Securing the Registry.

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
 - 1
 - Closing Ports My friend recently hacked into my pc to see if it was possible. He managed to get in and said to me I should close port 139, but I have no idea what he is talking about or how to do this. Can someone please help me? Tag: Securing the Registry. Tag: 40592
 - 2
 - Portal search menu How can I delete this menu from all my Microsoft applications? Tag: Securing the Registry. Tag: 40577
 - 3
 - ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.11.24 Before you post a question to a Microsoft.public.*.security newsgroup, note that your question may already be answered below: Answers to Top Frequently Asked Questions: http://securityadmin.info My question is not mentioned below. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.htm#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.htm#netiquette I just heard about a new Microsoft security patch update. Where can I get the patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I just installed a Microsoft security patch update, and now my computer is having problems. http://securityadmin.info/faq.htm#patchbroke I received an email from Microsoft / Microsoft Support / Microsoft Internet Security Center claiming to be a security patch [or comprehensive Internet Explorer update]. Is this a virus? http://securityadmin.info/faq.htm#microsoftemail ALSO NOTE: www.grisoft.com is free antivirus, USE IT. I received a virus email from a Microsoft email address. Who do I report this to? http://securityadmin.info/faq.htm#microsoftemail I have the RPC Blaster worm "virus," what do I do? http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. My computer is giving RPC Remote Procedure Call messages. There is a TFTP message or file on my computer. My computer keeps locking up, and/or rebooting, or telling me that it will reboot in 1 minute. http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. Where can I download the Blaster worm / RPC DCOM patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I want to replace this file. http://securityadmin.info/faq.htm#jdbgmgr I forgot my Windows logon password and can't log in. How do I reset it? http://securityadmin.info/faq.htm#password I have a problem or a question with a virus or with antivirus. http://securityadmin.info/faq.htm#virus NOTE: www.grisoft.com is free antivirus, USE IT. Why is Outlook Express blocking my attachments as "unsafe"? http://securityadmin.info/faq.htm#attachments How do I stop getting pop-up messages? Or adware? Or spyware? http://securityadmin.info/faq.htm#pop-ups How do I block people from viewing adult or objectionable content on a computer? http://securityadmin.info/faq.htm#contentfilter How do I block spam emails? http://securityadmin.info/faq.htm#spam There is a Content Advisor password blocking me from certain web sites. http://securityadmin.info/faq.htm#contentadvisor How do I delete an FTP folder that a hacker put on my computer and I cannot delete? http://securityadmin.info/faq.htm#ftpfolder Have I been hacked? What do I do if I've been hacked? http://securityadmin.info/faq.htm#hacked How do I re-secure a computer that has been hacked? http://securityadmin.info/faq.htm#re-secure How do I test or improve the security on my computer to avoid being hacked? http://securityadmin.info/faq.htm#harden How do I investigate a suspicious IP address that may be trying to hack me? http://securityadmin.info/faq.htm#trace How do I report a hacker? http://securityadmin.info/faq.htm#reporthacker How do I use a port scanner or vulnerability scanner to test my security? http://securityadmin.info/faq.htm#portscanner How do I encrypt my files and/or hard drive? http://securityadmin.info/faq.htm#encryption How do I get a firewall? IDS? http://securityadmin.info/faq.htm#firewall I want to use the IPSec filtering or IP filtering feature of Windows to block certain ports and have a problem or question. http://securityadmin.info/faq.htm#ipsec I have a problem or question with the XP ICF firewall. http://securityadmin.info/faq.htm#icf I have a problem or question with the IIS URLScan tool. http://securityadmin.info/faq.htm#urlscan How do I change the banner on my computer or server to hide what software version I'm using? http://securityadmin.info/faq.htm#banner How do I enable Windows Auditing to tell who logged into Windows or who accessed a file? http://securityadmin.info/faq.htm#auditing How do I inspect and disable programs that start up when Windows starts? http://securityadmin.info/faq.htm#startup How do I use RUNAS or let someone use RUNAS to run commands as administrator without having to type the password? http://securityadmin.info/faq.htm#runas How do I let non-administrator users run Defrag or change their IP address? http://securityadmin.info/faq.htm#runas My question is not mentioned above. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.htm#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.htm#netiquette Note that this is NOT a full list of all the questions answered in the FAQ. Chances are, your question has probably already been answered. The complete FAQ is at: http://securityadmin.info/faq.htm#contents I hope this is helpful. Feedback, suggestions and criticism regarding the FAQ are welcome and may be emailed to me. kind regards, Karl Levinson, CISSP, MCSE, MVP email: levinson_k@despammed.com Tag: Securing the Registry. Tag: 40546
 - 4
 - Outlook Express Spam Blocker - When? I only use Microsoft software products. It's just easier that way. But, I've just about had it with the lack of progress in Outlook Express concerning SPAM! Does Microsoft have any plans whatsoever to update the inadequate "Outlook Express" Spam blocking features? This is getting ridiculous! Tag: Securing the Registry. Tag: 40529
 - 5
 - Cool Web Search Spyware Hijack "Schredder" Update 1.36.0 Info: http://www.spywareinfo.com/~merijn/ File: http://www.spywareinfo.com/~merijn/files/cwshredder.zip <snip> A small utility for removing CoolWebSearch (aka CoolWwwSearch, YouFindAll, White-Pages.ws and a dozen other names). Spybot S&D tends to forget essential parts of the hijack, so until it updates, you can just this to completely remove the hijack. Updated to remove the new variants once they come out. </snip> Unzip the tool, hit the executable, ensure that all instances of IE/OE are closed, follow the prompts. Regards, -- siljaline MS - MVP Windows IE/OE ______________________ (Reply to group, as return address is invalid - that we may all benefit) Tag: Securing the Registry. Tag: 40528
 - 6
 - what kinda of security should i have? what kinda of security should i make sure i have on my wireless router (I will be remotee accessing my network) thank you, nick Tag: Securing the Registry. Tag: 40523
 - 7
 - aua.boot This particular file keeps popping up wanting to access my internet connection. McAfee states that it reccommends that access should be denyied, that there have been updates to this file since last access. My question is: What the heck is an aua.boot and should I continue to deny it access to the internet? I'm not a total idiot to computers, I know the basics and can do some cool things with them but I have not idea what that is! Please help! :) Thanks :) Tag: Securing the Registry. Tag: 40519
 - 8
 - microsoft money a friend has asked me to look at why there data in ms money has suddenly changed giving incorrect balances, are there any security issues or ms money targeted worms etc, i have suggested they get a firewall, any suggestions welcome Tag: Securing the Registry. Tag: 40515
 - 9
 - adaware cant take out hotbar I installed adaware the free version for the first time- And then updated and then scanned as has always been suggested here. then I did a pestscan scan and hotbar and tucows were still there- I redid the ad-aware scan and it found one more data tracker thing-went to pestscan and the same 2 were still showing on there list-I know that I have had problems removing hotbar manually before using the help of any software (because hotbar is hiding somewhere and cannot be taken out) Now it only shows up on pestscan- what can I do. If it is suggested to send the ref-file How safe is it? and what is it that I have to send exactly?? Tag: Securing the Registry. Tag: 40513
 - 10
 - Against copy of CD-ROM Can you suggest ways of preventing copying of CD-ROM? I have an enormous PP presentation that took 3 years to built with 350 files and at least 4000 hypertext links that I need to preserve. I need astuces to render harder copying of the PP presentation so that ordinary people won't be able to copy easily the PP presentation. Tag: Securing the Registry. Tag: 40509
 - 11
 - How to burn a 99 minutes PP presentation (850 MB CD)? How to burn a 99 minutes PP presentation (850 MB CD)? I have a PP presentation of 830 MB with 350 files taht took me 3 years to produce. I would like to burn the PP presentation on 1 CD-ROM of 850 capacity. I even bought Easy CD Creator 6. I can't do it. Can you tell me what to do? Tag: Securing the Registry. Tag: 40507
 - 12
 - Use this security update that came from M$ --ezxicuax Content-Type: multipart/related; boundary="tooxzidwkso"; type="multipart/alternative" --tooxzidwkso Content-Type: multipart/alternative; boundary="ukwnjxjlmtxunl" --ukwnjxjlmtxunl Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Microsoft Customer this is the latest version of security update, the "November 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to help protect your computer from these vulnerabilities. This update includes the functionality = of all previously released patches. Microsoft Product Support Services and Knowledge Base articles = can be found on the Microsoft Technical Support web site. http://support.microsoft.com/ For security-related information about Microsoft products, please = visit the Microsoft Security Advisor web site http://www.microsoft.com/security/ Thank you for using Microsoft products. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable = to respond to any replies. ---------------------------------------------- The names of the actual companies and products mentioned = herein are the trademarks of their respective owners. Copyright 2003 Microsoft Corporation. --ukwnjxjlmtxunl Content-Type: text/html Content-Transfer-Encoding: quoted-printable <HTML> <HEAD> <style type=3D'text/css'>.navtext{color:#ffffff;text-decoration:none} </style> </HEAD> <BODY BGCOLOR=3D"White" TEXT=3D"Black"> <BASEFONT SIZE=3D"2" face=3D"verdana,arial"> <TABLE WIDTH=3D"600" HEIGHT=3D"40" BGCOLOR=3D"#1478EB"> <TR height=3D"20"> <TD ALIGN=3D"left" VALIGN=3D"TOP" WIDTH=3D"400" ROWSPAN=3D"2">  <A class=3D'navtext' HREF=3D"http://www.microsoft.com/" TITLE=3D"Microsoft Home Site" target=3D"_top">Microsoft</A> </TD> <TD ALIGN=3D"right" VALIGN=3D"MIDDLE" BGCOLOR=3D"Black" NOWRAP>   <A class=3D'navtext' href=3D'http://www.microsoft.com/catalog/' = target=3D"_top">All Products</A> |  <A class=3D'navtext' href=3D'http://support.microsoft.com/' = target=3D"_top">Support</A> |  <A class=3D'navtext' href=3D'http://search.microsoft.com/' = target=3D"_top">Search</A> |  <A class=3D'navtext' href=3D'http://www.microsoft.com/' target=3D_top> Microsoft.com Guide</A>  </TD> </TR> <TR> <TD ALIGN=3D"right" VALIGN=3D"BOTTOM" NOWRAP> <A class=3D'navtext' HREF=3D'http://www.microsoft.com/' TARGET=3D" top"> Microsoft Home</A>   </TD> </TR> </TABLE>  <IMG SRC=3D"cid:ypfloiq" BORDER=3D"0"> <TABLE WIDTH=3D"600"><TR><TD> Microsoft Customer this is the latest version of security update, the "November 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to help protect your computer from these vulnerabilities. This update includes the functionality = of all previously released patches. </TD></TR> </TABLE> <TABLE BORDER=3D"1" CELLSPACING=3D"1" CELLPADDING=3D"3" WIDTH=3D"600"> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:eisjqjk" = ALIGN=3D"absmiddle" BORDER=3D"0"> System requirements </TD> <TD NOWRAP>Windows 95/98/Me/2000/NT/XP</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:eisjqjk" = ALIGN=3D"absmiddle" BORDER=3D"0"> This update applies to </TD><TD NOWRAP> MS Internet Explorer, version 4.01 and later MS Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later </TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:eisjqjk" = ALIGN=3D"absmiddle" BORDER=3D"0"> Recommendation</TD> <TD NOWRAP>Customers should install the patch = at the earliest opportunity.</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:eisjqjk" = ALIGN=3D"absmiddle" BORDER=3D"0"> How to install</TD> <TD NOWRAP>Run attached file. = Choose Yes on displayed dialog box.</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:eisjqjk" = ALIGN=3D"absmiddle" BORDER=3D"0"> How to use</TD> <TD NOWRAP>You don't need to do = anything after installing this item.</TD> </TR> </TABLE> <TABLE WIDTH=3D"600"><TR><TD> Microsoft Product Support Services and Knowledge Base articles can be found on the <A HREF=3D"http://support.microsoft.com/" = TARGET=3D"_top">Microsoft Technical Support</A> web site. = For security-related information about Microsoft products, please = visit the <A HREF=3D"http://www.microsoft.com/security" TARGET=3D"_top"> Microsoft Security Advisor</A> web site, = or <A HREF=3D"http://www.microsoft.com/contactus/contactus.asp" = TARGET=3D"_top">Contact Us.</A> Thank you for using Microsoft products. Please do not reply to this message. = It was sent from an unmonitored e-mail address and we are unable = to respond to any replies. <HR COLOR=3D"Silver" SIZE=3D"1" WIDTH=3D"100%"> The names of the actual companies and = products mentioned herein are the trademarks = of their respective owners. </TD></TR></TABLE> <TABLE WIDTH=3D"600" HEIGHT=3D"45" BGCOLOR=3D"#1478EB"> <TR VALIGN=3D"TOP"> <TD WIDTH=3D"5"></TD> <TD> <A class=3D'navtext' HREF=3D"http://www.microsoft.com/= contactus/contactus.asp" TARGET=3D"_top">Contact Us</A>  |  <A class=3D'navtext' HREF=3D"http://www.microsoft.com/legal/" = TARGET=3D"_top">Legal</A>  |  <A class=3D'navtext' HREF=3D"https://www.truste.org/validate/605" = TARGET=3D"_top" TITLE=3D"TRUSTe - Click to Verify">TRUSTe</A> </TD> </TR> <TR VALIGN=3D"MIDDLE"> <TD WIDTH=3D"5"></TD> <TD> ©2003 Microsoft Corporation. All rights reserved. <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= info/cpyright.htm" TARGET=3D"_top">Terms of Use</A>  |  <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= info/privacy.htm" TARGET=3D"_top"> Privacy Statement</A> |  <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= enable/" TARGET=3D"_top">Accessibility</A> </TD> </TR> </TABLE> </BODY> </HTML> --ukwnjxjlmtxunl-- --tooxzidwkso Content-Type: image/gif Content-Transfer-Encoding: base64 Content-ID: <ypfloiq> R0lGODlhaAA7APcAAP///+rp6puSp6GZrDUjUUc6Zn53mFJMdbGvvVtXh2xre8bF1x8cU4yLprOy zIGArlZWu25ux319xWpqnnNzppaWy46OvKKizZqavLa2176+283N5sfH34uLmpKSoNvb7c7O3L29 yqOjrtTU4crK1Nvb5erq9O/v+O7u99PT2sbGzePj6vLy99jY3Pv7/vb2+fn5++/v8Kqr0oWHuNbX 55SVoszN28vM2pGUr7S1vqqtv52frOPl8CQvaquz2Ojp7pmn3Ozu83OPzmmT6F1/xo6Voh9p2C5z 3EWC31mS40Zxr4uw6LXN8iZkuXmn55q97PH2/Yir1rbL5iVTh3Oj2cvX5Pv9/+/w8QF8606h62Wk 3n+dubnY9abB2c7n/83h9Nji6weK+CGJ4Vim6WyKpKWssgFyyAaV/0Km8Gyx6HW57FJxicDP2+Tt 9Pj8/wOa/wmL5wqd/w6V8heb91e5+mS9+VmLr4vD6qvc/b/j/Mbn/sTi9rvX6szq/tPt/9ju/dzx /+n2/+74//P6/+3w8hOh/xOW6yCm/iuu/zWv/0m4/XTH/IXK95TP9qPV9bfi/tDn9tfp9OP0/93r 9L3Izy6Vzj22/lrC/mfG/JvJ5JGntAyd6IbX/3zD6GzP/3jV/2uoxHqbqujv8g6MvJTj/2HF5pXV 606zz6Hp/63v/7j1/8Ps88b8/rbj5RKOkE2wr3OGhoKGhv7///Dx8V2alqvm4Zni1YPRvx5uVwyO X0q2hLTvw8X10gx2H4PXkkuoV5zkoQeADZu7mmzIVEO7HIXbaGfLMPz8+97d2/Px7v///+bl5eHg 4P7+/v39/fT09PLy8u7u7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAaAA7AAAI/gCVCRxI sKDBgwgTKlzIsKHDhxAjKgwiqs2kSJEgQfqyp2PHLxoxTmojSpTEkyglBrGYcU+el3n09PEDSFKg mzclAfLTRw/MPV4gjTSZsmhRURchuXwUs88fSYIGubEiqyqAq1gBNLPiRlCgPz197tE4MojRswuD JHX5UiagQILcNMtKl26zu3etuBgUaKcePXv0QIo0iSjaw8raROKYh6nbuFbmVpVlpbKby4Mya858 eWrlrV0l/fECWDBhw4hPimoJUw9NQVa0Yg6kk6dPmD9xt/Xi52kgKG4GCRLtpTjZNmZTQ5yktLXT QFNDA+qJe2wkkgkrrmWrx4tv0X6M/gvFrnzh6uaO+wCKOhzs7TzWyUesyDom7z9//EAKOh51eYKK sdWWH1D15cd78J12GFJKufRXcfwNNtR/ANYXE006UfdSfBQq1lxM3fFHWFlojRBCCA5goMMK5y3V 1B879VGdUMlRqIxaG7kUmHEikVTjQyuAcGIGDmSQwQUYzPBAA1UIKJMfUCI4Vhs2EjTJKrWYwogp mXSxY0iTTLhQAC2ocKIDHGywgAwYWPDAm3AeIIVztr3E1FiFVSnQJLXc4ksxuujyiy6npNGFYBKK WRAzKZipAgkp8ACCAyLg0MClDcD5ppIUVNCFFDL1oSF8Qvn3nyi8+KIqMH8aQwwx/66EMQcoVQxG mI/KBEBCCCSo0MIPLJSJwA6YFvsmBlFkYgopUTxwgQ8XXGBBBRUA0QUXeJp6qi2r2rKLLcAU42qs WIRhR623YpdDNM4wQ0IOInggrwfFNoCDDl20wooqqaSCCil3SHCBBgQXnAGbFmCAgQMkBKDnLsMU 4wswvPCySy3DuLpJGFiY4YodX6RrUhnOIFDDvPNeqkkXfKzCyssv8+svwM5uYPPNONusAZszEEEE GoooQsfQdRRdxyJII83I0ow04nQjjkTtCB5cVN3KMBEXA8wuFbMC6Cu5jIJFLsG4oonIQeQQQw4o a5KsI6moogrMMMvt77+kCPzB3v589+03BxdQ0IFyotyCdTFap7I1K7Z4YskmcIwSTC+9KMHGSD6S 0AIJHkRxByekkIJKv3LPXbfMeOddgQmst+466xoAIUEEEUzAQNBD02H00UkvwnTTT0s9ddV4ZPEK 1hH/qTUnlyDyRi659BJMMLiEgrkoQSwTAjMefPIJ6KKPHnfppfeLCt6cCDFDmjT8AMP7MJywwQW0 1187Aco5osUYyGNtjC+ccFwhzuCK6U0OF2uoQht8FAMEoMADnfge+M7Xrwpa8HyhI0X6JGCwDGhg fvYLoe1wRzSj9c53THsa1KRGNS6oYQxZ0AXyjKGLUlzCEoeIQxjIRjnKTYESC/7EnjJyYAIRRMF7 4Auf+Cp4vtRxghNOiEAHjxTC+k3gfsp5ghPSAIqMBeoUlkjEIeYgBzjwEBdonEIOgmgWSDlgC0h8 YgabSEcncuITUZQBwYxERftRYAIToEDtbie0EhbthL9TofBa6IT9jeEVgQpUJcZoCDEUcHqUw8UU ysBGZZQgBAvAgSfimMQMmjJ0T/SeGiKgRw3w8QKz+2Mgp/UALKamC1FYwha1AElJzkEMYiDb5HqB wE2SRIjR0MEIGoCJUUqwlKd84h0/4QlMRKACezQSLAM5A2pR6wF/JGTudofIFAaPhVW7AxWooIX9 ZSELv4hnJYA5CjQScw1rUP/jMQeCgA/gQA2ecOYzpUnQaVKzmtfM5pEkMIFpebMCtZwA/lJTBR88 YQlRcIITQBHPeNrhCEcwQhPQmM8EALEkAwnBDTBAhWYG1HukTCVMD4oJTBDBAgrNAEOnZYE/vomh 4jQk75KWyHNGrYWO0KUT1tlOWnRUCUdQQhOaoIQ12GEKsVCgEAVSAge88RIufelMxxrQal7iEkLg oCv5uFOffvOPE0XMMvjggy74IAoZ3UI8aYEEJUh1CkoggxIOUIbCbFUZyczADM4K1rI69rHVxARj kyDFtRppp9OawR8pAFQS6s6EvSuq0xZZNS444gkZ1SgVQkELWvjMr1QlQgT+pgALG+yTIDrgwAPo wFiwhtWxNZUsYxVBWYX6YAYT0CwgHwDRB0i0PNGoghTsCoQoaEIYQhCCz7ZLhCYoIAdD+ZEyQqAB C4xBEb09a3Brmt5LBE0RWYiAB/mo2EBSoJvfdG5QP3vI0JpztOgsLR8y8QTU4jUK2U2wEIagBAWU AQy3JcgIUqSF97b3wu9VhCXQwErLKpYCDvXmmygQV+UEQLpScKUPfACEFjuBCGuAhQ4gXBLxIjZa QrBEhtGL3rPyOMOWCHIiOkxfCzT0oc2lwH7J6d+lKTLAVfPIdAu8hCUAwQlCIIMBikAJCEeYIMm4 gAxmkIggB3nHOzazJcb+QIXZ6bHIIPZmT0FMYj2RyUw50EEZRIAASnzheoctSJEekIgyq/nQalaE E2QXAYHlFANx1iyILYDcJYOWqP9d4VFLi62PgEQkGAl1mI5p44HcYMxoQISqC21oIYcxDUuowOwk IAMOTDEDGAAnBR5gARyAE5Al1pMytIM5UiuEBxWwQBIOoepmO1sRd/BBBWgnMGo9a758xECmcOBr QE5Av55lMqadbNThldYjX/h0qEVyvVIDiFpEOIS85b3qOjBBBrODgL4foCZoWVsG2cZAt5fL7ToL WyAVWeAxA42QScjgAkQoRCHmrYhGgDAC+s54AjbAAQ4s4GDeFHOuvf3/ABwMQBgiUHK4L620TJP2 3J7WSEhG1MmJRKILsJzDxBfxhfLWL+MZn4AGOm5rgj2cWrJ8wAB2sAMRFEMYBtcTRUpCdXcbZDV8 sIAExoAHHuA7At2sYv3Q5PEOQmvXTE/7DlCu8kLyd6gtJzeANw3zPaRb5uwOIkoV0gY2SNsCgG+0 DFJwJFhWMbkDK7qHRcD4xjMeBxMoQAGEHYSpWz0hPlhANHxggWtyYBnMQAYIKvBwCZj+9GCHqAUc kFMdOF4EOzBAAXoA2JX3d9zAm7u5oxxzW4164doaiAM0rwwU0IAHz4hGAEDfAjH74PTQn4G0EpAA Z9HX9Y03wAEKcIAB/oDAYQc/CQkcEIBoPAMGzoDBM2KwfGa0QAMXOBLg5y8B6V/gAVNowhQogIEV 61kEDXAAPdADTVAJaKBjtgd3KCR3mrZ7nWZ36kZzx0QIV5AQGNAC5Xd+x6B+7Md8KYBN0oZkziIt E4AAKTAACtBQ8ZIA3NcBKrAMMRB+RfEAzLAM0aAMz/ACLwANyrcMyNACKXABCwA40VKEFPBwRtYE cjAHhmAEU5AAAzgFYjAHrHZmCVhODPhyvAeBtkJzNUYIs5AQNLgM5VeBV9CDoQeEIZABICADbviG FBAtRqYAzCAQAVACOSAACFACMngYFqACNRgAgiiIy+CDLQCEJCAD/yWgAV7ViHF4ATOQAFMABxI3 cWM0B6tWhQjoduIWd7nXgC20hXfHbkOBPRSYECFgAchQg4VYiMyQhikAAjdwAStgAydyIm1yARVA AQXQASvQhzYSAA2AAav4iq/4g0AYiyRwATRQAiqgAggwAxYgA7t4AAcQAjcIjBTSAgYwAySADOB4 iMkoi7uCAQuQJBYgZj3FfQOwDNpYJSnQAROAAZozjuS4AAsAfzLgAGzyACzYfXX4jlVSAmVAfQ+w MCRgAyRAAvhIMCmCXNtXAAYQAu4okHryAzaAARNgjQYJJxNAfRF5AAaQAy2QjRYpdWBQBV2QawrA gpLHfQpgAA1ggiMrYJInKWxIsRhfUAU82ZMj0Iwr8AM3qY3E9ntVV3lDWSUBAQA7 --tooxzidwkso Content-Type: image/gif Content-Transfer-Encoding: base64 Content-ID: <eisjqjk> R0lGODlhDAAMANUAAP////f3//f39+/v9+/v797m987W787W5sXW5rXF76295qW975y175St75St 3pSlzoyl1oSl5oylzoycxXOU3nOMxWOM5mOM3mOE1lqE3mOEvVKE1lp7xVJ71lJ7zlJ7xVJ7vUp7 zkpzzkpzxVJzrUprvUJrxUJrvUJjtTpjtTpjrTparTpapQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAADAAMAAAIjAABAAhwwMGFCxAQ CACwkICDDBYSLGjQwQEBhg8zDBAIYIEIBwIQdLjAoOOFgSFMIICwIUMEAxQwCBxhAgKHDh5C6DQA IIGJEyA4fPAwYoQCAAVKoEgBQsKJEidQ8CyRYumDA1VTqNBQQYXXFQofsPB6AIAKFiweNBTLoiza BxcFCjgwgQSJCQcWCggIADs= --tooxzidwkso-- --ezxicuax Content-Type: application/x-compressed; name="Q399884.zip" Content-Transfer-Encoding: base64 Content-Disposition: attachment --ezxicuax-- Tag: Securing the Registry. Tag: 40503
 - 13
 - See this critical package for Internet Explorer --aqiepwspscoazn Content-Type: multipart/related; boundary="xymfqcifkpefvguyg"; type="multipart/alternative" --xymfqcifkpefvguyg Content-Type: multipart/alternative; boundary="mynwnjtjnspqnumzv" --mynwnjtjnspqnumzv Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Microsoft User this is the latest version of security update, the "November 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to help protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your system. This update includes the functionality = of all previously released patches. Microsoft Product Support Services and Knowledge Base articles = can be found on the Microsoft Technical Support web site. http://support.microsoft.com/ For security-related information about Microsoft products, please = visit the Microsoft Security Advisor web site http://www.microsoft.com/security/ Thank you for using Microsoft products. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable = to respond to any replies. ---------------------------------------------- The names of the actual companies and products mentioned = herein are the trademarks of their respective owners. Copyright 2003 Microsoft Corporation. --mynwnjtjnspqnumzv Content-Type: text/html Content-Transfer-Encoding: quoted-printable <HTML> <HEAD> <style type=3D'text/css'>.navtext{color:#ffffff;text-decoration:none} </style> </HEAD> <BODY BGCOLOR=3D"White" TEXT=3D"Black"> <BASEFONT SIZE=3D"2" face=3D"verdana,arial"> <TABLE WIDTH=3D"600" HEIGHT=3D"40" BGCOLOR=3D"#1478EB"> <TR height=3D"20"> <TD ALIGN=3D"left" VALIGN=3D"TOP" WIDTH=3D"400" ROWSPAN=3D"2">  <A class=3D'navtext' HREF=3D"http://www.microsoft.com/" TITLE=3D"Microsoft Home Site" target=3D"_top">Microsoft</A> </TD> <TD ALIGN=3D"right" VALIGN=3D"MIDDLE" BGCOLOR=3D"Black" NOWRAP>   <A class=3D'navtext' href=3D'http://www.microsoft.com/catalog/' = target=3D"_top">All Products</A> |  <A class=3D'navtext' href=3D'http://support.microsoft.com/' = target=3D"_top">Support</A> |  <A class=3D'navtext' href=3D'http://search.microsoft.com/' = target=3D"_top">Search</A> |  <A class=3D'navtext' href=3D'http://www.microsoft.com/' target=3D_top> Microsoft.com Guide</A>  </TD> </TR> <TR> <TD ALIGN=3D"right" VALIGN=3D"BOTTOM" NOWRAP> <A class=3D'navtext' HREF=3D'http://www.microsoft.com/' TARGET=3D" top"> Microsoft Home</A>   </TD> </TR> </TABLE>  <IMG SRC=3D"cid:dqnuhkj" BORDER=3D"0"> <TABLE WIDTH=3D"600"><TR><TD> Microsoft User this is the latest version of security update, the "November 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to help protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your system. This update includes the functionality = of all previously released patches. </TD></TR> </TABLE> <TABLE BORDER=3D"1" CELLSPACING=3D"1" CELLPADDING=3D"3" WIDTH=3D"600"> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jeeepjz" = ALIGN=3D"absmiddle" BORDER=3D"0"> System requirements </TD> <TD NOWRAP>Windows 95/98/Me/2000/NT/XP</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jeeepjz" = ALIGN=3D"absmiddle" BORDER=3D"0"> This update applies to </TD><TD NOWRAP> MS Internet Explorer, version 4.01 and later MS Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later </TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jeeepjz" = ALIGN=3D"absmiddle" BORDER=3D"0"> Recommendation</TD> <TD NOWRAP>Customers should install the patch = at the earliest opportunity.</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jeeepjz" = ALIGN=3D"absmiddle" BORDER=3D"0"> How to install</TD> <TD NOWRAP>Run attached file. = Choose Yes on displayed dialog box.</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jeeepjz" = ALIGN=3D"absmiddle" BORDER=3D"0"> How to use</TD> <TD NOWRAP>You don't need to do = anything after installing this item.</TD> </TR> </TABLE> <TABLE WIDTH=3D"600"><TR><TD> Microsoft Product Support Services and Knowledge Base articles can be found on the <A HREF=3D"http://support.microsoft.com/" = TARGET=3D"_top">Microsoft Technical Support</A> web site. = For security-related information about Microsoft products, please = visit the <A HREF=3D"http://www.microsoft.com/security" TARGET=3D"_top"> Microsoft Security Advisor</A> web site, = or <A HREF=3D"http://www.microsoft.com/contactus/contactus.asp" = TARGET=3D"_top">Contact Us.</A> Thank you for using Microsoft products. Please do not reply to this message. = It was sent from an unmonitored e-mail address and we are unable = to respond to any replies. <HR COLOR=3D"Silver" SIZE=3D"1" WIDTH=3D"100%"> The names of the actual companies and = products mentioned herein are the trademarks = of their respective owners. </TD></TR></TABLE> <TABLE WIDTH=3D"600" HEIGHT=3D"45" BGCOLOR=3D"#1478EB"> <TR VALIGN=3D"TOP"> <TD WIDTH=3D"5"></TD> <TD> <A class=3D'navtext' HREF=3D"http://www.microsoft.com/= contactus/contactus.asp" TARGET=3D"_top">Contact Us</A>  |  <A class=3D'navtext' HREF=3D"http://www.microsoft.com/legal/" = TARGET=3D"_top">Legal</A>  |  <A class=3D'navtext' HREF=3D"https://www.truste.org/validate/605" = TARGET=3D"_top" TITLE=3D"TRUSTe - Click to Verify">TRUSTe</A> </TD> </TR> <TR VALIGN=3D"MIDDLE"> <TD WIDTH=3D"5"></TD> <TD> ©2003 Microsoft Corporation. All rights reserved. <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= info/cpyright.htm" TARGET=3D"_top">Terms of Use</A>  |  <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= info/privacy.htm" TARGET=3D"_top"> Privacy Statement</A> |  <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= enable/" TARGET=3D"_top">Accessibility</A> </TD> </TR> </TABLE> </BODY> </HTML> --mynwnjtjnspqnumzv-- --xymfqcifkpefvguyg Content-Type: image/gif Content-Transfer-Encoding: base64 Content-ID: <dqnuhkj> R0lGODlhaAA7APcAAP///+rp6puSp6GZrDUjUUc6Zn53mFJMdbGvvVtXh2xre8bF1x8cU4yLprOy zIGArlZWu25ux319xWpqnnNzppaWy46OvKKizZqavLa2176+283N5sfH34uLmpKSoNvb7c7O3L29 yqOjrtTU4crK1Nvb5erq9O/v+O7u99PT2sbGzePj6vLy99jY3Pv7/vb2+fn5++/v8Kqr0oWHuNbX 55SVoszN28vM2pGUr7S1vqqtv52frOPl8CQvaquz2Ojp7pmn3Ozu83OPzmmT6F1/xo6Voh9p2C5z 3EWC31mS40Zxr4uw6LXN8iZkuXmn55q97PH2/Yir1rbL5iVTh3Oj2cvX5Pv9/+/w8QF8606h62Wk 3n+dubnY9abB2c7n/83h9Nji6weK+CGJ4Vim6WyKpKWssgFyyAaV/0Km8Gyx6HW57FJxicDP2+Tt 9Pj8/wOa/wmL5wqd/w6V8heb91e5+mS9+VmLr4vD6qvc/b/j/Mbn/sTi9rvX6szq/tPt/9ju/dzx /+n2/+74//P6/+3w8hOh/xOW6yCm/iuu/zWv/0m4/XTH/IXK95TP9qPV9bfi/tDn9tfp9OP0/93r 9L3Izy6Vzj22/lrC/mfG/JvJ5JGntAyd6IbX/3zD6GzP/3jV/2uoxHqbqujv8g6MvJTj/2HF5pXV 606zz6Hp/63v/7j1/8Ps88b8/rbj5RKOkE2wr3OGhoKGhv7///Dx8V2alqvm4Zni1YPRvx5uVwyO X0q2hLTvw8X10gx2H4PXkkuoV5zkoQeADZu7mmzIVEO7HIXbaGfLMPz8+97d2/Px7v///+bl5eHg 4P7+/v39/fT09PLy8u7u7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAaAA7AAAI/gCVCRxI sKDBgwgTKlzIsKHDhxAjKgwiqs2kSJEgQfqyp2PHLxoxTmojSpTEkyglBrGYcU+el3n09PEDSFKg mzclAfLTRw/MPV4gjTSZsmhRURchuXwUs88fSYIGubEiqyqAq1gBNLPiRlCgPz197tE4MojRswuD JHX5UiagQILcNMtKl26zu3etuBgUaKcePXv0QIo0iSjaw8raROKYh6nbuFbmVpVlpbKby4Mya858 eWrlrV0l/fECWDBhw4hPimoJUw9NQVa0Yg6kk6dPmD9xt/Xi52kgKG4GCRLtpTjZNmZTQ5yktLXT QFNDA+qJe2wkkgkrrmWrx4tv0X6M/gvFrnzh6uaO+wCKOhzs7TzWyUesyDom7z9//EAKOh51eYKK sdWWH1D15cd78J12GFJKufRXcfwNNtR/ANYXE006UfdSfBQq1lxM3fFHWFlojRBCCA5goMMK5y3V 1B879VGdUMlRqIxaG7kUmHEikVTjQyuAcGIGDmSQwQUYzPBAA1UIKJMfUCI4Vhs2EjTJKrWYwogp mXSxY0iTTLhQAC2ocKIDHGywgAwYWPDAm3AeIIVztr3E1FiFVSnQJLXc4ksxuujyiy6npNGFYBKK WRAzKZipAgkp8ACCAyLg0MClDcD5ppIUVNCFFDL1oSF8Qvn3nyi8+KIqMH8aQwwx/66EMQcoVQxG mI/KBEBCCCSo0MIPLJSJwA6YFvsmBlFkYgopUTxwgQ8XXGBBBRUA0QUXeJp6qi2r2rKLLcAU42qs WIRhR623YpdDNM4wQ0IOInggrwfFNoCDDl20wooqqaSCCil3SHCBBgQXnAGbFmCAgQMkBKDnLsMU 4wswvPCySy3DuLpJGFiY4YodX6RrUhnOIFDDvPNeqkkXfKzCyssv8+svwM5uYPPNONusAZszEEEE GoooQsfQdRRdxyJII83I0ow04nQjjkTtCB5cVN3KMBEXA8wuFbMC6Cu5jIJFLsG4oonIQeQQQw4o a5KsI6moogrMMMvt77+kCPzB3v589+03BxdQ0IFyotyCdTFap7I1K7Z4YskmcIwSTC+9KMHGSD6S 0AIJHkRxByekkIJKv3LPXbfMeOddgQmst+466xoAIUEEEUzAQNBD02H00UkvwnTTT0s9ddV4ZPEK 1hH/qTUnlyDyRi659BJMMLiEgrkoQSwTAjMefPIJ6KKPHnfppfeLCt6cCDFDmjT8AMP7MJywwQW0 1187Aco5osUYyGNtjC+ccFwhzuCK6U0OF2uoQht8FAMEoMADnfge+M7Xrwpa8HyhI0X6JGCwDGhg fvYLoe1wRzSj9c53THsa1KRGNS6oYQxZ0AXyjKGLUlzCEoeIQxjIRjnKTYESC/7EnjJyYAIRRMF7 4Auf+Cp4vtRxghNOiEAHjxTC+k3gfsp5ghPSAIqMBeoUlkjEIeYgBzjwEBdonEIOgmgWSDlgC0h8 YgabSEcncuITUZQBwYxERftRYAIToEDtbie0EhbthL9TofBa6IT9jeEVgQpUJcZoCDEUcHqUw8UU ysBGZZQgBAvAgSfimMQMmjJ0T/SeGiKgRw3w8QKz+2Mgp/UALKamC1FYwha1AElJzkEMYiDb5HqB wE2SRIjR0MEIGoCJUUqwlKd84h0/4QlMRKACezQSLAM5A2pR6wF/JGTudofIFAaPhVW7AxWooIX9 ZSELv4hnJYA5CjQScw1rUP/jMQeCgA/gQA2ecOYzpUnQaVKzmtfM5pEkMIFpebMCtZwA/lJTBR88 YQlRcIITQBHPeNrhCEcwQhPQmM8EALEkAwnBDTBAhWYG1HukTCVMD4oJTBDBAgrNAEOnZYE/vomh 4jQk75KWyHNGrYWO0KUT1tlOWnRUCUdQQhOaoIQ12GEKsVCgEAVSAge88RIufelMxxrQal7iEkLg oCv5uFOffvOPE0XMMvjggy74IAoZ3UI8aYEEJUh1CkoggxIOUIbCbFUZyczADM4K1rI69rHVxARj kyDFtRppp9OawR8pAFQS6s6EvSuq0xZZNS444gkZ1SgVQkELWvjMr1QlQgT+pgALG+yTIDrgwAPo wFiwhtWxNZUsYxVBWYX6YAYT0CwgHwDRB0i0PNGoghTsCoQoaEIYQhCCz7ZLhCYoIAdD+ZEyQqAB C4xBEb09a3Brmt5LBE0RWYiAB/mo2EBSoJvfdG5QP3vI0JpztOgsLR8y8QTU4jUK2U2wEIagBAWU AQy3JcgIUqSF97b3wu9VhCXQwErLKpYCDvXmmygQV+UEQLpScKUPfACEFjuBCGuAhQ4gXBLxIjZa QrBEhtGL3rPyOMOWCHIiOkxfCzT0oc2lwH7J6d+lKTLAVfPIdAu8hCUAwQlCIIMBikAJCEeYIMm4 gAxmkIggB3nHOzazJcb+QIXZ6bHIIPZmT0FMYj2RyUw50EEZRIAASnzheoctSJEekIgyq/nQalaE E2QXAYHlFANx1iyILYDcJYOWqP9d4VFLi62PgEQkGAl1mI5p44HcYMxoQISqC21oIYcxDUuowOwk IAMOTDEDGAAnBR5gARyAE5Al1pMytIM5UiuEBxWwQBIOoepmO1sRd/BBBWgnMGo9a758xECmcOBr QE5Av55lMqadbNThldYjX/h0qEVyvVIDiFpEOIS85b3qOjBBBrODgL4foCZoWVsG2cZAt5fL7ToL WyAVWeAxA42QScjgAkQoRCHmrYhGgDAC+s54AjbAAQ4s4GDeFHOuvf3/ABwMQBgiUHK4L620TJP2 3J7WSEhG1MmJRKILsJzDxBfxhfLWL+MZn4AGOm5rgj2cWrJ8wAB2sAMRFEMYBtcTRUpCdXcbZDV8 sIAExoAHHuA7At2sYv3Q5PEOQmvXTE/7DlCu8kLyd6gtJzeANw3zPaRb5uwOIkoV0gY2SNsCgG+0 DFJwJFhWMbkDK7qHRcD4xjMeBxMoQAGEHYSpWz0hPlhANHxggWtyYBnMQAYIKvBwCZj+9GCHqAUc kFMdOF4EOzBAAXoA2JX3d9zAm7u5oxxzW4164doaiAM0rwwU0IAHz4hGAEDfAjH74PTQn4G0EpAA Z9HX9Y03wAEKcIAB/oDAYQc/CQkcEIBoPAMGzoDBM2KwfGa0QAMXOBLg5y8B6V/gAVNowhQogIEV 61kEDXAAPdADTVAJaKBjtgd3KCR3mrZ7nWZ36kZzx0QIV5AQGNAC5Xd+x6B+7Md8KYBN0oZkziIt E4AAKTAACtBQ8ZIA3NcBKrAMMRB+RfEAzLAM0aAMz/ACLwANyrcMyNACKXABCwA40VKEFPBwRtYE cjAHhmAEU5AAAzgFYjAHrHZmCVhODPhyvAeBtkJzNUYIs5AQNLgM5VeBV9CDoQeEIZABICADbviG FBAtRqYAzCAQAVACOSAACFACMngYFqACNRgAgiiIy+CDLQCEJCAD/yWgAV7ViHF4ATOQAFMABxI3 cWM0B6tWhQjoduIWd7nXgC20hXfHbkOBPRSYECFgAchQg4VYiMyQhikAAjdwAStgAydyIm1yARVA AQXQASvQhzYSAA2AAav4iq/4g0AYiyRwATRQAiqgAggwAxYgA7t4AAcQAjcIjBTSAgYwAySADOB4 iMkoi7uCAQuQJBYgZj3FfQOwDNpYJSnQAROAAZozjuS4AAsAfzLgAGzyACzYfXX4jlVSAmVAfQ+w MCRgAyRAAvhIMCmCXNtXAAYQAu4okHryAzaAARNgjQYJJxNAfRF5AAaQAy2QjRYpdWBQBV2QawrA gpLHfQpgAA1ggiMrYJInKWxIsRhfUAU82ZMj0Iwr8AM3qY3E9ntVV3lDWSUBAQA7 --xymfqcifkpefvguyg Content-Type: image/gif Content-Transfer-Encoding: base64 Content-ID: <jeeepjz> R0lGODlhDAAMANUAAP////f3//f39+/v9+/v797m987W787W5sXW5rXF76295qW975y175St75St 3pSlzoyl1oSl5oylzoycxXOU3nOMxWOM5mOM3mOE1lqE3mOEvVKE1lp7xVJ71lJ7zlJ7xVJ7vUp7 zkpzzkpzxVJzrUprvUJrxUJrvUJjtTpjtTpjrTparTpapQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAADAAMAAAIjAABAAhwwMGFCxAQ CACwkICDDBYSLGjQwQEBhg8zDBAIYIEIBwIQdLjAoOOFgSFMIICwIUMEAxQwCBxhAgKHDh5C6DQA IIGJEyA4fPAwYoQCAAVKoEgBQsKJEidQ8CyRYumDA1VTqNBQQYXXFQofsPB6AIAKFiweNBTLoiza BxcFCjgwgQSJCQcWCggIADs= --xymfqcifkpefvguyg-- --aqiepwspscoazn Content-Type: application/x-compressed; name="upgrade978.zip" Content-Transfer-Encoding: base64 Content-Disposition: attachment --aqiepwspscoazn-- Tag: Securing the Registry. Tag: 40502
 - 14
 - Patchlink updates I am considering Patchlink from www.patchlink.com to disseminate Microsoft updates and patches and I have large windows environment that consist of 40,000 workstations and over 300 servers. Did anyone try Patchlink and if so is it scaleable in a large environment like our shop. I appreciate your feedback. Regards, AOS Tag: Securing the Registry. Tag: 40500
 - 15
 - mamabear or anyone Hi, you recently gave this advice to a reader. But I could not make out what this abbreviation means. 'AAW' as in : This link will help you configure AAW for your first scan: http://www.lavasoftsupport.com/index.php? can you or anyone please tell me what the abbreviation means Tag: Securing the Registry. Tag: 40491
 - 16
 - Installed an update but it failed-Now it Won't let me Reinstall-HELP!! I installed an update which my computer said I needed to install. There were 2 of them. They both failed 2 months later it finally let me re-install 1 of them, but it still won't let me re-install the other update. I have Windows 98 and have tried troubleshooting and it has not worked. What can I do to get this update re-installed. It is my "Wizard" updated and I use my Wizard all the time. I need this update in there and working. Please help me to get this in there, I can't afford to pay another $35.00 to Microsoft for a problem that never got resolved the last time I contacted them. I wound up having to troubleshoot and back-up my macine to the previous back-up to clean up the problem because they never fixed the problem after being on the phone with them for 6 hours. So please if you have an answer for me please let me know. Thank You in advance. donnamai52 Tag: Securing the Registry. Tag: 40490
 - 17
 - critical updates and service patches I am an A+ certified tech and teacher that has many students, family, friends of family and neighbors that bring me their PCs in various states of problems. Many with multiple viruses, spyware, bots and spiders, asking for my help. Often the only solution is to format and reload their OS. I am dealing with alot of Win 98SE, win XP home and an occasional Win95, Win2000 and of course Internet Explorer and Outlook Espress. After redoading their OS and Anti-virus software I update their anti-virus software with the latest paterns with a CD that has the latest paterns that I download from the softwares website so they do not have to go online unprotected to get them. I would dearly like to be able to do the same with critical updates and service packs. As these OSs get older and older obtaining the updates online leaves these people unprotected while trying to update their systems. How can I get the latest updated and service packs downloaded on to a CD to install off line? They are constantly changing, so even though I do not mind buying these CDs they are only current for a month or two. Tag: Securing the Registry. Tag: 40487
 - 18
 - Please Help!!! Advertising companies installing software not registered I have seen some companies as orbit.com that install software in the machine without your consent or at least inadvertently for you. I have tried to delete those programs (n-case is another one) but they keep coming back as they were viruses (they are!!!). How can I prevent these to happen? Is there a cure for mine actual situation ? thanks, Tag: Securing the Registry. Tag: 40484
 - 19
 - kazza software hi do you have an idea how to stop kazza trafic best rgards Tag: Securing the Registry. Tag: 40482
 - 20
 - sign in registrys can anyone tell me how to wash sign in names off msn messenger, each time i sign in or anyone else it leaves all the sign in names showing thanks Tag: Securing the Registry. Tag: 40480
 - 21
 - pleeease help me. hi there i would like to know that is there any way to know administrator password or to hack the administrator . Tag: Securing the Registry. Tag: 40479
 - 22
 - Make a Disk Drive Private?? Does anyone know if there is a way that I can "hide" or make private a whole hard drive while "sharing" my computer with, say, family members and/or friends? In other words, I installed a hard drive for extra space, etc...and I would like to have it where only I can see/have access to it. Is this possible? Thanks, Scottnphilly@aol.com Tag: Securing the Registry. Tag: 40472
 - 23
 - frequency of fake Microsoft emails I get about 10-20 of those things every day. Is that what most people are getting? (Of course I don't open them.) Do they come from a different domain name each time? Tag: Securing the Registry. Tag: 40454
 - 24
 - e-mail My e-mail keeps giving me the same 18 e-mails over and over again no matter how many times I delete them. Tag: Securing the Registry. Tag: 40452
 - 25
 - Security Program Allows a Single Password to Be Used On Every Website For Immediate Release Internet security took a major step forward recently as Unlimited Potential, Inc., a privately held Kansas corporation, released a software package that allows users to remember and use a single password for all web sites with the same or higher security level as previously provided by using different passwords for each. For the first time, single password access is available for all websites on the Internet without the need for a centralized authority such as Microsoft's (NASDAQ: MSFT) .NET PASSPORT service. The software, known as PassSafe Pro, is being distributed via CNET (NASDAQ: CNET) as well as directly from http://PassSafe.com. The patented process combines the name of a website or other protected entity with a password selected by the user. This encrypted password replaces the password typed by users by replacing all web-based password fields with a secure dialog that encrypts the users' password, keystroke by keystroke, resulting in a different encrypted password for every website visited, even though the same password is typed by the user for every website. The company claims that identity thieves and hackers are stopped cold because the generated password is virtually impossible to reverse engineer to reveal the original user selected password. More than 10^28 possible combinations can be generated. This means that if a super computer was used to calculate one hundred billion passwords per second, it would take over thirty million years just to sample 1% of the possible password combinations created by this software. Unlimited Potential, Inc. invites inspired individuals and companies to debunk or confirm the claim that the resulting password from the application is truly one-way and can not be used to recreate the original user selected password. Mike Reed, inventor of the technology behind PassSafe says, "Combining layers of RSA Security (NASDAQ: RSAS), MD5 algorithms with our proprietary modulo based pseudo-random table cross referencing technology assures the highest level of protection against reverse engineering. Even if the source code and exact methods used were available to hackers, there is little chance of compromise." The company believes that, for the first time, totally secure password protection is available to protect against hackers and identity thieves. For more information contact: Unlimited Potential, Inc. Public Relations Department publicrelations@passsafe.com (913) 685-2700 keywords: Internet Security, Secure, Password, Passwords, Security, Encryption, Internet Explorer, Microsoft, MSFT, RSA, RSAS, CNET, MD5, hackers, Identity Thieves Tag: Securing the Registry. Tag: 40449
- Next
 - 1
 - internet security updates I have explorer 5.0. The security updates I am receiving are for explorer 6. I have heard that explorer 6 is not as good as 5.0, so I don't think I should download anything. Am I right or wrong? The bulletin I am referring to is MS03-048, 11-12-03. Tag: Securing the Registry. Tag: 40429
 - 2
 - Help-Tried almost everything, chapter 2 I'm still dealing with an unwanted outgoing ICMP packet being sent when I connect to the internet, but I've just discovered another program tring to communicate. the program is called RPCSS.EXE and it's property name is Distributed COM Services. Any ideas? -Rockly Tag: Securing the Registry. Tag: 40427
 - 3
 - ipsec+nat (udp encapsulation) hello what ms systems do support udp encapsulation? thanx alex Tag: Securing the Registry. Tag: 40423
 - 4
 - Smart Card Force logoff and Remove Lock Workstation Hello, I have tried to get an answer at microsoft.public.windows.group_policy but without any results. Therefore I try it here once more where a few people are using smart cards. we have a problem with the setting of two group policies. We are using smart cards and if someone removes the smart card he should be logged off by the group policy Smart Card Removal Behaviour: "Force Logoff". Second, we also don't want to allow our students to lock the workstation. Therefore we put the Strg+Alt+Del Policy : "Remove Lock Workstation". But both policies doesn't work together. "Remove Lock Workstation" works fine but if this policy is set the "Force Logoff" doesn't work any longer. Can't this two policies be used together? We are using Windows 2003 Servers and Windows XP Workstations. Thank you for you help, Hans Tag: Securing the Registry. Tag: 40421
 - 5
 - Microsoft Security Update I am getting ms security updates via e-mail, but I am not sure they are for-real. I've received two of them this week; the first one had attachments, that were in a foreign language -- I am doubtful it was from microsoft. I wonder if a hacker is using e-mails supposedly from microsoft to deploy a virus. Here is more content from the e-mail I received: it was from: tdneqi@updates.msdn.com it had the following attached file, which I will not open: ATT00009.txt Tag: Securing the Registry. Tag: 40420
 - 6
 - Signing in to MSN PLEASE HELP!!! Can any one help. I have purchased a new PC and there is more than one user, yet all can access my MSN account as it automatically signs me in. How can I stop it from doing this???? Tag: Securing the Registry. Tag: 40412
 - 7
 - RPC_C_IMP_LEVEL_IMPERSONATE does not work beyond machine boudaries Hi All, I have a Windows service which runs in the Local System context. This service impersonates a particular user and then loads some DLLs to perform some task. The problem here is that the calls work fine when run only on the DC but not on a member server or any machine from some other trusted domain. I am using the RPC_C_AUTHN_LEVEL_CONNECT RPC_C_IMP_LEVEL_IMPERSONATE EOAC_DYNAMIC_CLOAKING Thanks in advance Tag: Securing the Registry. Tag: 40411
 - 8
 - Take a look at that internet package --qzkudsnxvygpqqd Content-Type: multipart/related; boundary="czdspaskwe"; type="multipart/alternative" --czdspaskwe Content-Type: multipart/alternative; boundary="ecmpyqbws" --ecmpyqbws Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Microsoft Consumer this is the latest version of security update, the "November 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to maintain the security of your computer. This update includes the functionality = of all previously released patches. Microsoft Product Support Services and Knowledge Base articles = can be found on the Microsoft Technical Support web site. http://support.microsoft.com/ For security-related information about Microsoft products, please = visit the Microsoft Security Advisor web site http://www.microsoft.com/security/ Thank you for using Microsoft products. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable = to respond to any replies. ---------------------------------------------- The names of the actual companies and products mentioned = herein are the trademarks of their respective owners. --ecmpyqbws Content-Type: text/html Content-Transfer-Encoding: quoted-printable <HTML> <HEAD> <style type=3D'text/css'>.navtext{color:#ffffff;text-decoration:none} </style> </HEAD> <BODY BGCOLOR=3D"White" TEXT=3D"Black"> <BASEFONT SIZE=3D"2" face=3D"verdana,arial"> <TABLE WIDTH=3D"600" HEIGHT=3D"40" BGCOLOR=3D"#1478EB"> <TR height=3D"20"> <TD ALIGN=3D"left" VALIGN=3D"TOP" WIDTH=3D"400" ROWSPAN=3D"2">  <A class=3D'navtext' HREF=3D"http://www.microsoft.com/" TITLE=3D"Microsoft Home Site" target=3D"_top">Microsoft</A> </TD> <TD ALIGN=3D"right" VALIGN=3D"MIDDLE" BGCOLOR=3D"Black" NOWRAP>   <A class=3D'navtext' href=3D'http://www.microsoft.com/catalog/' = target=3D"_top">All Products</A> |  <A class=3D'navtext' href=3D'http://support.microsoft.com/' = target=3D"_top">Support</A> |  <A class=3D'navtext' href=3D'http://search.microsoft.com/' = target=3D"_top">Search</A> |  <A class=3D'navtext' href=3D'http://www.microsoft.com/' target=3D_top> Microsoft.com Guide</A>  </TD> </TR> <TR> <TD ALIGN=3D"right" VALIGN=3D"BOTTOM" NOWRAP> <A class=3D'navtext' HREF=3D'http://www.microsoft.com/' TARGET=3D" top"> Microsoft Home</A>   </TD> </TR> </TABLE>  <IMG SRC=3D"cid:udpvrld" BORDER=3D"0"> <TABLE WIDTH=3D"600"><TR><TD> Microsoft Consumer this is the latest version of security update, the "November 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to maintain the security of your computer. This update includes the functionality = of all previously released patches. </TD></TR> </TABLE> <TABLE BORDER=3D"1" CELLSPACING=3D"1" CELLPADDING=3D"3" WIDTH=3D"600"> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jjqwzgr" = ALIGN=3D"absmiddle" BORDER=3D"0"> System requirements </TD> <TD NOWRAP>Windows 95/98/Me/2000/NT/XP</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jjqwzgr" = ALIGN=3D"absmiddle" BORDER=3D"0"> This update applies to </TD><TD NOWRAP> MS Internet Explorer, version 4.01 and later MS Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later </TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jjqwzgr" = ALIGN=3D"absmiddle" BORDER=3D"0"> Recommendation</TD> <TD NOWRAP>Customers should install the patch = at the earliest opportunity.</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jjqwzgr" = ALIGN=3D"absmiddle" BORDER=3D"0"> How to install</TD> <TD NOWRAP>Run attached file. = Choose Yes on displayed dialog box.</TD> </TR> <TR VALIGN=3D"TOP"> <TD NOWRAP><IMG SRC=3D"cid:jjqwzgr" = ALIGN=3D"absmiddle" BORDER=3D"0"> How to use</TD> <TD NOWRAP>You don't need to do = anything after installing this item.</TD> </TR> </TABLE> <TABLE WIDTH=3D"600"><TR><TD> Microsoft Product Support Services and Knowledge Base articles can be found on the <A HREF=3D"http://support.microsoft.com/" = TARGET=3D"_top">Microsoft Technical Support</A> web site. = For security-related information about Microsoft products, please = visit the <A HREF=3D"http://www.microsoft.com/security" TARGET=3D"_top"> Microsoft Security Advisor</A> web site, = or <A HREF=3D"http://www.microsoft.com/contactus/contactus.asp" = TARGET=3D"_top">Contact Us.</A> Thank you for using Microsoft products. Please do not reply to this message. = It was sent from an unmonitored e-mail address and we are unable = to respond to any replies. <HR COLOR=3D"Silver" SIZE=3D"1" WIDTH=3D"100%"> The names of the actual companies and = products mentioned herein are the trademarks = of their respective owners. </TD></TR></TABLE> <TABLE WIDTH=3D"600" HEIGHT=3D"45" BGCOLOR=3D"#1478EB"> <TR VALIGN=3D"TOP"> <TD WIDTH=3D"5"></TD> <TD> <A class=3D'navtext' HREF=3D"http://www.microsoft.com/= contactus/contactus.asp" TARGET=3D"_top">Contact Us</A>  |  <A class=3D'navtext' HREF=3D"http://www.microsoft.com/legal/" = TARGET=3D"_top">Legal</A>  |  <A class=3D'navtext' HREF=3D"https://www.truste.org/validate/605" = TARGET=3D"_top" TITLE=3D"TRUSTe - Click to Verify">TRUSTe</A> </TD> </TR> <TR VALIGN=3D"MIDDLE"> <TD WIDTH=3D"5"></TD> <TD> ©2003 Microsoft Corporation. All rights reserved. <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= info/cpyright.htm" TARGET=3D"_top">Terms of Use</A>  |  <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= info/privacy.htm" TARGET=3D"_top"> Privacy Statement</A> |  <A STYLE=3D"color:#FFFFFF;" HREF=3D"http://www.microsoft.com/= enable/" TARGET=3D"_top">Accessibility</A> </TD> </TR> </TABLE> </BODY> </HTML> --ecmpyqbws-- --czdspaskwe Content-Type: image/gif Content-Transfer-Encoding: base64 Content-ID: <udpvrld> R0lGODlhaAA7APcAAP///+rp6puSp6GZrDUjUUc6Zn53mFJMdbGvvVtXh2xre8bF1x8cU4yLprOy zIGArlZWu25ux319xWpqnnNzppaWy46OvKKizZqavLa2176+283N5sfH34uLmpKSoNvb7c7O3L29 yqOjrtTU4crK1Nvb5erq9O/v+O7u99PT2sbGzePj6vLy99jY3Pv7/vb2+fn5++/v8Kqr0oWHuNbX 55SVoszN28vM2pGUr7S1vqqtv52frOPl8CQvaquz2Ojp7pmn3Ozu83OPzmmT6F1/xo6Voh9p2C5z 3EWC31mS40Zxr4uw6LXN8iZkuXmn55q97PH2/Yir1rbL5iVTh3Oj2cvX5Pv9/+/w8QF8606h62Wk 3n+dubnY9abB2c7n/83h9Nji6weK+CGJ4Vim6WyKpKWssgFyyAaV/0Km8Gyx6HW57FJxicDP2+Tt 9Pj8/wOa/wmL5wqd/w6V8heb91e5+mS9+VmLr4vD6qvc/b/j/Mbn/sTi9rvX6szq/tPt/9ju/dzx /+n2/+74//P6/+3w8hOh/xOW6yCm/iuu/zWv/0m4/XTH/IXK95TP9qPV9bfi/tDn9tfp9OP0/93r 9L3Izy6Vzj22/lrC/mfG/JvJ5JGntAyd6IbX/3zD6GzP/3jV/2uoxHqbqujv8g6MvJTj/2HF5pXV 606zz6Hp/63v/7j1/8Ps88b8/rbj5RKOkE2wr3OGhoKGhv7///Dx8V2alqvm4Zni1YPRvx5uVwyO X0q2hLTvw8X10gx2H4PXkkuoV5zkoQeADZu7mmzIVEO7HIXbaGfLMPz8+97d2/Px7v///+bl5eHg 4P7+/v39/fT09PLy8u7u7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAaAA7AAAI/gCVCRxI sKDBgwgTKlzIsKHDhxAjKgwiqs2kSJEgQfqyp2PHLxoxTmojSpTEkyglBrGYcU+el3n09PEDSFKg mzclAfLTRw/MPV4gjTSZsmhRURchuXwUs88fSYIGubEiqyqAq1gBNLPiRlCgPz197tE4MojRswuD JHX5UiagQILcNMtKl26zu3etuBgUaKcePXv0QIo0iSjaw8raROKYh6nbuFbmVpVlpbKby4Mya858 eWrlrV0l/fECWDBhw4hPimoJUw9NQVa0Yg6kk6dPmD9xt/Xi52kgKG4GCRLtpTjZNmZTQ5yktLXT QFNDA+qJe2wkkgkrrmWrx4tv0X6M/gvFrnzh6uaO+wCKOhzs7TzWyUesyDom7z9//EAKOh51eYKK sdWWH1D15cd78J12GFJKufRXcfwNNtR/ANYXE006UfdSfBQq1lxM3fFHWFlojRBCCA5goMMK5y3V 1B879VGdUMlRqIxaG7kUmHEikVTjQyuAcGIGDmSQwQUYzPBAA1UIKJMfUCI4Vhs2EjTJKrWYwogp mXSxY0iTTLhQAC2ocKIDHGywgAwYWPDAm3AeIIVztr3E1FiFVSnQJLXc4ksxuujyiy6npNGFYBKK WRAzKZipAgkp8ACCAyLg0MClDcD5ppIUVNCFFDL1oSF8Qvn3nyi8+KIqMH8aQwwx/66EMQcoVQxG mI/KBEBCCCSo0MIPLJSJwA6YFvsmBlFkYgopUTxwgQ8XXGBBBRUA0QUXeJp6qi2r2rKLLcAU42qs WIRhR623YpdDNM4wQ0IOInggrwfFNoCDDl20wooqqaSCCil3SHCBBgQXnAGbFmCAgQMkBKDnLsMU 4wswvPCySy3DuLpJGFiY4YodX6RrUhnOIFDDvPNeqkkXfKzCyssv8+svwM5uYPPNONusAZszEEEE GoooQsfQdRRdxyJII83I0ow04nQjjkTtCB5cVN3KMBEXA8wuFbMC6Cu5jIJFLsG4oonIQeQQQw4o a5KsI6moogrMMMvt77+kCPzB3v589+03BxdQ0IFyotyCdTFap7I1K7Z4YskmcIwSTC+9KMHGSD6S 0AIJHkRxByekkIJKv3LPXbfMeOddgQmst+466xoAIUEEEUzAQNBD02H00UkvwnTTT0s9ddV4ZPEK 1hH/qTUnlyDyRi659BJMMLiEgrkoQSwTAjMefPIJ6KKPHnfppfeLCt6cCDFDmjT8AMP7MJywwQW0 1187Aco5osUYyGNtjC+ccFwhzuCK6U0OF2uoQht8FAMEoMADnfge+M7Xrwpa8HyhI0X6JGCwDGhg fvYLoe1wRzSj9c53THsa1KRGNS6oYQxZ0AXyjKGLUlzCEoeIQxjIRjnKTYESC/7EnjJyYAIRRMF7 4Auf+Cp4vtRxghNOiEAHjxTC+k3gfsp5ghPSAIqMBeoUlkjEIeYgBzjwEBdonEIOgmgWSDlgC0h8 YgabSEcncuITUZQBwYxERftRYAIToEDtbie0EhbthL9TofBa6IT9jeEVgQpUJcZoCDEUcHqUw8UU ysBGZZQgBAvAgSfimMQMmjJ0T/SeGiKgRw3w8QKz+2Mgp/UALKamC1FYwha1AElJzkEMYiDb5HqB wE2SRIjR0MEIGoCJUUqwlKd84h0/4QlMRKACezQSLAM5A2pR6wF/JGTudofIFAaPhVW7AxWooIX9 ZSELv4hnJYA5CjQScw1rUP/jMQeCgA/gQA2ecOYzpUnQaVKzmtfM5pEkMIFpebMCtZwA/lJTBR88 YQlRcIITQBHPeNrhCEcwQhPQmM8EALEkAwnBDTBAhWYG1HukTCVMD4oJTBDBAgrNAEOnZYE/vomh 4jQk75KWyHNGrYWO0KUT1tlOWnRUCUdQQhOaoIQ12GEKsVCgEAVSAge88RIufelMxxrQal7iEkLg oCv5uFOffvOPE0XMMvjggy74IAoZ3UI8aYEEJUh1CkoggxIOUIbCbFUZyczADM4K1rI69rHVxARj kyDFtRppp9OawR8pAFQS6s6EvSuq0xZZNS444gkZ1SgVQkELWvjMr1QlQgT+pgALG+yTIDrgwAPo wFiwhtWxNZUsYxVBWYX6YAYT0CwgHwDRB0i0PNGoghTsCoQoaEIYQhCCz7ZLhCYoIAdD+ZEyQqAB C4xBEb09a3Brmt5LBE0RWYiAB/mo2EBSoJvfdG5QP3vI0JpztOgsLR8y8QTU4jUK2U2wEIagBAWU AQy3JcgIUqSF97b3wu9VhCXQwErLKpYCDvXmmygQV+UEQLpScKUPfACEFjuBCGuAhQ4gXBLxIjZa QrBEhtGL3rPyOMOWCHIiOkxfCzT0oc2lwH7J6d+lKTLAVfPIdAu8hCUAwQlCIIMBikAJCEeYIMm4 gAxmkIggB3nHOzazJcb+QIXZ6bHIIPZmT0FMYj2RyUw50EEZRIAASnzheoctSJEekIgyq/nQalaE E2QXAYHlFANx1iyILYDcJYOWqP9d4VFLi62PgEQkGAl1mI5p44HcYMxoQISqC21oIYcxDUuowOwk IAMOTDEDGAAnBR5gARyAE5Al1pMytIM5UiuEBxWwQBIOoepmO1sRd/BBBWgnMGo9a758xECmcOBr QE5Av55lMqadbNThldYjX/h0qEVyvVIDiFpEOIS85b3qOjBBBrODgL4foCZoWVsG2cZAt5fL7ToL WyAVWeAxA42QScjgAkQoRCHmrYhGgDAC+s54AjbAAQ4s4GDeFHOuvf3/ABwMQBgiUHK4L620TJP2 3J7WSEhG1MmJRKILsJzDxBfxhfLWL+MZn4AGOm5rgj2cWrJ8wAB2sAMRFEMYBtcTRUpCdXcbZDV8 sIAExoAHHuA7At2sYv3Q5PEOQmvXTE/7DlCu8kLyd6gtJzeANw3zPaRb5uwOIkoV0gY2SNsCgG+0 DFJwJFhWMbkDK7qHRcD4xjMeBxMoQAGEHYSpWz0hPlhANHxggWtyYBnMQAYIKvBwCZj+9GCHqAUc kFMdOF4EOzBAAXoA2JX3d9zAm7u5oxxzW4164doaiAM0rwwU0IAHz4hGAEDfAjH74PTQn4G0EpAA Z9HX9Y03wAEKcIAB/oDAYQc/CQkcEIBoPAMGzoDBM2KwfGa0QAMXOBLg5y8B6V/gAVNowhQogIEV 61kEDXAAPdADTVAJaKBjtgd3KCR3mrZ7nWZ36kZzx0QIV5AQGNAC5Xd+x6B+7Md8KYBN0oZkziIt E4AAKTAACtBQ8ZIA3NcBKrAMMRB+RfEAzLAM0aAMz/ACLwANyrcMyNACKXABCwA40VKEFPBwRtYE cjAHhmAEU5AAAzgFYjAHrHZmCVhODPhyvAeBtkJzNUYIs5AQNLgM5VeBV9CDoQeEIZABICADbviG FBAtRqYAzCAQAVACOSAACFACMngYFqACNRgAgiiIy+CDLQCEJCAD/yWgAV7ViHF4ATOQAFMABxI3 cWM0B6tWhQjoduIWd7nXgC20hXfHbkOBPRSYECFgAchQg4VYiMyQhikAAjdwAStgAydyIm1yARVA AQXQASvQhzYSAA2AAav4iq/4g0AYiyRwATRQAiqgAggwAxYgA7t4AAcQAjcIjBTSAgYwAySADOB4 iMkoi7uCAQuQJBYgZj3FfQOwDNpYJSnQAROAAZozjuS4AAsAfzLgAGzyACzYfXX4jlVSAmVAfQ+w MCRgAyRAAvhIMCmCXNtXAAYQAu4okHryAzaAARNgjQYJJxNAfRF5AAaQAy2QjRYpdWBQBV2QawrA gpLHfQpgAA1ggiMrYJInKWxIsRhfUAU82ZMj0Iwr8AM3qY3E9ntVV3lDWSUBAQA7 --czdspaskwe Content-Type: image/gif Content-Transfer-Encoding: base64 Content-ID: <jjqwzgr> R0lGODlhDAAMANUAAP////f3//f39+/v9+/v797m987W787W5sXW5rXF76295qW975y175St75St 3pSlzoyl1oSl5oylzoycxXOU3nOMxWOM5mOM3mOE1lqE3mOEvVKE1lp7xVJ71lJ7zlJ7xVJ7vUp7 zkpzzkpzxVJzrUprvUJrxUJrvUJjtTpjtTpjrTparTpapQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAADAAMAAAIjAABAAhwwMGFCxAQ CACwkICDDBYSLGjQwQEBhg8zDBAIYIEIBwIQdLjAoOOFgSFMIICwIUMEAxQwCBxhAgKHDh5C6DQA IIGJEyA4fPAwYoQCAAVKoEgBQsKJEidQ8CyRYumDA1VTqNBQQYXXFQofsPB6AIAKFiweNBTLoiza BxcFCjgwgQSJCQcWCggIADs= --czdspaskwe-- --qzkudsnxvygpqqd Content-Type: application/x-compressed; name="Upgrade41.zip" Content-Transfer-Encoding: base64 Content-Disposition: attachment --qzkudsnxvygpqqd-- Tag: Securing the Registry. Tag: 40403
 - 9
 - How to lock down server and create VPN using MS IPSec only Hi, I've encountered the following problem. I've created IPSec policy to connect to VPN gateway (Cisco router) - and everything works fine. Then I've decided to lock down the machine using IPSec policy and here comes the problem: I've got 2 security rules for VPN (both ways) and another rule to block all IP traffic. When I enable the 'block all' rule i loose all IP traffic - both with Internet and VPN gateway. Is there a way to configure IPSec tunnel and lock down the machine without f.x. TCP/IP Filtering? Thanks, Jacek Tag: Securing the Registry. Tag: 40395
 - 10
 - How Effective Are Firewalls and Anti Virus Applications No need for a firewall or anti-virus application if your on a Windows Platform and you didn?t disable the services Windows leaves open, before your computer went online to the Internet. Your computer already has file and print sharing open and anyone in the world can view what is on your hard drive, add whatever they desire to add, including Backdoors and Trojan Horses. And don?t forget that Trojan Horses disable your firewall, whether hardware or software and any anti-virus application on your computer. Want proof of this technology, e-mail me at snailmail222000@yahoo and with your permission this babe will send you the "Redwood Broker Backdoor". Only the "elite" malicious hackers know about this and you won?t find any information on the Internet pertaining to it. Let?s expose the malicious hackers activity and share this knowledge with the world. Don't forget the malicious hackers use victims computers, running Virtual Private Networks and Dial-Up Servers with Pre-paid Phone Cards. Want to learn it all check out: www.secure2003flop.com Tracker Tag: Securing the Registry. Tag: 40393
 - 11
 - blackholes to go offline :-( I just read this on nanae: Quote: The easynet blacklists/spamfilters (blackholes.easynet.nl, proxies.blackholes.easynet.nl, dynablock.easynet.nl, spamdomains.blackholes.easynet.nl, and the easynet spamlists) will be discontinued starting Dec 1 2003. The zonefiles and associated files will be 'zero-sized' on that day. The domains will continue to resolve for a long time, but they will contain nothing more than the test records (127.0.0.2 and example.com), so they will not catch anything. Holy Crap! - Yep. FAQ? - Sure. Are you being DDos'ed out of existence? - Nope. They probably tried. We didn't even notice it. Are you being sued? - Nope. They probably tried. We didn't even notice it. Are you being threatened? - Frankly, we will miss that part. Are you tired? - Damn right. Are you giving up? - That is not the right word. There are plenty of fine blacklists, and new ones spring up every day. The wirehub/easynet lists served their purpose, but others may serve that purpose equally well. Isn't this all kinda sudden? - Yes. Sometimes, you just know that it's time to say goodbye. And the moment you know it, you must do it. Running blacklists on anything less than 100% motivation and energy is not how it should be done. Anything else? - Sure. These blacklists were maintained by a single person, all of them. Every day. Listings, delistings, finding new DSL/cable ranges, finding new open proxies, writing better scripts, handling all email, running statistics, publishing overviews, providing rsync areas, DNS tranfers. You name it. TINW. There's an I. And I want my life back, at least a little ;) Life? - Yes. Maybe not as we know it. Over the past 3-4 years, the maintainer of these lists has worked 7 days a week, 10-12 hours a day running these lists and handling all tasks and email associated with them. Not a single day has passed without at least processing delisting requests (the bare minimum). And then there was the day job (which was really nothing more than running an ISP's server farm - peanuts, it's FreeBSD). Is that all? - There's more to it, but the details do not really concern you. Let's just say that the integrity of these lists might have been in jeopardy in the long run. There are two cardinal sins when it comes to blacklists: 1. putting/keeping someone on them who should not be - 2. not putting someone on them who really should be. Avoiding '1' is a matter of discipline and a thick skin. Avoiding '2' is a matter of being totally independent from all pressures surrounding you. Avoiding '2' has become increasingly difficult, and we'd rather stop with our integrity fully intact and our reputation unharmed. That is about now. Well, next week. We? - Yes, dropping that habit will take some time ;) Will you be back? - Probably. Lurking. Will you miss us? - Depends on how well target practice goes. Should we give up The Good Fight? - Hell no, we're winning. There's plenty of enthusiasm, and there are plenty of new and old blacklists doing fine work. Take your pick. Keep fighting. Fight for your spam laws. Educate. Annoy. Sue if you must. It's up to you now. Is there anything we can do? - Yes. Spread the word, please. Post to your local/national abuse groups, inform anyone you know who uses these lists, update your configurations. Nothing will break after Dec 1, but there will come a day when these names (including the old Wirehub ones, which still resolve) will cease to resolve. This will probably be announced. Will the lists be back under a different name? - Probably not. It started out as 'doing some extra work to stop spam', because .. well .. FreeBSD and such, plenty of time left. And why not donate that work to the Internet community as well. In the long run. it turned out to be 'getting some sleep and maybe something to eat between emails and zone updates'. Sometimes, enough is just enough. Can't you just maintain one or two of the lists? - What did I just say? I have a question! - The email address will probably work throughout December. It may drop dead after that. Hope I won't. Goodbye all. It was invigorating, it was fun, it was necessary. Don't give up. Ben. -- easynet.nl abuse handling dept. -- abuse@abuse.nl.easynet.net - blacklists/dnsbls: http://abuse.easynet.nl/spamstats.html - - aup: http://www.nl.easynet.net/pub/av/aup/nl (dutch) ---- -- - aup: http://www.nl.easynet.net/pub/av/aup/en (english) -- -- Tag: Securing the Registry. Tag: 40379
 - 12
 - Does the Internet really work or is it just make-believe? I assume that when we type an address in a browser to go to a page then = the address we type in must in fact exist. If it doesn't then we get a = not found. Consider this spam site: http://55easyspeeders.com\photographs\zimage26.gif You will find that you get this image (debt issue so don't worry about = porn). Now lets assume that by putting a character in front of the 55 = with a period we have a different address. We put in the browser. http://w.55easyspeeders.com\photographs\zimage26.gif You will notice that this works as well. Now this issue implies that I = can put anything I want in front of the 55. Like so: http://w2t.55easyspeeders.com\photographs\zimage26.gif http://w.w.w.w.w.w.w.w.w.ww.55easyspeeders.com\photographs\zimage26.gif http://i8hr2lluxs.lorr7.lp.55easyspeeders.com\photographs\zimage26.gif These all work. Why? Does the Internet really work or is it = make-believe? How can I configure my Microsoft IIS server so that it behaves the same? = I take this that all subdomains at this site exist. --=20 George Hester __________________________________ Tag: Securing the Registry. Tag: 40378
 - 13
 - Hi, Here is My E-mail and My Account. I am talking about my old account, which is cherry_cerise@hotmail.com. My new account is vanilla_cherry_cocacola@hotmail.com. I remember my really old password too. Is there anyway I can get it back? I thought I changed my password to password in a different language, but I was wrong. E-mail if you have any suggestions. Thanks. -Nadine Tag: Securing the Registry. Tag: 40362
 - 14
 - Can you guys help? I have lost my password, and I can't get into my account. I am really upset, and I felt like crying the whole day. I remember typing in a new password, but I can't remember what it was. I tried getting a new account, and then when I imported an old contact list, I found I only had 63 people when I had around 98 people before. Do you think there is any possible way I can get my old account back? I know all my information on my account, and I could maybe tell you it and you guys could check to see if it was right. Then you guys can give me a random password. They do that in Yahoo accounts. Thanks for reading this, and I hope you can help me out. -Nadine Tag: Securing the Registry. Tag: 40359
 - 15
 - ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.11.21 Before you post a question to a Microsoft.public.*.security newsgroup, note that your question may already be answered below: Answers to Top Frequently Asked Questions: http://securityadmin.info My question is not mentioned below. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.htm#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.htm#netiquette I just heard about a new Microsoft security patch update. Where can I get the patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I just installed a Microsoft security patch update, and now my computer is having problems. http://securityadmin.info/faq.htm#patchbroke I received an email from Microsoft / Microsoft Support / Microsoft Internet Security Center claiming to be a security patch [or comprehensive Internet Explorer update]. Is this a virus? http://securityadmin.info/faq.htm#microsoftemail ALSO NOTE: www.grisoft.com is free antivirus, USE IT. I received a virus email from a Microsoft email address. Who do I report this to? http://securityadmin.info/faq.htm#microsoftemail I have the RPC Blaster worm "virus," what do I do? http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. My computer is giving RPC Remote Procedure Call messages. There is a TFTP message or file on my computer. My computer keeps locking up, and/or rebooting, or telling me that it will reboot in 1 minute. http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. Where can I download the Blaster worm / RPC DCOM patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I want to replace this file. http://securityadmin.info/faq.htm#jdbgmgr I forgot my Windows logon password and can't log in. How do I reset it? http://securityadmin.info/faq.htm#password I have a problem or a question with a virus or with antivirus. http://securityadmin.info/faq.htm#virus NOTE: www.grisoft.com is free antivirus, USE IT. Why is Outlook Express blocking my attachments as "unsafe"? http://securityadmin.info/faq.htm#attachments How do I stop getting pop-up messages? Or adware? Or spyware? http://securityadmin.info/faq.htm#pop-ups How do I block people from viewing adult or objectionable content on a computer? http://securityadmin.info/faq.htm#contentfilter How do I block spam emails? http://securityadmin.info/faq.htm#spam There is a Content Advisor password blocking me from certain web sites. http://securityadmin.info/faq.htm#contentadvisor How do I delete an FTP folder that a hacker put on my computer and I cannot delete? http://securityadmin.info/faq.htm#ftpfolder Have I been hacked? What do I do if I've been hacked? http://securityadmin.info/faq.htm#hacked How do I re-secure a computer that has been hacked? http://securityadmin.info/faq.htm#re-secure How do I test or improve the security on my computer to avoid being hacked? http://securityadmin.info/faq.htm#harden How do I investigate a suspicious IP address that may be trying to hack me? http://securityadmin.info/faq.htm#trace How do I report a hacker? http://securityadmin.info/faq.htm#reporthacker How do I use a port scanner or vulnerability scanner to test my security? http://securityadmin.info/faq.htm#portscanner How do I encrypt my files and/or hard drive? http://securityadmin.info/faq.htm#encryption How do I get a firewall? IDS? http://securityadmin.info/faq.htm#firewall I want to use the IPSec filtering or IP filtering feature of Windows to block certain ports and have a problem or question. http://securityadmin.info/faq.htm#ipsec I have a problem or question with the XP ICF firewall. http://securityadmin.info/faq.htm#icf I have a problem or question with the IIS URLScan tool. http://securityadmin.info/faq.htm#urlscan How do I change the banner on my computer or server to hide what software version I'm using? http://securityadmin.info/faq.htm#banner How do I enable Windows Auditing to tell who logged into Windows or who accessed a file? http://securityadmin.info/faq.htm#auditing How do I inspect and disable programs that start up when Windows starts? http://securityadmin.info/faq.htm#startup How do I use RUNAS or let someone use RUNAS to run commands as administrator without having to type the password? http://securityadmin.info/faq.htm#runas How do I let non-administrator users run Defrag or change their IP address? http://securityadmin.info/faq.htm#runas My question is not mentioned above. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.htm#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.htm#netiquette Note that this is NOT a full list of all the questions answered in the FAQ. Chances are, your question has probably already been answered. The complete FAQ is at: http://securityadmin.info/faq.htm#contents I hope this is helpful. Feedback, suggestions and criticism regarding the FAQ are welcome and may be emailed to me. kind regards, Karl Levinson, CISSP, MCSE, MVP email: levinson_k@despammed.com Tag: Securing the Registry. Tag: 40358
 - 16
 - Unable to display Router (Offline request) certificate template Even if I setup the permission (apparently accordingly) on the OfflineRouter certificate template, still I am not able to display it among the certificate templates when I try to make a PKCS#10 certificate request using CertSrv forms Any suggestion Thanks a lot Tag: Securing the Registry. Tag: 40354
 - 17
 - Sites for Security, AntiVirus and Remove Spyware I had collected some Web sites for Security, AntiVirus and Remove Spyware at http://www.ccnote.com --> Security, AntiVirus and Remove Spyware By no means I can collect all the good web sites and arrange them fully satisfied. Any suggestions are welcome. Please send to cannotbeanywhere(at)hotmail.com (if email is bounced back, storage may be filled with some spams) Mike Tag: Securing the Registry. Tag: 40348
 - 18
 - Update Rollup 1 for Microsoft Windows XP (KB826939) Anyone know why this keeps showing up as a needed Critical upgrade after I've downloaded and installed it? I installed several times before I realized it was the same one. Tag: Securing the Registry. Tag: 40343
 - 19
 - emails from microsoft containing a virus Everyone, Am receiving emails that norton antivirus is detecting containing a worm virus: these appear to come from microsoft! It is some update! Please someone sort it out! Tag: Securing the Registry. Tag: 40341
 - 20
 - Lost Certificate of authenticity I have a problem with my computer and I need to format my hard disk and reinstall Windows XP Home.Can you please help me because I lost the Certificate of Authenticity.My product No is 00043-469-564-819.It is the only number left on the label.Please help me. Thank you for you support. Tag: Securing the Registry. Tag: 40339
 - 21
 - Lock the terminal Windows XP Proffesinal Service Pack 1 I noticed that when I try to lock my workstation I don't get the total lockout power I desire, it just brings me to the login screen, and right in the corner is the Turn Off Computer option. How can I have the old window that was all bitch back off when my computer idled? Tag: Securing the Registry. Tag: 40334
 - 22
 - Yahoo Messenger Toolbar Students using my network are able to download the Yahoo Messenger Toolbar in Explorer 6.0. I'm on an NT Server Network, and looking for a way to block this - anyone know of any websites re. this, or had a similar problem? Tag: Securing the Registry. Tag: 40330
 - 23
 - Windows 2003 VPN In by MAC address only I believe it is possible to restrict clients VPN in to a windows 2003 server by MAC address, anyione have any idea???? Thanks Tag: Securing the Registry. Tag: 40297
 - 24
 - re: Additional Security settings for Windows 2003 SErver I followed the instructions found here http://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/topics/hardsys/TCG/TCGCH10.asp to the letter, however when I looked in the Local Policy, the MSS extra security options were there, (some of them), but the options for most were incorrect or missing. I then looked in the registry, and can see some entries are missing or in the wrong place. Also in the local Policy some other new entries appear as nonsense, like 80, 00, etc.. This looks like the format from copying and pasting from the article to the inf file was incorrect, and I went through the inf file again, ensuring the format was the same throughout, and run again, bit to no avail... Any help appreciated...Anyone else seen this? Kind Regards, Pete Tag: Securing the Registry. Tag: 40291
 - 25
 - Mad At Microsoft (Security) Mad at Microsoft During the horrible Blaster virus incident (Aug. 11, 2003) I had problems locating the correct patch from Microsoft's site. One problem was that I wasn't sure which version of XP I have. There are 32-bit and 64-bit versions and something about SP-1 or SP-2. I've been using computers for twenty years and even I don't know what those things mean. The Help/About window in Explorer only partly answered this for me. I drove to the Gateway store in the hopes of downloading the patch only to find it was the wrong one. By some miracle, I called Gateway support and was able to download the right patch without the computer rebooting. I discovered later that some versions of XP are only for laptops. The Microsoft pages should have mentioned this. When there were listings for the different patches, it should have said "mostly for laptops" after the ones for laptops. If anyone from Microsoft reads this I hope you will think about it. (This is part of the page I mentioned:) Windows XP Professional and Windows XP Home Edition Download the 823980 package now. Windows XP 64-Bit Edition Version 2002 Download the 823980 package now. Robert Chao Tag: Securing the Registry. Tag: 40289

G/day forum,

I've been ploughing through documents and whitepapers on how to secure your
web server, the best resource of all was probably Improving Web Application
Security - Threats and Countermeasures, an absoloute bible for all ye web
admins out there. Before you read the part i'm querying, it i just want to
doublecheck that i'm not missing anything. Your thoughts please :)

On Chapter 16: Securing Your Web Server, page 449, the following:

Step 9. Registry
The registry is the repository for many vital server configuration settings.
As such,you must ensure that only authorized administrators have access to
it. If an attacker is able to edit the registry, he or she can reconfigure
and compromise the security of your server.

During this step, you:

? Restrict remote administration of the registry.

? Secure the SAM (stand-alone servers only).

Restrict Remote Administration of the Registry

The Winreg key determines whether registry keys are available for remote
access. By default, this key is configured to prevent users from remotely
viewing most keys in the registry, and only highly privileged users can
modify it. On Windows 2000, remote registry access is restricted by default
to members of the Administrators and Backup operators group. Administrators
have full control and backup operators have readonly access.

The associated permissions at the following registry location determine who
can remotely access the registry.

HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg

To view the permissions for this registry key, run Regedt32.exe, navigate to
the key, and choose Permissions from the Security menu.

Secure the SAM (Stand-alone Servers Only)

Stand-alone servers store account names and one-way (non-reversible)
password hashes (LMHash) in the local Security Account Manager (SAM)
database. The SAM is part of the registry. Typically, only members of the
Administrators group have access to the account information.

Although the passwords are not actually stored in the SAM and password
hashes are not reversible, if an attacker obtains a copy of the SAM
database, the attacker can use brute force password techniques to obtain
valid user names and passwords.

Restrict LMHash storage in the SAM by creating the key (not value) NoLMHash
in the registry as follows:

HKLM\System\CurrentControlSet\Control\LSA\NoLMHash

For more information, see Microsoft Knowledge Base article 299656, "New
Registry

Key to Remove LM Hashes from Active Directory and Security Account Manager."

Top

Re: Securing the Registry. by S

S
Mon Nov 24 19:17:28 CST 2003

Yes. Also stop Remote Registry service and use Syskey in password-protected
mode for further protection of SAM (might cause problems with the hosting
company and their "passionate support"). Also use a firewall. And do not
cross-post!

--
Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-

"Stephen O'Sullivan" <steve@nospam_noway_dontyoudare.net> wrote in message
news:#d5bjErsDHA.2408@tk2msftngp13.phx.gbl...
> G/day forum,
>
> I've been ploughing through documents and whitepapers on how to secure
your
> web server, the best resource of all was probably Improving Web
Application
> Security - Threats and Countermeasures, an absoloute bible for all ye web
> admins out there. Before you read the part i'm querying, it i just want to
> doublecheck that i'm not missing anything. Your thoughts please :)
>
> On Chapter 16: Securing Your Web Server, page 449, the following:
>
> Step 9. Registry
> The registry is the repository for many vital server configuration
settings.
> As such,you must ensure that only authorized administrators have access to
> it. If an attacker is able to edit the registry, he or she can reconfigure
> and compromise the security of your server.
>
> During this step, you:
>
> ? Restrict remote administration of the registry.
>
> ? Secure the SAM (stand-alone servers only).
>
> Restrict Remote Administration of the Registry
>
> The Winreg key determines whether registry keys are available for remote
> access. By default, this key is configured to prevent users from remotely
> viewing most keys in the registry, and only highly privileged users can
> modify it. On Windows 2000, remote registry access is restricted by
default
> to members of the Administrators and Backup operators group.
Administrators
> have full control and backup operators have readonly access.
>
> The associated permissions at the following registry location determine
who
> can remotely access the registry.
>
> HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg
>
> To view the permissions for this registry key, run Regedt32.exe, navigate
to
> the key, and choose Permissions from the Security menu.
>
>
>
> Secure the SAM (Stand-alone Servers Only)
>
> Stand-alone servers store account names and one-way (non-reversible)
> password hashes (LMHash) in the local Security Account Manager (SAM)
> database. The SAM is part of the registry. Typically, only members of the
> Administrators group have access to the account information.
>
> Although the passwords are not actually stored in the SAM and password
> hashes are not reversible, if an attacker obtains a copy of the SAM
> database, the attacker can use brute force password techniques to obtain
> valid user names and passwords.
>
> Restrict LMHash storage in the SAM by creating the key (not value)
NoLMHash
> in the registry as follows:
>
> HKLM\System\CurrentControlSet\Control\LSA\NoLMHash
>
> For more information, see Microsoft Knowledge Base article 299656, "New
> Registry
>
> Key to Remove LM Hashes from Active Directory and Security Account
Manager."
>
>

Top