop-up menu.
2. Click the Security tab (Figure C).
3. Note the group or user names receiving access to the resource.
4. Note the specific permissions each group or user receives.
5. Make any required adjustments to group and user permissions using the supplied Add and Remove buttons.
6. Click OK (if you’ve made any changes or just close the window).

Figure C

Use the Permissions tab to configure specific permissions for users and groups.

If you don’t see permissions listed specifically for each user, your Windows XP system is likely set to Simple File Sharing. To turn Simply File Sharing off and enable more granular control of file and printer shares:

1. Click Start.
2. Select My Computer.
3. Click Tools.
4. Click Folder Options.
5. Select the View tab.
6. Within the Advanced settings window, scroll toward the bottom, find the Use Simple File Sharing (Recommended) check box, and ensure it’s deselected.
7. Click OK.

Mac

Now you’re ready to move to the Mac. To connect the Mac to an existing Windows workgroup:

1. Click on the Dock’s Finder icon.
2. Click on Network in the Finder’s left sidebar (Figure D).
3. Click on Workgroup.
4. Select the system hosting the resources you wish to connect to.
5. Click the Connect button.
6. Enter the workgroup name and a user name and password possessing permissions to access the resource within the SMB window that appears and click OK (Figure E).
7. Select the resource you wish to connect to, then click OK (Figure F).
8. Once the Windows-based resources appear in the Finder, simply drag an item from the Finder to the Mac Desktop to begin using it (Figure G).

Figure D

Use Finder on the Mac to begin sharing resources.

Figure E

You’ll have to provide the workgroup name and a valid Windows user name and password to connect to Windows resources from the Mac.

Figure F

Specify the resources you wish to connect to on the Windows network.

Figure G

Windows resources will appear within Finder once the Mac completes its connection to the Windows system.

Often, workgroup names won’t match up perfectly. Many Windows XP systems are set to use “MShome” as their workgroup, while others use the standard “Workgroup” workgroup name. The Mac uses the default Workgroup name. However, if you wish to change the Mac’s default workgroup name, follow these steps:

1. Click the Dock’s Finder icon.
2. Click Applications.
3. Scroll to the Utilities folder and select it.
4. Double-click Directory Access (Figure H).
5. Enable changes by clicking the padlock.
6. Provide an Administrator account user name and password.
7. Double-click SMB/CIFS.
8. Enter the workgroup name you wish to use in the resulting window or select it from the provided drop-down menu.
9. Click Apply.
10. Close Directory Access.

Figure H

Use the Mac’s Directory Access utility to turn on Windows Sharing.

Sharing resources

To share Mac-based resources with the Windows systems within a workgroup, sit at the Mac and perform these steps:

1. Click the Dock’s System Preferences icon.
2. Click Sharing within the Internet & Network section.
3. Ensure the checkbox for Windows Sharing is checked.
4. Click the Accounts button.
5. Check the boxes to specify which Mac accounts are authorized to use Windows Sharing.
6. Ensure Windows Sharing is on; if it’s not, click the Start button.

Next, move to a Windows system from which you wish to access Mac resources and do the following:

1. Click Start.
2. Click My Network Places.
3. Click View Workgroup Computers from the Network Tasks window; the Mac system may appear.
4. If the Mac system didn’t appear within My Network Places, go to plan B; click Add a Network Place within the Task Pane.
5. When the Add Network Place Wizard appears, click Next.
6. Highlight Choose Another Network Location and click Next.
7. Within the Internet or network address box, specify the Mac system’s IP address (which can typically be found by clicking the Dock’s System Preferences icon on the Mac, selecting Network, and choosing Built-in Ethernet from the Show drop-down menu), followed by the Mac user name, then click Next. Note this is an absolutely critical step: the network address must be entered as \\10.0.0.1\john if the Mac’s IP address is 10.0.0.1 and the user name is john (Figure I).
8. Specify a name for the network place and click Next.
9. Click Finish.

cialis chicago

10. The Mac resources will then appear within Windows.

Figure I

Once configured, accessing Mac resources from a Windows system is just like accessing resources on another Windows box.

Finally, to print to a printer hosted by a Windows system using a Mac:

1. Click the Dock’s System Preferences icon.
2. Click the Print & Fax icon within the Hardware section.
3. Click the Lock (if it’s closed) to enable changes (and provide an administrator user name and password).
4. Click the Plus icon to add a printer.
5. Click the More Printers button.
6. Ensure Windows Printing is selected from within the first drop-down menu.
7. Ensure Network Neighborhood is selected from within the second drop-down menu.
8. Highlight the workgroup possessing the printer you wish to print to and click Choose.
9. Highlight the Windows workstation hosting the printer and click Choose.
10. Enter a Windows user name and password possessing permissions to print to the printer and click OK.
11. Select the printer from the Printer Browser menu.
12. Specify the printer model using the supplied drop-down menu (or select the Generic listing).
13. Click the Add button.

For the end user, increased productivity can be dependent on the familiarity of their working environment, which is encompassed in the Windows XP user profile.

——————————————————————————————————————-

A user profile on a Microsoft Windows XP system contains all the files and settings needed to configure your work environment. If the user profile becomes damaged, Windows XP will display one of two error messages when you log on to the system:

OR:

The system has recovered from a serious error.

The operating system will then automatically create a new user profile and log you in to this new profile. When this occurs, you’ll immediately discover that all your personalized settings — such as color scheme, wallpaper, and icons — are gone. Even more disturbing is that the My Documents folder doesn’t show any of your documents. You’ll also discover that Outlook Express and Internet Explorer will be void of any of your personal settings and data.

When this happens, it’s very easy to quickly go into panic mode and think that you’ve lost everything. However, in most cases, all you’ve actually lost is the user profile and most, if not all, of your data is safe and sound.

This blog post is also available in PDF format as a TechRepublic download.

Must be an administrator

Keep in mind that in order to perform the recovery operations discussed in this article, you must be working from an account with Computer Administrator privileges. If the temporary account that Windows XP creates for you when your original becomes damaged has Computer Administrator privileges, you can use it as a staging area for the recovery operation. If it’s not, you’ll need to log off, then log on to the default Administrator account or to another account that has Computer Administrator privileges. I’ll refer to this as the “working account” throughout this article.

Backing up your data

The first thing that you’ll want to do is make sure that the data in your original account is safe and then back it up. To begin the backup operation, launch Windows Explorer and navigate to the C:\Documents and Settings folder. Then, locate and cialis cheapest open your original account folder. At this point, you should see all the files and folders in your original user profile, as shown in Figure A.

Figure A

You can open your original account folder and back up all the files and folders containing crucial data.

You’ll then want to copy your crucial data files to another location. For example, you’ll definitely want to copy the contents of your My Documents folder, which will appear as UserName’sDocuments. (On my example system, it’s called Greg Shultz’s Documents.) You may also want to copy the contents of the Favorites folder. If you’re using Outlook Express, you can find the files that make up your e-mail messages stored in the Local Settings\Application Data\Identities\{#####}\Microsoft\Outlook Express folder. You’ll find your Address Book file in the Application Data\Microsoft\Address Book folder. If you’re using Outlook 2000/XP, you’ll find the PST file in the Local Settings\Application Data\Microsoft\Outlook folder.

Once you’ve backed up your crucial data files, you can proceed with the recovery operation knowing that your data is indeed safe and sound.

Using System Restore

The first thing to try when attempting to recover a damaged user profile is a System Restore operation. As you know, the System Restore utility is designed to allow you to return your computer to the state it was at an earlier time period. In this case, the goal is to return your system to the state it was in before the user profile was damaged.

Before you attempt this operation, there are two things you need to be aware of. First, if there are multiple user accounts on the system, performing a System Restore operation will return all user profiles to the state they were in at that earlier time. Second, depending on the severity of the damage to the user profile, performing a System Restore operation may not be able to rectify the problem.

You’ll find the System Restore utility on the All Programs | Accessories | System Tools menu. Once you launch System Restore, you’ll see the Welcome To System Restore page and can simply click Next. On the Select A Restore Point page, select the last restore point created before the damage to the user profile became apparent, then click Next. When you’re prompted to confirm the operation, click Next, and the restore operation will begin.

Once System Restore finishes, it will restart the system. When it does, you can attempt to log on using your original user account. If System Restore was able to successfully recover the user profile, everything should be the way it was.

If you’re still unable to log on to your original account, it’s time to escalate your user profile recovery operation to the next level. However, you may first want to undo the System Restore operation.

To undo the System Restore operation, log on to the working account and launch System Restore. When you see the Welcome To System Restore page, you’ll discover a new option titled Undo My Last Restoration. Just select that option, click Next, and follow the onscreen instructions.

Copying your user profile

In this user profile recovery technique, you’ll attempt to revive the user profile by creating a new account and, subsequently, a new user profile. You’ll then copy your old user profile in its entirety to the new account. While this may sound like an operation that will simply replicate the problem over to the new account, it does indeed revive the user profile on occasion. Again, keep in mind that the success of this attempt depends on the severity of the damage to the user profile. However, since it’s a relatively painless operation, it’s worth a shot.

To begin, access the Control Panel and launch the User Accounts tool. Next, select the Create A New Account link. Then, give the account a name and click Next. When prompted to pick an account type, make sure the Computer Administrator option button is selected, and then click the Create Account button.

Once you create the new account, close the User Accounts tool. Then, click Start | Log Off. When you see the Log Off Windows dialog box, click the Log Off button. When either the Welcome Screen or the Log On To Windows dialog box opens, select or type the name you used for the new account. As soon as you do, Windows XP will create a user profile for the new account.

When the user profile creation procedure is complete and the system starts up, immediately click Log Off. Then, log back on to the working account.

Now, open the Start menu, right-click My Computer, and select Properties. When you see the System Properties dialog box, select the Advanced tab. Then, locate and click the Settings button in the User Profiles section. You’ll now see a User Profiles dialog box that looks like the one shown in Figure B.

Figure B

You’ll use the User Profiles tool to copy your old user profile to the new account.

In this example, I’ll be copying the user profile from the Greg Shultz account to the Greg Shultz2 account. I’ll begin by selecting the Greg Shultz user profile and clicking the Copy To button. When the Copy To dialog box appears, click the Browse button and then use the resulting Browse For Folder dialog box to locate the Documents and Settings folder and select the new account.

At this point, the Copy To dialog box will look like the one shown in Figure C. To continue, just click OK. You’ll then see a confirmation dialog box that informs you that the original files will be deleted and prompts you to confirm the copy operation. Just click Yes.

Figure C

At this point, you’ll see the path to your new account in the Copy To dialog box.

Once the copy operation finishes, close the User Profiles dialog box and the System Properties dialog box, then log off. At this point, you can attempt to log on to the new account. If this technique was able to successfully recover the user profile, everything should be the way it was.

If you’re still unable to log on to your account, it’s time to move to the next level. However, you’ll first need to completely remove the new user account and user profile. To do so, log on to the working account, access the User Profiles dialog box again, select the profile, and click the Delete button. Then, access the User Accounts tool and delete the new account and its files.

Moving to a new user profile

In this user profile recovery technique, you’ll move to a new user profile by creating a new account and, subsequently, a new user profile. You’ll then copy your data files and other portions of the user profile from your original to the new one. Keep in mind that when you move to a new user profile in this manner, you will lose all your personalized settings, such as color scheme, wallpaper, and icons.

You’ll follow the instructions I presented earlier for creating a new account and a new user profile. In short, you’ll access the User Accounts tool to create a new account. Then, log on to the new account to create a default new user profile. Finally, log off and then log back on to the working account.

To begin this operation, launch Windows Explorer and navigate to the C:\Documents and Settings folder. Then, locate and open your original account folder. At this point, you should see all the files and folders in your original user profile, as shown earlier in Figure A.

Copy the contents of the folders containing the data that you want to move to your new user profile. In the case of my example system, I’d begin by copying the contents of the C:\Documents and Settings\Greg Shultz\Greg Shultz’s Documents folder to the C:\Documents and Settings\Greg Shultz2\Greg Shultz2’s folder.

In addition, you’ll want to copy the contents of the Favorites, Outlook Express, and Address Book folders if you’re using that e-mail program, or the Outlook folder. You may also want to copy the contents of Cookies, Templates, and any other folders that contain critical data files.

Be careful not to copy any files that are specifically related to the operating system, as any one of those files could be the culprit in the case of the corrupted user profile. For example, you definitely won’t want to copy Ntuser.dat, Ntuser.pol, or Ntuser.ini from your old user profile to your new one.

When you’re finished copying files, log out of the working profile, and then log on to your new user profile. When you do, you should be able to access all your data files and most of your applications, just as you did with your old profile. However, keep in mind that you may have to reinstall or at least reconfigure some of your applications. And, of course, you’ll need to recreate all your personalized settings.

Cleaning out your old profile

Once you’ve totally moved into your new user profile, you’ll want to permanently delete your old, corrupted user profile. While you may be tempted to do so from within Windows Explorer, you shouldn’t because it won’t completely remove all the settings associated with your old user profile.

To do it the right way, access the User Profiles tool from the Advanced tab of the System Properties dialog box. Once you do, select the old user profile from the list and click the Delete button.

The automatic user profile backup technique

So you won’t ever have to go through all these troubleshooting steps should the user profile ever get corrupted again, you can trick Windows XP into administering the local user profile as if it were a roaming user profile. When you do so, Windows XP will back up your user profile each time you log off.

To use this trick, you have to log off your new account and log on to the working account. Then, access the User Profiles tool from the Advanced tab of the System Properties dialog box, select your user profile, click the Copy To button, and type the name of a folder on another drive in the Copy Profile To text box.

Once you complete that part of the operation, launch the Computer Management console, which you can do by pressing [Windows]-R and typing compmgmt.msc in the Open text box. Then, drill down to System Tools\Local Users and Groups\Users folder. Next, double-click on your account name and select the Profile tab. Then, type the path to the backup in the Profile Path text box, as shown in Figure D.

Figure D

You can configure Windows XP to automatically back up the local user profile each time you log off.

Although remote desktop is one of the Windows administrator’s most essential tools, some functionality is removed in Windows Server 2008. Rick Vanover dives into what this means and explains why this is not exactly bad news.

——————————————————————————————————————-
Starting with Windows Server 2003, administrators have been able to redirect the server’s console to a remote desktop session. This is referred to as session zero, and it is invoked like this:

mstsc /v:servername /console

Now that we’re accustomed to this connection opportunity, Windows Server 2008 has removed the session zero connection option.

While the console redirection was a nice way to connect to a server when the existing two sessions were in use, it had its limitations. The number one problem with session zero is interactive device driver installations that occur via a plug and play enumeration of multiple devices. This most frequently occurs when adding multi-port serial adapters, a USB hub with multiple ports, or any other device that has a controller and subsequent individual devices. The root device would install correctly, but whenever the individual ports were enumerated, this functionality would not work correctly via a console redirected remote desktop session.

True console access is still best served by device extension mechanisms (such as a keyboard/video/mouse device), hardware controller (such as the Dell DRAC, HP iLO, cialis cheapest price VNC, pcAnywhere, DameWare), or other products that do a true console redirection.

If you attempt to connect to a Windows Server 2008 system with the /console parameter, it will ignore that option and pass the session on for a connection.

For the newest version of the remote desktop client software (6.1), the /admin parameter is a new feature, but it doesn’t really change much based on how administrators have used remote desktop over the years. These changes are outlined in the Microsoft KB article 947723.

We all have tools that we use more than others, and if you’re like me, you appreciate having them when you need them — not necessarily when Word thinks you need them. In other words, I’ve moved and/or copied some tools from one toolbar to another, which isn’t as difficult as you might think.

You can customize toolbars by right-clicking a toolbar and choosing Customize to open the Customize dialog box, which contains cialis cheap online many neat tricks. If you just want to move or copy a tool from one toolbar to another, you don’t need the Customize dialog box at all:

Of course, both toolbars must be visible for this shortcut to work.

This shortcut doesn’t work with 2007’s new Ribbon.