Friday 30 November 2018

Some Thoughts on the Starwood/Marriott Reservations Database Breach

Note: This post will _not_ be a happy one.

First: The announcement page: Starwood Guest Reservation Database Security Incident Marriott International

That page is garbage, rubbish, and so much more. It exemplifies today's epidemic of spin instead of truth and responsibility for an error that harms others.

First:

image

"Marriott values our guests and understands the importance of protecting personal information."

That is a complete crock of male bovine excrement.

Especially when we look to the following:

image

"After receiving the internal security alert, we immediately engaged leading security experts to help us determine what occurred."

Okay, so just when did that security alert come in?

image

"On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database."

Cool, so things look like they got caught really quick right? That seems to be the way this article is written right?

NOT:

image

"Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014."

Let's rephrase all of the above shall we:

Marriott: We let unauthorized access to our reservation database happen for FOUR YEARS.

Yeah, "We at Marriott/Starwood really care about your data/PII." Really. All said with a smile.

***

In our case, the CC used for our various stays has expired very recently. So, we should be protected that way. And, to further protect things we use KeePass with unique passwords for any and all online resources with unique e-mail addresses set up for each of them (we're doing this more and more).

Suffice it to say, if the Marriott really cared about risk to our PII (Personally Identifiable Information) the reservations system would have been segmented with designated access and no Internet access. We've been applying our knowledge of network setup to segment our client's networks for years. Especially with PCI scans being somewhat generic and different depending on what org is running the scans.

Oh, and note that credit card information was stored in there too. How in the world did that pass muster with PCI scans?

image

LMHYWT (Let me help you with that) " … two components needed to decrypt payment card numbers and Marriott not able to rule out both were taken."

Tis a sad day indeed when spin and lawyer speak win out over a true "Mea Culpa" we really *insert expletive here* up.

This Marriott incident is a gross breach of trust and it is time companies be held liable for such.

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.s2d.rocks !
Our Web Site
Our Cloud Service

Tuesday 13 November 2018

New PowerShell Guides and DISM Slipstream Process Updated

We've added two new PowerShell Guides:

We've also updated the page with some tweaks to using DISM to update images in the Install.WIM in Windows Server. The process can also be used to slipstream both Servicing Stack Updates (SSUs) and Cumulative Updates (CUs) for both Windows Server and Windows Desktop.

Thanks for reading! :)

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.s2d.rocks !
Our Web Site
Our Cloud Service

Tuesday 6 November 2018

Apple MacBook Pro: Upgrading OS X Snow Leopard 10.6 to El Capitan 10.11 with 2 Factor Authentication On

Wow, what an adventure.

We have a MacBook Pro 13" early 2009 laptop here in the shop that has been sitting idle for a while.

We installed a new SSD in the unit and bumped the RAM up to 8GB.

Then, on to installing a fresh copy of Snow Leopard 10.6 via the installer DVD.

We needed to use the Disk Utility in the installer to set up a partition prior to being allowed to install the OS.

Once in, we went through the updates process.

Then, on to upgrading OS X to El Capitan 10.11.

What a pain. Because we are on what is essentially an ancient OS version all of the apps were uncooperative due to the 2 Factor Authentication (2FA) that is enabled on our Apple ID.

Safari would not work with Apple's sites for authentication either due to SSL compatibility issues.

Searching meant using buckshot terms to try and figure out exactly what needed to be done to allow the upgrade to proceed in the App Store.

The long and short of it found here is to do the following:

  1. Open Safari and navigate to this Apple Support page: How to upgrade to OS X El Capitan
  2. Scroll down to Step 4 and click on the Get El Capitan link to bring up the App Store
  3. Click the Get button in the store
  4. On a trusted device such as an iPhone
    1. Tap into Settings --> Your Name --> Password & Security
    2. Tap on the Get Verification Code at the bottom of that page
  5. On the MacBook Pro enter the Apple ID and the Password
    1. YourAppleID@YourDomain.Com
    2. YourAppleIDPassword123456
      • 123456 = Verification Code

The verification code gets tagged on to the password at the end as above.

It's a monster weighing in at 6.21GB so a good fast connection should be used to download this one!

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.s2d.rocks !
Our Web Site
Our Cloud Service

Friday 2 November 2018

Veeam Error: Unable to allocate processing resources. Error: On-host proxy [ServerName] requires upgrade before it can be used.

We rebooted one of our Hyper-V hosts that has a number of VMs hosted on it.

The Veeam setup was just completed with the VMs set up right after.

The host was having some network difficulties as it turned out that one of the two ports in the host LBFO Management team was plugged into the VM's switch instead of our setup network.

Once corrected and a reboot later and Veeam was throwing an error due to "Server Not Found".

We had set up the backup based on the IP address the server had. Low and behold that address had changed after the reboot.

So, we set up a new Managed Server based on the new IP and updated the Backup Job.

We fired the backup but it failed:

11/2/2018 4:22:55 PM :: Unable to allocate processing resources. Error: On-host proxy [ServerName] requires upgrade before it can be used. 

After some searching on Veeam's forums this post came up: On-host proxy requires upgrade

After reading through the forum thread it was the very last post that got things going for us:

  1. Restart Veeam Backup Service
  2. Restart Veeam Broker Service
  3. Fire the backup
  4. Success!

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.commodityclusters.com
Our Web Site
Our Cloud Service