I've been playing around with Entourage on my Mac for the last couple of days (in order to access my Email from Exchange while I am out of the office).
It turns out that there is a curious feature missing from Entourage... You can't highlight a word and then insert a hyperlink. (Don't ask me why, I have no idea ;)
There are two workarounds that I got from a tester in the MacBU:
Just type out your hyperlink (e.g. www.apple.com). When you send it, Entourage turns it into a hyperlink.
If you want to link some text to a website (e.g. here) it’s a bit more difficult. There is no “native” Entourage solution to do that. You can still do it however. You need to boot Word, create your email there, then go File | Send To | mail recipient (as HTML). This will create a email using the word doc, and this email can be as complex as you like (tables, multi-level bulleted lists, linked text, etc).
There's probably a KB article about this, but I know the first time I ran into the problem above, it took me forever to find the solution, so I thought I would share it with you.
If you install Virtual Server 2005 R2 (or SP1), and then Remote-Desktop to the Host Server, and pull up the Virtual Server Administration Website, you may see the error from the picture above;
HTTP 500 Internal Server Error
The solution? When you connect to the remote Host Server, you need to actually connect to the Console session. You would do this by clicking:
Start --> Run --> mstsc /console
After that, everything should work like a champ:
So... over the last couple of days, I have had the need to scan 1.2 Terabytes of data for viruses and malware, using as many different engines as possible.
Don't ask...
This should be a snap! I thought... Microsoft makes an Antivirus that can simultaneously scan using 5 engines at the same time! I'll just load up ForeFront Client Security and go to town.
Except... I spent 20 minutes on the site and could not find ANY mention of the different engines included with ForeFront Client Security. <Arggh!>
Fortunately, I work for a company in Redmond that has something to do with the Forefront products... I fired off an email to the ForeFront team, and learned that ForeFront Client Security comes with ONE engine... the Microsoft Engine. It is actually the other products in the ForeFront suite that include the multiple engines (which are, BTW: AhnLab, Authentium, CA, Kaspersky Labs, Norman Data Defense, Microsoft, Sophos, and VirusBuster). Why is it that ForeFront Client Security has only one engine? In response to that question, I received the following:
A key reason why we (and other vendors) don’t incorporate multiple engines into client security products is that each AV engine tries to hook into the kernel for real-time scanning. Having multiple engines accessing the kernel simultaneously would slow down machine performance. With e-mail, there isn’t the issue of hooking into the kernel (as it’s scanning e-mail) – also, any latency (which is very minimal in Forefront for Exchange/SharePoint) from the scanning of e-mail by multiple products isn’t noticeable by end-users (whereas any slowdown in PC performance would be very noticeable).
Makes sense.
So how did I workaround the problem? I installed Windows SharePoint Services 3.0, and the 120 day trial of ForeFront Security for SharePoint. Created a Document library, and copied my data into the Document Library where it was scanned by 5 AV engines at once.
And how did everything turn out? Just fine, until someone accidentally kicked a drive loose from the RAID 0 array. Apparently you aren't supposed to set a rack-mount server on the floor, without a faceplate, in a high-traffic room.
<sigh...>
Neat little trick I ran across somewhere...
You know when you get an error message with all sorts of descriptive text, and you want to send that text off to a newsgroup, the helpdesk, or a friend so that they can loop up an answer?
You could take a screenshot, but it is hard to paste a screenshot into a search engine...
You could manually type what you see in the error, but that is a pain in the arse...
Solution: Simply hit "Ctrl+C" when the error message is selected. The text from the error message can be pasted wherever you would like.
So,
becomes:
---------------------------System.Security.Policy.PolicyException: Policy level 'Enterprise' could not be saved.
at System.Security.PolicyManager.EncodeLevel(PolicyLevel level)
at System.Security.PolicyManager.EncodeLevel(String label)
at System.Security.PolicyManager.Save()
at System.Security.SecurityManager.SavePolicy()
at SyncMyCal.CAS.CASInstaller.ConfigureCodeAccessSecurity()
at SyncMyCal.CAS.CASInstaller.Install()---------------------------OK ---------------------------
If you have spent any time working with Network security, you are familiar with the concept of Defense in Depth. In a nutshell, there is NO SILVER BULLET when it comes to network or computer security. Network security is a process, and one where the threats and countermeasures are constantly evolving. Whenever I see posts saying that all an enterprise needs to do to become secure is to switch to Linux, or install a Firewall or IDS/IPS (or any other one-stop-answer) is uninformed at best, and irresponsible at worst.
There are any number of factors to consider when working to secure a network. There are physical security considerations, technological considerations, people considerations… Any basic security course or CISSP book will teach you about CIA, the magic triangle of Confidentiality, Integrity, and Availability (picture courtesy of Wikipedia). Having your company business plan available but not confidential, is a loss. Having your server locked down 6 ways from Sunday, but unavailable for use by authorized users, is a loss.
Writing an uber post that addresses all of these considerations would be rather cumbersome (for me to write, and for you to read), so I'll start off with my reply to an email that came through an internal Discussion List regarding one of the technologies Microsoft makes available to help with one particular threat vector. I will follow up this post with a series of posts covering the range of technologies, solutions, and processes used by Microsoft to address security. Security is a topic near and dear to my heart, so if you have any specific requests, put them in the comments and I will address them in future posts.
In any case, the question that came through the DL related to Windows Rights Management Services. RMS is a technology available for Windows Server 2003 that allows an organization to define who can open, modify, print, forward and/or take other actions with the information in a particular document. The threat that RMS primarily addresses is that if information disclosure. Sometimes confidential documents are leaked (either accidentally or intentionally), and can cause grave damage to a company. There is a great write-up on the purpose of (and limitations to) Information Rights Management (IRM) as implemented in Office 2007 here: http://office.microsoft.com/en-us/help/HA101029181033.aspx#1, and an in-depth article from Windows IT Pro magazine here: http://www.windowsitpro.com/Windows/Articles/ArticleID/48912/pg/1/1.html
The question (which was a fair one) stated that a customer had found that an RMS protected email with "forward" and "copy" permissions restricted could still be captured by using a third party screen capture utility, and pasted into other applications as an image. An earlier thread on the same subject carried the sensational headline of "RMS is crackable"
The question (and subject line), however, indicate a fundamental misunderstanding of the purpose and capabilities of RMS. The fact that an authorized end-user can take screenshots of an RMS protected document is expected behavior. Don't take that last sentence out of context…
RMS is a policy enforcement tool. The two main capabilities that an RMS enabled application provides are access control and user rights restrictions. Access control is the claim that users who do not have access to the protected content will not obtain access to it. This is a strong guarantee because a user who has no permissions to access the content will have to implement a successful cryptographic attack against AES.
In other words, someone who is not authorized to open the RMS document will not be able to do so (and therefore will not be able to use a 3rd party screen capture utility to screenshot the image and paste it into other applications).
Someone who IS authorized to open the document will always be able to use analog means to transcribe the contents. For example, RMS will not stop them from using a camera to take pictures of the screen, it will not stop an authorized user from calling someone on the telephone and reading them the contents, and it will not stop a 3rd party screen capture utility from taking screenshots of a document that the user is authorized to view.
RMS (and RMS-enabled applications such as Office 2007) will enforce the restrictions implemented by RMS (ie, the end-user will not be able to forward, or copy, or print…) as defined by the content owner. If you have an authorized user going through the effort needed to circumvent the policy restrictions placed on the document (that they are legitimately allowed to view), then you have a Human Resources problem, not a technical one... The efforts that the user will have gone to in order to circumvent the technical restrictions will usually show their disrespect for company policy and their intent to blatantly disregard it, and this will need to be addressed by management and HR policies. The end-user in question will not be able to say that they "accidentally" forwarded the company business plan to a competitor ;)
To quote part of the resolution to the email thread: RMS gives strong guarantees that people who do not have access to the content will not get it even if they have somehow obtained the documents. RMS enabled applications also provide user rights restrictions that keep the authorized users from disclosing information unintentionally.