Why is microsoft.com using a cert issued to akamai.net?
Point IE (or better browser) to:
https://www.microsoft.com/
Then laugh at the cert warning:
The name on the security certificate is invalid
or does not match the name of the site
Microsoft...Security...Ironic?!
Not to mention, akamai.net is a notorious advertiser/tracking service. This
is not good for privacy concerns.
Come-on Microsoft, certainly you can do better...please attempt to instill
some confidence in your users. Tag: "History" Tag: 30556
Serious Exchange Configuration Trap!!!!
Hi all,
today I discovered the following issue, that can occur,
when you configure your exchange server 2000 or 2003:
When the guest account is enabled, everyone can use
the "auth login" command when connecting to virtual
server to logon to this server. This is, because the
default setting on the virtal server is:
"Allow all computers, wich successfully authenticate to
relay, regardless of the list above":
The following is a transcript of a SMTP-Session with a
server, where the guest-account was enabled:
220 test.test.de Microsoft ESMTP MAIL Service, Version:
6.0.3790.0 ready at
Thu, 28 Aug 2003 00:20:42 +0200
ehlo
250-test.test.de.de Hello [127.0.0.1]
250-TURN
250-SIZE 4194304
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
auth login
334 VXNlcm5hbWU6
aaa
334 UGFzc3dvcmQ6
aaa
235 2.7.0 Authentication successful.
mail from:bla@bla.de
250 2.1.0 bla@bla.de....Sender OK
rcpt to:test@spam.org
250 2.1.5 test@spam.org
data
354 Start mail input; end with <CRLF>.<CRLF>
Test
.
250 2.6.0 <TestFOAmEaJswFCHO0000001c@testtest.de Queued
mail for delivery
As you can see, though I used only the user and
password "aaa" (This account does not exist in the
organisation!) to log in, the server considered me to be
authenticated, which enabled me to send spam.
Sincerly,
Manfred Schmitten Tag: "History" Tag: 30555
MS01-047
I have a webserver running OWA which is seperate from my
exchange 5.5 server.
Am I supposed to apply this patch to the exchange server
or to the owa server or to neither? Since they aren't on
the same box, is this even applicable to me?
Thanks for any assistance on this matter.
. Tag: "History" Tag: 30554
Unwanted directories
A question for everyone out there, I have a system that
did not have the firewall protection on it (It now does)
and I have a suspicious directory under the All Users
folder called Documents. I can in no way shape or form
access this and can not delete it. I suspect that some
hacker has placed his files up there. Is there anyone or
any program that you guys no about that would remove or
allow me to view the contents of this folder.
Thanks
Bob Tag: "History" Tag: 30552
suspicious email
I am also receiving the email from Microsoft titled, "Use
this patch immediately". I have NOT opened it but have
received it for the past three days in a row. I too was
suspicious due to the way the body was worded, just as
John Hooper was. Thanks for posting your info John. I
will definately keep on deleting it. Tag: "History" Tag: 30547
patch.exe
Is this email for real or is it spam or worse? Can
someone (preferably from Microsoft confirm or deny?
Thanks in advance! Tag: "History" Tag: 30539
endads.com
can't figure out how to ask MS about this. My ATT panic
ware pop-up stopper works fine, but I keep getting
endads.com popping up when I'm composing e-mail and even
in the middle of an MS update download. I told them to
stop but nothing has happened. Any fixes or suggestions?
I am a user, not a techie. Tag: "History" Tag: 30538
suspicious Microsoft patch e-mail
Over the last few days I've been receiving the same e-
mail, attaching an Internet Explorer patch, purporting to
come from Microsoft.
I did download it, and my Grisoft AVS anti-virus program
promptly came up red and quarantined the patch.
The subject shown reads "Use this patch immediately!"
From reads "Microsoft <security@microsoft.com>"
Text reads "Dear friend, use this Internet Explorer patch
now! There are dangerous virus(sic) in the Internet now!
More than 500,000 already infected!"
Patch attached is "patch.exe" and file attached is "part
1.3"
I am troubled by the poor composition, excessive emphasis
and inaccurate plural (should be vires), and the whole
thing smells.
Anyone else seen this message? If someone asks for it, I
will attach and forward at their risk, but I don't want to
infect anyone's system if it's a worm.
John Hooper Tag: "History" Tag: 30534
syscf32.exe
Can anyone tell me what this app is? I found it running
on an NT server using 98% CPU. I can not find it
referenced on the internet. I suspect it is some type of
virus after affect. Killed the app and all programs
started working again. Thanks. Tag: "History" Tag: 30530
Exchange servers, access to the "Internet"
I have a question on applying hotfixes and MS patches on Exchange servers:
If I need to connect to the MS website to download the patches (Windows
Update), do I need to have other port open other than 80 ? Tag: "History" Tag: 30523
MS03-033 vs MS02-040
We have applieed MS02-040 on some servers (W2K Server SP2)
a while ago. Included in this patch (for MDAC 2.5) was 1)
odbc32.dll (3.520.8721.0) and odbccp32.dll (3.520.8721.0).
Then we installed Windows 2000 SP3. We have now an issue
installing MS03-033 (which supersedes MS02-040) on those
machines already patched with MS02-040. Because the
version-number of odbc32.dll and odbccp32.dll is higher in
MS02-040 than in MS03-033: odbc32.dll 3.520.6300.40,
odbccp32.dll 3.520.6300.40, the MS03-033 patch failes to
install. Tag: "History" Tag: 30518
Question on microsoft cd's and piracy
A person that I know works on computer part time and sells
used computer systems. I know for a fact that he is using
one version of windows 98 se for many used computers he is
selling. When he gets a computer in that needs the hard
drive formatted he will put the same version of windows
that is on it, back on but he will not use the persons
windows disk or there product key if they do not have one.
Say a person gets a computer at a yard sale for 15$ and he
needs windows 98 re-installed are you telling me that I
have to charge 50-100$ for a new windwos cd? It is no0t
hurting anyone by him using his windows cd and key for re-
install use. If they want to upgrade then they need to buy
a cd. Please e-mail me with a reply. Thank you for reading
my questions.
David Tag: "History" Tag: 30509
MS03-032 not setting proper security controls as advertised
Running the patch on 98, 2000 and XP wkstns and only a few
of the security settings are changed. For example,
Internet security option should be changed to "high" after
the patch is installed, but does NOT change
from "medium." This is just the biggest issue of a few
that don't change. Whats the deal? Tag: "History" Tag: 30504
** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.27
Before you post a question to a Microsoft.public.*.security newsgroup, note
that your question may already be answered below:
Answers to Top Frequently Asked Questions:
http://securityadmin.info
My question is not mentioned below. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.htm#moreinfo
See also: http://www.google.com/groups?as_ugroup=microsoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com
I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.htm#netiquette
I have the RPC Blaster worm "virus," what do I do?
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
My computer is giving RPC Remote Procedure Call messages.
There is a TFTP message or file on my computer.
My computer keeps locking up, and/or rebooting, or telling me that it will
reboot in 1 minute.
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
Where can I download the Blaster worm / RPC DCOM patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp
I just heard about a new Microsoft security patch update. Where can I get
the patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp
I just installed a Microsoft security patch update, and now my computer is
having problems.
http://securityadmin.info/faq.htm#patchbroke
I received an email from Microsoft / Microsoft Support / Microsoft Internet
Security Center claiming to be a security patch [or comprehensive Internet
Explorer update]. Is this a virus?
http://securityadmin.info/faq.htm#microsoftemail
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
I received a virus email from a Microsoft email address. Who do I report
this to?
http://securityadmin.info/faq.htm#microsoftemail
I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I
want to replace this file.
http://securityadmin.info/faq.htm#jdbgmgr
I forgot my Windows logon password and can't log in. How do I reset it?
http://securityadmin.info/faq.htm#password
I have a problem or a question with a virus or with antivirus.
http://securityadmin.info/faq.htm#virus
NOTE: www.grisoft.com is free antivirus, USE IT.
Why is Outlook Express blocking my attachments as "unsafe"?
http://securityadmin.info/faq.htm#attachments
How do I stop getting pop-up messages? Or adware? Or spyware?
http://securityadmin.info/faq.htm#pop-ups
How do I block people from viewing adult or objectionable content on a
computer?
http://securityadmin.info/faq.htm#contentfilter
How do I block spam emails?
http://securityadmin.info/faq.htm#spam
There is a Content Advisor password blocking me from certain web sites.
http://securityadmin.info/faq.htm#contentadvisor
How do I delete an FTP folder that a hacker put on my computer and I cannot
delete?
http://securityadmin.info/faq.htm#ftpfolder
Have I been hacked? What do I do if I've been hacked?
http://securityadmin.info/faq.htm#hacked
How do I re-secure a computer that has been hacked?
http://securityadmin.info/faq.htm#re-secure
How do I test or improve the security on my computer to avoid being hacked?
http://securityadmin.info/faq.htm#harden
How do I investigate a suspicious IP address that may be trying to hack me?
http://securityadmin.info/faq.htm#trace
How do I report a hacker?
http://securityadmin.info/faq.htm#reporthacker
How do I use a port scanner or vulnerability scanner to test my security?
http://securityadmin.info/faq.htm#portscanner
How do I encrypt my files and/or hard drive?
http://securityadmin.info/faq.htm#encryption
How do I get a firewall? IDS?
http://securityadmin.info/faq.htm#firewall
I want to use the IPSec filtering or IP filtering feature of Windows to
block certain ports and have a problem or question.
http://securityadmin.info/faq.htm#ipsec
I have a problem or question with the XP ICF firewall.
http://securityadmin.info/faq.htm#icf
I have a problem or question with the IIS URLScan tool.
http://securityadmin.info/faq.htm#urlscan
How do I change the banner on my computer or server to hide what software
version I'm using?
http://securityadmin.info/faq.htm#banner
How do I enable Windows Auditing to tell who logged into Windows or who
accessed a file?
http://securityadmin.info/faq.htm#auditing
How do I inspect and disable programs that start up when Windows starts?
http://securityadmin.info/faq.htm#startup
How do I use RUNAS or let someone use RUNAS to run commands as administrator
without having to type the password?
http://securityadmin.info/faq.htm#runas
How do I let non-administrator users run Defrag or change their IP address?
http://securityadmin.info/faq.htm#runas
My question is not mentioned above. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.htm#moreinfo
See also: http://www.google.com/groups?as_ugroup=microsoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com
I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.htm#netiquette
Note that this is NOT a full list of all the questions answered in the FAQ.
Chances are, your question has probably already been answered. The complete
FAQ is at:
http://securityadmin.info/faq.htm#contents
I hope this is helpful. Feedback, suggestions and criticism regarding the
FAQ are welcome and may be emailed to me.
kind regards,
Karl Levinson, CISSP, MCSE, MVP
email: levinson_k@despammed.com Tag: "History" Tag: 30502
MS CA and Oracle 8i
Has anybody any expirience of integrating Microsoft Certificate Authority
and Oracle 8i?
Could we operate with certificates from PL/SQL? Tag: "History" Tag: 30501
MS03-032 & IE6 (822925)
We have Win2K & NT pc's with IE6 (not sp1). Which patch
should be run??? Micosoft has posted 2 (ie6 & ie6sp1). The
one for IE6 only lists WinXP clients. Tag: "History" Tag: 30494
IAS Server
Hey all,
I am currently using IAS to authenticate our VPN connections from our PIX.
I added another client (my backbone switch) to the IAS and another Access
Policy. When I try and authenticate myself from the switch, it does not let
me pass unless I change the order of the 2nd policy specifically for the
switches and put it first, then it lets me logon.
Is there any way I can use more than one client and multiple access policies
to isolate each client to a specific policy.
thanks all,
Michael Tag: "History" Tag: 30492
moving files on same volume - how to inherit the acl from new parent folder?
in technet id 310316 microsoft describes a registry-hack to
preserve the original acl of copied files.
i'm searching for the opposite: is there a way, to manage
that moved files on the same volume inherits the
permissions of the new parent directory (similar to copied
files?)
thanks for your help,
renke Tag: "History" Tag: 30487
C2 Lop Toolbar
Back in July, my XP Home Edition system got hit by C2 Lop
hijackware.
I've managed to rid my system of everything but the
toolbar which has been added to my desktop. I'm looking
for suggestions to rid myself of this.
Please note:
1.The version of the hijackware that hit me DID NOT place
an icon in my systray or appear in Add/Remove. I got the
really insidious version.
2. By using SpyBot S&D and eliminating all Windows
Registry keys which matched a random string the
hijackware had added to my "Tools" in IE, I've managed to
eliminate everything but the toolbar, which appears on
every startup.
3. I've tried every piece of advice about this I've found
on the internet (doxdesk.com, drivingwithdawn.com, etc.)
EXCEPT downloading an uninstaller from C2. I REFUSE to do
this (A. SCREW them, B. I'm supposed to trust these
guys?).
Any advice?
P.S. I'm not a computer expert. I would really need step,
by step, by step, by step instructions. Believe me, it
was scary enough screwing with the registry (which I
didn't even know existed before this). Tag: "History" Tag: 30484
McAfee XP Alert
I keep getting this message:
C:program files\support.com\client\|server\server.vbs
Is this a bad script, or an update from Microsoft.
Thanks. Tag: "History" Tag: 30483
Need help on my security files
Hi all;
I'm using windows XP which I used it to encrypt the files. When I encrypt
it, the files and folder turns to green. I really amazed with it. But when
my computer have problems which I had to format it, I cannot access again
the files and it says you don't have access priviledge on it.
I cannot do it. I need some advice on it.
Please respond to me as soon as possible.
thanks
Regards
Jefrisalas Tag: "History" Tag: 30479
Outlook Express
We had a breach of security at work where someone is
getting into others outlook express and reading e-mails,
journal notes etc. The problem is being fixed, but is
there a way to set the system up to catch the person doing
this? Thanks Tag: "History" Tag: 30474
Hijacked!
Please read carefully as it may or may not apply to your situation - ask
questions first - you may not get answers *right away* someone will =
help.=20
If you suspect that "something" has Hijacked your Browser and it causing =
it to behave erratically, please read on.=20
Spyware Removal Tool, your choice, novice users, Lavasoft's Ad-aware,
Direct download -=20
http://ftp.pcworld.com/pub/new/privacy___security/aaw6181.exe
Lavasoft/Ad-aware home: http://www.lavasoftusa.com=20
Mirror site: http://www.lavasoft.de/=20
You may post queries regarding Ad-aware at Lavasoft Support,
http://www.lavasoftsupport.com =20
Advanced users, SpyBot Search & Destroy,
Direct download - =20
http://spybot.eon.net.au/files/spybotsd_mainapp.exe
(It is a large file, if you are on dial-up, you should reserve some time =
to download the entire application without interruption).
SpyBot home: http://security.kolla.de/
SpyBot How-To: http://www.tomcoyote.org/SPYBOT/
More detailed help: http://tomcoyote.org/~mosaic1/spybot/
Support Forum, http://net-integration.net/cgi-bin/forum/ikonboard.cgi
Navigate to the SpyBot S&D section.=20
Install *both*, reboot, read FAQ and overview, use online update
feature to obtain the latest reference files, scan for Spyware
much like you would with your pre-installed anti-virus scanner.
Run Ad-aware and SpyBot on a regular basis, again like you would you A-V =
scanner.
Rid your machine of unwanted Spyware pests.
For normal Browser popups, install a regular popup stopper, Panicware =
has a freeware version available and works as well as any: =
http://www.panicware.com/product_psfree.html
Install a HOSTS file, a simple Browser tweak that disables ads and =
prevent many malicious sites from loading in your Browser at all: =
http://www.mvps.org/winhelp2002/hosts.htm
Adding sites\servers to the IE Restricted Zone: =
http://www.mvps.org/winhelp2002/restricted.htm
__Recommended Minimal Security Settings__
http://mvps.org/winhelp2002/restricted.htm#Setting
For the even more adventuresome, there's JavaCool's spywareblaster,
http://www.javacoolsoftware.com/spywareblaster.html
HTH
--=20
siljaline
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable =
from
-- self-righteous sixteen-year-olds possessing infinite amounts of free =
time."
- Neil Stephenson, _Cryptonomicon_ Tag: "History" Tag: 30466
patch
Today I have received 11 emails
from "security@microsoft.com" telling me to download a
patch. I know that it is not legit and not from microsoft
but can't something be done to whom ever is sending
these. It is most annoying. Tag: "History" Tag: 30462
System/Security Error?
I recently, installed Windows Xp Pro Edition on my
friends computer. Set up dial-up connection, and
activated her copy. Now, i think i might have used the
cd myself, for my computers, but im not sure. But, when
we were connected, an error came up, with a note
like "System/Security" "Computer will be shutdown in 50
seconds, all information will be lost"
I have no idea what is causing this, and i have never
seen it before. I know that if the cd was activated too
many times, it would say it. So can please someone help
me solve this problem. Thnx Tag: "History" Tag: 30461
Windows XP built in firewall
I'm trying to make sure the built in firewall for Windows
XP is enabled but am running into a snag.
1. Start then Control Panel
2. Network and Internet Connections then click Network
Connections
3. Click Dial Up
Here is where I hit the snag....
4. Right click and select properties
At this point the computer does nothing.
Under the dial up icon it says "AOL disconnected
Conexant Smart HSFI V92 56K DF PCI Modem
Anyone out there willing to help me out?
Thanks Tag: "History" Tag: 30451
Sniffing submitted webpage form
I am trying to find out what a web browser sends in a post request to a web
site. I have used a few packet sniffers but all the packets that display
comprehensible text are packets coming from the website. If I search in the
packets just before the one showing 'HTTP/1.0 200 OK...', I can't find out
what the url and post arguments the browser used. Is this info encoded? The
connection is not using SSL.
Anyone can recommend a sniffer that shows packets from my computer to a web
server in *text*. Or my basic question is how to sniff the contents of a
web page form submitted to a web server?
--
Karim
Recommended host: http://www.cheapesthosting.com - Affordable hosting since
1998 Tag: "History" Tag: 30446
SHUTDOWN
THIS IS FOR ALL YOU FOLKS OUT THERE WITH WINDOWS 98 AND ME
AS WELL AS XP, 2000 ETC.
mY FRIEND AND I USE MESSANGER ON YAHOO. WE HAVE BOTH
EXPERIENCED SHUT DOWNS IN THE LAST TWO DAYS FOR NO
APPEARENT REASON. BOTH HE AND I WERE SHUT DOWN AT THE SAME
TIME USING DIFFERENT SYSTEMS AND DIFFERENT INTERNET
PROVIDERS.
THE PROVIDERS AND MICROSOFT NEED TO TAKE ANOTHER LOOK AT
WHO AND WHAT IS GOING ON. THIS IS THE PITS AS FAR AS USING
THE NET IS CONCERNED! Tag: "History" Tag: 30443
new installation and security issue
I just installed office ex standard foe students and a
security notice poped up it said that i should install
updated security by downloanding windows 2000 but i tried
and it said that it could not install it gave me other
download sites i tried them all and none could be
downloaded successfuly. Tag: "History" Tag: 30436
General Tab Disappeared
I had my general tap under my Internet Options disappeared
today and I have a web page that took over as my Home page.
Any suggestions? Tag: "History" Tag: 30435
Re: Unwanted pop up windows
How do I get rid of those annoying pop up windows that
say "click to remove these pop up windows" and then you
discover they want to charge you $39 or more to quit
sending you these messages. Thanks. Tag: "History" Tag: 30433
Software Update Server Problems
My SUS server can no longer resolve
www.msus.windowsupdate.com. Those anyone know if there is
a fix for this? It has been like this since Microsoft
modify their DNS for Windows Update. Tag: "History" Tag: 30431
searching for hackers
Is there a way to tell if my PC has been or is being
accessed by a hacker? Is there any FREE (or to buy)
software powerful enough to alert me of hackers? Tag: "History" Tag: 30426
E-Mail Received
Hi!,
I recently received an e-mail which said "use this patch
immediately".
Would Microsoft send out such a message?
Thank You,
Richard Tag: "History" Tag: 30425
porn site on drop down
I have notice when I right click my mouse when i am on a
web browser that an internet site is now located on the
drop down menu. How do I remove that from the right click
drop down menu? Tag: "History" Tag: 30417
pop-ups
As of three weeks ago began getting pop-ups from vendors
of anti-popup software. Boxes similar in appearance to
messenger boxes. These are the ONLY popups I receive
during off-line operation. Doesn't matter if I'm on-line
or not -- they just come regardless of what I'm doing.
Norton, SpybotS&D, adaware, normal maintenance have no
effect. Vendors claim they are coming in through hole in
MS Messenger. How to prevent/disable? Damned if I'll
buy preventative from the perpetrators. Tag: "History" Tag: 30413
mouse/right click
I have notice when I right click my mouse when i am on a
web browser that an internet site is now located on the
drop down menu. How do I remove that from the right click
drop down menu? Tag: "History" Tag: 30412
Help: Windows XP Pro certificate store has a strange cert that may be bad or damanged
I have been working on getting activesync to Exchange 2003 working and was
therefore verifying certificates when I noticed that my XP client to which I
had a partnership had 3 very odd certificate folders.
The three folders are after "Certificate Enrollment Request/Certificates"
and have ASCII characters and Kanji (spelling?) characters intermixed.
This made me start looking through all my certificate folders and I noticed
some odd ones.
In the Certificate Enrollment Request/Certificates there is one named
"FZkC37K9xRLk8364" which reports that is either tampered with or corrupted.
I have attached just the public key to this cert (although I have both the
public and private in the request).
Is my cert-store damaged, or is there something malicious going on?
My machine is Windows XP and is in it's own workgroup, although it often
communicates to a Win2003 DC.
Any advice or investigative suggestions would be most welcome!
-Neil
neilgo(_r#mov3)@xcelar.com
begin 666 Bad or Damaged Cert.p7b
M,((!8 8)*H9(AO<-`0<"H((!43""`4T"`0$Q`# +!@DJADB&]PT!!P&@@@$U
M,((!,3""`1Z@`P(!`@(0^I"N127#AII*`9=_\N:+9S )!@4K#@,"'04`,!LQ
M&3 7!@-5! ,3$$9::T,S-TLY>%),:S@S-C0P'A<-,#(Q,3(P,3 R-# W6A<-
M,#,Q,3(P,38R-# W6C ;,1DP%P8#500#$Q!&6FM#,S=+.7A23&LX,S8T,(&?
M, T&"2J&2(;W#0$!`04``X&-`#"!B0*!@0"S5N-FPP!F<83)A#Y@R3FSM3#X
MP!8H-XA/3"]'K)?EYRX+J(QK1I -Z&D*6_DBM,3'"V&1\PU9B5@#_F][(.XV
M)7J&*I;)(+A8TM=RL9#<Z<Q(@'-&$1FCVUV80*H@98IN/AGXNO_6DI&!H-66
I'1R>8Q+RJZCV<F,@K_X[&FNXFP(#`0`!, D&!2L.`P(=!0`#`@`B,0``
`
end Tag: "History" Tag: 30411
email security
How secure is my email? At my place of work, I send and
receive email very often. What are the chances that my
boss is reading my mail? Is it legal? I have a password
protected mailbox, can my boss still get to my mail?
Thank you in advance for your help. Tag: "History" Tag: 30408
Basic computer security
I have a 15 year old son who knows that if you reboot the
computer you can get past the security passwords on the
screen saver or standby and the user passwords. I have
Windows 98. Is there a way I can password my computer
before windows comes on?
In other words, can a password be set up in MS Dos before
Windows comes on? Tag: "History" Tag: 30378
Buggy WinXP Patch 821557 ???
When I installed Windows Update 821557, I lost function of my right
click drop down menus, couldn't rename files or folders and several
other bugs.
System would lock and had to force quit what ever was involved. I
uninstalled the patch and everything returned to normal. To play it
safe, I restored my Win XP SP1 (home edition) to a previous state
(before patch). I'm afraid to install this patch again and have been
trying to gather info on this buggy patch. Anyone else having problems
with this patch ?? I'd like to know-----Thanks !!
--
Posted via http://dbforums.com Tag: "History" Tag: 30374
Unexpected System Shutdown
Recently the W2K server -well patched- had two unexpected
system shutdowns. The only trace is the entry in the
System event log with Event ID:6008.
It could not be power related; the other machines sharing
from the same power source did not reboot.
Could it be a hidden worm, or a new attack? I know you
could shutdown local area network machines remotely. Maybe
the command can be sent over IP to any unauthorized
network?
Thanks. Tag: "History" Tag: 30369
Microsoft Passport problem
Hello,
Windows 98 / IE 6.0 SP1
I'm having a problem logging with Microsoft's Passport
service. The signin page has no field/box whatsoever
beside the email field and a normal input box beside the
password. If I simply type in my password it says it's
incorrect.
If I click on the "Sign in with a different email address"
link I get a screen full of garbage; I've cut&pasted that
screen at the bottom of this message.
I know my password is correct because when I goto member
services, I'm able to enter in my email and password and
it says the password is changed correctly.
Can someone help me with microsoft passport?
Alex
!HTTP/1.0 302 Found Date: Tue, 26 Aug 2003 13:55:36 GMT
Content-Type: text/html Expires: Tue, 26 Aug 2003 13:55:36
GMT Cache-Control: no-cache Server: Microsoft-IIS/5.0
PPServer: H: LAWPPLOG4C003 cachecontrol: no-store Pragma:
no-cache P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Set-
Cookie: MSPAuth= ; expires=Thu, 30-Oct-1980 16:00:00
GMT;domain=.passport.com;path=/;HTTPOnly= ;version=1 Set-
Cookie: MSPProf= ; expires=Thu, 30-Oct-1980 16:00:00
GMT;domain=.passport.com;path=/;HTTPOnly= ;version=1 Set-
Cookie: MSPSec= ; expires=Thu, 30-Oct-1980 16:00:00
GMT;domain=.passport.com;path=/;HTTPOnly= ;version=1 Set-
Cookie: MSPSec1= ; expires=Thu, 30-Oct-1980 16:00:00
GMT;domain=.passport.com;path=/;HTTPOnly= ;version=1 Set-
Cookie: MSPSec= ; expires=Thu, 30-Oct-1980 16:00:00
GMT;domain=.passport.com;path=/ppsecure;HTTPOnly= ;version=
1 Set-Cookie: MSPDom= ; expires=Thu, 30-Oct-1980 16:00:00
GMT;domain=.passport.com;path=/;HTTPOnly= ;version=1
Authentication-Info: Passport1.4 da-status=logout
Authentication-Info: Passport1.4 da-status=logout
Location: http://login.passport.net/uilogout.srf?
lc=1033&sf=1&id=41332&ru=https://partnering.one.microsoft.c
om/mcp/Default.aspx&tw=3600&fs=1&kv=2&cb=&cbid=41332&ts=-
7&sec=&mspp_shared=1&lm=I&seclog=10&ver=2.1.6000.1&tpf=421d
d1337ced726e952f41b60e71ebfe Via: 1.1 px4wh (NetCache
NetApp/5.5D1) Tag: "History" Tag: 30365
** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.26
Before you post a question to a Microsoft.public.*.security newsgroup, note
that your question may already be answered below:
Answers to Top Frequently Asked Questions:
http://securityadmin.info
My question is not mentioned below. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.htm#moreinfo
See also: http://www.google.com/groups?as_ugroup=microsoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com
I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.htm#netiquette
I have the RPC Blaster worm "virus," what do I do?
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
My computer is giving RPC Remote Procedure Call messages.
There is a TFTP message or file on my computer.
My computer keeps locking up, and/or rebooting, or telling me that it will
reboot in 1 minute.
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
Where can I download the Blaster worm / RPC DCOM patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp
I just heard about a new Microsoft security patch update. Where can I get
the patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp
I just installed a Microsoft security patch update, and now my computer is
having problems.
http://securityadmin.info/faq.htm#patchbroke
I received an email from Microsoft / Microsoft Support / Microsoft Internet
Security Center claiming to be a security patch [or comprehensive Internet
Explorer update]. Is this a virus?
http://securityadmin.info/faq.htm#microsoftemail
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
I received a virus email from a Microsoft email address. Who do I report
this to?
http://securityadmin.info/faq.htm#microsoftemail
I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I
want to replace this file.
http://securityadmin.info/faq.htm#jdbgmgr
I forgot my Windows logon password and can't log in. How do I reset it?
http://securityadmin.info/faq.htm#password
I have a problem or a question with a virus or with antivirus.
http://securityadmin.info/faq.htm#virus
NOTE: www.grisoft.com is free antivirus, USE IT.
Why is Outlook Express blocking my attachments as "unsafe"?
http://securityadmin.info/faq.htm#attachments
How do I stop getting pop-up messages? Or adware? Or spyware?
http://securityadmin.info/faq.htm#pop-ups
How do I block people from viewing adult or objectionable content on a
computer?
http://securityadmin.info/faq.htm#contentfilter
How do I block spam emails?
http://securityadmin.info/faq.htm#spam
There is a Content Advisor password blocking me from certain web sites.
http://securityadmin.info/faq.htm#contentadvisor
How do I delete an FTP folder that a hacker put on my computer and I cannot
delete?
http://securityadmin.info/faq.htm#ftpfolder
Have I been hacked? What do I do if I've been hacked?
http://securityadmin.info/faq.htm#hacked
How do I re-secure a computer that has been hacked?
http://securityadmin.info/faq.htm#re-secure
How do I test or improve the security on my computer to avoid being hacked?
http://securityadmin.info/faq.htm#harden
How do I investigate a suspicious IP address that may be trying to hack me?
http://securityadmin.info/faq.htm#trace
How do I report a hacker?
http://securityadmin.info/faq.htm#reporthacker
How do I use a port scanner or vulnerability scanner to test my security?
http://securityadmin.info/faq.htm#portscanner
How do I encrypt my files and/or hard drive?
http://securityadmin.info/faq.htm#encryption
How do I get a firewall? IDS?
http://securityadmin.info/faq.htm#firewall
I want to use the IPSec filtering or IP filtering feature of Windows to
block certain ports and have a problem or question.
http://securityadmin.info/faq.htm#ipsec
I have a problem or question with the XP ICF firewall.
http://securityadmin.info/faq.htm#icf
I have a problem or question with the IIS URLScan tool.
http://securityadmin.info/faq.htm#urlscan
How do I change the banner on my computer or server to hide what software
version I'm using?
http://securityadmin.info/faq.htm#banner
How do I enable Windows Auditing to tell who logged into Windows or who
accessed a file?
http://securityadmin.info/faq.htm#auditing
How do I inspect and disable programs that start up when Windows starts?
http://securityadmin.info/faq.htm#startup
How do I use RUNAS or let someone use RUNAS to run commands as administrator
without having to type the password?
http://securityadmin.info/faq.htm#runas
How do I let non-administrator users run Defrag or change their IP address?
http://securityadmin.info/faq.htm#runas
My question is not mentioned above. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.htm#moreinfo
See also: http://www.google.com/groups?as_ugroup=microsoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com
I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.htm#netiquette
Note that this is NOT a full list of all the questions answered in the FAQ.
Chances are, your question has probably already been answered. The complete
FAQ is at:
http://securityadmin.info/faq.htm#contents
I hope this is helpful. Feedback, suggestions and criticism regarding the
FAQ are welcome and may be emailed to me.
kind regards,
Karl Levinson, CISSP, MCSE, MVP
email: levinson_k@despammed.com Tag: "History" Tag: 30362
"Messenger" popups
re: popups "Messenger" Endads and byebyeads see
Microsoft Knowledge Base Article - 330904
Hope this helps
Ben Tag: "History" Tag: 30361
Patch from microsoft.com
I couldn't attach the patch to send to send you but I'm
assuming this is a hoax so you may be able to trace this
back to the sender and stop this nonsense.
thanks for your time and have a nice day.
Aline Dunkin
from: <security@microsoft.com>
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
X-Apparently-To: poolba@swbell.net via
web80312.mail.yahoo.com; 25 Aug 2003 19:53:46 -0700 (PDT)
X-YahooFilteredBulk: 170.215.94.11
Return-Path: <admin@duma.gov.ru>
Received: from mta1-ext.prodigy.net (EHLO mta1-
int.prodigy.net) (207.115.63.55)
by mta805.mail.yahoo.com with SMTP; 25 Aug 2003
19:53:46 -0700 (PDT)
X-Originating-IP: [170.215.94.11]
Received: from localhost (170-215-94-
11.nas3.eko.nv.frontiernet.net [170.215.94.11])
by mta1-int.prodigy.net (8.12.3 patch/8.12.9) with
SMTP id h7Q2rLQx254906
for <poolba@swbell.net>; Mon, 25 Aug 2003
22:53:22 -0400
Date: Mon, 25 Aug 2003 22:53:21 -0400
Message-Id: <200308260253.h7Q2rLQx254906@mta1-
int.prodigy.net>
From: "Microsoft" <security@microsoft.com>
To: <poolba@swbell.net>
Subject: Use this patch immediately !
MIME-Version: 1.0
Content-Type: multipart/mixed;boundary="xxxx" Tag: "History" Tag: 30359
is this a hoax
"Microsoft" <security@microsoft.com> i keep getting
security patches from this addy and when i scan it it
shows to contain a virus so of course i do not open it.
Is this for real or the hackers Tag: "History" Tag: 30355
Patch Test Procedures?
I couldn't find this somewhat obvious question in my searches so I'll just
ask:
I'm looking for a patch test methodology to follow for my Microsoft patches.
Everyone says to test patches before deploying them to my 100+ Microsoft
servers - how do I do that?
How do I make sure (for example) that every part of my branch Win2K server's
DHCP service works correctly? Is there a list of functions to test?
TIA for your help! Tag: "History" Tag: 30354
Hi,
is there anyway to password-protect the "history" in
internet explorer?