Expert Profile

4

Details

Connect

Lowell Heddings

I’M LOWELL HEDDINGS, OWNER of HOW-TO GEEK

My background in Windows and web programming has given me a unique perspective on how things "really” work. I started HowToGeek.com in 2006 because of my frustration with other how-to sites. The goal is to be the best source of how-to articles anywhere, easy enough for beginners but useful enough for geeks. In just three years, HowToGeek.com has become a trusted source of information, attracting more than 2.5 million unique visitors a month.

My Posts

COMMENTED ON:

How can we rid our network of a worm outbreak without taking our PCs out of commission?

December 8, 2009 at 12:12 PM

4 comments

First, you probably need to find a new antivirus provider, and make sure that your email server has virus protection on it. Most networks don't get repeatedly infected like that.

Second, you need to lock the machines down so that users are running on standard user accounts without access to install software. This will help cut down on the amount of stuff that can get through.

Third, the easiest way to deal with these scenarios is to start using System Images for the PCs, with a software package similar to Ghost. This way you build a single image and can easily re-deploy to PCs, wiping them clean of any crap on them.

To make that strategy succeed, you'll need to migrate user data from the desktops to the servers instead, so they aren't wiped when the PC is reloaded. You can do that with roaming profiles and exchange server, or just turning your PCs into thin clients with a Citrix environment.

These aren't the only answers, and I'm sure the other guys will contribute - this is just the strategy I've used in the past.

COMMENTED ON:

How to keep systems secured and protected from threats delivered such as drive-by downloads

December 6, 2009 at 8:12 PM

7 comments

The biggest challenge here is user education, which is not an easy thing to do. I'll have to agree with Andrew's assessment, having a locked-down user profile (don't let them run as Administrator) is the best solution - if they can't install software, they can't be infected.

Generally the people that are clueless enough to install one of those hijackware apps are also the same ones that shouldn't be installing new software in the first place.

The other plan, since you are running an enterprise system, is to use some content-filtering solutions on the firewall. Websense or similar solutions will pretty much prevent people from going to questionable sites in the first place, and while as the owner of an ad-supported site I cringe to tell you this - you can also block ads directly that way for the entire network.

COMMENTED ON:

Maximizing the number of VMs on a server?

December 6, 2009 at 8:12 PM

4 comments

Very nice post, Kevin.

In my experience, servers very rarely chew up a lot of CPU unless they are very heavily utilized, and RAM isn't an issue when dealing with ESX server on a powerful box - we've always been able to run a ton of VMs at once, even with a lot of activity on each.

The performance issue almost always comes down to disk access - we would have SQL Server boxes returning results in 10x the time they should have because so many of the applications were reading from the disk (internal RAID array) at once.

Moving everything to a SAN and keeping the worst offenders segmented helped make everything run smoothly across the board.

COMMENTED ON:

Will Internet Explorer implement established web standards and be faster in adopting such?

December 6, 2009 at 8:12 PM

4 comments

I have read that the next version of IE will support CSS rounded corners. There's no way to tell whether they will be completely compliant though.

Best bet is to make it work in Firefox, Chrome, Safari, and Opera.... and then use the conditional comment hack to serve up a separate stylesheet for IE. Using jQuery solves most of the Javascript problems as well.