Controlling CRL validity period for MSCA

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Supposedly freeware I recently downloaded what I was told was a freeware trial version of Microsoft Excel, and I was stupidly roped into believing it. However, I went online and was redirected to the 'Licence Migration' page as my PC detected copied software was being used. I deleted the program that was in question, as when I opened it it was registered to someone called 'Dario' (not me anyway!) However, I am a bit concerned that Microsoft may think I am using pirated software. Is there any way I can email them to let them know of the situation? If anyone can email me at chrisbo@lycos.com to let me know I would be grateful- cheers! Tag: Controlling CRL validity period for MSCA Tag: 25268
  - 2
    - any help would be great had some errors pop up thought i might get some help with...i run xp home log in to aol and use IE6 as browser errors are cool snac supersub.dll 0001:000041bb,3fd0,4126.....any clue what these are and does it have any connection to my not being able to stay connected for long periods of time on my dsl?.........am i doomed? lol hellp.......thanks Tag: Controlling CRL validity period for MSCA Tag: 25264
  - 3
    - WebDAV on IIS6 - security problems I have a probem with WebDAV on IIS6 (Windows Server 2003) not respecting NTFS file permissions. The shared web folder is configured on the web site to not allow anonymous access, and to use integrated windows authentication. Access from the client (Windows 2000) is using Add Network Place under My Network Places in Windows Explorer. Two issues: 1. Files created on the server (ie uploaded through WebDAV from a client) are owned by the Administrators group, not by the user that logged in. 2. When connecting as a user that does not have browse access to a subdirectory, repeated attempts in windows explorer of - right-clicking the folder under web folders in the left pane - choosing "explore" to create a new windows explorer window eventually give me (2-3 attempts) an explorer window allowing full access to ALL of the shared web folders and sub folders -- even write access to folders which NO users (apart from Administrator) have access. Tag: Controlling CRL validity period for MSCA Tag: 25245
  - 4
    - Official security patch for OE??? Is this an official e-mail from Microsoft? I have received a few of these, but have not opened the attachments until now as this one came up with it being affected with the W32.Gibe.B@mm virus. The attachment name was Q367392_exe.dat and it came with a text file as well explaining that the last character of this attachment had been changed. Could someone please put my mind at rest? Message body of e-mail appears below: Microsoft Corporation Customer this is the latest version of security update, the "July 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches. System requirements Win 9x/Me/2000/NT/XP This update applies to Microsoft Internet Explorer, version 4.01 and later Microsoft Outlook, version 8.00 and later Microsoft Outlook Express, version 4.01 and later Recommendation Customers should install the patch at the earliest opportunity. How to install Run attached file. Click Yes on displayed dialog box. How to use You don't need to do anything after installing this item. Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact us. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies. Thank you for using Microsoft products. Best wishes from Microsoft Corporation Internet Security Section ---------------------------------------------------------------------------- ---- ©2003 Microsoft Corporation. All rights reserved. The names of the actual companies and products mentioned herein may be the trademarks of their respective owners. Kol ----------- "I have travelled the length and breadth of this country and talked with the best people, and I can assure you that data processing is a fad that won't last out the year." The editor in charge of business books for Prentice Hall, 1957 Tag: Controlling CRL validity period for MSCA Tag: 25240
  - 5
    - update216.exe I'm not sure if I'm inthe right newsgroup for this query but I hope soemone can help. I recently received, unsolicited, the above update (update216.exe) from Microsoft re internet security. WhenI tried to open it and downlod my Norton virus software said it contined a virus that it was unable to fix. HAs anyone had similar problems adn are these updates really from Microsoft regards Peter Murphy Tag: Controlling CRL validity period for MSCA Tag: 25236
  - 6
    - 802.1x and Windows 2000 client We try to implement 802.1x authentication on our network. But specificity is, that not all computers are equipped with SP3. And the plan is to make a quest(buffer)VLAN for such computers. But the problem is that Windows 2000 once entered to "quest" VLAN on Windows startup don’t want re- authenticate with domain username and password after they entered. Also if we initiate re-authenticate port from switch, Windows 2000 802.1x don not release/renew computers ip address after it move to new VLAN. List of components: 1 WS - Windows 2000 with SP3 and 313664 802.1xhotfix 2 Cisco ACS 3.2 server 3 Windows NT 4.0 domain 4 Cisco Switch 6513 CatOS 7.6.2 Tag: Controlling CRL validity period for MSCA Tag: 25235
  - 7
    - Certificates Hi, We have Windows 2000 Server, Active Directory, a CA setup as Enterprise. and Exchange 2000 running across 5 servers with 60+ Windows 2000 client PC's. Word is used as wordprocessor with macro and VB security set to high. I have created a number of custom toolbar, forms, docs, etc for use with Word and digitally signed them using a security certificate created with selfcert. All the toolbars, forms etc created are only for internal use My question is, how do I setup CA to automatically issue my selfcert created certificate to each client PC as and when it needs it? I don't fancy having to go to each PC to install it. Thanks in advance Tag: Controlling CRL validity period for MSCA Tag: 25234
  - 8
    - Microsoft is sending updates unsolicited? Is this legit? I suspect not. I am not inc. the attachment. =20 I received the following email today: Microsoft User=20 this is the latest version of security update, the "July 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet=20 Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your=20 computer from these vulnerabilities, the most serious of which=20 could allow an attacker to run executable on your system. This update=20 includes the functionality of all previously released patches. System requirements Win 9x/Me/2000/NT/XP=20 This update applies to Microsoft Internet Explorer,=20 version 4.01 and later Microsoft Outlook, version 8.00 and later Microsoft Outlook Express, version 4.01 and later =20 Recommendation Customers should install the patch at the=20 earliest opportunity.=20 How to install Run attached file. Click Yes on displayed=20 dialog box.=20 How to use You don't need to do anything after installing=20 this item.=20 Microsoft Product Support Services and Knowledge Base=20 articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products,=20 please visit the Microsoft Security Advisor web site, or Contact=20 us. Please do not reply to this message. It was sent from an=20 unmonitored e-mail address and we are unable to respond to any=20 replies.=20 Thank you for using Microsoft products.=20 With friendly greetings,=20 MS Public Services ----------------------------------------------------------- --------------------- =A92003 Microsoft Corporation. All rights reserved. The=20 names of the actual companies and products mentioned herein may be the trademarks of=20 their respective owners. Tag: Controlling CRL validity period for MSCA Tag: 25221
  - 9
    - Invalid Password I signed out of all applications (ie yahoo, ebay, hotmail) last week prior to vacation. Upon my return, I'm able to connect to the internet, but when I select certain applications, specifically my primary email account in yahoo, as well as ebay, I am receiving an invalid password message. My password has not changed and I am trying to figure out what is causing this. This is not an issue of needing to reset or get a new password, because it has not changed. I talked to compaq, earthlink, and neither could help me out. Earthlink thought it was a gliche where I needed space, but if that was the case, they I would think I could log on from another computer. I've already adjusted cookies, security and privacy settings as well as condensed space. Thanks to anyone who can provide any help Tag: Controlling CRL validity period for MSCA Tag: 25218
  - 10
    - Invalid files/folder names that cannot be deleted or renamed. I have a windows 2000 server the files and folders that somehow got on the computer and now they can't be renamed or deleted. How can these be deleted? Dan Tag: Controlling CRL validity period for MSCA Tag: 25212
  - 11
    - Strange File appeared on me desktop from no-where A strange file has appeared on my dektop seemingly from no- where. It is apparently virus free and is named 'hs_err_pid' followed by several numbers and seems to be some kind of error log. When opened with notepad, it seems to refer to some kind of Java violation which is beyond my ken. Does anyone know wot this is about? Tag: Controlling CRL validity period for MSCA Tag: 25211
  - 12
    - ms 2k3 security flaw is the link true? http://story.news.yahoo.com/news? tmpl=story&u=/nf/20030717/tc_nf/21919 if so, aside from downloading the security patch, what other methods do we need to protect win 2k3 server? Tag: Controlling CRL validity period for MSCA Tag: 25210
  - 13
    - Delegating AD access Delegation of Windows 2000 Active Directory has been established for our technical staff and has limited their access to a degree that allows them to function well. However, they have access to disable/re-enable user accounts, which we want to deny. I've searched through the object classes on the user object, but cannot find the specific setting that will prevent this access. Any ideas? Thanx Tag: Controlling CRL validity period for MSCA Tag: 25206
  - 14
    - Error Msg when I select the Security Tab in IE 6.0 I have a problem with IE 6.0.2. Whenever I go to Internet Options and select the Security Tab, I get an error message and IE shuts down. The error message is attached here. How can I fix it? MSIMN caused a general protection fault in module MACXW4.DRV at 0001:00000fa4. Registers: EAX=7b9e047f CS=023f EIP=00000fa4 EFLGS=00000246 EBX=00009ae8 SS=42af ESP=00009aec EBP=00009b50 ECX=00000040 DS=071f ESI=0000bf86 FS=3f3f EDX=000000ea ES=047f EDI=00009b2e GS=7b9e Bytes at CS:EIP: 66 26 ff 2e a0 e0 66 5e 66 50 1e b8 7f 04 8e d8 Stack dump: 05bf2119 00000000 7b9e0000 6c7f0000 071fbfd4 42af9b3a 00000040 01cc00ca 1fbe0000 00000020 071f2c04 2c0420c9 00002c04 00000000 00007b9e 00000000 Tag: Controlling CRL validity period for MSCA Tag: 25203
  - 15
    - CRL publish & validity times.. Hi, MS Certificate Authority's documentation has following on it: "..there is a difference between a CRL publish period and the validity period of a CRL. The publish period of a CRL is established by the CA administrator. However, the validity period of the CRL is extended from the publish period to allow for Active Directory replication. By default, Certificate Services extends the publish period by 10% (up to a maximum of 12 hrs) to establish the validity period....There are registry entries which allow an administrator to control the variance between publish period and validity period to allow for slower directory replication. Refer to the Windows 2000 Resource Kits for information about these registry entries. " I am interested in knowing the configuration entries to control the actual validity period. I looked into Windows 2000 Server resource kits but could not find it anywhere. I noticed a registry value called CRLEditFlags in the CA's configuration registry key but dont have any documentation on it explaining how I can do the above. Also for my test CA the validity period is not being extended by 10% of the publish period - it seems quite arbitrary. Any help will be appreciated. rgds, Jayant Tag: Controlling CRL validity period for MSCA Tag: 25198
  - 16
    - Error using "Groups" method for IADsUser I am getting an error (Number=5 Desc =Invalid procedure call or argument) when I execute the following code. The error is occurring on the "For each" line: 'START CODE ================================ Dim myDomain As IADsDomain Dim myUser As IADsUser Set myDomain = GetObject("WinNT://" & sDomain) Set myUser = myDomain.GetObject("user", Username) For Each grp In myUser.Groups Debug.Print grp.Name Next 'END CODE ================================ Can anyone tell me why. I am running Windows NT 4.0 SP 6a . Tag: Controlling CRL validity period for MSCA Tag: 25194
  - 17
    - messenger pop-ups How do I turn off messenger? I have been inundated by some sleezy companies trying to sell me a pop up stop service for $24 to stop THEIR POP UP'S. MessengerBuster.com, StopMessenger.com, KillMessenger.com. I believe it is the same company claiming to be out of California with email the only way to communicate to them. They now are sending bogus stock tips...driving me nuts. They all should go to jail. Tag: Controlling CRL validity period for MSCA Tag: 25188
  - 18
    - pop ups hey, i need some help to get rid or pop ups, the ads and stuff that comes through "messenger service", is there anyway to get rid of these coming up? if so please can someone tell me. thanks. Tag: Controlling CRL validity period for MSCA Tag: 25186
  - 19
    - Active X when trying to access a virtual tour of a home the following shows: "Your current security settings prohibit running Active X controls on the page." the virtual tour does not appear. how do i fix this? i'm not an expert on the computer so please make the answer simple. thank you. Tag: Controlling CRL validity period for MSCA Tag: 25173
  - 20
    - Odd problem with File Encryption Summary: Windows denies me access to my own encryped files, what could have caused it and how do i remedy it so i can access my files again?? Any help would be greatly appreciated I have encryped multiple folders with the built-in Windows XP pro encryption software (accessible from a file's properties). Without my knowlege of any changes, the encryption suddenly stopped allowing me access. I checked the certificate itself and it has not expired, and is quoted in the properties for the certificate as being "OK", it is present in my trusted certificates folder. When i attempt to request or renew the certificate with the same key it states that the certificate has no private key (yet in properties it says i have a private key, an odd discrepancy) (I also don't know where this "private key is or what it is) When I try to reqest or renew it with a new key it says "The Wizard cannot be started because it failed to contact the active directory" I only have one username on my computer and have not changed the username, how could i have lost access to my files???? Tag: Controlling CRL validity period for MSCA Tag: 25172
  - 21
    - New security download I have Windows XP home addition and I heard that there was a download for security against viruses, hackers, etc at the Windows homepage. I downloaded the file and I have found that I have difficulty getting onto the intenet via my server. Has anyone else had this problem? Gary Tag: Controlling CRL validity period for MSCA Tag: 25159
  - 22
    - Encrypt connection channel (Been reading other messages on this subject but could not find an answer, that is why I'm posting this. Please note, although I have posted to several groups, I've set follow-to microsoft.public.sqlserver.security in case I posted to where I shouldn't have, sorry if I have). Using + ASP.Net + SQL Server 2000 + Windows 2K Adv. Server. It is possible to encryp data that is exchanged between ASP.Net server in DMZ and SQL Server in secured zone? By that I mean securing all that data that passes though the firewall on port 1433 between ASP.Net and SQL Server. I guess there are two aspects to this question: 1 Encrypt the connection string that is used to make a connection, ie pass and ancrypted connection string from ASP.Net to SQL Server to make a connection. Does ADO.Net and SQL Server support this feature? 2 Encryption of sensitive sensitive query data that is exchanged between ASP.Net and SQL Server. By this I mean storing the data in cleartext, then have it ecrypted while it is in transition from the DB server to ASP.Net then have in decrypted back into cleartext in ASP.Net application. Is that possible? I suppse if either of the above is not possible then I will have to store the sensitive data into the DB encrypted and have it decrypted after reading. The problem with this method is that session keys cannot be used: the key used for encryption / decryption needs to be fixed for all time. Please help. Tag: Controlling CRL validity period for MSCA Tag: 25153
  - 23
    - FYI: Autodesk reports data files corrupted after installing Windows 2000 SP4 MAX and DRF files are corrupted after installing Windows® 2000 Service Pack 4 Published date: 2003-07-14 ID: TS81105 Applies to: Autodesk® Architectural Desktop 2004 Autodesk® Building Systems 2004 Autodesk® VIZ 4 3D Studio VIZ® R3i 3D Studio VIZ® R3 Issue You installed Service Pack 4 for Windows® 2000, and you can no longer use Autodesk® VIZ 4, 3D Studio VIZ® 3i, or 3D Studio VIZ 3.0 to open MAX files that were saved after the service pack was installed or VIZ Render to open DRF files that were saved after the service pack was installed. http://usa.autodesk.com/adsk/servlet/ps/item?siteID=123112&id=3431487&linkID =2476059 Tag: Controlling CRL validity period for MSCA Tag: 25152
  - 24
    - Bots I had an attack on my WIN2K Server recently. I have removed most of the files except there are three bot files: (mybot.log, mybot.xdcc, mybot.xdcc.bkup) which I can not delete. How can I get rid of them? Also, I have a TCP Connection that I want to get rid of. How would I do that? It appears to have been tied to an IRC Services. using Port 5631 Tag: Controlling CRL validity period for MSCA Tag: 25151
  - 25
    - 128 bit security After downloading Explorer 6 128 security was not installed. cipher reads 0bit, have tried various patches but nothing changes. Tag: Controlling CRL validity period for MSCA Tag: 25147
- Next
  - 1
    - getting pdf files After installing some Microsoft upgrades to my XP Professional laptop, Outlook Express will now not allow me to receive PDF files. How do I defeat this security measure? Thanks, prh Tag: Controlling CRL validity period for MSCA Tag: 25139
  - 2
    - Password Reset Disk. Hi , i have a very small problem with windows xp pro , i have created a password restore disk , i no longer require this , the only problem is when i log in , instead of the standard windows (your password is inccorect) box, when you type the wrong password , it still comes up with do you want to use the restore disk prompt , how do i stop it from displaying the restore and make it go back to the normal window ? Tag: Controlling CRL validity period for MSCA Tag: 25135
  - 3
    - File with no permissions I have ftp'd a file to an NTFS drive, but it does not appear to have any permissions applied, and when I try to delete I get access denied - maybe in use. File is not in use, as far as I can tell, but has no permission properties. How can I remove? I downloaded perms.exe (resource kit) and it could not read any permissions. Anyone know of any tools available? Tag: Controlling CRL validity period for MSCA Tag: 25121
  - 4
    - internet explorer Internet Explorer has suddenly become unable to access the Internet if I have Norton Internet Security enabled. I get "Unable to link to Web Page", "Cannot locate Inernet Servier or proxy server". Neither AOL nor Norton have been able to help. Anyone have any answers? Thanks Tag: Controlling CRL validity period for MSCA Tag: 25119
  - 5
    - Sign To Look For If Your Computer Is Hacked Copyright 2003 by Tracker. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher. SIGNS YOUR COMPUTER IS HACKED/OWNED: 1. Hackers disable your Daylight Savings Time 2. The clock on the desktop can be one hour behind or one hour ahead on occasion. 3. Your Network Places Icon on the desktop disappears. 4. If using a Windows platform, when you start your computer, your original screen will pop up, but since the hackers need to boot into their server, the system will quickly re-boot and the original screen will appear twice instead of only once. Your system may re-boot twice instead of once when loading some OEM versions. 5. If your computer system occasionally re-boots on it?s own, again, the hacker may need to update their Hosts and Servers to make the computer system function properly. 6. If you play Yahoo Games, you may find yourself being kicked out of the board your playing in. What is worse is if your winning a game and your the host of the board, the hacker may kick you out and not let you back in. When a computer system is hacker proof, you will rarely get booted out of a Yahoo Game. When the computer was hacker proof I went back to playing games and haven?t been booted yet. 7. A browser you install to filter out or kill file certain individuals on the internet will not work for a long time. When your computer system is hacked, you aren?t able to filter out people in your browsers or email application for more then 1-2 days. A number of computer owners who?s system was hacked have advised me they had the same problem. Because hackers are using your illegally installed Hosts and Servers for posting to the internet, this is why you can?t filter or kill file them. This information was very apparent to myself and other ferret owners who?s computer was hacked. 8. When you begin to see Usenet remarks made on behalf of your personal life which is private information. 9. Some of your personal files are modified years before they were created, HA-HA-HA! Have seen a number of personal files modified 7-8 years before they were even created. 10. You find a number of files hidden/readable only which hackers seem to make their files hidden/readable only. 11. When you find a number of added information in your boot.ini file which relate to a Virtual Private Network . These can be either software, hardware or device driver oriented. A sample is presented later in this book. 12. Under Search for Files and Folders, you do a search on any file modified in the past month and you will see files which just don?t need to be modified or which you don?t even recognize. For the newbie, you want to focus on the file you don?t recognize. Unless your skilled and realize which files need to be present and modified running a Windows Platform, you won?t know what to look for. To perform the above you will need to see all hidden files and folders. 13. Select Start, Settings, Control Panel, Network, and if you see one AOL adapter and have never used AOL. Two AOL adapters, two TCP/IP, two Dial-Up adapters, one or two Virtual Private Network adapters your computer could be hacked/owned. A Virtual Private Network is widely used by malicious hackers because it can host up to 254 users. "This applies to the average internet user who has one modem, one ISP and isn?t running any FTP, NNTP, Proxy, SMTP, SQL, Web Server". 14. Select Start, Run, type regedit, select File, Export, in the box type say 4-12-02.txt and select save. Then open this file with a text editor or word document and you might be shocked to find what really is installed on your computer system. Check the bottom of this file, hackers love to install a bunch of applications, Hosts and Servers files here. Will admit, when this was performed, I don?t remember if importing all the hackers registry files on the hard drive is what showed these results or if the registry was Windows original one. 15. You have to turn your computer off by the power supply on a some what?s regular basis. 16. Installing a Network Interface Card will cause problems until the hackers configure this device into the Virtual Private Network they setup. 17. You find your cd-rom drive open and close without your permission. 18. You could hear an annoying beep coming from your system speakers. 19. Your windows screen goes horizontal or vertical. 20. The screen saver picture changes without your permission. 21. On occasion your mouse is out of your control. This could also be caused by a corrupt mouse driver. 22. All of a sudden, your speakers decide to play you some music. 23. Installing a hardware or firewall for the first time can cause a number of different problems for you to set-up and configure. Considering you didn?t have these installed from the beginning of going on the internet. 24. Your firewall logs show alerts at 12:00 then 11:22 then 12:16 and back to 11:59. 25. If using a dial-up connection you see a number of pings, port 0 to your computer. The reason for these pings is so the hackers can see if your computer is active/alive. What the hackers actually do is port scan the Internet Service Provider Block of addresses and find your computer either with file sharing enabled or a Backdoor/Trojan. Tracker I know how important it is for me not to define myself by how others perceive me. Interested in purchasing my book named "Security Minds versus Malicious Minds" visit: www.securityminds2003.com It will teach you to learn about Windows, the Internet and Hacking To view some kick butt artwork, visit: http://captiveimagery.com/index.cfm?fuseaction=home.main Tag: Controlling CRL validity period for MSCA Tag: 25117
  - 6
    - Error message.... Help me! I have an HP XP Home machine...and decided to play with the date, I set it forward to the year 2011...and then after a few minutes, set it back to normal. Well now, whenever I click on any folder, IE, or just about anything....the following message appears... ERROR! Your system clock appears to have been set back, possibly in an attempt to defeat the security system on this program. Please correct your system clock before trying to run this program again. If your clock is correct, please contact the author of this program for instructions on correcting this error(report code CCB-F) The only information I have found about this when I did a search for that report code on Google was in some foreign language. I cant seem to find anything about it at Microsoft. Can someone please tell me how to fix this? Thanks! Amy Tag: Controlling CRL validity period for MSCA Tag: 25113
  - 7
    - User Dial-in Properites OS: Server 2003 Installed Roles: File Server Application server Domain Controller Does anyone know why the "Assign a Static IP Address" check box is grayed out in the Dial-in tab of User Properties. I would like to pre-assign a static IP address for all dial-up users. Thanks in advance, Tom Traylor tractor@ameritech.net Tag: Controlling CRL validity period for MSCA Tag: 25107
  - 8
    - MSIE update Hi Folks: Since my last MSIE 'security update', I now get at least three pop-ups everytime I link out of Yahoo. Is this something I 'missed' before I updated, the 'security update' bogus and really a pop-up 'enhancer', or did Yahoo just change something? I think I'm going with Google, like others I know. Thanks! Harry Tag: Controlling CRL validity period for MSCA Tag: 25099
  - 9
    - I can't sign in to secure sites if I want to buy something online I can't do it unless the site has a standard server so most of the time I can't do it it just sends me to the can't find server page also I always get a pop up that says my activeX controls are'nt working Tag: Controlling CRL validity period for MSCA Tag: 25092
  - 10
    - jdbmgr.exe what is jdbmgr.exe with a teddy bear icon...it says microsoft below it...is it a virus and can i delet this? Tag: Controlling CRL validity period for MSCA Tag: 25088
  - 11
    - Upgrade Security bit level from 40 to 128 Hello: Can anyone out there help this computer neophyte when it comes to downloading software from Microsoft, etc. You see, I can't access several web sites anymore because I lack the proper level of security. 40 bit security came with my computer from the manufacturer (compaq) Windows 98. Now I need to upgrade to at least 128 bit security from Microsoft, but I simply don't know what to do to get the job done - especially getting it done without any glitches! When I give instructions to download directly to the hard drive, the usual dumping in the tray scenario takes place, etc., and mission accomplished according to the screen. THE QUESTION IS...am I done? is the upgrade now on the hard drive and ready to go? Or, do I need to do something else to integrate the upgrade into the system? Where does or did it go and how do I activate it? Should I even consider doing the downloading via floppy disk - or is that not done nowdays? And even if I go that route, how do I go about doing it from A to Z? If any of you could help me with blow by blow instructions, I sure would appreciate it. Also, please be advised that I'm not computer savy or literate, but I can follow your lead if you tell me what to do in plain english. Thanking you in advance for any help and/or suggestions that any of you out there can provide me regarding my dilemma... Sincerely, Barney Tag: Controlling CRL validity period for MSCA Tag: 25085
  - 12
    - advertisements windows 98-I get barraged with all sorts of annoying ads- windows 98- is there a way to block all incoming unsolicited ads? Tag: Controlling CRL validity period for MSCA Tag: 25084
  - 13
    - How can you tell if your computer is being hacked? I saw on the news where porno sites hijack people computers to host their pictures. Is there any way to tell if your computer is being hacked or hijacked? Tag: Controlling CRL validity period for MSCA Tag: 25081
  - 14
    - Dr Watson urgent help I have two questions 1 My father deleted Dr Watson from my computer How do I get it back??? It was done as he couldnt open pictures sent of his grandaughter a box kept coming up with "this is not a valid Dr Watson file" the file is a DCP_0219.ZIP I have Windows 98, so does anyone know how I can open these???? Thanks for your time Shannyn Tag: Controlling CRL validity period for MSCA Tag: 25078
  - 15
    - after install of critical update #821557 After downloading and installing 821557, my computer re- booted and when it came back on, it appeared to be in safe mode and said there was some device issue. I rebooted and so far the problem hasn't reoccured. Has anyone had this problem and if so, can I expect this to happen again. I use Windows XP Home. Frank Tag: Controlling CRL validity period for MSCA Tag: 25077
  - 16
    - Pop up windows Hi Is this an official microsoft site. http://www.winxpsupport.com/1.html It is offering software to stop pop up windows. Can anyone recommend a reputable way of doint this. Thanks Tag: Controlling CRL validity period for MSCA Tag: 25062
  - 17
    - Spybot S & D - Security hole - regedit assistance Spybot S & D identified a security hole in IE > referred me to http://security.greymagic.com/adv/gm001-ie/ , which suggested the following change to the Registry: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] Change the value of "1004" (DWORD) to 3. I'm loathe to do anything in the Registry unless I'm sure of what I'm doing and the HELP in Regedit is couched in terms which assume familiarity with the process and jargon, particularly re: "Changing Values". I've been able to navigate in Regedit to [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] but now I'm lost. In the right-hand box are 2 columns: Name & Data. The Data column beside "1004" reads "0x00000000 [0]. I see nothing about "DWORD" and HELP re: DWORD is completely unhelpful. It talks about "adding" a value with nothing about "changing" a value, and attempting to add a "DWORD" inserts a completely new Value with a temporary name. (I deleted the New value with beads of sweat dripping on the keyboard.) Even if I am supposed to use "1004" as the "new" name in the hope that it will replace the "old" "1004", what is the process supposed to look like to change the value to "3"? I'm quite lost. Any assistance would be greatly appreciated. Tag: Controlling CRL validity period for MSCA Tag: 25061
  - 18
    - kontiki How can I uninstall kontiki.exe from my computer? I've heard it's not good to have. Tag: Controlling CRL validity period for MSCA Tag: 25057
  - 19
    - Security Chat with Mike Nash right now! http://communities2.microsoft.com/home/chatroom.aspx?siteid=34000015 -- Regards, Jerry Bryant - MCSE, MCDBA Microsoft IT Communities Get Secure! http://www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. Tag: Controlling CRL validity period for MSCA Tag: 25055
  - 20
    - strange noises on my pc I have just installed aol 8.0, and am running w98 os, I am now hearing from time to time the sound of a door opening and a door closing, can anyone out there tell me whats happening to my pc Tag: Controlling CRL validity period for MSCA Tag: 25047
  - 21
    - Virus I have been informed by a friend to check my computer for a virus called jdbgmgr.exe, i have searched for this file and have found 2 files called this, when i have held my mouse over them it says they are a microsoft debugging file for Java. Is this correct or is it a virus? Tag: Controlling CRL validity period for MSCA Tag: 25040
  - 22
    - firewall settings I have installed a firewall (Sygate) and it seems to work well. I get one message which I do not fully undestand so am hoping that someone can explain this to me. I occasionally get a message which says "Generic host processes are trying to contact ......." and this is connected to the Windows file svchost.exe. I am running Windows XP Pro. Three questions: 1. What exactly is the role of this service? 2. Should I allow it to connect to the internet? 2. Will it stop some part of Windows working properly if I do NOT allow it. Many thanks for any help. John E. Tag: Controlling CRL validity period for MSCA Tag: 25039
  - 23
    - HWTO: Replace System -> Local Service Hi! How to replace "Log On As Local System Account" to "Log On As Local Service" for service? -- Sincerely, Alexander Kenin Tag: Controlling CRL validity period for MSCA Tag: 25036
  - 24
    - Security lockup I have a PC running 98. After updating latest securities the system will not even boot in safe mode. I am lost right now so I hope some one has so idaes. The system will go staight to sfae mode if I let it be. But will not runin safe mode. Tag: Controlling CRL validity period for MSCA Tag: 25028
  - 25
    - critical update ms03 023 received message re security ms03 023 when trying to downlaod the critical download page says thank you for your interest blah blah but offers no link to actually download any help Tag: Controlling CRL validity period for MSCA Tag: 25019

Hello,

I wanted to understand exactly how the MS Certificate
Authority determines the actual CRL validity period and
how to control it precisely. I am interested in knowing
the variance (how much etc.) it adds to the publish
interval which seems like a grey area to me.

I tried the following. I set these values in the
relevant registry entries on my CA (Windows 2000 Ent CA):

CRLPeriod REG_SZ = Hours
CRLPeriodUnits REG_DWORD = 1

CRLOverlapPeriod REG_SZ = Hours
CRLOverlapUnits REG_DWORD = 1

Note this CA do not do deltas.

After adding the CRLOverlapxx reg values I bounced the
service and forced a CRL publish at 2pm PST but the CRL
validity of this latest CRL shows up as:

Effective Date: Tuesday, July 22, 2003 11:39:21 AM
Next update: Tuesday, July 22, 2003 9:24:21 PM

I want to understand the math used for arriving at this
validity period when I have the above settings.

Related question would: What is the minimum validity
period that one can publish a CRL with on a MSCA? Like for
eg. can I have a CRL that is valid only/exactly for 1 or 2
hrs.

Thanks.
Jayant

Top