Information Security Forum

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - HELP! members only gateway access How is the best way to let members of a club or orgianization gain access to a sub web? Do I need a database with everyone's name or can they just create their own password? I want to spilit the web site so we have general public access and then members only to the sub web. HELP please! Tag: Information Security Forum Tag: 71231
  - 2
    - export security settings ? Hello All I have two W2K3 servers both in different workgroups. One has been hardened. I wish to harden the other server using the same settings. Will the following process work? Run the security config' and analysis tool on the hardened server. create a new database and import the setupsecurity template. Analyze the computer. Export the settings to an .inf file. On the second computer Run the security config and analysis tool Create a new db and import the .inf file previously created Configure the computer. I have tried doing this using a VMware machine as the second server and it doesn't work correctly. Am I doing something wrong? I would be grateful for any advice. Thanks in advance. Simone Harris. Tag: Information Security Forum Tag: 71225
  - 3
    - Accessing SQL2000 on a Win2003 server Hello I am reposting my previous question adding additional info... I am trying to access a Win2003/SQL2000 server from a Win2000 (web)server. To test the access I am windows-loging in the Win2000 server and I am manually testing a UDL string. I am accessing the DB using SQL authentication. There is no domain - only a workgroup. If the windows user I using to login (on the Win2000 server) can authenticate on the Win2003/SQL2000 machine (it exists and has the same password) then the UDL connection succeeds. However if the windows user cannot authenticate then the UDL fails. (Obviously web accesses to the DB also fail b/c they are done using the IUSR user). Notice that this problem does NOT exist if I try to access SQL2000 on a Win2000 server. I suspect this has to do with stricter permissions for anonymous access to the Win2003 server (compared to Win2000). I have changed the following security settings on the Win2003 server: - Enabled "Let Everyone permissions apply to anonymous users" setting (KB 822011) - Enabled SID/Name translation and TurnOffAnonymousBlock (KB 839569) - Added "Everyone" in the "Allow Logon Locally" setting The problem still remains. Does anyone have any other ideas? I am more or less stuck! many thanks christos Tag: Information Security Forum Tag: 71224
  - 4
    - Windows Firewall fails to start on Windows Server 2003 Hello, i have a Windows Server 2003 SP1 - Standard Edition. I want to use the Windows Firewall but every time i start it (Control Panel/Service) I get this message: "Windows Firewall cannot start because another program or service is running that might use the network address translation component (Ipnat.sys)" I'm using RRAS for VPN calls. Thank you all Tag: Information Security Forum Tag: 71223
  - 5
    - Files to exclude from scan I hope this doesn't sound like a stupid question, but...I have LOTS of clip art & photo files on my PC (that come in Program Files\Microsoft Office\Media\...). What is the likelihood that any of these could become infected? When I scan for viruses and malware, it takes FOREVER to get through all those files. If I don't really need to scan them, I could exclude them from the scan processes. Just wondering... TIA! Tag: Information Security Forum Tag: 71222
  - 6
    - Certificate Request Denied Denied by Policy Module This is the error message I get when I try to get a certificate ..can any one help... Thanks James Certificate Request Denied Your certificate request was denied. Your Request Id is 30. The disposition message is "Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy: True. ". Contact your administrator for further information. Tag: Information Security Forum Tag: 71221
  - 7
    - Accessing SQL2000 on a Win2003 server Hello. I am running a SQL2000 server that is accessed by our webserver. The problem is the webserver cannot access the SQL server on a Win2003 machine (it works if the DB is on a Win2000 machine). What I noticed is that DB accesses only work for windows users that authenticate on the DB machine. So if I manually try to establish a connection it works (my windows user exists on both the webserver and the DB server machines). However the IIS anonymous user doens't exist on the DB machine. I suspect this is a Win2003 add-security setting. Does anyone know what I have to toggle? trillion thanks christos Tag: Information Security Forum Tag: 71220
  - 8
    - Pocketpc Hi all, Have one user that gets the following message when synching their PPC2003 handheld using Activesync 3.8 to their Exchange 2K3 calendar via Outlook 2K3: Cannot read one instance of this recurring appointment. Close any open appointments and try again, or recreate the appointment. We have run Office Update and applied all updates. Can you either tell us how to fix the problem or give us some suggestions for troubleshooting? Thanks. Tag: Information Security Forum Tag: 71217
  - 9
    - SUS with very slow network - any alternatives download patches - URGENT Hi there I have a SUS server with very slow connetion to the internet. So I would alternative download the patches from microsoft from another pc and copy them direcly on the SUS server. Anyone have the idea how to do this. Please help it is very urgent :-) Regards Henrik Tag: Information Security Forum Tag: 71215
  - 10
    - IPSEC on Win2k3 - block all default/except for a few ports Hello All, I've searched high and wide, and can't get this to work. I want to enable within IPSEC on Windows 2003 Server to block all ports by default unless specified (e.g. port 80, 443, 1723, 3389, etc). Once I enable a filter action of block all within IPSEC, it disables everything, except ICMP traffic. Any ideas? If I look at IPSEC Monitor, I noticed what under Quick Mode->Generic Filters->Block is the default, not sure why though. Source - ANY Destination - My IP Protocol - ANY IP Filter - All Filter Actions - Block IPSEC Rules - RDP - Allow - ICMP - Allow - All - Block - Dynamic - Default Response (Preshared Key) Thanks, -Ben Tag: Information Security Forum Tag: 71214
  - 11
    - complex passwords Hello friends, in Server 2003 how do I disable the complex password policies I just want simple passwords. Ray Tag: Information Security Forum Tag: 71213
  - 12
    - Is Skype safe for user? The use of Skype is completely based on internet. I wonder if the software is secure. Any severe security problems found in this software? Any technical comments would be much appreciated. Tag: Information Security Forum Tag: 71202
  - 13
    - Rename the "Guest" account as "administrator"? Hi, friends. I heard of a method, renaming the *disabled* "guest" account as a dummy "administrator", in order to transfer the potiential risks. Would the strategy work well? Would the diabled account remain "diabled"? Tag: Information Security Forum Tag: 71201
  - 14
    - Performance counters & permissions Hi! I have a problem reading counters in certain performance objects when the user performing the check is not a member of the local administrators group. My test setup: - In a Win2003 active directory, I have 2 member servers - 1 server running Windows Media Services (Win2003) - 1 server monitoring other servers through perf counters (Win2k) - I have 1 domain user who is a member of the local "Performance Monitor Users" and "Administrators" groups on the Win Media Services server. Logged on to the monitoring server with the credentials of the domain user mentioned above, I start perfmon.exe, click "Add" and connect to the Win Media Services server. In the "Performance object" drop-down menu, I see a lot of objects, among them: - Terminal Services - Terminal Services Session - Windows Media Publishing Points - Windows Media Services - WMI Objects I close perfmon.exe and remove the domain user from the local Administrators group on the Win Media Services server. I restart perfmon.exe on the monitoring server as described above, and all the performance objects mentioned above are gone (there might be more objects gone, but my main concern is with the "Windows Media" objects - I just noticed the others since they where toward the end of the list, too). It's obvious that just being member of the local Performance Monitor Users group is not enough to read all performance counters. What permissions do I have to grant the domain user in order to access the performance counters in the two Windows Media performance objects? Is there an overview somewhere of the permissions needed to monitor other objects? Regards, Steinar Skjelanger Tag: Information Security Forum Tag: 71200
  - 15
    - Virus in System restore I need help with a virus problem. My anti-virus software (SystemSuite) detected yesterday that i had a virus called TROJ DYFUCA.I . It tried to wipe it out but was only able to get part of it because it stored itself in my restore files. I did some research and found that this virus was most likely caused be spyware. I need help with how to either delete the infected Restore Point Files or find software that will wipe it out for me. I imagine that actually performing a system restore wont help because i dont know for sure how many Restore files are infected. Can somone give me instructions or point my towards some software? Tag: Information Security Forum Tag: 71196
  - 16
    - Spurious Logon/Logoff Success Auidt events I did an in-situ upgrade of a Win 2K domain controller to Win 2K3. Now I get heaps of Success Audit events in the Security log. Ther are all 540, 538, 576 (logon/logoff) most from the server itself. Any ideas why this is happenning? TIA Patrick Tag: Information Security Forum Tag: 71188
  - 17
    - New Instant Messaging Viruses - Avoid Files & URLs (FYI) New Instant Messaging Viruses - Avoid Files & URLs: http://msmvps.com/harrywaldron/archive/2005/05/01/45335.aspx -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE) & Security Tag: Information Security Forum Tag: 71178
  - 18
    - Cannot authenticate to MS IAS (RADIUS) server using Linksys WAP54G Hi, I'm trying to access to a test domain using PEAP-MS-CHAP V2 using the following setup. 1. One W2K Server (sp4) in mixed mode running (DHCP, DNS, WINS, IAS and Microsoft CA). 2. One W2K Server (sp4) running RRAS and Microsoft ISA server 2000 (sp2). 3. Linksys WAP54G wireless AP (access point). 4. All servers and wireless AP connected to a 10/100 switch. My laptop running W2K Pro (sp4) cannot connect to the domain. Each time, I received a pop up msg asking me if I want to say YES or NO to accept the certifiate, I press YES. Also a username, pw and domain window popped up but each time I entered the information, these two windows kept popping up. Can someone pls help me out here? TIA. Dan Tag: Information Security Forum Tag: 71168
  - 19
    - blocking readnotify.com and other companies I would like to know how I can block information(ip, location, time and date) from going to readnotify.com and the other companies out there every time I open my email. Thx........ Tag: Information Security Forum Tag: 71151
  - 20
    - Do I need to use the SysKey utility to enhance the security? For the Syskey, please refer to http://support.microsoft.com/kb/310105/ Do I need to use the utility? What is the difference between Startup Password & Account Password & the password of BIOS? Tag: Information Security Forum Tag: 71150
  - 21
    - cannot find SKU11.CAB i uninstalled microsoft office 2003 free trial but when it went to install again it stopped because it couldn't find the SKU11.CAB file. im not da only person wiv dis problem can sum1 plz help me im desperate Tag: Information Security Forum Tag: 71136
  - 22
    - Script to set folder security I recently moved the home folders for 900 students to a new 2003 server and when I did I messed up all the folder security settings. The folders name is based on the users login name. Is there a way to run a script that would read the folders name and then set the folders security to give that user full permission, and give a number of other security groups permission at the same time? E.g. user:F Domain Admins:F System:F and teaching:F Tag: Information Security Forum Tag: 71135
  - 23
    - Windows 9x user longer than 5 chars can't log into windows 2003 do Hello, for several weeks windows 9x client can't log into our domain, strange thing is that if the user is less than 6 charecters it can log into the domain, articles has suggested changing the local domain policy NTLM to NTLM 2, but this changes eliminated the abilitiy to log in at all. any one?! suggestions? Regards, Dror Admon Operations & Infrastructure Manager Sheba Medical Center Tag: Information Security Forum Tag: 71132
  - 24
    - Microsoft AntiSpyware - Developer info - How to make installation of non-intrusive ActiveX DLL more user friendly? Greetings all. I was wondering is any developer information is available for microsoft antispyware product. We are a software vendor, who's developing a by-no-means non-intrusive, non-spyware ActiveX control meant to be run inside IE. Our users which have MSAS installed, are getting an "unknown activeX, block-allow?" question once installed although we digitally sign both the installation package and the DLL file itself. Maybe it's possible to get enlisted in the MSAS database? Or anything else? There's very little information regarding this issue on MS website... Tag: Information Security Forum Tag: 71131
  - 25
    - Should I set passwords for the three accounts to enhance the security? Should the three accounts, which are Guest, HelpAssitant,SUPPORT388945a0, be configured strong passwords to enhance the security of OS? Should I disable Guest & default Administrator to enhance the security? Tag: Information Security Forum Tag: 71129
- Next
  - 1
    - Hector saftey button Hi I have just d/loaded the hector saftey button(both versions) from the microsoft site. I am using win xp pro with all the latest updates instaled. The exe file will not run and is displaying the error message. "C:\windows\system32\autoexec.nt, the system file is not suitable for running MS-DOS and microsoft windows applications.Choose close to terminate the application." As stressed there are two files of this application one for Win Xp and one for all other systems. I have d/loaded both, both do the same error message. Please please reply to Bernard@ihug.co.nz as well please as i do not go to the newsgroups all of the time. Tag: Information Security Forum Tag: 71120
  - 2
    - password filter -parameter mismatch i have wrote a password filter dll in c++. When i try calling that dll from vb6 it works fine. But when i am trying to install on domain controller i am not getting the correct value for user name and password. I get only one character as user name and password. Do i need to install any lib. on domain controller? My function parameter are as follows BOOLEAN __stdcall PasswordFilter( PUNICODE_STRING AccountName, PUNICODE_STRING FullName, PUNICODE_STRING Password, BOOLEAN SetOperation ) stru defination is typedef struct _LSA_UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING, UNICODE_STRING, *PUNICODE_STRING; Tag: Information Security Forum Tag: 71118
  - 3
    - Can "trusted Computing" be trusted? http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html IM Tag: Information Security Forum Tag: 71116
  - 4
    - RUN TIME ERROR ???? Hello The following error continues to pop on my screen when logging onto limited accounts, and at the same time it does not allow me to log on BUT changing the account to one as a Computer Administrator ... it logs on fine, No Error. ------------------------------------ Run - time error '26001': Failed to set registry value Key:'2147483646', Section: Software\Microsoft\Windows NT\Current Version\Winlogin',Key:'Userinit' to value:" ---------------------------------------- Any help with this error would be mighty appreciated. P.S. I do not want everybody to have Computer Administrator priveeys!! Thankyou much all. Tag: Information Security Forum Tag: 71113
  - 5
    - Please Help!! Security policy Hi to everyone!! I don't know if i'm in the right place or not but i have a question regarding writing a security policy for a company. The client has multiple servers running Novell 6.0 + NT PDC + Memeber Servers windows 200x + Unix SCO servers in the environment. They want to me to write a security policy or what are the procedure when somebody left the company or been fired, when a high ranking IT manager who knows all the passwords and all wants to leave or fired. what to do??? first actions??.... examples like disable account, changing the passwords,at NT + NOVELL + UNIX at e-mail, VPN and so on... Ex: when been fired , the person is escorted to the door. I need help!! i need an exisitng procedure to base on.. Please help ant suggestions. Tag: Information Security Forum Tag: 71108
  - 6
    - Getting windows Security Center to NOT warn of AV not running Running xp home, sp2. Using Sygate firewall, Norton AV 2004, Spy Sweeper, Spyware Doctor, AdAware. Because of the time required for all these to open at boot, Windows Security gets impatient & thinks the AV is off, so it gives me a "balloon" telling me the program isn't running at each startup. Any way to disable this alert? I looked through the Windows Security settings, if it's there I can't find it. TIA Dan Tag: Information Security Forum Tag: 71103
  - 7
    - Failed to initialize crypto API Hi, Is there any way I can run an application that requires ms crypto api (CAPI) without an administrator privileges? I get the following error "Failed to initialize crypto API" when trying to run a ciscosecure app and cisco says that is because microsoft requires admin access to use the crypto api. Is this true? Is there any work around for this since I dont have an admin account, but still need to run the app. Please help! Thank you Tag: Information Security Forum Tag: 71092
  - 8
    - Enabling virus protection Hello The question I am about to ask might sound very silly but it's really bugging me. I've tried day and night and I just can't find where to go to enable the virus protection which comes with Windows XP. Please could some one help me out???? Thanks Phil Tag: Information Security Forum Tag: 71084
  - 9
    - Windows 2003 Server SP1 Removes the MS03-039 Patch Using Windows 2003 SP1 and after running an ISS scan shows that patch MS03-039 needs to be applied. When I tried to apply the MS03-039 patch (Windows 2003 version) it will not install and a message box popped up stating there was already a newer version of the file because a service pack was applied. Did a fresh install of Windows 2003 Server and appled the MS03-039 successfully and ran Windows Update and completed all updates with the exception of SP1. Using the KB824146 scanning tool, it showed the patch was still applied. After applying SP1, the scanning tool showed MS03-039 patch was NOT installed and required investigating. Anyone have suggestions? -- JJ Tag: Information Security Forum Tag: 71082
  - 10
    - Authentication with MAC Is it possible to use IAS to authenticate a wireless card through RADIUS using the MAC address? If it is how would you configure this? Thanks, Ed Tag: Information Security Forum Tag: 71075
  - 11
    - How do I prevent users from using any form of password or other ge There used to be a way in NT4 to update a dll that prevented users from using password or any variation of password as their login password. Is that possible in 2003. I've heard of 3rd party tools but I don't want to spend the money. Tag: Information Security Forum Tag: 71070
  - 12
    - how to disable point-to-point tunneling protocol (pptp) anybody how to disable point-to-point tunneling protocol (pptp), port 1723 on a windows 2000 server? it's a system process but not sure how /what launched it -- poco Tag: Information Security Forum Tag: 71069
  - 13
    - Dialer.WSV Hi, I hope somebody can help me, my pc is infected with a virus called Dialer.WSV and also with a form of adware by the name of adag.exe. Norton will delete Dialer.WSV but will not delete adag.exe. I am unable to manullly delete the adware. Tag: Information Security Forum Tag: 71066
  - 14
    - how to restrict limited user only visiting several websites Windows XP SP2, the administrator account want to restrict limited account only visiting several dedicated websites, and forbidden the limited account visit all the rest websites! My ideal is that disable quering DNC server, and mapping the IP addresses to host names only which I allow the limited account to visit...... But the drawback is that the limited account user can input the IP address directly in browser! Maybe there have other methods to accomplish the hard work! __ Lecter - "Trust No One!" Tag: Information Security Forum Tag: 71060
  - 15
    - Spybot found DSO Exploit I recently installed Spybot & it has found 5 entries re the above, details are: HKEY_USERS\S-1-5-18. Registry Change. HKEY_USERS\S-1-5-21. Registry Change. HKEY_USERS\S-1-5-20. Registry Change. HKEY_USERS\S-1-5-19. Registry Change. HKEY_USERS\DEFAULT. Registry Change. Can I remove these safely without causing any problems please? (As lately I've had quite a few)!! Many thanks Tag: Information Security Forum Tag: 71056
  - 16
    - OWA CITRIX SECURITY Hi there, We have a sytem with one domain and two sites.These 2 sites are connected to internet and eachother through a firewall located in somewhereelse. We are now considering remote acces to exchange server.We have 2 considiretaions. 0ne of them is owa, the other one is Citrix. Which one should I prefer and is more secure? Thanks -- Tag: Information Security Forum Tag: 71055
  - 17
    - 2003 Enterprise CA, MSCEP - 0 length cert message on cisco 837 rou Hello Everyone, I'm trying to use MSCEP on a 2003 Enterprise CA to request a certificate for Cisco 837 router. When I run the cisco command "crypto ca authenticate TRS-AD-CA" the router comes back with a message "% Error in receiving Certificate Authority certificate: status = , cert length = 0" which indicates that my 2003 CA is not sending anything back for the request. I can successfully request a certifcate from this router when I connect to a 2000 Standalone CA but my new 2003 Enterprise CA is not working correctly. I initially had problems with the 2003 Cert Server installation as IIS was already installed on the server before DCPROMO was run however I followed the Microsoft Knowledge base article (332097) and corrected the security permisions. When I install MSCEP I can see that the CA issues an "Exchange Certificate" and "CEP certificate" but there is still something wrong when trying to get the router to request a cert. I think the CA is okay as I can request other Certs from a web browser etc. and I see my AD Domain servers have automatically requested and received certificates however my MSCEP is failing. Does anyone have any ideas where to look to resolve this problem as I can't find any similar problems on the internet. Thanks in advance, Peter Arians. Tag: Information Security Forum Tag: 71054
  - 18
    - What happened to my OS? I used anti-spyware software Ad-ware to scan my OS. Below is the log: Vendor:Windows Category:Vulnerability Object Type:RegData Size:6 Bytes Location:exefile\shell\open\command "" (%1 %*) Last Activity:2005-4-28 Risk Level:Low TAC index:3 Comment:Possible virus infection, executable file extension compromised Description:General Windows Security Issue. Your system security may be compromised. The specifics of the possible compromised item are listed in the comments section. I have fixed the problem with the software. But what confused me is what and when caused the problem? Thank you. Tag: Information Security Forum Tag: 71052
  - 19
    - Limiting Logon to a Specific Group of Computers I know the method of how to specify what computer a users account can logon on to, but I was wondering if there are any limitations. Somebody told me that I can only limit the number of computers on person can logon to which is 30. Does anyone know if this is true or not? TIA CurtisC Tag: Information Security Forum Tag: 71041
  - 20
    - Password/Authentication Problem Our W2K3 server suddenly (as far as we can tell) started denying access to any user whose account was created, or whose password was changed after some unknown event occured. Any user created before the event and whose password has not been changed can login without dificulty. The problem users receive the "incorrect username or password" message. Any ideas what happened and how to fix it? Thanks! Tag: Information Security Forum Tag: 71040
  - 21
    - Generic Account Password Failures Unfortunately at this time, we are required to provide a generic account to a group of people that are attached to the domain. On occasions, the password will just quit, die, stop working, and we have to reset it. Has anyone else experienced this kind of an issue and was it solved? TIA CurtisC Tag: Information Security Forum Tag: 71039
  - 22
    - Authenticating user's join domain credentials ? --- win32 api ??? Hello Gurus, I have a scenario where I have to validate a given set of credentials, without actually joining a computer to a domain, using the credentials. The information I have username password domain name computer name I am trying to find a windows native/managed api, which would let me do that. I did find some api which would let me Join the computer to the domain and unjoin from the domain. I am sure these api, internally, are using some low level functions/api to authenticate the credentials first before attempting to join the system to the domain. Your answers are highly appreciated. Thanks in Advance. Srikanth Tag: Information Security Forum Tag: 71037
  - 23
    - Root CA Certificate vs Client Cert Expiration I have a very basic security question. If I set up a root CA for my domain and begin handing out all kinds of certs that expire in a year. Do I have to keep renewing those client certs every year or will they automatically pull down a new one upon expiration? Or do I just need to assure that my Root Cert doesn't expire before being renewed? Tag: Information Security Forum Tag: 71034
  - 24
    - Process ownership Hi, I want to control who a process is running as on the fly. Is this possible? LogonUser and impersonation doesn't seem to work because LogonUser doesn't actually start everything needed by that user. VPN connection for example. I see so much about Security IDs and such, is there a way to manipulate the owner of a process while the process is running via these IDs? I don't see any apis that take UN, Domain, and PW like LogonUser. Thanks Tag: Information Security Forum Tag: 71033
  - 25
    - Free Download: Visio Connector for MBSA Visualize the security status of your network with the Visio Connector for MBSA. This free utility allows you to view the results of an MBSA (Microsoft Baseline Security Analyzer) scan in a clear, comprehensive Visio 2003 network diagram. You must have both Visio 2003 and MBSA 1.2.1 for this connector to function. Learn more or download this free utility at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx Sanjay Puri This posting is provided "AS IS" with no warranties, and confers no rights. Tag: Information Security Forum Tag: 71031

When ISO 17799 tells that a Informaton Security Forum must be set, who should
conform this forum?
Should Internal Auditors be part of this Forum?
What are the members in existing organizations?

Thank you in advance.
--
Carlos Morales Zapata
Ejecutivo de Seguridad InformÃ¡tica

Top