Architecture for multiple servers

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - xp home edition "lost " owner and password on my screen Our laptop computer came with xp home editions installed. Somebody set it up so I could click on my user name and I'm in. For some reason I have the half of the screen that tells me to click on user name, but my name on the right side is now missing. All I can do is cut the thing off. What's worse, the "expert" that set it up no longer works for us Anthony tells me " Do not Re-format with the operating program, if I install the c.d. Tag: Architecture for multiple servers Tag: 44651
  - 2
    - microsoft outlook password how do i take out password from sending and receiving email Tag: Architecture for multiple servers Tag: 44648
  - 3
    - Local Security Settings Pardon the newbie question here: How do I adjust the local users and groups security settings on a Windows 2003 server (it is part of a domain, but not a controller)? When I open the window for Local Secutiry Policy, the appropriate files appear, however, they have a padlock on them. I AM logging as the adminstrator as well. Thanks, Daniel Tag: Architecture for multiple servers Tag: 44643
  - 4
    - MSDN for sale ? Legal ? I was kinda curious on one issue. I used to receive MSDN and of course loved it. I recently saw at a local used bookstore/software store where they had a pretty up to date copy of MSDN complete with Three Binders of CD's and a smaller binder of DVD's. All access codes were attached. The only problem is, if this software has already been activated if its legal or not ? Anyone know the answer on this one ? Thanks Tedd -- Tedd Riggs PDA Square Content Developer www.pdasquare.com Tag: Architecture for multiple servers Tag: 44642
  - 5
    - Password for Outlook Express Recently tried to access my e-mail account and was unexpectantly asked for a password for the account. The account has been open for several years and I may have, at the onset, established a password, however; since that time I have forgotten it. Why is it that now I am being asked for the password? Is there a way to circumvent the use of the password to be able to retrieve my e-mail, which I haven't been able to get now since Jan. 13, 2004. Help!!! Thanks!!!! Tag: Architecture for multiple servers Tag: 44639
  - 6
    - Messenger security Does MSN Messenger use H.323 for voice features. It has been mentioned that AIM uses the protocol (though AOL has yet to comment about it's vulernability to CA-2004-01). If Messenger does use H.323 (We know NetMeeting does), has Microsoft commented on it's possible vulnerability or if they are testing it? --jrs Tag: Architecture for multiple servers Tag: 44632
  - 7
    - Lost my MS search tool to Shop Nav ShopNav, a shopping search engine, appears everytime I hit the "search" button in IE. I cannot get rid of it. I want my regular MS search back. Can anyone suggest a fix. I have been to the "ShopNav" website where they have an uninstaller.... It does not work. (Suprising,,,eh?) Thanks Tag: Architecture for multiple servers Tag: 44629
  - 8
    - SID to Groupname. Hi, Is there anyway of recovering the SID of an old group to a newly created group with the same name? I suppose what im trying to do is SID mapping. Regards, Steve. Tag: Architecture for multiple servers Tag: 44628
  - 9
    - Storing User Certificates in Active Directory I need some help figuring out how to go about setting up the server and active directory to handle this problem. I have a secure website that distributes certificates for users to use to access their website. There are 3000+ users on our network and maybe a few hundred of these users will be needing access the website. Is there a way to store the certificates in Active Directory? I'm trying to centralize this as much as possible. Thanks for the help Sean . Tag: Architecture for multiple servers Tag: 44620
  - 10
    - scanning i was surfing tonight when a message i've never seen popped up saying that my computer was being monitored (i was doing a google search for haircuts and ended up on a porn site... i'm still trying to find the link between the two). anyway, this message had my ip adress, my os and other information that seems to me would be impossible to have if this wan't true. i posted something similar a few weeks ago because i was afraid that someone may have hacked into my computer and i can't change my security settings cause they're in korean right now. i may have gotten screwed by one of those fake msn security messages. can this be true???? if so, is there anything i can do to stop/block someone monitoring my computer?!?!?!?!? lesson learned: don't look for possible haircuts on the internet. thanks, worried in korea Tag: Architecture for multiple servers Tag: 44619
  - 11
    - norton antivirus and microsoft downloads I'm trying to download some new secuirty measures from the microsoft web site. I'm able to download them to my desktop but when I try to run them from there to my computer the wizard just seems to disappear from the screen. I'm also having the same problem with norton anti- virus 2004. I'm able to download it from the disk but when I try to run it from the desktop it either does not respond or when it does it disappears form the screen. Can anyone help? Do I need to reload XP? I went to the symantes web site for help and have tried everything nothing seems to work. Tag: Architecture for multiple servers Tag: 44618
  - 12
    - Win2k3 Web Edition - Usage of EFS I'm trying to secure a co-loc server as much as possible, so I figgured, let me encrypt all the folders with sensitive data, including the folder with website data for IIS Well it seems IIS does not like this at all and refused to work properly. I'm expecting a different NTFS user account is used for the EFS method So is there any way to configure/use EFS so that my original idea would work? Tag: Architecture for multiple servers Tag: 44617
  - 13
    - Spoofed Microsoft Security Alert The Creators of the spoofed Microsoft security alerts whith a so called Microsoft security patch Attachment (Virus Dropper), have got more clever. I received a new spoof today with no attachment, however a cursory glance through the source code before opening showed nothing to make me belive it was not a Microsoft Security allert. I Missed one tiny piece of code that on opening attempted to download an ActiveX control. Thankfully my settings blocked this. Be Warned. If Microsoft would like to contact me I will forward the email. Yours Philip Bailey Tag: Architecture for multiple servers Tag: 44616
  - 14
    - L2TP/IPSec from XP client to Windows 2003 Server Does anyone have this configuration running I'm getting an error which indicates that there i no certificate installed on my client, but the mm shows a valid certificate I think this is a bug --pjc Tag: Architecture for multiple servers Tag: 44603
  - 15
    - hotmail yesterday my hotmail account have been hack into and all my emails between a friend and me has been send out to all her friends using my account. she has then blame me for doing it and hated me and have left me. i hope that some one here can help me find out who this love rival is and is it possible to trace the email that have been send out form my account for the last two days. the time and location where the emails have been send . i am willing to pay for any information or investigation that you can help me provided that the information is useful . currently you can email to me at davelim4@yahoo.com Tag: Architecture for multiple servers Tag: 44589
  - 16
    - Malicious Script HelpCtr.Exe Running WinXP Home I hope someone will bear with me and read this. It sounds complicated I guess, but I have tried to pare it down to just a few words and that just won't work. And if anyone has a better idea than reformatting and reinstalling I would be SO grateful for the advice. Problem began with a sudden drastic decline in dial-up connection speed. Initially blamed my ISP, pretty much cursed them out over a couple of day. (I have since apologized!) After updating VirusScan and SpyBot, which I routinely do anyway, and finding no problems there. I started the modem troubleshooter. Should have begun there. Several pages into the troubleshooter I get a Norton Warning Window that there is a Malicious Script HelpCtr.Exe and recommends that I block it. It does not offer to quarantine it. I delete it. It has no effect. I have script blocking on as a default, but it appears not to have caught this. I do a search on the file name. I come up with 3 exact matches, and one additional match with an extended string following the extension. They are as follows: helpctr.exe in C:\WINDOWD\$NtServicePackUninstall$ Aug/18/2001 helpctr.exe in C:\WINDOWS\ServicePackFiles|i386 Aug/29/2002 helpctr.exe in C:\WINDOWS\PCHEALTH\HELPCTR\binaries Aug/29/2002 HELPCTR.EXE-0BD5B31B.pf in C:\WINDOWS\prefetch Current date All capitals are exactly as shown in the search result window. The first three files appear to be legitimate. Their age and the properties screen which says Microsoft is the origin lead me to believe they are legitimate. So I assumed the last one, with the long string followed by .pf was the culprit. So I deleted it. No effect. If I disconnect and reconnect, it is at the same low speed, and the trouble shooter finds the script again. Rebooting does the same thing. Went through this several times. Same result (non-result?) (I also deleted ALL of them at one time,I got warnings of possible instability which I ignored, But doing so immediately affected everything! From mouse clicks to keyboard function! So I restored them and rebooted!) Obviously (to me) something unknown is regenerating this file! It is this I must find! Anyone having a clue what is causing this? In the last 2 days some other odd things have occurred which I will not detail here, but it leads me to logically assume that whatever is invading my system has more nasty things to do than just slowing down my internet connection. I did a search on Google/groups and there are literally thousands of entries dealing with problems with HelpCtr.exe, all of them seemingly affecting a different aspect of Windows. Some can't print. some can't network, and on and on. Looked it up on Symantec's page, got three hits, none of which related in any way to my situation. (And Norton, BTW, no longer supports a TWO YEAR OLD version of AntiVirus. And even if you qualify for support they do not offer support to get rid of a problem. Only support is for installation and general use of the program. Have used Norton for 10 years. Never again. End of rant) The basic support from Dell is to Back up data, reformat and re install. I'm at the point that I might be willing to do it BUT here's at least one problem with that: If something is generating this malicious script how am I to determine what is safe to backup and what is not. Just backing it all up does not make any sense to me. I hope I have not lost your interest by going on too long and that all of this makes some sense. Hopefully Grape Crusher Tag: Architecture for multiple servers Tag: 44579
  - 17
    - Outlook/Security Problems??? It appears that when some attachments are included with an e-mail Outlook enters in and makes it impossible to save the attachments or open them. It does not consistently happen and there is no indication that it happens because of a potential virus. Is this an Outlook problem, a Security issue, or ??? I don't know how to resolve this. I need these attachments. Any advise is appreciated. Tag: Architecture for multiple servers Tag: 44569
  - 18
    - email notes I keep recieving an email that says it is from Microsoft anf that I shoudl down load this patch immediately. How do I know if this is real or a virus attack? Tag: Architecture for multiple servers Tag: 44566
  - 19
    - checking the ports How do I check if the ports on my network are open and forwarded? Tag: Architecture for multiple servers Tag: 44563
  - 20
    - Network Trouble Ive been using Windows Media Encoder 7 with no real problems until we installed a local network in our house. My computer runs off an internet connection which i access through the network. Now when i try to broadcast through media encoder 7...only people on the network can access it through windows media player? How can I sort this out? Thanks Tag: Architecture for multiple servers Tag: 44551
  - 21
    - SUS server Is is possible to use SUS server on 1 network that is connected to the Internet to recieve updates, then sneaker net the updates to another SUS server that CAN'T connect to the Internet. If not, it might be a good feature for new version, lot of us run networks that can't be connected to the Internet. Thanks Kevin Parks Tag: Architecture for multiple servers Tag: 44548
  - 22
    - highjackthis log file I ran highjackthis after some advice I recieved this is the log file that it created, what do I do with this? Logfile of HijackThis v1.97.7 Scan saved at 9:18:38 AM, on 1/25/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\WinHelp.exe C:\WINNT\system32\internat.exe C:\Program Files\AIM\aim.exe C:\WINNT\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINNT\system32\rundll32.exe C:\PROGRA~1\WINZIP\wzqkpick.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\WINZIP\winzip32.exe C:\unzipped\hijackthis[1]\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com/search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com/search/ie.html O2 - BHO: NavErrRedir Class - {0428FFC7-1931-45b7-95CB- 3CBB919777E1} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644- 206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E- 00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [WinHelp] C:\WINNT\system32\WinHelp.exe O4 - HKLM\..\Run: [WinGate initialize] C:\WINNT\system32 \WinGate.exe -remoteshell O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s O4 - HKLM\..\Run: [Remote Procedure Call Locator] RUNDLL32.EXE reg678.dll ondll_reg O4 - HKLM\..\Run: [Program In Windows] C:\WINNT\system32 \IEXPLORE.EXE O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: AIM (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl .CAB?37990.6304976852 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swf lash.cab thanks in advance Tag: Architecture for multiple servers Tag: 44536
  - 23
    - Client Certificates Pardon my ignorance in the area of Certifiate Services. In the questions I may have made incorrect statements. I would greately appreciate if you could correct me. I am generating client certificates using win2k3 Certificate Services. After creating the certificate, I export it using public/private key pair into .pfx. file. I then import it to client machine personal store. In the personal node there are now 2 certificates. I am assuming it is a public client certificate and public CA certificate. Where does the private key get stored? If it is stored in some hidden place, how can I check what private keys have been imported to date? How can I delete them? Is the private key the same for all certificate for that CA? or is there different private key for each certificate for that CA? Thanks in advance Tag: Architecture for multiple servers Tag: 44527
  - 24
    - VIRUS REMOVAL I've found that I have a virus calledADW_RULEDOR.C in my C:/system volume information. It is currently in quarentine, however I would like to manually clean it myself. Can anyone tell me if these files are important and will I damage my computer by trying to delete or mess about with it, also how do I get rid of this virus file? Tag: Architecture for multiple servers Tag: 44522
  - 25
    - Someone using my MSN ID and email ? I cannot say for sure, but I usually get a good 30-40 emails per day with about 5-8 being Spam, the others are alot of Microsoft newsletters and other computer newsletters and then about 5 real emails. This number very rarely varies more then just a few. On a couple of times logging in over the last few weeks, I have gotten maybe 5 emails altogether and have had friends say they email me, but I never received the email. This has never been a problem on MSN except years ago when a "friend" found my login info and was diverting mail. I just changed the password again, (last time that helped for about 10 days) and so far....at least for the last few days I am back to receiving my normal emails. However over the last week (before I changed the password again) there was a very large drop in the emails that I received. Is there anyway to get basically a "log on file" from MSN that would show what IP's people used to logon to my account ? This would at least limit the people that might have access to the email. Not sure if this is something for Microsoft Privacy or Security or what. The general customer service just give me thee pre-canned message to change your password often. The last password I used was a long one (about 18 characters) and I do not know any other way around this. Any ideas out there as this is something I really do not like very much ! Thanks. -- Tedd Riggs PDA Square Content Developer www.pdasquare.com Tag: Architecture for multiple servers Tag: 44519
- Next
  - 1
    - System Back Date I am pretty new to the pc world. I bought my pc in Feb last year, and up until August, it was working fine. Then the problems started. and have multiplied 1000 times. Q.... If I back date the system to July, would this get rid of all my problems? And would I lose any programmes i have since installed? What data would remain and what would be lost? Tag: Architecture for multiple servers Tag: 44511
  - 2
    - SpywareBlaster After loading Spybot and Ad-aware, I am still not able to get rid of some spyware. I have now loaded SpywareBlaster, which still cant stop them. eg. This is how it looks on Spybot: Look2Me: ClassID HKEY_CLASSES_ROOT\CLSID\{DDFFA75A-E81D- 4454-89FC-B9FD0631E76} In SpywareBlaster, I click Tools ; CustomBlocking ; AddItem. I then have to fill in 1)Name for New Item. 2)Enter the new Item's CLSID. From the 'Look2Me' example above, what do I type in for these 2 requests? Thank you Tag: Architecture for multiple servers Tag: 44510
  - 3
    - How do i limit IE to One site only? Dear Sir, I created user mahindra on my computer with windows 2000. This user should access only one web site only for example www.tmahindra.com. How can i configure this? Any help would be appreciated. Thanks in advance for the trouble that you have taken, Swamy Putta Tag: Architecture for multiple servers Tag: 44508
  - 4
    - Auto login question I have a Media Center PC set up on a home network with other XP Pro PCs. In terms of sharing files and printers, I have found that I need to create accounts with the identical names/passwords on each computer. I have also found that using a blank password on both sides of connection doesn't seem to allow sharing to work very well. So, on my Media Center PC I need to create a password for the primary account in order to be able to access the printer on another one of my PCs. However, I do *not* want to have to type in a password every time I turn on the TV a.k.a my Media Center PC. So is there a way to have an account with a password but still get an automatic login? Or perhaps there is a way to make the Windows networking or security not be so picky about blank passwords? -- Keith Tag: Architecture for multiple servers Tag: 44507
  - 5
    - System Backup I am trying to figure out how to backup my system without a backup option in system tools??? I am using windows xp home. I bought it new with home edition already installed. Tag: Architecture for multiple servers Tag: 44500
  - 6
    - My Explorer has been invaded 1) My default web page keeps getting replaced with another which is an undesired search engine 2) My Favourites gets loaded with URL's at Start-Up 3) My Internet Explorer starts automatically and goes to undesired web sites ========== I leave my laptop ON at nights when I go home so that IT folks can remotely access and perform updates, backups, etc - but I know some night folks have used it to surf the net - ========== Is there a cure for this? seems like something has been installed in my Lap Top. Tag: Architecture for multiple servers Tag: 44495
  - 7
    - e-mail invaded Can someone please tell me how to fix the following problem? I have received several un-deliverable msgs to e- mails that I did not send but appear to have originated from my home e-mail account. The e-mail subjects are all spam. Someone has hacked into my e-mail & I do not share my computer with anyone. Please Help! Thank you. Tag: Architecture for multiple servers Tag: 44494
  - 8
    - Outlook I'm getting a message that there is a program trying to acces my contact list, it gives me the option of allowing it to acces for a 1 to 10 minutes or to not allow... it says it might be a virus so i dont allow it... but all it does is it closes and then it shows up again... i thought it was spyware so i went to http://mvps.org/winhelp2002/unwanted.htm and got the freeware and all but it still shows up! by the way what exactly are registry keys and how important are they? please help me... Tag: Architecture for multiple servers Tag: 44492
  - 9
    - 403 forbidden all of sudden i have stated recieving the message HTTP 403 FORBIDDEN on anything i try to download, help please Tag: Architecture for multiple servers Tag: 44485
  - 10
    - Virus??? I got an email from a friend, who got an email from another friend stating that "jdbgmgr.exe" was a virus and we should delete it from our computer. I think this is acutally part of the Windows operating system. Can anyone help me with this? Thanks!! Tag: Architecture for multiple servers Tag: 44481
  - 11
    - IP addresses Is there anyway you can find out a persons name if you have an IP address? Or where they are located or any other information to find out who the IP address belongs to? Tag: Architecture for multiple servers Tag: 44480
  - 12
    - What are these ping things? Please help! I'm a very new user and I've just found out that my computer is at risk, but I can't get any info in how to block these ping things. Tried symantec site and microsoft but they don't tell me how to protect my computer. Any tips? Thanks. Tag: Architecture for multiple servers Tag: 44475
  - 13
    - IP address I recently have been getting error messages about "IP address conflict with another IP address"...a few days ago my screen turned blue and said that someone knows my IP address with a warning...was that just a spam sales promotion or could someone actually hacked into my computer now and cause problems or even steal information...Please help and advise... Tag: Architecture for multiple servers Tag: 44468
  - 14
    - MicroMonopoly aids Terrorism? "[T]he link is formatted to take advantage of an Internet Explorer flaw that allows an attacker to hide the true destination of the link; in this case, the address bar in Internet Explorer displays "www.fdic.gov," while the actual Web site is at a different address in Pakistan." - http://zdnet.com.com/2100-1105_2-5146716.html?tag=zdfd.newsfeed And I wonder who in Pakistan would want to know about the financial details about American citizens? Who in Pakistan would want to exploit the fears of the American populace for their own nefarious purposes? Who, indeed?! Is MS glacial response to fixing the address bar flaw also helping terrorists fund future attacks on the innocents? Stop dragging your feet MS, people are now possibly being terrorized in their homes because of your Swiss cheese software! Get a temp fix out that informs people of the misdirection at the very least, if it's really that effin' hard to fix fully. PROTECT YOUR CUSTOMERS FROM YOUR MISTAKE, *NOW*! This should be a lesson to everyone why you can't put all of computer security eggs in one monopolistic basket! Demonstrations of the Address bar vulnerability: http://www.microscum.com/misc/devil/ http://www.microscum.com/misc/intransigence/intransigence.htm Download & setup up Mozilla as your default browser, that way when you click on a link in email, you'll know what website you're really being taken to. http://mozilla.org/download.html Protect yourself, because MS's desktop monopoly gives them absolutely no incentive to fix their own mistakes for their monopoly locked-in customers! There should be an investigation into how MS's desktop monopoly has weakened the safety of the general public! -- Peace! Kurt Self-anointed Moderator microscum.pubic.windowsexp.gonorrhea http://microscum.com "Trustworthy Computing" is only another example of an Oxymoron! "Produkt-Aktivierung macht frei!" Tag: Architecture for multiple servers Tag: 44462
  - 15
    - Dialler 1on1 I have inadvertently lumbered myself with the dialler 1on1 which has been picked up by my anti-virus program Norton (Symantec) but attempts at deletion have failed. I have followed the instructions from Symantec Security Response but without success. Attempts at deleting C:\windows\10n1.exe fail - "Cannot delete access denied. Any advice? Tag: Architecture for multiple servers Tag: 44460
  - 16
    - Do I need more than 1 firewall? I have windows xp and it has its own firewall but is that enough ? Can you have 2 firewalls? Tag: Architecture for multiple servers Tag: 44459
  - 17
    - BillGates v. GeneralMotors For all of us who feel only the deepest love and affection for the way computers have enhanced our lives, read on. At a recent computer expo (COMDEX), Bill Gates reportedly compared the computer industry with the auto industry and stated, "If GM had kept up with technology like the computer industry has, we would all be driving $25.00 cars that got 1,000 miles to the gallon". In response to Bill's comments, General Motors issued a press release stating: If GM had developed technology like Microsoft, we would all be driving cars with the following characteristics: (and I just love this part) 1. For no reason whatsoever, your car would crash twice a day. 2. Every time they repainted the lines in the road, you would have to buy a new car. 3. Occasionally your car would die on the freeway for no reason. You would have to pull over to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason you would simply accept this. 4. Occasionally, executing a manoeuvre such as a left turn would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine. 5. Macintosh would make a car that was powered by the sun, was reliable, five times as fast and twice as easy to drive - but would run on only five percent of the roads. 6. The oil, water temperature, and alternator warning lights would all be replaced by a single "This Car Has Performed An Illegal Operation" warning light. 7. The airbag system would ask "Are you sure?" before deploying. 8. Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna. 9. Every time a new car was introduced car buyers would have to learn how to drive all over again because none of the controls would operate in the same manner as the old car. 10. You'd have to press the "Start" button to turn the engine off. Please share this with your friends who love, but sometimes hate their computer! Tag: Architecture for multiple servers Tag: 44451
  - 18
    - Interland and Microsoft Security Update Virus Do not open or click on emails saying they are from security-center@microsoft.com with the subject "Security warning" Visiting the page in question will try and download a virus on your system, interland is hosting these jerks and has been notified and done nothing. http://www.donotreply.com/archives/000006.html Tag: Architecture for multiple servers Tag: 44448
  - 19
    - Win2k3 Web Edition, where is the protection? <rant I'm really irritated at Microsoft for not caring about security. Didn't Nimda, CodeRed, Blaster, etc. tell them anything yet How on earth can they not ship a simple statefull packet firewall with the 'Web Edition' version, like they do with WinXP and the other 2k3 server editions </rant Which brings me to the following question. Since IPSec is now the only other way for me to secure the box, how on earth does one define an IP range instead of single IPs. I want to limit access to TCP port 3389 for Remote Desktop to a dynamic IP range that my ISP carries. I got no trouble setting this up with IPsec, but the GUI doesn't allow for an IP range, only one IP at a time, and I refuse to create 5 * 255 entries to cover the dynamic spread of IPs my cable modem might end up with. Tag: Architecture for multiple servers Tag: 44435
  - 20
    - e-mail if anyone can help re my previos message please e-mail me on nigel974@msn.com thanks Tag: Architecture for multiple servers Tag: 44399
  - 21
    - e-mail i use outlook express & i have received en e-mail from microsoft security centre about downloading a security patch, anyhow i have been told that microsoft does not do this, you have to use windows update. i was told that someone is using microsoft identity in an e-mail to give people a virus, is this true. thanks mr lock Tag: Architecture for multiple servers Tag: 44398
  - 22
    - Problem setting a SecurityDescriptor using ADSI Hello, I have just run into an interesting problem when setting a Security Decriptor on an NTFS file. I get the following error: Run-time error '-2147023589 (8007051b)': Automation Error This security ID may not be assigned as the owner of this object. I am logged in as the Domain Administrator, and I haven't tried to change the ownership, I've simply added an ACE and tried to save the DACL with the same (untouched) SecurityDescriptor (i.e. objSecurity.SetSecurityDescriptor "D:\SecTest", ADS_PATH_FILE, objSecDesc, ADS_SD_FORMAT_IID ) I was trying to add code to change the owner programmatically, so I went and "manually" set the owner to another (non-admin) account to see if I could pick up the change of ownership in my code, and then discovered that while the owner was set to the non-admin account, I would get this error message whenever I tried to write the SD, even though that account is already the owner, and I'm not trying to change the ownership, just the DACL! I would really appreciate any help you could give me... I obviously can't deploy the component if it blows up when a different owner is set on file... Thanks in Advance! John Harvey ---- Go! Canucks, Go! http://www.canucks.com Tag: Architecture for multiple servers Tag: 44393
  - 23
    - Security Alert Can anyone direct and advise me on why I am getting this security warning wwhen going to any secure website. The security Alert reads as follows: Security Alert Revocation information for the security certificate for this site is not available. Do you want to proceed? I have researched this problem but have not come up with any answers. You may reply to my email address at crzycook_85205@yahoo.com Thanks in advance for any info you can provide..Rae Tag: Architecture for multiple servers Tag: 44387
  - 24
    - server.exe process running in task manager We found a process running in task manager on our NT 4.0 6a server that we are not familiar with...is there a command or other method to determine what the process is associated with? The process is called server.exe. Can't find anything on the MS site. Any deas what this is? Thanks Tag: Architecture for multiple servers Tag: 44376
  - 25
    - Browser Security Hi All, my internet explorer's default home page keeps getting changed by something. Everyday I have to go to tools and then reset web settings. Why and How does my default page keep getting changed? Thanks in advance for any responses. Tag: Architecture for multiple servers Tag: 44372

Hi All,
I am about to upgrade our NT 4.0 servers with 2003 servers. I anticipate
that I will have either 3 or 4 servers operational. One will be for
Exchange, one for Oracle, one for Terminal Server connections, and a fourth
for File sharing and storage. I may be able to squeeze the file storage to
the Terminal Server, but not sure.
Anyway, our current architecture is:
public IP to Nortel Contivity box for VPN access

public IP to NIC1 in exchange server
private IP to NIC2 in exchange server
exchange server performing proxy et al to the local network

I would like to make this more secure. First, and foremost, I understand
that by default 2003 server IIS is MUCH better than 4.0 was. My question
is: should I have a hardware firewall put in place, and route the traffic
based on ports? Should I have 2 NICs in the new exchange server?

I want to do this one right, since I had no say in the original NT system we
are currently using.

Thanks for any input!

Jerry

Top

RE: Architecture for multiple servers by garyw

garyw
Tue Jan 27 10:17:55 CST 2004

Jerry,

Your question on how best to secure your servers is a good one, but the
answer encompasses much more than your firewall configuration.

Please refer to these resources for additional information.

1. This is the Security Operations Guide for Windows Server 2003.

http://www.microsoft.com/downloads/details.aspx?FamilyID=8a2643c1-0685-4d89-
b655-521ea6c7b4db&DisplayLang=en

2. This is the Threat and Countermeasures document. It is a companion
document to the Windows Server 2003 SOG:

http://www.microsoft.com/downloads/details.aspx?FamilyID=1b6acf93-147a-4481-
9346-f93a4081eea8&displaylang=en

3. This document is very good regarding Web applications.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/ThreatCounter.asp

4. This is the Security Operations Guide for Exchange 2000.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
prodtech/mailexch/opsguide/default.asp

5. This is the Authoratitive Security Guide for the Enterprise:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bestprac/default.asp

I know this is a tremendous amount of information to absorb. It covers the
important concepts of defense in depth, patch management and firewall
configuration.

Thanks.

Gary Whitley

This posting is provided "AS IS" with no warranties, and confers no rights.

Top