IPSec experience in internal networks

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Accessing resources on a Domain from a Workgroup on a different su Our PDC is an NT Server with an IP of x.x.x.* We have remote PC's not joined to this domain, but are just in their own peer to peer workgroup, and the have a different subnet of x.x.y.* Through the "search for computers" option, and entering the IP of the PDC, I can see all the shared resources within the domain from a PC in the workgroup, but cannot access any folders. All the remote PC's are Windows 2000. Is there ANY way to access the shares that exist within the domain from a non-domain PC without joining the domain and/or changing the subnet to match the PDC? Thanks. Tag: IPSec experience in internal networks Tag: 64039
  - 2
    - problem with e-mail when i open my e-mail i want to open another window from my e-mail and nothing will open. this happens all the time and some e-mails are important to me.When i get personal mail i can open up pics and stuff, but when a group of mine mails me i cant even go to the home page from my mail. I hope you can help me with this. I have Norton 2004 firewall and antivirus Thxs -- randyman Tag: IPSec experience in internal networks Tag: 64031
  - 3
    - hack tools detected I occasionaly use my laptop and only have AVG antivirus loaded. Everytime that I use the laptop I update the AV and then run a full scan. On my last scan nothing was detected, I used the laptop for a few hours and then shut it down. This morning I loaded Panda Titianium AV and then ran a full scan and it told me that it had found three Hacker tools which seemed to be installed in the system restore files. They had the word PSkill attached to them, Can anybody tell me what these are and how they could affect me. They are now deleted. I have run Adaware, Spybot and Panda and seem to have a clean system. Could any damage have been done. Tag: IPSec experience in internal networks Tag: 64028
  - 4
    - Restricting Users from Installing Application I have been trying to figure out a way to keep users from installing applications from cd or through the web to a workstation. Everything I have tried restricts administrators as well. Most of the tips i have tried have come from winguides.com. It has some helpful informatio but not exactly what i am looking for. Tag: IPSec experience in internal networks Tag: 64023
  - 5
    - MS Update incorrectly warns of virus My MS Update subscription is incorrectly telling me I probably have or have had a virus, offering me the Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB836528) The only reason I can think it might flag the "virus" is that I have MS Taskmon.exe in the windows folder. NOT the one in the %system% folder that is a symptom of Mydoom. I don't have and have never had a virus. I currenlty run 98se, Zonealarm and Nod32, practise safe sex, wear sunglasses and manually check the registry, ini files, autoexec.bat, startup etc. I used the Syphos and McAfee descriptions of the infection and went through all the things the virus could have done, and none of them were on the PC. I'm not promiscuous with the PC (e-promiscuous??) so there's no real chance I've caught a virus recently. How can I stop MS offering me this update that I don't need? Thanks in advance Jon Tag: IPSec experience in internal networks Tag: 64020
  - 6
    - XP Pro "search" feature seems to ignore file permissions Hi Guys, I'm messing with settings in my brand new machine, as was wondering why it seems that XP Pro's "search" feature ignores folder permissions. For example, I have a user named "user1." If I create a folder and give him full control of it and deny full control to all other users on the machine, I'm still able to "search" and see file names and directory structures that should be off limits. It just occured to me that maybe this is because I'm checking with my administrator account, but I explicitly denied administrator permissions as well. As a sidenote: I'm running Windows XP Professional, SP2 w/ the latest, greatest hotfixes (as of November 7th). Any ideas? Tag: IPSec experience in internal networks Tag: 64018
  - 7
    - blocking ip address only one I use Windows XP Pro, and I have a stay-alive-connection, and some idiot keeps getting in to my computer he doesn't do anything to hurt my system but I'm tired of pulling the power cable to keep him out for a day or 2 . I know his Ip address only. I have contacted my Isp, but they suck and don't do anything. I can not unplug my network cable, I have people that I know downloading and uploading stuff to my computer/server for there backups and stuff like that, so that is an option i can not take. My question is: Is there a program that I can block his Ip from entering my computer, that is free? Please help me! Tag: IPSec experience in internal networks Tag: 64001
  - 8
    - Blocking a domain from computer Is there ANY way that a specific domain can be blocked from accessing my computer? I have a firewall, but they still get thru. Right now they have 10 popunders that have invaded my computer, and the only way I can get rid of them is to shut down. They do not pop up when clicked. This is driving me CRAZY! HELP please. Tag: IPSec experience in internal networks Tag: 63997
  - 9
    - Hotmail and Comcast - rejections? Hi, I should have received two payment notifications from Paypal sent to my Hotmail account, but neither have arrived. Payment notifications, although sent by Paypal, always have the email address of the person who made the payment in the From: field. Both of the ppl sending me money had @comcast.net email addresses...which leads me to believe that Hotmail is rejecting them without my knowledge... I know that the payments have been received - they are in my Paypal account.... Anyone have any knowledge of whether there's a problem with Hotmail and Comcast? Si. Tag: IPSec experience in internal networks Tag: 63992
  - 10
    - spyware outcome my computer just messed up a couple of days ago and then as soon as i knew that it had spyware, i downloaded from AOL the spyware blocking thing but now is not letting me go into my documents, It says that "an error...bla,bla,bla" and the thing is that i cannot get rid of the folders that have all the spam, Why is this happening? Do i need to buy a program? and would my computer become normal again? what do i need to do in the first place? Tag: IPSec experience in internal networks Tag: 63990
  - 11
    - Give user acces to regkeys Hello, Is there a way to give a user write access to a LOCAL_MACHINE regkey without making him local administrator? And if Yes, how could it be done? -- Jean Paul ------------------------------------------------------------------------------------- C# is Second finger high on the A Tag: IPSec experience in internal networks Tag: 63988
  - 12
    - Solution to browsing to a Windows 2000 machine from a 98 machine I have found a workaround to that old age problem of browsing WIN2k from 98. I was running w2k as a ICS gateway with a 98 (first edition) client. Forget the internet, it is not important, the trouble I was having was getting Windows 98 to be able to browse through network beighbourhood. First I tried forcing 2k to be master browser through registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList (can be True, False or Auto) no joy then I started messing about with guest user, still no joy. Setting local security policy to allow enumeration without explicit access (or whatever it is called). This also did not help. I already had common users and passwords on both machines, so this also was not the problem. In the end I found that if you go on WIN98, networking properties, client for MS networks, and the advanced (or something) you can set Browse Master = True. I also went in to w2k above reg, and set it to FALSE. This way the 98 is master computer browser whatever and was able to browse! This also meant my gateway is not the master computer browser which is a bonus. Forget Stupid guest account. Lock down the enumeration setting in local security policy, and you can STILL browse and access your network HOOORAY! anyways, here is your basic checklist to this age old problem. 1 - Put common usernames and passwords for network access on both machines. 2 - Ensure that client for MS networks is there on both machines. (on Win98 make sure this is your default log on in the pull down list). (But please untick this on any connections that are directly on the internet like dial ups or Adsl Modems - you dont want to share out your files on the net (which is done by default on almost every connection I have ever seen - DUH MSFT)). 3 - On win98, go into the file and print sharing setting and tick both boxes to enable File and Print Sharing on that box, (this is not necessary to veiw shares on other pcs). 4 - On 98 machine go into advanced for client for MS networks and set Master Computer Broswer = True. 5 - Go onto w2k machine and set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList = False. I think that is all you need. Any comments suggestions please post follow ups. Regards James Buttle ADDITIONAL NOTE *************** BTW for security... 1 always have a firewall on your internet connection 2 rename administrator account and have long passwords for all users 3 disable NetBIOS over IP under particular device in advanced, TCP/IP properties, advanced, WINS. 4 have an up to date antivirus package 5 run lavasoft adaware regularly 6 get all microsoft critical updates 7 Restrict anonymous access / enumeration under local policies, security options in local security policy. 8 Untick client for MSFT networks and File and print sharing for any internet connections such as ADSL modems, and dial ups. 9 Disable / kill / remove all guests and other useless accounts 10 If possible leave your computer off and sit in an underground bunker the rest of your days. Tag: IPSec experience in internal networks Tag: 63986
  - 13
    - Can't use Exchange OWA form based authentication with Smartcard Hi, I run a pilot using Exchange OWA form based authentication and I have encountered the folowing problem; When I enable the "Require Smart card for interactive logon" setings for my domain users , I can no longer authenticate to Exchange OWA in form based authetication since ,obvoiusly, the password is now randomly set. The problem is that remote users may find themselves in Kiosks which do not have the option to use a smartcard. Please advice on workaround, solution , alternatives. TIA Gil Tag: IPSec experience in internal networks Tag: 63985
  - 14
    - Certutil Hello Does anybody know if it is possible to list all user certificates of all user profiles who exists on an windows xp professional client machine? Is it possible with certutil.exe or does there exist an other tool or command? Does anybody know a complete documentation about certutil in one (1) document? I could imagine that there is no way to get all certificates because of security reasons --> private key configured exportable, e.g. But anyway, maybe someone knows a solution. Thanks a lot Christoph Tag: IPSec experience in internal networks Tag: 63981
  - 15
    - Administering a microsoft enterprise ca 2003: filtering certificates Hello, Does anybody know a tool or a script to filter certificates on a issuing certification authority in a more comfortable way as the ca microsoft management console is able to? There is no way to fast and easy find all certificates of a certain user. Every time you want to know the certificates of a certain user you must manually add a new filter or search manually for the username. Thanks for every hint, Christoph Tag: IPSec experience in internal networks Tag: 63980
  - 16
    - Spoof Billing From MSN I found two emails in my bulk mail inbox regarding my MSN account saying that my credit card number had been turned down and I could resolve the problem by contacting "MSN Suport" via the (spoof) link provided. I wanted to forward the two spoof billing emails to MSN as there are probably people out there who have received this and think it's legit, but does MSN care? Tag: IPSec experience in internal networks Tag: 63977
  - 17
    - Microsoft Security Bulletin Advance Notification Announcement is Hi, Microsoft Security Bulletin Advance Notification Announcement http://www.microsoft.com/technet/security/news/bulletinadvance.mspx Microsoft Security Bulletin Advance Notification for November http://www.microsoft.com/technet/security/bulletin/advance.mspx -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter/default.mspx Tag: IPSec experience in internal networks Tag: 63959
  - 18
    - Administration password Is it possible to press a combination of keys and reveal the user passwords? I set myself up as administrator and my children as limited, the day after my 14 year old son knew my password? All he would say is that he pressed 2 or 3 keys and it shows the most pressed keys or something like that, but he will not say which keys, he says it's his secret. I would like to know how he's doing this or at the very least how I can prevent him from finding out my new password, without having to ban him from the computer. Any help would be greatly appreciated. Tag: IPSec experience in internal networks Tag: 63956
  - 19
    - Administrator password Is it possible to press a combination of keys and reveal the user passwords? I set myself up as administrator and my children as limited, the day after my 14 year old son knew my password? All he would say is that he pressed 2 or 3 keys and it shows the most pressed keys or something like that, but he will not say which keys, he says it's his secret. I would like to know how he's doing this or at the very least how I can prevent him from finding out my new password, without having to ban him from the computer. Any help would be greatly appreciated. Tag: IPSec experience in internal networks Tag: 63955
  - 20
    - Administrator password Is it possible to press a combination of keys and reveal the user passwords? I set myself up as administrator and my children as limited, the day after my 14 year old son knew my password? All he would say is that he pressed 2 or 3 keys and it shows the most pressed keys or something like that, but he will not say which keys, he says it's his secret. I would like to know how he's doing this or at the very least how I can prevent him from finding out my new password, without having to ban him from the computer. Any help would be greatly appreciated. Tag: IPSec experience in internal networks Tag: 63954
  - 21
    - MSN MESSENGER ON WINDOWS XP How do you disable automatic sign on - ie. it automatically allows others to click on '4444@hotmail.com' and the password is already entered. I don't want others to use my computer to have access to my email. Also, how do I remove the older version of MSN messenger when I've updated to 6.2 version? Thanks. Tag: IPSec experience in internal networks Tag: 63953
  - 22
    - cyber stalking A person can watch another persons computer monitor through the internet. They can also track another persons events by remote. What countermeasures are available? I have a spyware removal program and can install a firewall. What else? Tag: IPSec experience in internal networks Tag: 63952
  - 23
    - jerry I have children who can access the computer at any time. I've used the AOL parental controls but since I have broad band as my provider, I have no way to limit my children's use. I would like to find a way to shut down my system at a certain time each day, so the computer is locked off. Is there any software or windows appication that would allow me to do this ? Thanks for any information you may have. Tag: IPSec experience in internal networks Tag: 63951
  - 24
    - W2K/WXP and USB Memory Sticks Is it possible to force ALL types of USB Memory sticks to use a specific drive letter regardless of which PC they're plugged into? E.x. At the moment we've had to permit users read/write access to drives D/E/F as some PCs have CD-Roms, some have CD-RW+CD-Rom and some have neither, meaning the USB memory stick takes the next available drive letter, can we force it to use drive G: for example regardless of what brand of memory stick is installed and what USB port it's installed into? (Assuming of course that drive G: does not already exist) We use Windows 2000 SP4 and Windows XP SP1a on an Active Directory 2003 Domain. Tag: IPSec experience in internal networks Tag: 63950
  - 25
    - Hotmail Corruption Beginning yesterday (11/3) afternoon, after signing into my hotmail account, the system is not loading properly. Intermittently the system says it's "done" and there is no data on the screen (white screen), while at other times the "Today" and "In-box" will only partially load. Please help. Thx. Tag: IPSec experience in internal networks Tag: 63942
- Next
  - 1
    - Restrict Folder Creation but not files How do i restrict users from creating more folders on a share where they have write access to. I have tried this solution but have no luck. "To open the Registry Editor, go to Start | Run, enter regedt32 in the Open text box, and click OK. Navigate to HKEY_LOCAL_MACHINE\System\ CurrentControlSet\Services\LanmanServer\Shares. Select Shares and all of the folder's subkeys. Go to Security | Permissions. For the Shares folder and each of its subkeys, grant the Read permissions (at a maximum) to the Everyone group and all untrusted domains, and click OK." Please assit Tag: IPSec experience in internal networks Tag: 63938
  - 2
    - Ad-Aware new update broken Ad-Aware, Win2000 and Win ME, AVG Free, Sygate Personal Firewall. Beginning a couple of days ago, Ad-Aware would no longer update. It downloads 5% of the new update and then says "update complete." This is the ref file dated 26-10-2002. That's right, 2002. Is anyone else experiencing this and are there any solutions? Tag: IPSec experience in internal networks Tag: 63934
  - 3
    - XP client security I have a question concerning client security. We have a demo copier that can send scanned documents in a PDF format to a shared folder destination on a workstation in our local domain by means of either SMB or FTP. With SMB, the copier uses an older method of authentication (NTLM v. 0.12) so it is incapable of accessing a folder on our Windows Small Business Server 2003 which requires the digital signing. In order for this copier to send to a folder on our server we would have to disable the digital signing on the server. That is not an option. We need to keep the server secure. Since this device can access a folder on a workstation via SMB by the method described, my question is - will this scenario compromise the overall security of our network? Will the separation from the server by scanning to a workstation allow for greater security considering the logon limitations of the copier? The ultimate goal is to place scans in a common folder on the Windows Small Business Server 2003 that can be accessed only by authorized network clients - either locally or remotely. As I also mentioned, there is a possibility of using FTP to put scans on the workstation. Only the workstation will have to have an FTP server running to accept the scans from the copier. I had heard that we should not run FTP server software on our Windows Small Business Server 2003. How will this affect our network's security to run an FTP Server on the workstation? I know that our security is only as strong as the weakest link. I am curious about the implications of either method and the effect on our secure environment. Thank you for your answers. Marvin Tag: IPSec experience in internal networks Tag: 63928
  - 4
    - Terminal Service encryption What type of encryption is Terminal Services sessions protected by, by default ? Assume launching a remote desktop session from a WinXP machine and connecting to a Win2000 and Win2003 Server. Tag: IPSec experience in internal networks Tag: 63920
  - 5
    - SPAM from "myself" to myself I've recently been getting (via AOL only) SPAM messages for pills and such that have my own email address as the sender and recipient. Does anyone have any insights into this before I struggle with the AOL people. Is it possible to stop the real sender from imitating me in this way? Thanks ian Tag: IPSec experience in internal networks Tag: 63915
  - 6
    - Security Event Messages Hello, Does anyone know of a good reference (web or book) that gives the meaning/definition of security event messages? I referenced Microsoftâ??s web site but does not provide what I need. Example: Event ID 618 â??Encrypted Data Recovery policy changed.â?? What does this mean? How was this generated? Event ID 612 â??An audit policy was changed.â?? I see quite a bit of these entries but no changes were made in the policy; this was generated by system account. I need a reference that explains why this happens and what it does? Any thoughts on a good reference for what I am looking for? Thanks Tag: IPSec experience in internal networks Tag: 63911
  - 7
    - VIDEO STREAMING DOES NOT WORK The video streaming on" foxnews" no longer work on my computer.It comes on with a black screen. I had no problem untill a few weeks ago. we have tried everything, but to no avail. HELP!!! I received an e-mail that had freaky virus.Norton found and fixed it. Could there be a connection? I have windows xp Tag: IPSec experience in internal networks Tag: 63909
  - 8
    - "A program is trying to automatically send e-mail..." workaround I have just installed SpamAssassin on my mail server. If it misses a Spam, I need to resend the spam to a particular mailbox to "Re Learn" the message as spam. Using Outlook, I have to Open the message (sometimes they are offensive), click Actions/Resend answer the "You didn't send this originally" warning, change the TO to "spam", click Send, Close the original message, and finally delete it. I wrote a macro For Each objMailItem In objExplorer.Selection objMailItem.To = "spam@visioncomm.net" objMailItem.Send Next objMailItem so I could just select a bunch of False Negatives and click one toolbar button. I guess I don't really mind the "A program is trying to automatically send e-mail..." dialog (although I'd prefer not to see it) but the 5 second delay before you can click YES is particularly annoying. I wrote a rule that does this, but it can't be called automatically. I have to move all the FN spams to a particular folder, click Rules Wizard, Run Now, confirm the correct folder is selected, select the Spam rule, and Ok, then Cancel. Also way too much work. Anyone have any ideas on working around this silly 5-second wait? Sending/Deleting a selected few messages another way? Tag: IPSec experience in internal networks Tag: 63905
  - 9
    - security: 4 Millions Domains data with Category Successfull Internet and Direct Marketing products on www.promotionsite.net * NEW * DOMUS Domains Toolkit Fall 2004 - Unique on the Net 4 Millions "Whois" Domains data with Expiration Date and Category*. Ultimate Version (October 2004) - Our best rate starts from US *$149*. A wonderful tool for Internet and Direct Marketing. Available in Basic, Advanced and Full Editions. It contains a domain database with 4 millions *FRESH* October 2004 New records .com, .net, .org. 4 Gigabytes MS Excel data zipped on CD-Roms/Dvd. Compression 3:1. MS Excel or Text tab delimited data files Available! Each record include the full "whois" fields info and homepage info: Domain Name, Registrant Company, Contact, Address, City, Tel, Fax, Email, Administrative Company, Contact, Address, City, Tel, Fax, Email, Technical Company, Contact, Address, City, Tel, Fax, Email, Billing Company, Contact, Address, City, Tel, Fax, Email, Zone Company, Contact, Address, City, Tel, Fax, Email, Name Servers until 6 name servers with IP addresses Record Created on Date, Record Updated on Date, Record *Expires* on Date Domain Title, Domain Description, Domain Keywords (*Category*), First 300 Words in the Domain Website Homepage. Download Free Demo, Screenshot, see Products Details or Order On-Line at www.promotionsite.net. Available On-Line many other Promotion Products. Instant Shipment or Download On-Line Registered Versions available! Best Regards, www.promotionsite.net The Best place where to find Internet Marketing Resources on the Net. --- This is a one-time only information. The enrolled (final) text of S. 877 as it was passed by the Senate on November 25, 2003, and agreed to by the House of Representatives on December 8, 2003, allows e-marketers to send UCE as long as the message contains an opt-out mechanism, a functioning return e-mail address and the legitimate physical address of the mailer. The bill was signed by the President on December 16, 2003, and takes effect on January 1, 2004. Your address isn't in any of our archives, however for Can Spam Act 2003 Compliance, you can remove at http://www.promotionsite.net/remove.html Tag: IPSec experience in internal networks Tag: 63904
  - 10
    - User profiles /SID Problem Description: My Windows 2000 Server had a hardware failure. I had to contact dell to send replacement parts. I had to reinstall the server OS. Then I connected my XP workstations to the server. I changed to a workgroup and then re-attached to the server. Now my User profile can not be accessed. \my computer\properties\advanced\user profile indicates the "Account unkrown" I have reattached to the server and can not get to the profile. My Backup software does not read my tapes even though they verified after every backup. I need my profile and My Documents back. What can I do. My network has been down for over a week. I am writing this email from my laptop. It too was affected. I have five computers (XP Pro) that are affected. Has anyone used regedit to change the user profile? What are my options? -- thanks Tag: IPSec experience in internal networks Tag: 63897
  - 11
    - Excessive Outgoing Packets Sent When I click on my Network Connection i see excessive packets sent. It always seems to be in increments of 4 Gig. For example, in one day, with minimal to no computer use, my computer will have 1 K packets received and 24 Gig sent. I am running Windows XP Home Edition w/ SP2. I have a cable broadband connection with a Linksys Firewall. I have always used Norton Securtity, and it never detects a virus or such. Anybody have any ideas of what might be going on? I have also used Spybot to try and troubleshoot, but haven't found much. Thanks Tag: IPSec experience in internal networks Tag: 63890
  - 12
    - LuComServer_2_5.exe After getting Norton Internet Securuity update yesterday, my computer to day first "says": ccApp.exe is attempting to access the internett and later: LuComServer_2_5.exe is attempting to access the internett. Both times asking What do you want to do? permitt or block. What's up? Knut-Frode Lid Tag: IPSec experience in internal networks Tag: 63888
  - 13
    - Outlook have a Whitelisting Policy? I see MSN/Hotmail use IronPort's Bonded Sender Program. What about Outlook? How do legitimate publishers of solicited bulk email apply for similar whitelist status with Outlook? Thanks. Tag: IPSec experience in internal networks Tag: 63886
  - 14
    - Revoking ability to set default printer? Is there any (commonly used) way to revoke a user's ability to set their default printer, such as security policies, etc. Thanks in advance Tag: IPSec experience in internal networks Tag: 63881
  - 15
    - spyware nuker I have tried several spyware programs and use online scanners as well-use ad-aware as my main one. I downloaded spyware nuker 3 days ago and it found 213 things in the registry- 2 were hot bar and the many others were web game channels (it did not specify wild tangent but I used to have that til I got rid of it...or think I did) Those of u who know about spyware nuker know that you have to register and pay to have the items removed.Same with bazooka scanner (which only found hotbar)- Of course I could manually remove them. They are ALL in the registry. WHy is it that adaware,ss&d,pest patrol,Hijack this, cwshredder, etc did not find the same ones that spyware nuker did?? 213 objects is alot. Are they an honest spyware company??Opinions please will be appreciated,thanks Tag: IPSec experience in internal networks Tag: 63878
  - 16
    - malignant process I get a window labeled process scanner that says "the program has detected 1 malignant process. It is recommended that you remove these proceses before proceeding. " I click yes to preceed and the window disappears and nothing happens. It points out that "realsched.exe" is the issue. I have ran a search and deleted it but it still comes up as the problem. How can I resolve this problem? I have also run Spybot/spybloc and spyware doctor. These do not seem to improve the situation. -- Paul Tag: IPSec experience in internal networks Tag: 63876
  - 17
    - MBSA shows two administrator accounts not listed in users&groups control panel BACKGROUND: I have a new XP system that I just recieved from my corporate IT department. While the hardware is new, there are signs in the registry that their "gold image" that they used to ghost my computer was infected with a backdoor virus about a month ago (I know you don't need to tell me!). Our INTRAnet is under daily virus attack, and they seem quite content to spend all day cleaning up user systems. But I would like mine to be secure... I have added all the security patches that they refuse to put on their gold image, and have run microsoft baseline security analyzer (MBSA) to check. SO ANYWAY - HERE IS THE QUESTION... When MBSA runs it claims that there are four administrator accounts on my system. 1) local machine\administrator 2) corporate domain\"me" 3) corporate domain\EST 4) corporate domain\"1300 it" Should I be worried? Tag: IPSec experience in internal networks Tag: 63871
  - 18
    - What could be on 25 and 110? Hi! There is one Windows Server 2003 machine with system firewall running. However while scanning this machine (using GFI LANguard N.S.S., Shadow Security Scanner and Angry IP Scanner) it shows that also ports 25 and 110 are opened. There were never neither SMTP nor POP3 service installed, netstat -ano shows no process listening on them and when I try to telnet to these ports it's also unsuccessful. So what could be a reason of such strange result? Regards Silmar Tag: IPSec experience in internal networks Tag: 63864
  - 19
    - rasmans.exe I found rasmans.exe in system32. It has been identified as trojan, maybe. So I don't know what to do, it seems there is no information about it on the Internet. I use windows xp home edition Thank in advance. Beppe Tag: IPSec experience in internal networks Tag: 63863
  - 20
    - Win XP I am using win XP. I cant see my program windows which are supposed to be on task bar, they are kinda hidden. IF I do Alt + Tab I do see them... Can anyone tell me what is my problem. Thanks Salim Tag: IPSec experience in internal networks Tag: 63862
  - 21
    - What is this batch file missing (for privacy cleaning of a windows PC) I started writing a batch file for quick cleanup of an WinXP PC. My batch file is below. I'm no expert so I am sure stuff is missing (what is missing)? The goal is a decent batch file which removes most privacy concerns. Let's say the PC should be clean enough to hand to your boss or mom. How can we improve this cleanpc.bat script? Is another cleanpc.bat script out there that is better for starters? How can we add variables (eg for the username & mozzilla directory)? Orak Listalavostok echo off erase /s/q/f "c:\temp" erase /s/q/f "c:\documents and settings\administrator\recent" erase /s/q/f "c:\documents and settings\administrator\my recent documents" erase /s/q/f "c:\documents and settings\administrator\local settings\my recent documents" rmdir /s/q "c:\quarantine" erase /s/q/f "c:\windows\downloaded program files" erase /s/q/f "c:\windows\temp" erase /s/q/f "c:\windows\cookies" erase /s/q/f "c:\windows\history" erase /s/q/f "c:\windows\tempor~1\content.ie5" erase /s/q/f "c:\windows\recent" erase /s/q/f "c:\windows\applog" erase /s/q/f "c:\windows\desktop\*.tmp" erase /s/q/f "c:\windows\prefetch\*.*" erase /s/q/f "c:\documents and settings\administrator\cookies" erase /s/q/f "c:\documents and settings\administrator\local settings\history" erase /s/q/f "c:\documents and settings\administrator\local settings\temp" erase /s/q/f "c:\documents and settings\administrator\local settings\temporary internet files" erase /s/q/f "c:\documents and settings\administrator\local settings\application data" erase /s/q/f "c:\documents and settings\administrator\userdata" erase /s/q/f "c:\documents and settings\administrator\my recent documents" erase /s/q/f "c:\windows\system32\catroot2\*.log" erase /s/q/f "c:\documents and Settings\administrator\application data\mozilla\Profiles\default\mhy0feee.slt\cache" erase /s/q/f "c:\documents and Settings\administrator\application data\mozilla\Profiles\default\\mhy0feee.slt\cache.Trash" erase /s/q/f "c:\documents and Settings\administrator\application data\mozilla\Profiles\default\mhy0feee.slt\cookies.txt" erase /s/q/f "c:\documents and settings\administrator\application data\mozilla\Profiles\default\mhy0feee.slt\downloads.rdf" erase /s/q/f "c:\documents and settings\administrator\application data\mozilla\Profiles\default\mhy0feee.slt\history.dat" erase /s/q/f "c:\documents and settings\administrator\application data\mozilla\Profiles\default\mhy0feee.slt\bookmarks.html" erase /s/q/f "c:\windows\debug\usermode\userenv.log" erase /s/q/f "c:\windows\debug\usermode\userenv.bak" Tag: IPSec experience in internal networks Tag: 63861
  - 22
    - spyware/cannot uninstall I have installed several progs from a win xp mag cd and when I run yahoo antispy it tells me that I have gator/claria, trouble is I cannot get rid of it how do I do this without having to uninstall all of the progs Tag: IPSec experience in internal networks Tag: 63856
  - 23
    - Offer any Help for XP When I double click to open anything, my computer automatically opens Search, for searching files on my computer.... anyone know how to fix this? The only way I can open files or click icons is by right clicking and chosing open from the menu that appears... I am using XP Tag: IPSec experience in internal networks Tag: 63852
  - 24
    - MP3W.EXE This program is displayed on my Windows 2000 Professional Task Manager Processes using 95-98% CPU time. Is this a system file? Is it a virus? Norton doesn't recognize it. AdWare SE doesn't recognize it. Explorer Find can't find it on any of my hard drives. Does anyone know what this is? Tag: IPSec experience in internal networks Tag: 63850
  - 25
    - Lost Property Window and MP3W.EXE I have noticed a process in the Task Manager called MP3W.EXE running up to 95-98% of my CPU cycles almost constantly. I have run AdWare and Norton's Antivirus to detemine if this was a foreign file to no avail. To further investigate, I tried to isolate the program through the Services folder by changing through the properties most services running as "Automatic" to "Manual" and then stopping them. With most of my services now "Stopped" and the MP3W file still running, I have found I can't change the properties from Manual to Automate because the property window will not display. I have tried to reload Windows 2000 Prof to resolve my dilemna but Windows installer says there is another installation in process and terminates. I have searched all hard drives for MP3W.EXE using Explorer Find but to no avail. I fear I have compounded the problem and now can't tell if this MP3W is a virus or a system file. Is there anything I can do to resolve this situation? Tag: IPSec experience in internal networks Tag: 63849

I have been reading documentation on enabling IPSec on AD environment via
group policies (client-to-client, server-to-client, server-to-server).

In general, for a 3,500+ PCs environment, with 120 Win2000/Win2003 servers,
what would be the maintenance involved when enabling IPSec ?
Do you think that encrypting data internally with IPSec is that something
organizations are really doing successfully these days ?

Top

Re: IPSec experience in internal networks by Steve

Steve
Mon Nov 08 13:44:24 CST 2004

These questions are not necessarily related.

You are not required to encrypt if you choose to implement IPsec. You can
use ESP with null encryption (specified in RFC 2410) and use NAT-T.

It's perfectly viable. We use ESP with and without encryption for 50+
thousand users here at Microsoft.

Your biggest maintenance headaches will vary. Usually, there is a spike in
helpdesk calls related to the IPsec rollout. This is normal (as it is with
any change across the enterprise) and after the helpdesk and user base
normalize, the calls should return to pre-rollout levels.

The beauty of IPsec transport mode is that it can be made nearly transparent
to the user. Unless you have a watch and start timing things like "fall
back to clear" you'll have a hard time knowing it is running.

"Marlon Brown" <marlon_brown@hotmail.com> wrote in message
news:uJz0pncxEHA.3224@TK2MSFTNGP14.phx.gbl...
>I have been reading documentation on enabling IPSec on AD environment via
> group policies (client-to-client, server-to-client, server-to-server).
>
> In general, for a 3,500+ PCs environment, with 120 Win2000/Win2003
> servers,
> what would be the maintenance involved when enabling IPSec ?
> Do you think that encrypting data internally with IPSec is that something
> organizations are really doing successfully these days ?
>
>

Top