Password history and accumulation

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - WARGAMES style security At the beginning of the movie 'War Games', they had a scene in the missile silo where 2 guys had to turn a key to launch a missile. We want the same level of security present for server logins. Is there a 1st or 3rd party option available that would require TWO administrators to be physically present to log into a server/domain? We have a client that needs VERY strong security and wants it to be impossible to log in as an admin without 2 people being present and both logging in at once. Please help me find out if this is possible, even if it is a custom development job? Has anyone ever heard of this feature or is this the first request? Thanks in advance, you can also reply to thepiper @ one.net (no spaces) if you would. Tag: Password history and accumulation Tag: 74661
  - 2
    - Aging User objects with Active Directory Anyone know if there is something other then the "accountExpires" attribute on User objects which can be used to "age" user objects? I would like to be able to delete a user object after it has reached a certain age, anyway to accompish this? -- Rick B., CISSP Tag: Password history and accumulation Tag: 74655
  - 3
    - NT User A/C Lock It's found that some users account locked suddenly. The a/c lock is not caused by user fail to attempt password. The a/c locked suddenly during user normal operation... user is successfully logon into the workstation already. 1) It's under NT domain environment 2) the problem happen after users have changed their password Can anyone help? thanks eo Tag: Password history and accumulation Tag: 74652
  - 4
    - Com server setup Hi People We have just upgraded to Windows 2003 and now we need to make a com server application run on this new platform. I can register the application (and see it show up in dcomcnfg). The problem is that I need to set the identity the compoenent is run as, and I need to set who has launch permissions to the compoent. This I have to do using etiher a command-line tool or programmatic (It is to be used in a unattended installation). In Windows 2000 I used the utility called DCOMPerm library, but it doesn't seem to work under Windows 2003. I hope someone has an idea of how I can do it. Best Regards Brian Tag: Password history and accumulation Tag: 74648
  - 5
    - Norton Internet Security The last time I updated virus definitions on my computer, something was also changed on my system. Now, everytime I tell Outlook Express to Synchronize, it times out; it is unable to communicate with the server at my ISP. After calling tech-support, I was told to disable both "Internet Security" and "AntiVirus Auto-protect" whenever I want to send/receive mail. Isn't there a way to configure Norton to recognize Outlook Express as having a need to go to Internet on-the-fly? Thanks a lot. Tag: Password history and accumulation Tag: 74634
  - 6
    - different user groups with different security settings and windows environment My machine is a standalone machine without any AD setting. I am planning to set different user groups with different security settings and windows environment. From gpedit.msc, there are only Windows Setting->Local Policies->UserRightAssignments and Windows Setting->Local Policies->Security Options working with User Groups. The other policies affecting all users. I need the very tight security user group for working only with one or two banking web sites, no other application runs, no application can be install, and no communication to other sites. Limited ports. The cleaning process should run during login and logout. The point is to avoid the backdoor and keylogger. Another user group for general usage, like accessing chatroom site, ICQ, YIM, game. How can I do this? Any suggestion on setting user groups to acheive security? Thanx a lot Tag: Password history and accumulation Tag: 74633
  - 7
    - Trojan problem Hello. Microsoft Antispyware found Trojan.KillReg on my system. Yesterday I discovered Trojan.KillReg when Microsoft Antispyware did a scheduled scan of my system and I deleted the trojan. However today Microsoft Antispyware found it again so this time I've quarantined it. If it comes back how can I remove it from my system? I try to be careful about my security. I surf the net using a limited account in XP and I even use my HOSTS file to block sites. I have XP home edition with SP2. AVG antivirus (up to date) ZoneAlarm. Microsoft Antispyware. Spybot S&D. SpywareBlaster. MailWasher. -- To reply via email, Remove "UNTRUE" and replace "INVALID" with .co.uk _ _ _ By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest. --Confucius-- Tag: Password history and accumulation Tag: 74626
  - 8
    - Posting deleted? Why was my last posting deleted and by whom -- To reply via email, Remove "UNTRUE" and replace "INVALID" with .co.uk _ _ _ By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest. --Confucius-- Tag: Password history and accumulation Tag: 74624
  - 9
    - Help Trojan.KillReg Hello. Microsoft Antispyware found Trojan.KillReg on my system. Yesterday I discovered Trojan.KillReg when Microsoft Antispyware did a scheduled scan of my system and I deleted the trojan. However today Microsoft Antispyware found it again so this time I've quarantined it. If it comes back how can I remove it from my system? I try to be careful about my security. I surf the net using a limited account in XP and I even use my HOSTS file to block sites. I have XP home edition with SP2. AVG antivirus (up to date) ZoneAlarm. Microsoft Antispyware. Spybot S&D. SpywareBlaster. MailWasher. -- To reply via email, Remove "UNTRUE" and replace "INVALID" with .co.uk _ _ _ By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest. --Confucius-- Tag: Password history and accumulation Tag: 74623
  - 10
    - trusted ip address i have mc afee protections i keep getting attempts to use my computer and questions do you trust this site. what are the trusted ip addresses. following the ip pool 70 - 20118-113-pitt.east.verizon.net address would this be a hacker -- mrs ditty dot Tag: Password history and accumulation Tag: 74617
  - 11
    - Data Executable Prevention My team and I develop a program on VB.net. To run this program, user will need to run an execute file (.EXE). The problem is that XP SP2 will also prompt a windows and ask whether user want to run or cancel this. Ofcourse, this case we need to run this program. So, is there anyway I can disable this action. It is bothering our users a lot. Thanks in advance Tag: Password history and accumulation Tag: 74613
  - 12
    - product key I seem to have lost my product key code for my windows 98se. I don't have it installed right now so I can't pull it from the registery. Is there any way I can get the product key again? Tag: Password history and accumulation Tag: 74606
  - 13
    - Univers.exe and dingping.exe services won't stop This is a multi-part message in MIME format. ------=_NextPart_000_0086_01C59A9E.C7FDB390 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello. On a SBS2000, SP4 server, does anybody know how to stop and kill = Univers.exe and dingping.exe ? When i try to stop them in services, it say that it can't stop them. = When itry to delete the files from WINNT\SYSTEM32, it won't let me = delete them even though they are not read only. Any help would be greatly appreciated. Thanks, Tony ------=_NextPart_000_0086_01C59A9E.C7FDB390 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.3790.2440" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial color=3D#0000ff>Hello.</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>On a SBS2000, SP4 server, does = anybody know=20 how to stop and kill Univers.exe and dingping.exe ?</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>When i try to stop them in = services, it say=20 that it can't stop them.  When itry to delete the files from=20 WINNT\SYSTEM32, it won't let me delete them even though they are not = read=20 only.</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>Any help would be greatly=20 appreciated.</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>Thanks,</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff>Tony</FONT></DIV> <DIV><FONT face=3DArial = color=3D#0000ff></FONT> </DIV></BODY></HTML> ------=_NextPart_000_0086_01C59A9E.C7FDB390-- Tag: Password history and accumulation Tag: 74599
  - 14
    - I Update and Check Daily After Getting burned more than a few times from Viruses and Spyware, I now update MS Windows, Use Spybot search and destroy, AVG AntiVirus software, RegScrubXP To clean registry, Pc Doctor to check for errors and lastly Registry First Aid. I update and Run These Every Single day. This might seem over kill but most of the time one picks up an error that the others Don't. Very RARELY Do I get Pop ups and spyware. Tag: Password history and accumulation Tag: 74597
  - 15
    - Anyone familiar with wp-inklineglobal.com? I tried updating my subscription to Norton anti-virus (fairly late at night, which is why I didn't clue in at first). During the process of ordering, a page came up that looked much like the other pages, and I continued my order. It had a "McAfee Security Recommends' logo and "STOP SPAM EMAILS" with a button to Download SpamKiller, and packaging that looked like the Norton and McAfee packaging. It still looked legit. Anyway, I was tired, and I processed my order with my credit card, thinking I was still on the Norton site. When the invoice came to my inbox, it said "Thank you for purchasing from inKiline Global, Inc." and the charge would be processed as WP-INKLINEGLOBAL.COM. I wanted to request a refund, because this obviously was not from the Norton/Symantec site. When I went to the refund site, it said I have to fax my refund request including the copy of the invoice which has my name, address, phone#, and 2 email addresses on it ,to Singapore or the US. Now I'm afraid to fax anything to them (I'm in Canada), and I'm afraid to download the software in case it's going to unload a world of crap on my system. Has anyone heard of the company? I'm unable to find anything on sites that compare or rate software programs. Tag: Password history and accumulation Tag: 74595
  - 16
    - Dedicated admin to handle patch management ? 130 servers organization, 3,500 PC's. 3 sysadmins. So far each sysadmin has been responsible for patching respective servers they maintain. Do you agree that a more effective approach is elect one sysadmin to be responsible to patch all servers and workstations ? Tag: Password history and accumulation Tag: 74592
  - 17
    - cydoor/altnet & others I am helping a friend clean up her pc. I am no expert. but I have learned some & consider myself a novice still. I installed on her pc this. ZA, AVG, Ad-aware, spyblaster, SS&D, Hijack this, stinger, silent runners. I have NOT installed sysclean yet. Immediately, ad-aware found about 2500 things in the first scan. and about 23 viruses/backdoor trojens, etc. the other programs have found stuff too. as well as Yahoo antispy (included in the tool bar)- but, 3 programs can not take out cydoor/altnet. I researched and found out that Kazaa has to do with it. I already deleted it from the control panel Add & remove programs. have done safe mode scans. I was wondering if someone knows of a fix to delete these 3 types of malware.=cydoor/altnet & maxspeed & 2nd thought. I delete Max and 2nd with the programs, but I rescan & there they are again. Note: I disabled system restore and have scanned that way too. thanks for your advise -- Thanks so very much for your help-! ! ! ! Tag: Password history and accumulation Tag: 74582
  - 18
    - General antispyware question for - enterprise deployment Currently on a small network with 2 remote sites, and one "HQ" site, with roughly 55-60 users, I manually installed MS anti spyware on end user machines, and it seems to get the job done. All detection/deletion/quarantines happens in the background, via all the checkboxes are checked. We'll have a professional consulting company upgrade our 5.5 network to 2003 enterprise. Every client PC is running XP SP2 with the latest updates via: "Download the patches, but let me choose when to install". What do people here think about Symantec 10.0 CE which has integrated spyware monitoring / removal capability built in to the antivirus shield agent as compared to MS antispyware. What do people here think about Cisco CSA? I need some good indepth opinions on what people think is the most quality enterprise approach to "deploying antispyware agents", either signature based or behavior based applications. Or do some of you use server level applications like surfcontrol/websense that take care of all of it? Good discussion on this would be nice,because this is an issue we want to cut at the knees. Tag: Password history and accumulation Tag: 74578
  - 19
    - Beta Spyware warning I have had the Microsoft AntiSpyware running for a few months and no complaints. I also have a program called "Startup Inspector for Windows" on my computer which I got at http://www.windowsstartup.com/. Startup Inspector looks at the programs that run on startup and tells you what they are and suggests if you should disable them or not. Microsoft AntiSpyware puts a program in the registry startup call gcasServ.exe. In the past, Startup Inspector had no information on this program. Now, Startup Inspector says in the comments for gcasServ.exe ; "Added by a variant of the RBOT WORM! Do not confuse with the Microsoft AntiSpyware executable of the same name." I uninstalled Microsoft AntiSpyware, rebooted, redownloaded it, then reinstalled it. Then I ran Startup Inspector which still gives the same warning. I wonder if there is a way if I can find out if I actually have the RBOT worm of if Startup Inspector is full of beans. Thanks Tag: Password history and accumulation Tag: 74574
  - 20
    - XP Home Security Center This computer is about three years old and has been trouble free. I just upgraded to Norton Internet Security w/Anti Spyware 2005. I have been running Norton with the XP Security Center functions turned off as recommended by Norton. I am now unable to get the pop up windows that I need. I tried to configure Norton to accept them. No go. So I checked the Security Center and sure enough, it had turned itself on again. I cannot seem to get the personal firewall to turn off now. When I click on cofigure, the off selection has already been chosen, but the main window has the firewall in happy green for "on." I've gone around in circles trying to turn it off. I've added the URL I need most to be allowed through the firewall, and it is still blocked. Any suggestions? Thanks, Krackers Girl Tag: Password history and accumulation Tag: 74560
  - 21
    - Domain Controller Autoenrollment Fails I just installed a Win2k3 server as a second domain controller (the first server is also running win2k3). Autoenrollment is enable in directory services for domain controllers with the standard domain controller certificate but autoenrollment fails with Event 13: Automatic certificate enrollment for local system failed to enroll for one Domain Controller Authentication certificate (0x80070005). Access is denied. Any ideas? Thanks in advance. Tag: Password history and accumulation Tag: 74559
  - 22
    - How to create the SPNEGO token used in CIFS/SMB authentication? Dear all, Is there any Windows API available to generate SPNEGO tokens as the security blobs used in CIFS/SMB authentication? For example, how to generate the NegTokenInit token that lists all the authentication mechanisms supported by the server machine replying to a client's protocol negotiation request? I know it is possible to hard code a SPNEGO token but just wondering if there is a better way to do it. And, it seems the SSPI library doesn't provide this support. Thanks. best, chuck Tag: Password history and accumulation Tag: 74556
  - 23
    - Firewall Ports Keep Changing for Exchange Hello - We have an Exchange 2003 Server running on a GSX Virtual Server. Each night the virtual server is stopped for backup and restarted. When the users come in each morning, their Outlook desktop client is found to be blocked by the firewall on the Exchange Server. It seems we're having to open a different 1400 port each time and afterwards their Outlook desktop clients can connect. We're using Windows Server 2003's firewall. The store.exe seems to be the process that is using the 1400 ports. It is a privileged application on the firewall. Any ideas as to how the firewall/client might be reconfigured so the needed ports are opened and we do not have to open new ports all the time? Can store.exe, or the Outlook desktop client, be forced to use a specified port? Thanks, Lynnette Tag: Password history and accumulation Tag: 74551
  - 24
    - vpn I have two schools, each with a Cisco PIX 506e firewall/router. As I upgrade to Windows Server 2003 (Standard) I will be making changes to my Forest/Domain structure. Since I plan on connecting the schools via VPN I have a couple of questions: Should the VPN connections be done using IPSec or is there another protocol that I should consider? Should I create a Forest at each school and simply create a trust between the two locations or should I have one forest and set each school as a domain within the forest? Tag: Password history and accumulation Tag: 74543
  - 25
    - continual request for pages that don't exixst I keep getting hit on a 2000 is5 server for pages that don't exist on my machine why would I be getting these requests. They are from diffrent sources. GET /Help.asp |-|0|404_Object_Not_Found 0 GET /MSOffice/cltreq.asp UL=1&ACT=4&BUILD=4219&STRMVER=4&CAPREQ=0|-|0|404_Object_Not_Found 0 Tag: Password history and accumulation Tag: 74541
- Next
  - 1
    - IIS SMTP TLS with 256 bit encryption on IIS 6 [repost] All, Is there a way to make Windows 2003 IIS 6 support 256 bit TLS? As far as I have read, IIS6 does not support it. I really need this up and running ASAP! Do I need to use Apache to do this? If there is a way for IIS 6, please follow up with info and links if possible. Thanks, FastEddie Tag: Password history and accumulation Tag: 74540
  - 2
    - Is someone trying to get my password to sign in? When I am in hotmail, my acct will automatically shut down and then ask me to resign in...When I do this a box comes up and it asks me to type in the letters int he box before it lets me put in my password. Is someone else trying to get my password to sign in? Tag: Password history and accumulation Tag: 74538
  - 3
    - Windows Adv Server 2003 Backup Utility - Automated System Recovery What is the difference between doing an ASR (using the Wizard) and manually performing a backup with c:\ and System State selected? It appears from the documentation that you can create a recovery floppy from a backup with System State by simply copying some files from the %systemroot%\repair directory Tag: Password history and accumulation Tag: 74536
  - 4
    - IIS SMTP TLS with 256 bit encryption on IIS 6 All, Is there a way to make Windows 2003 IIS 6 support 256 bit TLS? As far as I have read, IIS6 does not support it. I really need this up and running ASAP! Do I need to use Apache to do this? If there is a way for IIS 6, please follow up with info and links if possible. Thanks, FastEddie Tag: Password history and accumulation Tag: 74535
  - 5
    - Using GPO to limit access I'm familiar with basic concepts of GPO, however, can I use GPO and apply it to SPECIFIC users only when the log on to a SPECIFIC server (a Terminal Server) I found docuemntation to apply to a specific server but that seems to effect everyone logging onto that server - I need it to apply only to 5 or 6 users when they log onto one server only. What procedure do I have to follow for a DC and / or a member server - I'm assuming that if we need to configure a member server it has to be done via Local Security policies ? Regards Jeff Richardson Tag: Password history and accumulation Tag: 74532
  - 6
    - someone else is signing in on my email Recently people have been telling me I was on the computer when I was not even near one. I have been told that someone must have access to my password to do this. My computer has a program that must run to check for virus's once every day at a certain time. Is it possible that when the virus checker powers up the computer it is signing me in automatically? Or how else could this be happening. -- leslied Tag: Password history and accumulation Tag: 74524
  - 7
    - Virus messages from hotmail I sent an attached word document to an overseas friend who reported the following message: Unknown virus scanner failure virus found. Note: There is no cure available for the virus on the file JanetWard.doc. It is not possible to download files from hotmail that contain incurable virus. Contact originator of the file and inform them that the file contains incurable virus. I have a virus checker for all emails in and out, and I rechecked this document and found nothing. What does this mean, does anyone know please? Tag: Password history and accumulation Tag: 74522
  - 8
    - msExchMailboxSecurityDescriptor Hi, can i use the SetACL.exe to configure a mailbox dacl ? I want to deny all access to a mailbox but using some functions ripped from msdn isn't working. Thanks in advance, Victor Tag: Password history and accumulation Tag: 74514
  - 9
    - Certificate Services Hello. I am getting a very odd error message when I try to start the Certificate Services service. I get an error message saying "Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)". When I check the Event log, in the Application Log I get error ID 17. The complete error message is: Event Type: Error Event Source: CertSvc Event Category: None Event ID: 17 Date: 8/3/2005 Time: 11:54:06 AM User: N/A Computer: <server> Description: Certificate Services did not start: Unable to initialize the database connection for <CAserver>. Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. I have tried doing a repair install of Windows, uninstalling and reinstalling Certificate Services countless times, manually deleting the CertLog and CerSrv folders and all of the certificates created. However, for some reason, I cannot figure this out. Any help is appreciated. Thank you. Tag: Password history and accumulation Tag: 74512
  - 10
    - help with beta antispyware Hi I installed the microsoft antispyware (beta1) and it has been helpful to get some of the spyware in my computer however one keeps popping up - EGroup Dialer. I always remove it from the system but it keeps coming back and it is always in this path hkey-currentuser/software/microsoft/systemcertificates/trustedpublisher/certificate/(certificate number). i dont know much about this..how do i get rid of this...can anyone help please...thanks a lot. Liz Tag: Password history and accumulation Tag: 74511
  - 11
    - How secure is ADS NAS kit? Hi, I recently purchased a Network-Attached Storage HD enclosure by ADS Tech, but I am not sure how secure/hackerproof it is. (Assuming, of course, that it has been correctly configured though it's web interface, all user accounts have difficult passwords, access rights to specific folders have been specified, etc., you know, the obvious has been taken care of). I want to put some data on it that could be shared with some of my friends/family over internet, as well as business files, which I don't want anybody to even have a chance to get access to (besides myself). The NAS kit interfaces through NetBios in Win workgroup environment, for outside access it has FTP and HTTP. One thing I don't like about the FTP is that any user who has any kind of FTP access can see all shared folders, even those that he has no access to (when such folder is clicked, the "Access denied" box opens). Would be much better in my opinion if a "root folder" per used could be specified. Does anybody know how safe it is to put shared data alongside with private data on that thing? Somebody might ask: Why would I want to put confidential data on it? Because of the versatility -- I can access it from any computer, it does not require any specific computer to be turned on (like in case with USB/FireWire drives). I can access it from outside through Internet, or take it with me if necessary. Thanks in advance! Tag: Password history and accumulation Tag: 74501
  - 12
    - SendAs/ReceiveAs permissions I'm running a Windows 2003 AD forest with Exchange 2003. Is there a way to prevent Domain Admins from being able to send mail as other people, i.e. remove the SendAs permission for the Domain Admins group from all user and group objects in the domain? I don't want to set an explicit deny, because some members of Domain Admins require this ability, but in general, the group does not. Thanks, Don Tag: Password history and accumulation Tag: 74496
  - 13
    - For N. Miller Hi N. Miller, I found out what it is. I made a Rule to Log anything using that IP in or out. It is my Browser Netscape 7.2 that makes a Inbound Domain call using the App (Browser) Netscape.exe and looks for a Outbound return using the Apps Netscape.exe, Wucrtupd.exe and Wuloader.exe. Sometimes it didn't use an App at all on the Inbound that alerted me to it in the first place. I can't Block the In/Outbound using the Netscape App or I can't Surf the Web. But I can Block the In/Outbound one's using the Windows Update Apps wucrtupd.exe and wuloader.exe without any problems. Why the hell does it need to use those Apps when it can use Netscape.exe both ways ????? And it may explain those hits on Port 80 I see too. Is this something we should worry about? Is it a type of Spyware? Kevin Rule "205.188.146.145" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1176) Remote address,service is (205.188.146.145,domain) Process name is "C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE" Rule "205.188.146.145" ignored (0.0.0.0,1098). Details: Inbound UDP packet Local address,service is (0.0.0.0,1098) Remote address,service is (205.188.146.145,domain) Process name is "C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE" Rule "Block Outbound AOL Proxy wucrtupd.exe TCP/UDP" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1103) Remote address,service is (205.188.146.145,domain) Process name is "C:\WINDOWS\SYSTEM\WUCRTUPD.EXE" Rule "Block Outbound AOL Proxy wuloader.exe TCP/UDP" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1094) Remote address,service is (205.188.146.145,domain) Process name is "C:\WINDOWS\SYSTEM\WULOADER.EXE" Tag: Password history and accumulation Tag: 74495
  - 14
    - Visio Connector for MBSA 2.0 released! Based on the extremely positive response we received to the first version of Visio Connector for MBSA, we have just released Visio Connector for MBSA 2.0. This utility allows you to view the vulnerability assessment information generated by MBSA 2.0 on a Visio 2003 network diagram. You must have both Visio 2003 and MBSA 2.0 (or MBSA 1.2.1) for this connector to function. You can learn more or download this free utility at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx. Sanjay Puri This posting is provided "AS IS" with no warranties, and confers no rights. Tag: Password history and accumulation Tag: 74494
  - 15
    - LSASS.exe thrashing processor I have a box with Windows 2000 Server (standard) running SQL 2000 (standard). The problem is that the lsass.exe is running constantly at 50-60% and taking up between 150-250 MB of memory usage. To me, this seems like an awful lot, not to mention that the process never stops. Ran Symantec Corporate and came up clean. Any ideas? Tag: Password history and accumulation Tag: 74491
  - 16
    - One Care Public Beta Where's the Group(s)? One Care is in Public Beta. Usually that would mean a group or groups. Does anyone know where they might be? Best, Chad Harris Tag: Password history and accumulation Tag: 74481
  - 17
    - Best Anonymous Proxy for Winxp ?? Hey guys I am searching for a Free Anonymous Proxy for Windows Xp .....Send me Links Thanx Tag: Password history and accumulation Tag: 74475
  - 18
    - xp firewall help I just purchased a new laptop bundled with xp-sp2, Norton AV (90 day), I activated the Norton AV but disabled the Norton personal firewall, ran the network wizard to configure the laptop wireless adaptor to one I installed in my home pc, (xp-sp2, dial up), enabled file, print, ICS sharing, updated Norton definitions and xp updates. The problem is everytime I turn on the laptop the windows firewall is disabled along with two of the three alert options located in the Security Center. So I literally have to open the security Center Window to see that it is off and then manually set it to on. I have to do this each time I restart. I checked the services tab under computer management and the text says its on auto, I also ran a scan with Norton and it came up clean. Anyone know how to keep the windows firewall on as a default or is this a byproduct of having Norton? Hihar in Thanks, Tag: Password history and accumulation Tag: 74474
  - 19
    - cdp publish hi all i installed a new CA infrastructure in my organization. i have root CA server and subordinate CA and 5 machines as CDP'S. on the subordinate CA server at the server properties in the certificate main consule, when going to the extensions tab, and typing a path to any of my CDP'S using DNS CNAME for the CDP, im getting an error trying to publish to that cdp. its like the server cant find that cdp. when i type the netbios name or the dns name for the cdp path its working. why is that, i need to use cname's for my cdp's for redundecy. thanks for the help Tag: Password history and accumulation Tag: 74470
  - 20
    - Mapping Drives in Windows Server 2003 HELP! I want to map a XP Pro pc to a share I created on a 2003 server. When I go to map the drive from my PC...it prompts me for a username and password. I try to log into the share and it keeps saying bad username or password. I created at least 2-3 test users to try this with and changed passwords but it still wont except my logins...I am stumped! Please Help!! Tag: Password history and accumulation Tag: 74463
  - 21
    - spyware Possible spyware installed but I can not detect it. I have zonealarm antivirus/firewall with popup blocker enabled. Ad-Aware pro/ad-watch popup blocker enabled. I've run scans with all including the multi av-cls several times. Popups are occuring regardless if I'm browsing the web or not. Soon as I boot the system if you just wait a while they start to appear. Any thoughts or suggestions? Tag: Password history and accumulation Tag: 74462
  - 22
    - Certificate Services Performance --- Back in December of 2004 we deployed a large CA based on Microsoft Certificate Services (MSCA) on Windows 2003. The MSCA is advertised to reach 2 million certificates a day - which is about +/- 1388 certs per minute. I recently ran some tests and I was lucky to get 16 certs per minute. This was running on a 4 processor HP DL580, 4 GB memory with nCipher HSM hardware assist --- So, I have two questions for the group --- 1. Has anyone else tested their certificate generation performance; what did you find? 2. If you did test your performance, what tools did you use to test the performance? I used a vbs script running for other networked nodes in a scheduled batch job. Thank you. Daya -- Daya Puls, CISSP IT Security, Sigma Systems, Marlborough, MA Tag: Password history and accumulation Tag: 74455
  - 23
    - Nessus report is not correct ? Using nessus to scan my website, the report contains follwing messages. ============================= Vulnerability http (80/tcp) At least one of these CGI scripts is installed : hello.bat echo.bat They allow any attacker to execute commands with the privileges of the web server process. Solution : Delete all the *.bat files from your cgi-bin/ directory Risk factor : High CVE : CAN-2000-0213 BID : 1002 Nessus ID : 10246 ============================= Vulnerability http (80/tcp) The CGI 'args.bat' (and/or 'args.cmd') is installed. This CGI has a well known security flaw that lets an attacker upload arbitrary files on the remote web server. Solution : remove it from /cgi-dos. Risk factor : High CVE : CAN-1999-1180 Nessus ID : 11465 ============================ But I can't locate file hello.bat,echo.bat,args.bat or args.cmd in my computer. What should I do ? Ignore these messages? Where can I find more information ? By the way, my computer's configuration is: OS: WIndows 2003 Server IIS: IIS 6.0 language: Active Server Page (ASP) Tag: Password history and accumulation Tag: 74450
  - 24
    - "message service" pop up window I have recieved a "Message Service" pop up window. The message tells me to go >www.ms-repair.com<. Is this a legitimate site? The message also tells me that my system has 72 errors, need to install registry repair, run registry repair, and reboot the computer. Thank you in advance for anyone who can help, Tag: Password history and accumulation Tag: 74358
  - 25
    - Ports 6346 and 1434 TCP and UDP HI, Is anyone else getting a lot of hits on 6346 and 1434 in both TCP and UDP ? 1434 is ms_sql-m but what use is 6346 for ? Kevin Tag: Password history and accumulation Tag: 74355

Hi, is there a way to setup a password policy where users cannot use the same
password and just change the last letter or number of their current password?
E.g. their current password of "password1" is changed to "password2".

Re: Password history and accumulation by Phillip

Phillip
Mon Aug 08 16:39:06 CDT 2005

Not really. None that I have ever heard of. You can enforce password
policies, but the policys can't be that specific.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

"Dan" <Dan@discussions.microsoft.com> wrote in message
news:357AAF2A-620D-468C-A111-A5771C95AF05@microsoft.com...
> Hi, is there a way to setup a password policy where users cannot use the
same
> password and just change the last letter or number of their current
password?
> E.g. their current password of "password1" is changed to "password2".

RE: Password history and accumulation by WongTuckWah

WongTuckWah
Mon Aug 08 16:39:03 CDT 2005

Never heard of such capability in native windows. Account policy in windows
is either all or none. You can't control what the user can or cannot change.

HTH.

Re: Password history and accumulation by Joe

Joe
Mon Aug 08 16:47:48 CDT 2005

Not natively, you would need to use a third party application like PSYNCH from MTEC.

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net

Dan wrote:
> Hi, is there a way to setup a password policy where users cannot use the same
> password and just change the last letter or number of their current password?
> E.g. their current password of "password1" is changed to "password2".