I love Outlook 2003

Friday, August 29, 2003

Wanna know why? Because the new Junk Mail Filtering system is amazing. Honestly, it catches about 99% of the junk mail I get. I don't mind if it misses a few, but so far, it has not sent good mail to the junk folder EVEN ONCE. It great. I'm to the point where I'm almost comfortable with it just deleting the junk mail automatically. We'll see how it's track record goes after it goes RTM.

In other news, I just picked up a 512MB stick of RAM from Best Buy. $160.... not bad. It was going to cost nearly that much after shipping at Buy.com so I figured I might as well get it today. This doubles the RAM on my Dual Xeon 2.4GHz monster, so I'm looking forward to seeing a performance increase. Hopefully I'll be able to run more than one VMWare virtual machine at a time (the reason I got more RAM in the first place). I'm going to try to set a up a virtual network in VMWare to mimic my web farm for testing purposes. I'm taking advantage of the three day weekend to blast my web servers and significantly increase security. I'm already extremely stable (server-wise anyways), but I was going over my security logs, and there were over 500 unsuccessful hacker attacks by 6 different individuals within a 48 hour period. At least no one got in, which is a credit to my architecture and the robustness of Windows Server 2003. And fortunately for me, Windows tracks IP addresses with logins, so the punks will be hearing from The Man soon.

So I'm going to re-implement my VPN, rebuild my DNS entries, re-lockdown my IIS, and add ICF with some advanced port rerouting. I'm also going to redo my users scenario so that each of my major services runs under it's own restricted login. That way I can track in my security logs which service is trying to access what. It should be a tedious weekend but a lot of fun. I must be one sick bastard if I think that reconfiguring three servers in Nebraska from my house in Arizona on a holiday is fun. Oh well.

On a similar note, Brady Gaster is building me a system to dump Windows Event Log data into SQL server to generate reports from .Specifically, it's job will be to parse the Security logs, and build reports. Right now I'm specifically looking for reports that will show a general attack timeline, then broken apart by IP address, then IP specific reports on user names tried , failure times, and number of attempts. I think it would really help network admins do threat modeling and tracking, and it would help organizations like the FBI in their investigations. Brady rocks, so hopefully he'll have something for me in the next day or so.

Time to install my RAM. *excited*. L8r.

No Comments