Re: [brlug-general] Anybody else tried NovaSTOR for small sites with multiple Windows boxes
No, I've not tried it but it would be interesting to hear your experiences. I’ve tried a lot of backup applications like this over the years and they have all, without exception, been crap for one reason or another. Some are massive and bloated, others take a shotgun approach and backup everything including the swap file repeatedly consuming storage at a frightening rate and almost all of them failed to make file retrieval and restoration easy. These days I roll my own backups using a small command-line application that copies data off each PC to a remote NAS box every night, The NAS box then backs itself up to a second NAS box in another building which pushes all changes to a commercial cloud storage. Users have read-only access to their own file store on the first NAS but nothing else. My general rule of thumb is that you need a minimum of three backup copies of everything that's important. Edmund Cramp -- Three of your friends throw up after eating chicken salad. Do you think I should find more robust friends or we should check that refrigerator. -- Donald Becker, on vortex-bug, suspecting a network-wide problem. ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
[brlug-general] Spearfishing
A user received an email that purports to come from one of our customers with the instructions: Click the securedoc.html attachment to open (view) the secure message. For best results, save the file first and open it from the saved location using a Web browser. My email system, very sensibly stripped and quarantined the file, and stored it with a couple of hundred of assorted New Order.zip and payroll report.xls files in the quarantine directory. Opening the file with notepad shows it to be mostly javascript with various references that make it appear to come from the Bank of America. My immediate reaction was unprintable but hell, assuming that it's real and that's not certain yet, these people want me to let users open any HTML web page that floats into their inbox? This has got to be a gift from the gods if you are up to mischief - just email everyone a securedoc.html file and they will open it and enter their password ... which javascript (love that stuff) will promptly send to the web site of your choice. Spearfishing is this easy? Edmund Cramp - google.com/+edmundcramp -- I am a drinker with writing problems. Brendan Behan ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] Spearfishing
Yes, unfortunately it is this easy. On Dec 4, 2013, at 12:21 PM, Edmund Cramp e...@motion-labs.com wrote: A user received an email that purports to come from one of our customers with the instructions: Click the securedoc.html attachment to open (view) the secure message. For best results, save the file first and open it from the saved location using a Web browser. My email system, very sensibly stripped and quarantined the file, and stored it with a couple of hundred of assorted New Order.zip and payroll report.xls files in the quarantine directory. Opening the file with notepad shows it to be mostly javascript with various references that make it appear to come from the Bank of America. My immediate reaction was unprintable but hell, assuming that it's real and that's not certain yet, these people want me to let users open any HTML web page that floats into their inbox? This has got to be a gift from the gods if you are up to mischief - just email everyone a securedoc.html file and they will open it and enter their password ... which javascript (love that stuff) will promptly send to the web site of your choice. Spearfishing is this easy? Edmund Cramp - google.com/+edmundcramp -- I am a drinker with writing problems. Brendan Behan ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net --- Keith Stokes ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] Spearfishing
It looks to be legit, but what an awful freaking idea BofA. http://securemsg.bankofamerica.com/Secure_Email_Recipient_Guide_en.pdf On Wed, Dec 4, 2013 at 1:32 PM, Keith Stokes ke...@digital-gurus.comwrote: Yes, unfortunately it is this easy. On Dec 4, 2013, at 12:21 PM, Edmund Cramp e...@motion-labs.com wrote: A user received an email that purports to come from one of our customers with the instructions: Click the securedoc.html attachment to open (view) the secure message. For best results, save the file first and open it from the saved location using a Web browser. My email system, very sensibly stripped and quarantined the file, and stored it with a couple of hundred of assorted New Order.zip and payroll report.xls files in the quarantine directory. Opening the file with notepad shows it to be mostly javascript with various references that make it appear to come from the Bank of America. My immediate reaction was unprintable but hell, assuming that it's real and that's not certain yet, these people want me to let users open any HTML web page that floats into their inbox? This has got to be a gift from the gods if you are up to mischief - just email everyone a securedoc.html file and they will open it and enter their password ... which javascript (love that stuff) will promptly send to the web site of your choice. Spearfishing is this easy? Edmund Cramp - google.com/+edmundcramp -- I am a drinker with writing problems. Brendan Behan ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net --- Keith Stokes ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net -- ~Running amok on technology with no apologies ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] Spearfishing
I like when they request access to your clipboard Mark A. Lappin, CCNA, MCITP: Enterprise Administrator | Lee Michaels Fine Jewelry Director of Information Technology 11314 Cloverland Ave | Baton Rouge, LA 70809 Ph: 225.368.3645 | Fax: 225.368.3675 ma...@lmfj.commailto:ma...@lmfj.com | www.lmfj.comhttp://www.lmfj.com/ [[image]] Like Us on Facebook http://www.facebook.com/leemichaelsjewelry Watch the Lee Michaels Story http://www.lmfj.com/embed_holder.php This communication is privileged and confidential. If you are not the intended recipient, please notify the sender by reply e-mail and destroy all copies of this communication . From: General [mailto:general-boun...@brlug.net] On Behalf Of Jarred White Sent: Wednesday, December 04, 2013 12:41 PM To: general@brlug.net Subject: Re: [brlug-general] Spearfishing It looks to be legit, but what an awful freaking idea BofA. http://securemsg.bankofamerica.com/Secure_Email_Recipient_Guide_en.pdf On Wed, Dec 4, 2013 at 1:32 PM, Keith Stokes ke...@digital-gurus.commailto:ke...@digital-gurus.com wrote: Yes, unfortunately it is this easy. On Dec 4, 2013, at 12:21 PM, Edmund Cramp e...@motion-labs.commailto:e...@motion-labs.com wrote: A user received an email that purports to come from one of our customers with the instructions: Click the securedoc.html attachment to open (view) the secure message. For best results, save the file first and open it from the saved location using a Web browser. My email system, very sensibly stripped and quarantined the file, and stored it with a couple of hundred of assorted New Order.zip and payroll report.xls files in the quarantine directory. Opening the file with notepad shows it to be mostly javascript with various references that make it appear to come from the Bank of America. My immediate reaction was unprintable but hell, assuming that it's real and that's not certain yet, these people want me to let users open any HTML web page that floats into their inbox? This has got to be a gift from the gods if you are up to mischief - just email everyone a securedoc.html file and they will open it and enter their password ... which javascript (love that stuff) will promptly send to the web site of your choice. Spearfishing is this easy? Edmund Cramp - google.com/+edmundcramphttp://google.com/+edmundcramp -- I am a drinker with writing problems. Brendan Behan ___ General mailing list General@brlug.netmailto:General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net --- Keith Stokes ___ General mailing list General@brlug.netmailto:General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net -- ~Running amok on technology with no apologies inline: picture32c1b3___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] Spearfishing
It does appear to be legitimate - but then you’d expect a good phish to look legit wouldn’t you? I’ve emailed them (and they should have received an attachment removed message automatically) and we’ll see what happens but I’ve no intention of compromising security for their convenience. Edmund Cramp - google.com/+edmundcramp -- Novit enim Dominus qui sunt eius (Kill them surely the Lord discerns which are his) - Arnaud-Amaury, Albigensian Crusade 1209. From: General [mailto:general-boun...@brlug.net] On Behalf Of Jarred White Sent: Wednesday, December 04, 2013 12:41 PM To: general@brlug.net Subject: Re: [brlug-general] Spearfishing It looks to be legit, but what an awful freaking idea BofA. http://securemsg.bankofamerica.com/Secure_Email_Recipient_Guide_en.pdf On Wed, Dec 4, 2013 at 1:32 PM, Keith Stokes ke...@digital-gurus.com wrote: Yes, unfortunately it is this easy. On Dec 4, 2013, at 12:21 PM, Edmund Cramp e...@motion-labs.com wrote: A user received an email that purports to come from one of our customers with the instructions: Click the securedoc.html attachment to open (view) the secure message. For best results, save the file first and open it from the saved location using a Web browser. My email system, very sensibly stripped and quarantined the file, and stored it with a couple of hundred of assorted New Order.zip and payroll report.xls files in the quarantine directory. Opening the file with notepad shows it to be mostly javascript with various references that make it appear to come from the Bank of America. My immediate reaction was unprintable but hell, assuming that it's real and that's not certain yet, these people want me to let users open any HTML web page that floats into their inbox? This has got to be a gift from the gods if you are up to mischief - just email everyone a securedoc.html file and they will open it and enter their password ... which javascript (love that stuff) will promptly send to the web site of your choice. Spearfishing is this easy? Edmund Cramp - google.com/+edmundcramp -- I am a drinker with writing problems. Brendan Behan ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net --- Keith Stokes ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net -- ~Running amok on technology with no apologies___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] Spearfishing
It appears to me to be Cisco IronPort. http://www.networkworld.com/community/node/19588 Yuck. On Wed, Dec 4, 2013 at 1:40 PM, Jarred White jarredwh...@gmail.com wrote: It looks to be legit, but what an awful freaking idea BofA. http://securemsg.bankofamerica.com/Secure_Email_Recipient_Guide_en.pdf On Wed, Dec 4, 2013 at 1:32 PM, Keith Stokes ke...@digital-gurus.comwrote: Yes, unfortunately it is this easy. On Dec 4, 2013, at 12:21 PM, Edmund Cramp e...@motion-labs.com wrote: A user received an email that purports to come from one of our customers with the instructions: Click the securedoc.html attachment to open (view) the secure message. For best results, save the file first and open it from the saved location using a Web browser. My email system, very sensibly stripped and quarantined the file, and stored it with a couple of hundred of assorted New Order.zip and payroll report.xls files in the quarantine directory. Opening the file with notepad shows it to be mostly javascript with various references that make it appear to come from the Bank of America. My immediate reaction was unprintable but hell, assuming that it's real and that's not certain yet, these people want me to let users open any HTML web page that floats into their inbox? This has got to be a gift from the gods if you are up to mischief - just email everyone a securedoc.html file and they will open it and enter their password ... which javascript (love that stuff) will promptly send to the web site of your choice. Spearfishing is this easy? Edmund Cramp - google.com/+edmundcramp -- I am a drinker with writing problems. Brendan Behan ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net --- Keith Stokes ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net -- ~Running amok on technology with no apologies ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net ___ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net