MS Network Load Balancing – The Fine Print

Natty Light!

Microsoft’s NLB Clustering is kind of to High Availability Load Balancing what Natural Light is to the beer world. Both will basically get the job done, and on the cheap, but in the long run they might leave you with a wicked headache and wishing you spent a few extra dollars for a Sam Adams.

Continue reading


Downadup / Conficker and Disabling Autorun

Just a quick heads up related to disabling Autorun to protect against Downadup / Conficker. While the worm continues to spread and receive more media coverage, IT personnel are working to make sure their systems are protected. One of several ways this worm spreads is by taking advantage of the Autorun feature in Windows systems. Disabling this feature via Group Policy is a logical decision, but it turns out it may not actually work like it should.

Disabling Autorun via GPO currently only disables Autoplay on media insert. However, if there is an Autorun.inf file present on a CD, USB, or network drive, the program will still run when double clicking that drive in Windows Explorer. This vulnerability was announced by the U.S. CERT team on January 20, and later updated to provide patch details from Microsoft. Follow the links below for full details on the problem and where to get the patch.

Microsoft KB953252
UPDATE: Microsoft released KB967715 on March 10 to address this autorun problem in all versions of Windows.

Snort IDS & BASE on Server Core 2008

I’ve used the Snort Intrusion Detection System for about two years, and while I’m far from an expert and my experience with other IDS platforms is limited, I believe Snort to be one of the best solutions out there, especially for the price (free). There is definitely a learning curve associated with it, but Snort is highly configurable and its extensibility means it can be suited to fit the needs of almost any environment.

Continue reading

IIS, PHP, and MySQL on Server Core

One of the Server Core roles of Windows Server 2008 that will likely get the most usage is that of IIS Web Server. Already the second most popular web server behind only Apache (see most recent Netcraft survey), IIS running on Server Core may end up being a winning combination for Microsoft. Apache is typically run on top of the Linux OS in tandem with MySQL and PHP, a setup referred to as a LAMP server (Linux, Apache, MySQL, PHP). I had the need for such an environment in a recent project, and with the reduced attack surface, smaller footprint, and the improved IIS 7, I decided to see if Server Core could take the place of Linux in that equation. It’s a setup called a WIMP server (Windows, IIS, MySQL, PHP)… okay, so maybe the acronym needs some work.

Continue reading

2008 Server Core Configuration

The Server Core feature of Windows Server 2008 is a long awaited installation option of the Windows Server OS. As with a non-Server Core setup, the default install leaves many settings in need of customization, however there are different methods for changing these settings. This post covers the requirements to configure a new Server Core installation.

Continue reading

Server 2008 Domain Rename

Daniel Petri recently had a good article on his site describing the steps for renaming a Windows Server 2008 domain controller. Here I’m going to describe a related but different task, renaming the actual domain. Renaming a domain is something you don’t want to find yourself having to do very often, or ever, in a production environment. However I have found the need to do it several times in a test setup; the process is similar to renaming a Server 2003 domain and isn’t as difficult as one might think.

Continue reading