Featured Posts

<< >>

Improving NAS performance in NAV 2009 and NAV 2013

Found a good post we’ve implemented over on Greg Kaupp’s blog regarding improving the performance of the NAV Application Server and thus the responsiveness of the client machines. Simply put

Embedded Systems Protection

Spotted this article on the Interwebs today and I’ve got to say the research being done by Ang Cui at Red Balloon Security is pretty impressive. Something that’s been a

Pentesting with Backtrack – OSCP

As it turns out, I’m lucky enough that within the scope of my role at my current employer they want to further improve our professional certifications in the security field.

Who are you and what did you just search for?

Most of the major search engines used by millions of people daily store more information about you than you might at first think. In fact, some of the data retention

Physicists May Have Evidence Universe Is A Computer Simulation

I was browsing the web and came across this article that states Physicists May Have Evidence Universe Is A Computer Simulation. Wait, what? Like the Matrix? Sort of. Anyhow, just for fun

Improving NAS performance in NAV 2009 and NAV 2013

Found a good post we’ve implemented over on Greg Kaupp’s blog regarding improving the performance of the NAV Application Server and thus the responsiveness of the client machines. Simply put adjusting the size of the MetadataProviderCacheSize to a number exceeding the total number of objects within NAV (~5000 or so) will greatly enhance the performance of the NAS.

To update this for your instance of NAV you need to modify your CustomSettings.config file which should be located in the following spots:

NAV 2009 – C:\Program Files\Microsoft Dynamics NAV\60\Service\

NAV 2013 - C:\Program Files\Microsoft Dynamics NAV\70\Service\

Once you open the CustomSettings.config file, update the MetadataProviderCacheSize setting as depicted below.

FROM:

Metadata Update 1

TO:

Metadata Update 2

And that’s it! Thanks again to Greg for posting this originally. His blog is loaded with tons of other useful tips and I encourage you to check it out at the source link below.

Read his full post herePerformance Tuning Microsoft Dynamics NAV 2009 and NAV 2013.

Embedded Systems Protection

Spotted this article on the Interwebs today and I’ve got to say the research being done by Ang Cui at Red Balloon Security is pretty impressive.

Something that’s been a growing concern for many over the past few years has been the ever increasing amount of embedded systems we use on a daily basis and the reality that when compromised these devices can both cripple infrastructure and divulge sensitive information.

Embedded systems? You may remember that thing called Stuxnet back in 2010 which was advertised as a “first of it’s kind” type of malware targeting industrial systems utilizing a rootkit with an affinity for PLCs of the Siemens flavour. Right.

Fast forward 2 years. We’ve now got Cisco IP phones on our desks and portable computers sitting in our pockets. Take the trip into our homes and we’ve got everything from PVRs to Media Servers to iDevice docks and full home automation systems. We are using more embedded systems reliant on firmware than ever before and many of these systems are not just “black boxes” even though they may outwardly appear to be so.

Suffice it to say, that it’s not enough for us to keep up with the latest service packs and updates on our computer systems. It’s not enough for us to have a dedicated IDS running on our networks and the latest greatest security appliances of our choice combing through our bytes. Yes, I could keep going and going but I think you get the point. Embedded systems security and the potential gaps it can leave in our overall infrastructure security plan are holes that need to be closed and this is one of the reasons I’m pretty excited to see interesting work on this front hitting the scene.

What Ang is doing at Red Balloon Security is quite impressive stuff. The Symbiote is a protection mechanism that he has developed to defend embedded systems firmware from exploitation through a number of unique and crafty technologies. Essentially it can be injected into the firmware of any embedded system and once there will thwart any attempts to massage or otherwise compromise the integrity of the device firmware. Furthermore, any attempts to modify or alter the Symbiote itself are mitigated through the use of randomization. Pretty neat stuff.

You can get the full low down at the source link below. Certainly worth the read and it’s fantastic seeing this type of work continue to come to fruition.

Source: Meet the Symbiote: The Ironclad, Adaptable Future of Antivirus Protection.

Pentesting with Backtrack – OSCP

As it turns out, I’m lucky enough that within the scope of my role at my current employer they want to further improve our professional certifications in the security field. Even better, they were quite supportive of my recommendations as to which particular program I’d like to take.

As such, I will be taking a course I’ve long followed but never tackled on my own, the Pentesting with Backtrack course from Offensive Security. This ultimately garners you the Offensive Security Certified Professional (OSCP) should you complete all challenges in a satisfactory manner.

Though more “n00b” than simply learning it all on your own (and certainly – you can) this particular course interests me based on the real world practicality in how they deliver the course and measure your progress. Also, companies like certifications and credentials and they certainly don’t hurt your resume.

Getting back to the practical real world nature of this couse, the exam at the end is actually a full scale network that you are given 24 hours to break into as far as you possibly can. Your abilities are thus judged based on how well you can problem solve and use the tools you’ve been given or can find/build yourself. It’s more important to learn how to think correctly in these situations and as they emphasize regularly, “Try Harder”. Now _that_ I can do.

I’m looking forward to this program and though much of what I’ve been doing over the past few years has been based on knowledge I’ve gained on my own, through experience, this certainly seems to be a very progressive approach that I’m looking forward to taking part in.

I’ll be sure to share my experiences (not course material!) here as things progress.

If you are interested in some other reviews of these programs you can find a particularly good one up on g0tm1lk’s blog.

 

Who are you and what did you just search for?

Most of the major search engines used by millions of people daily store more information about you than you might at first think. In fact, some of the data retention policies (that include personally identifiable information like your IP Address) extend to 18 months and beyond. To anyone who uses GMail, this is nothing new to you because you are already used to it.

I came across a great multi-part article today at a blog I discovered while browsing one of my commonly frequented security forums.

The article is a great exploration of the top 5 major search engines, what information they collect about you and some comparative alternatives you can use to circumvent this behaviour if you so choose.

Physicists May Have Evidence Universe Is A Computer Simulation

I was browsing the web and came across this article that states Physicists May Have Evidence Universe Is A Computer Simulation.

Wait, what? Like the Matrix?

Sort of.

Anyhow, just for fun I thought I’d throw this link up here.

IEC Fusion Reactor MK III « WJ Science and Engineering

Ever built a fusion reactor in your basement before?

Ok, neither have I.

Whenever I see something like this it really inspires me. There are some _brilliant_ people in this world and Will Jack certainly fits that bill as far as I’m concerned. Now 17 years old, Will has built his own IEC Fusion Reactor in his basement lab. Wow.

Anyways, I thoroughly enjoyed reading through this build and wanted to pass this along.

Read more at: IEC Fusion Reactor MK III « WJ Science and Engineering.

My Corner

So this is my own little corner of the Internet…

I’ve wanted to put up a blog for quite some time but between books, projects, work or life, I hadn’t embarked on that quest until now. I hope to share a little bit of who I am, what interests me professionally and personally and also maybe learn a thing or two along the way.

Alright, what next? Maybe a little about who I am… yeah that’s it.

I’m currently a Software Development Manager for a large Canadian hardware retailer and I’m in the midst of managing the technical development and implementation of a full scale ERP project based on Microsoft Dynamics NAV 2013 and LSRetail. Suffice it to say that I’ve gained valuable experience throughout this process and I’ll be blogging about some of the pitfalls we’ve encountered along the way and how we overcame them as a team. We’ve still got a lot of work to do on this thing, so I’m sure some situational posts will go up in the coming months.

Other miscellaneous topics I’ll probably write about at length include IT Security, Mobility, Software Development and anything else that I think someone else might find interesting.

Umm, what else?

I like Raspberry Pi, I dislike the NHL lockout.

Yeah, I better stop. I realize this post is really weak. I get it. It’s my first one! It’ll get better. I promise.