Are We Addressing Cyber Crime Backwards

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Are We Addressing Cyber Crime Backwards Maybe that is why it continues to grow despite all the hard work to stop it: http://fraudwar.blogspot.com/2006/05/are-we-addressing-cyber-crime-from.html Tag: Are We Addressing Cyber Crime Backwards Tag: 84346
  - 2
    - NORTON UPDATES WHEN I RUN NORTON LIVE UPDATE I RECEIVE ERROR"LU1875 THIS UPDATE FAILED DURING IT'S PREPROCESSING TEXT PHASE" I HAVE DONE EVERYTHING RECOMMENDED TO CORRECT THE PROBLEM BUT WHEN I RUN THE LIVE UPDATE AGAIN I STILL RECEIVE THE ERROR AND ALSO THE VIRUS DEFINITIONS WILL NOT UPDATE. I AM NEW WITH THIS COMPUTER STUFF SO PLEASE BE GENTLE WITH ME. THANKS Tag: Are We Addressing Cyber Crime Backwards Tag: 84343
  - 3
    - Password is passed Multiple times per thread? Hello, I was presented an MS article that stated that when a person submits their password/credentials in conjunction with an executable, that the passing of the credentials is multiplied by the threads underneath the executable process. Is this so? We have had quite a few accounts that have locked out from a single bad password entry and our limit is set to 5 If anyone has any ideas or could point out an article or white paper which discusses this issue, I would be most appreciative. Tag: Are We Addressing Cyber Crime Backwards Tag: 84338
  - 4
    - Third-Party Root CA The company I work for is interested in implementing a third-party Root CA infrastructure. Can anyone recommend a third-paty that issues Subordinate CA certificates? I checked with verisign and they don't. Third-Part Root CA http://technet2.microsoft.com/WindowsServer/en/Library/07d3c7fa-9ab2-496b-b01f-ad0944fd97541033.mspx?mfr=true Thank you. Tag: Are We Addressing Cyber Crime Backwards Tag: 84327
  - 5
    - Enabling the administrator to have access to redirected folders I'm having trouble with Article ID: 288991 "Enabling the administrator to have access to redirected folders" The directions work just fine for users that have never had their folders redirected, but the process generally fails for users that have had their folders previously redirected. For existing redirected folders, I change the GPO to send the folders back to the users local profile (and Remote User Profile). I then take ownership (as an Administrator) of the old redirected folder and delete it at the %username% folder. I then change the users GPO back to folder redirection and the folders do move as I would expect. The problem however still remains in that I as an Administrator still can't access the redirected folders. On a rare occasion, this process does work for prior redirected folders but I still have several users that it does not work on. When it does work, it usually requires a few days between sending the folders back to the local and then redirecting them back to the redirected folder. I've tried gpudate on the server and workstation and even shut everything down several times, but I still have the same problem. Any ideas what might be wrong? I have Windows Server 2003 SP1 Standard & XP Pro clients. -- Thanks, Bob -- Bob Tag: Are We Addressing Cyber Crime Backwards Tag: 84323
  - 6
    - Help me Please!!!!!!! Bypass traverse checking I have to edit Everyone to the security policy "Bypass traverse checking" But I cannot add anyone because the button is grayed out. I am logged on as administrator There is a domain controller policy but the administrators is in it and the eveyone group. Can someone please help me so that I can edit the Bypass traverse checking. Tag: Are We Addressing Cyber Crime Backwards Tag: 84318
  - 7
    - replication of stored emails Help. I have a dell pc windows xp, pc cillin, everything updated. On email, using msn dialup, my stored messages, even 2 year old messages, are multiplying like rabbits. They will not delete. The folder will not empty. They now number 20-30 thousand. What bug do I have and how do I clean it out? PC Cillin scans find nothing. Tag: Are We Addressing Cyber Crime Backwards Tag: 84317
  - 8
    - MS06-018 need help Hello I install this patch on a Win2k SP4 server running Exchange 5.5 sp4. After the reboot it will not let users access their mailbox's. I have remove the patch via add/remove w/reboot but still no luck. If I move the mail box to a different server it works fine. If its moved back no joy. I have too many users and too few servers to move everyone. I need some help with this please. Tag: Are We Addressing Cyber Crime Backwards Tag: 84302
  - 9
    - Event Viewer Security shows Guest logon? Event Type: Success Audit Event Source: Security Event Category: Logon/Logoff Event ID: 538 Date: 5/11/2006 Time: 1:19:23 PM User: MOMS\Guest Computer: MOMS Description: User Logoff: User Name: Guest Domain: MOMS Logon ID: (0x0,0x3FFDBD) Logon Type: 3 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Having multiple entries as shown above. Is someone logging on my system as guest? Running XP Home, DSL with wireless router. Thanks in advance, Patrick. Tag: Are We Addressing Cyber Crime Backwards Tag: 84294
  - 10
    - Microsoft patches Windows, Exchange flaws... "Microsoft released fixes on Tuesday for two sets of flaws in its Windows operating system and another two vulnerabilities in the software giant's Exchange mail server, security issues which could allow a worm to propagate between vulnerable systems, security experts warned. A critically-ranked patch addresses two flaws in Windows that affect the Macromedia Flash player from Adobe, a plugin that ships with Microsoft's Internet Explorer 6 browser, and could allow remote code execution, the software giant said in its bulletin. The other patch, which is rated moderate for severity, fixes two flaws in the Microsoft Distributed Transaction Coordinator (MSDTC) that could be used to cause a denial-of-service, the software giant stated." http://www.securityfocus.com/brief/207?ref=rss Imhotep Tag: Are We Addressing Cyber Crime Backwards Tag: 84293
  - 11
    - McAfee Firewall and network Hi. Configuration: wall socket from cable company, from wall socket to modem a connection by cable. From modem cable to router, in the same room. Receiving computer with wireless adapter is in different room. No other PC's or networked devices are connected. I was advised by McAfee that I should choose for the firewall for the option: "trust home network". (ok, not perfect translation, because the software is in Dutch). But if I do that, will that not make me less safe ? I should also add that the router has a built-in firewall, but an imperfect one. Not port everything is stealthed (as recommended on www.grc.com, Zonealarm firewall is recommended on that site for it's unique stealth capabilities (as opposed to just keep a port open or closed)). But I can't use Zonealarm because it affects my wireless connection in a bad way and because basically the hardware and/or software of my ISP doesn't like Zonealarm. I'd also like to add that I use WPA-PSK for communication between my router and my PC. Also, I have given the router a non-standard login and and complicated passport. But my main question is: should I have the McAfee firewall trust the "home network" or am I better off not doing that. An explanation why would help :) Thanks. Tag: Are We Addressing Cyber Crime Backwards Tag: 84292
  - 12
    - AD accounts and wireless, VPN, Cisco ACS I have students and staff AD accounts. Students should be allowed to access wireless (Cisco LEAP). Staff accounts should be allowed to access VPN and wireless. Both Student and Staff Active Directory accounts have the option "Dial-in" tab set to "Allow". Problem: Since that option "Allow" is enabled, students could install and launch VPN client and get connected thru VPN. I don't want that. Question: What would be the best way to create a policy to allow the access to wireless, not VPN ? Note that I am using Cisco ACS to control the authentication between the VPN system, Wireless and Active Directory. VPN concentrator is Cisco 3000. Tag: Are We Addressing Cyber Crime Backwards Tag: 84289
  - 13
    - AcquireCredentials problem running inside iis I have a website in IIS which has been configured to run with Windows Authentication and I have <identity impersonate="true" /> in my web.config. I know that my configuration works correctly as when I look at the identity under which the thread is running I can see that it is the user's account. My aim is to generate a security token to authenticate the user against one of our single-sign-on(SSO) servers(written in-house). I am using the SSPI samples (Microsoft Security SSPI Classes) which I downloaded from your website to generate tokens in order to perform an sspi authentication with our SSO server. The problem I have is that when a user logs on although the thread in iis seems to run under the user's account, the SSPI call seems to generate credentials for 'anonymous user'. When I log on from the machine where iis is running (and I am the interactive user), the token is generated with my details. Which is the correct behaviour. When I log on from another machine where I am the interactive user ( and iis is still running on the original machine where I am the interactive user ) the token seems to be generated for 'anonymous user'. Is there a way I can get the call to AcquireCredentials and subsequently to InitializeSecurityContext to yield a token relating to the currently logged on user. This is the signature for acquireCredentials: SECURITY_STATUS sResult = AcquireCredentialsHandle( NULL, // [in] name of principal. NULL = principal of current security context pszPackageName, // [in] name of package fCredentialUse, // [in] flags indicating use. pszLogonID, // [in] pointer to logon identifier. NULL = we're not specifying the id of another logon session NULL, // [in] package-specific data. NULL = default credentials for security package NULL, // [in] pointer to GetKey function. NULL = we're not using a callback to retrieve the credentials NULL, // [in] value to pass to GetKey this->credentialHandle, // [out] credential handle (this must be already allocated) &tsExpiry // [out] lifetime of the returned credentials ); Initially (for the above described symptoms), instead of pszlogonid there was a null being passed in. I have tried to pass in an SID and even the logoin session id (luid) but this causes the function to return -2146893050 which i'm pretty sure is SEC_E_NOT_OWNER. I get this error now, on the iis machine as well as the remote machine. Is there something i am missing here? Can anyone help? Who shot J.R? I hope Keith Brown is reading im sure he'd sort this out in a flash. Tag: Are We Addressing Cyber Crime Backwards Tag: 84284
  - 14
    - Password dialog window popping up Beginning yesterday, I've got a dialog window popping up whenever I browse to a new web page. It's happening with both Mozilla Firefox and Nestcape browsers (sorry MS). This window requests username and password for random odd web addresses. As an example, when I browsed to this newsgroup starting with the Microsoft home page, every page I clicked through to get here popped up with the following: 'Please enter username and password for [empty quotation marks] at http://global.msads.net' . Trying to play it safe, I've been closing the windows using alt-F4 rather than clicking on their cancel buttons to avoid the ol' button switcheroo trick. As I said, I've never seen these before yesterday, it's been forever since I've seen a popup window at all. As for my sys config, I'm running XP SP2, Zone Labs ZoneAlarm firewall, AVG free edition anti-virus, Spybot S&D with the IE resident and TeaTimer resident activated, AdAware SE, Spysweeper with all shields activated, CWShredder and HijackThis. I scan my sys regularly with Spysweeper, AdAware, CWShredder and HijackThis, along with the spyware scanner built into Netscape browser. All these apps, along with XP, are current and updated. Scans today with AdAware, Spybot S&D, CWShredder and HijackThis came up empty. Any info or assistance with this shucking fullbit would be immensely appreciated. Thanx/gracias/merci. -- What are they infected with? Rage.... Tag: Are We Addressing Cyber Crime Backwards Tag: 84283
  - 15
    - log on When I try to log on after the computer is sleeping it will not accept any keystrokes. Therefore I have to hard shut down the computer just to get back in. Can anyone help Tag: Are We Addressing Cyber Crime Backwards Tag: 84271
  - 16
    - Rdp over VPN I just want to know if I need to open port 3389 if I using rdp over vpn. In theory I think that it's enough to open the vpn port, because the rdp is encapsylated in the IP-sec packet. But is this the case in the reality? Another question is how is the helpassistant account activated when using only unsolicited remote assistance? In which phase. I have read that when using solicited remote assistant it is activated when the invitationen is created. Can someone recommend a book or article that in depth describes the connection phase for unsolicited remote assistance? ( I have find other links for solicited) Thanks Tag: Are We Addressing Cyber Crime Backwards Tag: 84269
  - 17
    - Any danger by opening WMV files? Is there a danger opening WMV files in XP? I sem to recall something about being taken to dangerous web sites or getting unwanted code on my system or something like that. I am running XP Pro/SP2. Tag: Are We Addressing Cyber Crime Backwards Tag: 84265
  - 18
    - Text message spam on my cell phone? I thought this was not possible with Verizon. Within the past month I've had several text message spams come in on my Verizon cell phone -- I have to pay for these -- can't believe this is legal? I've had the phone for a year now so I have no idea why within the last month I've started getting spam on my phone. We need some enforceable laws against spam, this is getting ridiculous. I can't believe I have no right to prevent solicitation, spam on my door step, spam in my Email, spam on web sites, spam on my car, and now spam on my phone. Why is it Monty Python comes to mind....spam spam spam spam spam... What is this world coming to? People still buy crap they don't need with or without spam. Tag: Are We Addressing Cyber Crime Backwards Tag: 84251
  - 19
    - Possible to hide a service from users? Anyone know of a way to either hide a service from users on a server or prevent them from being able to start a service? Windows 2003... I installed a server app that needs to remain on the system but I need to make sure it does not run. The problem is, sys admins out in the field have access to the server and they will know its not supposed to run but some, out of curiosity, may do it anyway. Any thoughts? Thanks. Carl -- Carl Wilson Security Engineer Tag: Are We Addressing Cyber Crime Backwards Tag: 84248
  - 20
    - Uable to save changes to Group Policy I have posted in this in several groups, no responses. Trying again! See previous posts below. Since I posted the last time, I have done a "repair" install of Server 2k3 complete with all updates etc. Recreated the domain, same issue. On a second server, i created a new/different domain, same issue. I have repeatedly tried resetting permissions/ownership/etc, no effect on the problem I am certain this issue is related to the Symantec AV V10.0.2 as I have another new out of the box unit with R2 which has never had SAV installed, no issues there. I am sure this is an early detection of a problem that will be plaguing R2 users as I see it posted through out the newsgroups and have yet to see a resolution. So any suggestions/fixes would be greatly appreciated. I am on my way to formatting and reinstalling on three brand new servers as a result. While I have that luxery in the lab I am sure there are many in a production environment who dont. ORIGINAL POSTS: I have seen numerous posts regarding this issue, no real answers. My scenero: Three new Windows 2003 Servers Standard Edition R2. Lab environment, everything fresh. the only setups done are basic domain and active directory and entering users. Symantec Antivirus Corporate 10.0 installed but disabled. One server is PDC, others are BDC and connected by VPN (again, lab environment with VPN up and running.) All seems to work well. Settings replicate properly, licenses replicate properly. No real issues other than when trying to set GPO, the following error occurs: "group policy snapin was unable to save your changes due to the following error: the process cannot access the file because it is being used by another process". I have read post after post and tried all the suggestions given (which were few) but none has helped. I thought perhaps replication between the servers was the issue, but shutting down the BDCs does not effect the situation. If i go to D:\WINDOWS\SYSVOL\sysvol\mydomain.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft\Windows NT\SecEdit\GptTmpl.inf and edit the file manually, it still does not let me save returning an error saying it cannot create the file followed by the full path. I have reset permissions, ownership, all to no avail. Any responses greatly appreciated! UPDATE: I spoke with Symantec support today, found v10.0.2 of SAV Corp. is not compatible and is problematic when used with Windows server 2003 R2. I removed SAV from all three servers, removed the domain controller roll from all three and recreated the domain on the primary server. I still have the above error when trying to change GPO. In removing the rolls, it seems there are numerous problems created by installing the SAV V10.0.2 BEWARE!! At this point it looks as if I will have to start from scratch, format and reninstall. Any suggestions guys?? I really do not want to go through the process of reloading 3 servers! THANKS~~!! Tag: Are We Addressing Cyber Crime Backwards Tag: 84242
  - 21
    - is this allowed???? http://www.msncheck.net/ just thought to let you know because you have to give youre email and password to a 3th party Tag: Are We Addressing Cyber Crime Backwards Tag: 84238
  - 22
    - Filtering the auditing of file access Hi, I have enabled the auditing of object access on our file-server (2003) through the Group Policy Object Editor. After that i added some groups for auditing on a folder on our data-disk. This works fine. There is only one problem, the eventlog is filling up very fast with events of object access of files like c:\windows\system32\lsass.exe. Does anyone know an option to disable auditing on the system-files?? Tag: Are We Addressing Cyber Crime Backwards Tag: 84223
  - 23
    - Tools for analyze all PC in a network Dear All, I have one big issue about sharing folder policy in my company. Many users doesn't understand how to make a proper sharing. That is why i need tools to analyze automatically all PC in the network, what kind of the share folder they have and the sharing permission. Can someone help me here? Thx Tag: Are We Addressing Cyber Crime Backwards Tag: 84222
  - 24
    - Network Discovery | BSR 64000 on Internal IP? I recently did a network discovery of our small network. We have SBS2003 with ISA2004 hosted on the same server with 2 NICS. From the WAN side NIC it goes to a DSL modem/router and from there to the ISP. >From the modem/router is also a WPA wireless network. From the LAN NIC side is a single client computer. I found all my devices just find but seemed to have found one I didn't expect. It's sitting on a private IP or 192.168.0.49 and is called CMTS RiverDeltaNetworks. Looking up the SNMP info shows that it is a BSR 64000 and is registered to my ISP. Why would this IP be on my private network? I have DSL and not cable as well. Tag: Are We Addressing Cyber Crime Backwards Tag: 84220
  - 25
    - Virus or not? My avast labels it as a Virus/worm. Win32:VB-IE [Wrm] The avast has been removing the infection one piece at a time.. I am suspecting that the infection piggy backed on an update from Microsoft, that is not an absolute. It does not seem to be doing any thing now. It messed up my HP All-In-One Program and Microsoft OneNotein the beginning. I removed the damaged programs,hacked at the virus then reinstalled. Everything doing good now. I still get an alert and delet it now and then. I am not sure where it is coming from. I go to where it is supposed to be. I find three files. (Ntf7.tmp., Ntf8.tmp, Perflib-Perfd...). I open the hiidden files and find nothing else. I am thinking that whatever is left is slowly being found and deleted (time will tell). If not ... ??? Tag: Are We Addressing Cyber Crime Backwards Tag: 84212
- Next
  - 1
    - Windows XP Firewall I have XP Pro & have an issue on the general tab of the xp firewall is greyed out & it was turned off for some reason. My services are started & group policy is set to not configured. I did find some info on the net that if I goto into the registry to here HKEY_LOCAL_MACHINE SOFTWARE Policies Microsoft WindowsFirewall This is what showed up in DomainProfile & StandardProfile folders. EnableFirewall REG_DWORD 0x00000000 (0) I changed the value to 1 in the StandardProfile folder it got the firewall set to on again but it's still greyed out on the General tab. The restore defaults button on the firewall did squat for me. I can't use system restore because there are no restore points before this happened. I would like to restore the ability to turn on or off the XP firewall myself. Can I delete those 2 registry entries in the DomainProfile & StandardProfile folders without causing my computer to crash or worse reformat? Would it restore the normal operation of XP Firewall? If anybody has XP Pro or knows anything about XP Pro it would be helpfull. Thanks in advance! Tag: Are We Addressing Cyber Crime Backwards Tag: 84210
  - 2
    - Microsoft Security Bulletin(s) for 5/9/2006 Note: There may be latency issues due to replication, if the page does not display keep refreshing May 9, 2006 Today Microsoft released the following Security Bulletin(s). Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summary: http://www.microsoft.com/technet/security/Bulletin/ms06-May.mspx Critical Bulletins: Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803) http://www.microsoft.com/technet/security/Bulletin/ms06-019.mspx Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433) http://www.microsoft.com/technet/security/Bulletin/ms06-020.mspx Moderate Bulletins: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580) http://www.microsoft.com/technet/security/Bulletin/ms06-018.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- -- Melissa Travers, MCSE MVP Lead - Exchange Server, Windows Security, ISA Server, Virtual Machine & Microsoft Dynamics Please do not send email directly to this alias. This alias is for newsgroup purposes only. This posting is provided "AS IS" with no warranties, and confers no rights. Tag: Are We Addressing Cyber Crime Backwards Tag: 84207
  - 3
    - ANN: C# Online.NET FOR IMMEDIATE RELEASE First Wiki-based Online C# and .NET Reference at C# Online.NET Dallas, TX ? A new concept in online references for Microsoft .NET programming languages is being pioneered by C# Online.NET?a new wiki-based, online C# and .NET reference. C# Online.NET offers documentation, tutorials, and C# source code examples for .NET languages beginning with the C# language. ?Compared to Java,? says Will Wagers, founder of C# Online.NET, ?there is a dearth of online C# help.? C# Online.NET is enlisting the aid of volunteer contributors to write articles, tutorials, and C# code snippets (ready-to-use fragments of C# source code). Offerings will target all C# programmers and developers from beginner to architect. Wiki software allows virtually anyone with an Internet connection to edit, view, and write documentation using their Web browser. ?The advantage of using open source wiki software is that we can harness the energies of C# developers worldwide to create a mega-resource for the C# community.? Contact: C# Online.NET Volunteer: editor@csharp-online.net Press: press@csharp-online.net Web site: http://wiki.csharp-online.net/ [ ANN: C# Online.NET ] Tag: Are We Addressing Cyber Crime Backwards Tag: 84202
  - 4
    - I cannot use flash drive in my laptop I got a new tosiba laptop recently, I have accessed to net without proper anti-virus software. I got a virus in my computer, so I intstall lavasoft, mcafee, and panda anti-virus. I still suspect that I got some kind of spyware / virus - possible that someone is accessing go my information. (another topic) Somehow, I found out that I cannot use flash drive, though I can use in another computer. Whenever, I insert flash drive mesage pop up in right corner - USB device not recognized: one of the USB devices attached to this computer has malfunctioned, and windows does not recognise it. the location of the device is show in bold type - USB Root Hub (8 ports) - - unknown device Please help and advice! Rock UK Tag: Are We Addressing Cyber Crime Backwards Tag: 84199
  - 5
    - Enabling Some Others Language in Windows 2003 Lite Version (Or XP Lite) Has anyone know how can we enable some other unicoded language in windows 2003 enterprise R2 (lite version)? In "Regional And Language Option" When I select another language like "Farsi" it says to me "Windows Unable to install choosen local. Please Contact your Administrator" If anyone know how can I solv this problem please tell me Tag: Are We Addressing Cyber Crime Backwards Tag: 84194
  - 6
    - eWeek article - Microsoft give up on Malware... http://www.eweek.com/article2/0,1895,1945808,00.asp I'm having a hard time coming to grips with this statement from Microsoft -- that's like saying we give up on the other 80% of the potential market (yes still only 1 in 5 people use the internet with primary concern being security fears). I'm hoping this article is not accurate because Microsoft have sealed their fate with statements like this -- limiting the market and squeezing as much as they can out of the existing market does NOT present a stable future. I've also read other articles reporting very high level Microsoft execs moving the blame of the security flaws over to the consumer for not having proper third party protection?? I've been infected with Malware a couple of times and really have NO idea how it made it's way in when I have a host of tools to prevent such activity. Is Redmond really saying "we can't do anything about it"? Rob. Tag: Are We Addressing Cyber Crime Backwards Tag: 84192
  - 7
    - Security Acknoledgemnet I want to be able to temporarily change an person's homepage when they connect to my network and show an "Acknowledgement of internet use" page prior to them being able to access the internet, and if they don't agree to the terms I've set forward they can't access the internet. Is there any way this can be done? Tag: Are We Addressing Cyber Crime Backwards Tag: 84182
  - 8
    - Security -- "Message Alerts" Hello â?? Background: I have an Intel-based desktop PC (2.6GHz) and I am running my applications on a Windows XP Home Edition platform. Problem: I keep on getting these "messages" every 10 minutes 24/7 that say my registry is corrupt, I have viruses, blah blah blah. This happens every day (again 24/7) and has been happening since the last two (2) months. If I am away from my PC for a few hours, then the message windows INUNDATE the screen interface. When I am using my PC to get my work done, these messages cause an enormous amount of interruption. The Alert Messages point mention a web address and say that if I download a program, that is the way to remove the viruses/registry corruption, etc. Then, it will charge $20-$30 for the program! Clearly, it appears as a sales gimmick. I only have ONE question as I am not even concerned for the contents within those messages, and that question is HOW do I get rid of the Alert Messages? Troubleshooting I have done: (1) Ran virus and spyware detection scans . . . and removed all infected files. There were only two. (2) I have gone to the My Computer icon and from one of the menus, disabled Remote Connection (3) Deleted temporary internet files within my Internet Explorer browser, etc. (4) Deleted Windows messenger using one of the features from the Control Panel (5) Rebooted my PC (warm and cold) But what can I do so that I do not get any such programmed messages. Again, I feel it is a sales gimmick. Please help ASAP!!! My email address is n2006@cox.net Thanks very much!!! Tag: Are We Addressing Cyber Crime Backwards Tag: 84179
  - 9
    - Benefits of PKI - 5,000 nodes organization Hi, In practical terms, are many or most medium-large organizations using PKI ? We have 3,000 Win2000/XP machines, 2,000 macintosh clients. Exch2003 servers with 3,000 mailboxes. Win2003 AD deployed. In my organization we are planning to start a pilot and distribute smart cards first to our IT staff, then later deploy it for students. Besides smart cards, what are the common and practical use of the PKI infrastructure ? I mean, obviously you can secure internal e-mail with that. I would like to know how practical and common that it is. For internal server management I am using certificates provided by Dell, for example, and that is working OK. Also, for internal servers I can generate an internal certificate manually. For our commercial and extranet servers/sites, I am buying the certs from Verisign and it should continue that way even if I deploy our internal PKI. Please advise on how you have seen PKI deployment (especially the one in AD) bringing practical benefits to organizations. Thanks, M Tag: Are We Addressing Cyber Crime Backwards Tag: 84173
  - 10
    - Virus Alert Malware I got stuck with a package that included atmclk.exe, dcomcfg.exe, regpertf.exex, and trojans stole3.tlb and another one with a similar name that I can't remember. Following instructions at Trend Micro I was able to get rid of all of them but am now left with an icon in the notification area (I have Win XP) that keeps producing popups saying my computer is infected and directing me to the SpyFalcon website. I've run assorted scanners but nothing detects where it is hiding. Any help appreciated; it's driving me crazy. Tag: Are We Addressing Cyber Crime Backwards Tag: 84170
  - 11
    - RUNDLL I have another post regarding my PC crashing on this site this morning. The HD I'm using now is a backup, new clean install. I reverted to this HD after the crash. Anyway................ I went to use System Restore, and got this dandy. RUNDLL An exception occurred while trying to run "C:\WINDOWS\system32\shell32.dll,Control_RunDLL "C:\WINDOWS\system32\sysdm.cpl",SYSTEM" My Event viewer shows: faulting application rstrui.exe, version 5.1.2600.2180, faulting module ssrstr.dll version 5.1.2600.2180 I checked system32, and all these files are there. Help Thanks. HazydayXP Tag: Are We Addressing Cyber Crime Backwards Tag: 84162
  - 12
    - Black,Blue,andBlack again I was on this site this morning to checking a reply, I went to move my cursor and got 3 or 4 bold lines next to the cursor and my system froze. I rebooted, signed in and my screen went black, then a quick flash of a blue screen with text,and back to balck in a blink, then rebooted on it's own, so I tried to boot into safe mode on both mine and administrator accounts with the same result. I just finished a clean install of XP Home with SP2 on that drive Thursday! To say that i am fit to be tied is an utter understatement. Since purchasing the XP Home with Sp2, I have had to do repair and clean installs at least 6 times! That's since Dec. 2005. fortunately, I have 2 HD's, so I'm using the backup now. I haven't done anything with the primary (crashed) drive, just praying that I don't have to do yet another install. Any suggestions? I have spent the last 4 days trying to keep this system running. I have an AMD Sempron 3100+ with a gig of ddr sdram pc2700, a gigabyte motherboard with award bios from 2005. -- HazydayXP Tag: Are We Addressing Cyber Crime Backwards Tag: 84161
  - 13
    - Microsoft Fingerprint Reader To edit or remove a log-on from the Quick Links list you choose a quick link then click on the Hand Icon displayed in Internet Explorer and then edit or remove from the quick links list. My problem is that the page/site where I had a quick link established for the fingerprint reader no longer exists, so there is no hand icon to click on to edit or remove the quick link. My question is how do you go about removing a quick link to a page/site that no longer exists? Tag: Are We Addressing Cyber Crime Backwards Tag: 84141
  - 14
    - New site dedicated to security conferences : www.security-briefings.com Hello all, We proud to announce the release of a new site dedicated to security conferences : http://www.security-briefings.com Our goal is to highlight major information provided during the most popular and interesting conferences such as (but not limited to) : Blackhat, Shmoocon, Defcon, Recon, Cansecwest,... We will update regularly the site content with what we think being important for security people. Hope we can participate to the community effort to spread knowledge about security. Regards newslist [at] security-briefings.com Tag: Are We Addressing Cyber Crime Backwards Tag: 84136
  - 15
    - Norton vs. Mcaffe Which is the better, I have Panda and never again, gave so many problems with DSL modem and router. Need a new anti-viris program. I did like Panda 2005 because it stopped spyware and adware, 2006 no way. Please help me if you can, would like to thank everyone in advance. -- cherriepit Tag: Are We Addressing Cyber Crime Backwards Tag: 84128
  - 16
    - KB 896358 microsoft Updates wants me to download KB 896358. I have XP Home. I have tried to install the update AT LEAST 8 times, and each time I try , it gets 1/2 way tgroughand states there is a problem and fails. Any help? This thing is driving me craxy. I have had to change the Automatic Update settings so that it quits bugging me 'til I find a solution. -- HazydayXP Tag: Are We Addressing Cyber Crime Backwards Tag: 84127
  - 17
    - UNWANTED PROGRAMMS Dear all, when i open the internet explorer a website is running automatically . i have changed the internet settings. but still the problem exists. i have got a symbol for the above website on my tool bar aswell . when i click the icon on the tool bar it automatically. and the above icon always showing a message your computer is infected with virus.( the web site is spywarequake.com). i have scanned the system for virus and malwares .but its is all perfect.please help me out from this problem thank you all Tag: Are We Addressing Cyber Crime Backwards Tag: 84125
  - 18
    - Removal of Norton - Can run Windows Installer CleanUp Utility I recently submitted a query concerning the removal of residual elements of Norton Anti-virus software (Norton 2004 and maybe some earlier versions) which Windows Security Centre was say was still installed on my PC despite the fact that it is not. This is causing a conflict which is stopping my other Ant-Virus Software (PC Tools AV) from loading up - effectively providing me with no virus protection! I received helpful replies from both Engel and PA Bear. They both suggested using the following tool:- http://basconotw.mvps.org/SymRem.htm Within this document it provides a series of actions to fully remove Norton. However an additional issue has arisen when I try to install the Windows Installer Clean-up utility. When I try to run the file â??msicuu2.exeâ?? (which I downloaded to my desktop from MS) I get the following error message. â??The Windows Installer service could not be accessed. This can occur is you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact you support personnel for assistance.â?? Please also note that now have no way of re-installing any of my old Norton products. Is there anything I can do to get rid of these residual elements of Norton? How can I run the clean up facility? Will I ever have Virus protection again? Please helpâ?¦ Tag: Are We Addressing Cyber Crime Backwards Tag: 84119
  - 19
    - "The expected version of your software is not detected?!?" Hi. Just discovered that I had some vulnerabilities (MS00-34 & MS00-28) on my pc. Found the patch on Microsoft's site, d/loaded it only to get the message above. (Sigh) What now? Please help. I do have MS Office 2000 so I am confused. Thanks. Tag: Are We Addressing Cyber Crime Backwards Tag: 84111
  - 20
    - Yahoo is spreading spyware! Yahoo is spreading spyware! Source: http://www.eweek.com Yahoo has routinely breached agreements with advertisers and placed advertising in spyware programs that serve annoying pop-up ads. Instead of "highly targeted" ads being placed on "high-quality" sites, Edelman alleged, ads are actually routed to low-quality sites without bona fide content, constituting syndication fraud. Link: http://ttcom.blogspot.com/2006/05/yahoo-is-spreading-spyware-source.html Tag: Are We Addressing Cyber Crime Backwards Tag: 84110
  - 21
    - Got this message from Microsoft That popped up when I turned on the computer saying that I might have counterfeit software (I assume they mean Windows XP which I am running). I had someone upgrade this a few years ago and if it is counterfeit why would they take so long to notify me? Should I assume this is really coming from Mirrosoft? That had two options of "resolve this" and "resolve later". What exactly is their method to resolve this? I assume buying the correct software or ?. They say that with the counterfeit software that I won't be able to get the automatic security updates. Tag: Are We Addressing Cyber Crime Backwards Tag: 84107
  - 22
    - ANN: Windows Defender Support & Questions Another in a series of such Announcements Microsoft has established separate, private newsgroups for Windows Defender Beta2 support and comments. This is not one of them. See http://www.microsoft.com/athome/security/spyware/software/newsgroups/default.mspx The Defender-specific newsgroups include: - microsoft.private.security.spyware.announcements - microsoft.private.security.spyware.appcompat - microsoft.private.security.spyware.general - microsoft.private.security.spyware.install - microsoft.private.security.spyware.networking - microsoft.private.security.spyware.signatures - microsoft.private.security.spyware.onlinecommunity These newsgroups can be accessed via your browser or your newsreader. To access these newsgroups using your browser, start here: http://www.microsoft.com/athome/security/spyware/software/newsgroups/reader/default.mspx?dg=microsoft.private.security.spyware.general To access these newsgroups in your newsreader, please use the following information to set up your account: - NNTP Server: privatenews.microsoft.com - Account name: privatenews\spyware - Password: spyware NOTE: No password will be required via the HTTP link. -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org Tag: Are We Addressing Cyber Crime Backwards Tag: 84106
  - 23
    - Enterprise PKI. I have the following scenario to deal with : windows 2003 domain, installed in Jan 2005. Enterprise Pki installed in Jan 2005 and then uninstalled in jan 2005. There are kdc errors on the domain controllers : Source : KDC Event id 20 Description: The currently selected KDC certificate was once valid, but now is invalid and no suitable replacement was found. Smartcard logon may not function correctly if this problem is not remedied. Have the system administrator check on the state of the domain's public key infrastructure. The chain status is in the error data. Now the CRL is no longer available by any means, nor is the backup of the servers with the PKI in place. The dc's have certificates that were issued by this CA the certificates are valid until Dec 2006. Now my question is: can I use the instructions in the following article to clean out all remains of this CA even though the CRL's will never be available?: http://support.microsoft.com/kb/889250/en-us Hope there is someone there who can assist me with this! Tag: Are We Addressing Cyber Crime Backwards Tag: 84104
  - 24
    - Multiple firewalls show in security center I had NIS professional (Norton) installed, subsequently, I have removed NIS - I used Symantec removal tool and I have work with symantec for the past 3 days. I have searched the registry and looked uner every stone. I have run the MSI cleanup tool and still are unable to find what is causing NIS still showing in windows security center. Tag: Are We Addressing Cyber Crime Backwards Tag: 84102
  - 25
    - S/MIME messages to a group Hi group Is it possible with Exchange 2003 to create a S/MIME certificate for a group ? The idea is to send an encrypted message to a group of users from outside of Exchange so that each one could encrypt and read it automatically. With PGP it worked fine, so I hope Exchange S/MIME supports it too ? Thanks in advance, Igor Tag: Are We Addressing Cyber Crime Backwards Tag: 84099

Maybe that is why it continues to grow despite all the hard work to
stop it:

http://fraudwar.blogspot.com/2006/05/are-we-addressing-cyber-crime-from.html

Top