Let's be productive by minimizing clutter Part deux

As usual, when you start dealing with one thing in your life, you tend to narrow in and focus on it. Which is great, however, what if you have several things to do in your life, as most of us do, how do we manage creativity and productivity?

I find myself always on the quest for better productivity and better ways to perform things.

One thing that I find to increase productivity and generally lower stress is to clear. I didn’t say Clean, I said clear.

One of the basic things that is taught, on like Step 1, of Getting Things Done (GTD for those of you that love abbreviations) is to clear and empty. Take everything off your desk, empty your inbox, etc, and then perform actions on everything. Recently I wrote a blog post issuing my New Year’s Challenge to everyone about clearing off your desk and reducing clutter, paper, and digitizing everything you can. Because, you know, how easy is it for you to perform Boolean searches for post it notes?

So here comes the second part of my challenge, assuming you have performed challenge one, clearing off of your desk and surrounding area, hopefully putting things away and digitizing as much as you can, step two has to do with your computer.

Step Two:

Desktop. Your Desktop. I want you to perform this in two steps. First step, is to change your desktop background. Your kids and dog will understand I am sure. Get rid of anything busy, photos, etc. What I want you to start off with is a black background. You can make one in Paint if you are using Windows, if you are using a Mac, I’ll let you get away with Grey just to make life simple. (There is a grey solid color background built into OSX.  Linux users, since you have to compile your own fonts, I think you can figure out how to make your desktop black. BSD users too, since you guys actually have to build your keyboards out of small pieces of a scrabble board and a leftover IBM keyboard without scissor keys....

Rid your desktop of all icons. Okay, I’ll let you have one or two, maybe the trash can, and the Harddrive icon. For Windows users I’ll allow you, say the Recycle Bin, and My Computer, or whatever is on the Windows Desktop nowadays.

Get rid of all your shortcuts (put them in the dock, or the quick launch section of your Task Bar), put your Shortcuts in a stack or something. Better yet, learn to use Butler or Quicksilver and do away with your Shortcuts all together.

Take all your pictures on your desktop and put them in the Pictures folder

Take all your Documents and put them in the Documents folder.

No excuses. Black Background, no icons.

Now, auto hide your Dock, or your Task bar. Get rid of it. You should have One icon maybe two, and no TaskBar/Dock.

For extra credit, you mac users, feel free to use MenuShade to get rid of the Apple Menu (unless you actually use it for things like Google Notifier like I said in a previous post.)

Okay, so now, I want you to work that way for a minimum of two weeks. Nothing on your Desk, Nothing on your Desktop. If you have things like Firefox that dumps your downloads on your Desktop, Create you a “Downloads” folder in your user profile and point Firefox there. Same thing with IE or whatever. OSX already has a downloads folder, tell Firefox to go there.

Two weeks. Make a conscience effort to keep things off your Desk and your Desktop for two weeks. Until it becomes natural. Then give me feed back on how it’s working for you by posting in the comments.

Yes. I do this.

BTW -- This methodology of working does really well with an app like Spirited Away, which auto hides apps.

I’ll explain why you are doing these exercises after my third and final exercise that I ask you to do. But for now, conduct one and two, and work with that for awhile.

To be successful with the “clear Desk” thing, you have to have someplace for people to put things instead of “on your desk”. Try an inbox or a special place on your desk to set things, then train your co-workers, spouse, secretary, and dog to place things in this space.

iWork 2009 Trojan

As I wrote on the Internet Storm Center:

It's already pretty widely reported in the media, take for instance here and here.

First reported by Intego, this trojan apparently is distributed by downloading Bittorrented copies of iWork 2009 from the Internet and installing them. The Trojan is installed as part of the software package, by, yup, you guessed it, you giving the software permissions to install by giving it your password.

Apparently this backdoor opens a hole on your computer, reporting back to a central server in order to allow the attacker to connect and issue commands to your system.

So, what can we learn from this?

1) If you Bittorrent software you are supposed to buy, and break the law in doing so... you have to deal with the ramifications...

2) Hey, you can download the Trial from Apple.com, and then buy it, and they give you a serial number! You don't even have to go to the store to get a boxed copy! You already spent the money and bought a mac, you cheepskate, now if you want iWork, spend the 79 bucks and buy it like you are supposed to.

iWork 2009 Trojan

As I wrote on the Internet Storm Center:

It's already pretty widely reported in the media, take for instance here and here.

First reported by Intego, this trojan apparently is distributed by downloading Bittorrented copies of iWork 2009 from the Internet and installing them. The Trojan is installed as part of the software package, by, yup, you guessed it, you giving the software permissions to install by giving it your password.

Apparently this backdoor opens a hole on your computer, reporting back to a central server in order to allow the attacker to connect and issue commands to your system.

So, what can we learn from this?

1) If you Bittorrent software you are supposed to buy, and break the law in doing so... you have to deal with the ramifications...

2) Hey, you can download the Trial from Apple.com, and then buy it, and they give you a serial number! You don't even have to go to the store to get a boxed copy! You already spent the money and bought a mac, you cheepskate, now if you want iWork, spend the 79 bucks and buy it like you are supposed to.

Snort is up and running, now what?

I’m often asked to write a document about the after effects, the post marital bliss, as it were, of going through the steps of installing Snort as your IDS, and what to do next. So I’ve decided, at great request, to sit down and write a blog entry about the “next steps”.

Now, let me be clear, any security device, yes, ALL of them, require tuning. If someone is out there saying “my device doesn’t require tuning”, not only are they wrong, but it’s an absolute falsehood. I don’t care if your system is being automatically tuned, its still being tuned. One device is not the end all-be all of security devices. Of course there are default settings that take into account the majority of networks out there, and yes, Snort is one of those. But each device you put on your network requires a small bit of tuning at least to adapt to your environment.

So what do I like to do first?

1. Variables -- Tune those variables. How you tune your Snort variables is up to you, but I always say at the very least, start off by tuning your HOME_NET variable. Punch into this variable that network ranges you’d like to protect. How you tune the rest of the variables is up to you, but a good place to start is with EXTERNAL_NET. How you tune this variable, I have a talk on that, I am sure I will be giving soon, so stay tuned. I don’t want to put my bullet points out there before I start talking. By default EXTERNAL_NET is set to any, which is a fine start.
2. Rulesets -- If you don’t have the awesome luxury of dealing with a Sourcefire device, which will give you the recommendations for your rules based upon what is actually on your network (We call this “RNA recommended rulesets”), you will have to do this manually. Sit down, simply at first, with the category names of the rules that you download from Snort.org and take inventory of your network from a Software and service based perspective. Are you running IMAP as a service on your network? No? Then shut the whole rule category off. Rinse and Repeat.
3. Preprocessors -- Now, for proper elimination of alerts and tuning, these will take time, however, at the beginning, ask yourself two questions: 1) What is the majority operating system on my network, and 2) What is the majority webserver on my network. Take the answers to these two questions and tune things like your frag3, stream5, and http_inspect_server preprocessors.
4. Restart Snort -- In the present version of Snort (2.x.x) you have to restart Snort for changes to take effect. After you have done all of the above steps, restart Snort.
5. Suppression and Thresholding -- Now, for the lather rinse and repeat steps. Look at your alerts -- Do I need this alert? How is this alert going to help me to do my job? Do I have any actionable information from this alert. I mean -- So you are getting SNMP alerts, so what? Do you care? ICMP alerts, do you care? What does someone on your network pinging do for your security. In some environments it might, in most, no. So your Solarwinds server is pinging lots of hosts on the network. So? That’s what it’s supposed to do, so take that IP and suppress alerts. That’s what suppression is. Don’t want something to alert at all going to a particular host? That’s a suppression. Don’t want something to alert “as much”? That’s a threshold. Set the ones you need. Restart Snort.

This is not intended to replace any tuning steps you’ve already done, this is not intended to be the end all-be all. This is intended to get you going after your install.

For those of you using Sourcefire product, these steps are either non-existent or considerably easier for you. Some vendors will try and position their product against Snort (read: not Sourcefire) and call the comparison fair. Snort is an open source project, while many companies use Snort as the basis for their product, Sourcefire owns the technology and makes it considerably easy to use. That’s why Sourcefire was started. Marty had a vision of being able to make a complex engine like Snort, very easy to configure, so he started Sourcefire -- and viola.

For further tuning steps (and there can be a lot of them, depending on your network), we have consulting services available. I can’t give all the answers away! ;)

Desk Clearing Challenge

Okay, here’s my Challenge for you all.

Take your desk. Work, home, wherever it is.

Take everything off it. Everything except your computer. (Mouse, Keyboard, Monitor, iPod/iPhone dock, maybe some speakers too can stay). Everything else comes off. Put it on a pile on the floor or in your inbox or something. Not even Post it Notes. If you one of those people that puts Post It Notes on your Monitor or Desk or something like that, take those off. Clean, use the picture attached to this post for reference of what it should look like.

Now, let’s go through this stuff.

Pile of stuff. Go piece by piece. Do you need to file it? Go file it, matter of fact, would you best be served by scanning whatever the piece of paper is, and put it into your computer?

What do you take notes on? Paper? How about you try taking all your notes digitally. Use something like Evernote, or Notepad, or Wordpad. Doesn’t matter what it is, just get your notes digital. If you are using Mail.app, use the Notes. If you can use Evernote, use Evernote. Do you use Outlook? It has a notes feature as well. Give it a shot.

All those Post It Notes. Are they reminders? “Shut off the lights”. Try putting stuff like this on your calendar. “New Event -- Shut off the lights, set reminder, everyday M-F 5 pm”. Are they phone numbers for people? Put them in your Address Book in your computer. In Outlook or whatever you use to manage your contacts. Are they serial numbers or helpful little jotdowns? Put them in a note, title it appropriately so you can find it again.

What is left? Catalogues? Do you need them? Do you need all of them? Can you reduce costs by going with one vendor for your office supplies? Throw out the ones you don’t need/want anymore, then put the ones you want to keep on a bookshelf, or in a desk drawer. Better yet -- Can you throw them all away and manage the account online, ordering and everything? Try recycling those inch thick catalogues.

For those of you that have a laptop as your desktop machine, you have it ideally. You can take your desktop with you, all your notes, everything. Awesome. How can you make this work for you? Taking your laptop to meetings? Can you take notes your phone/mobile device and then email the notes to yourself?

If you have your own printer in your office, and you make it a bad habit of printing out lots of stuff, try shutting off the printer. Unplug it. Create it a chore for yourself to print something out. Avoid printing as much as you can.

At the end of this exercise, your desk should look like the picture above, and you should have nothing on the floor.

Are you one of those people that one of those big flat desk calendars? Or a piece of glass where you store business cards underneath? Take those business cards, and put them in your address book/contact list. How about that Desk Calendar? Can you use the calendar in your computer? In Outlook? iCal? Lightning? Google Calendar?

Digitize yourself. Use things like Dropbox, LiveMesh, or iDisk to be able to get at all your things wherever you are.

For the next step, get really down and dirty and do the same thing through your desk drawers. Good Luck. Let me know your results.

By the way, yes, I’ve done this.