AD Security reporting tool

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Monitoring Servers Hey guys, I've been a lurker here for a while, but I need some specific answers on this one. I have a network with about 14 windows 2003 servers, Exchange 2003, and also host two website in house. We have a PIX firewall and an IDS System on the outside of the PIX. But I really need a good solution for securing and monitoring our servers and network. right now I really have no way of telling if someone has gotten in to our network.Can someone give me some ideas? thats for all the help L Smith Tag: AD Security reporting tool Tag: 85987
  - 2
    - Securing a Mobile 5 Device Hello all, I am cross posting to Security and SBS since we are an MSBS with our M5 devices connecting to SBS environments. We are migrating our organization, and subsequently clients, from Palm to M5 devices. On the Palm, we have an easy to manage encryption software package that encrypts data on the device and on the SD card. Is there anything out there that is reasonably priced for small business that is similar in its abilities? We are looking to encrypt the Outlook data on the M5 device itself, since it contains sensitive information... The remote wipe will not work if the unit is in a faraday cage or in some way radio isolated. It also will not take care of the data on any media cards inserted in the M5 device. We are also looking to encrypt the contents of the media cards. Any help pointing us in the right direction is greatly appreciated! Thanks, Philip Elder MSBS Tag: AD Security reporting tool Tag: 85986
  - 3
    - Invalid Digital Signature in Certificate Dear All, I have a digital certificate which when opened (double-clicking) with Windows 2000 Professional or Windows XP shows the following error message "The integrity of this certificate cannot be guaranteed. The certificate may be corrupted or may have been altered" The same certificates opens up without any such error in Windows 98/Windows NT machines. Is this any Patch problem ? If yes, Please let me know which patch has to be applied? Tag: AD Security reporting tool Tag: 85985
  - 4
    - Problems with SQL Server after installing security updates Hello I have SQL server with service pack2, and i just installed the hotfix for the worm which came out few weeks back, after installing the fix i am unable to connect to my local SQL server, though am able to connect to remote SQL server instances, but when i try and connect to the local SQL server, the whole thing just freezes... Tag: AD Security reporting tool Tag: 85980
  - 5
    - two-factor authentication for both local and remote login Can anyone here suggest a solution for two-factor authentication (e.g., password and USB key) that would work both for normal Windows login (i.e., user is sitting at PC) *and* for remote login via Remote Desktop (or some equivalent remote access solution)? The solution must support the *same* two-factor method for *both* kinds of access. Cheers, James Tag: AD Security reporting tool Tag: 85978
  - 6
    - Local Certificate Authority Server Hello I have configured an enterprise Certificate Authority Server that will issue each email user a USER Certificate for Digital Signature purposes. On our internal email with digitally signed mail we can read the email but when I mail a free mail servers like yahoo or gmail the message is place on a smime.p7m file. How can our local CA server be trusted? Tag: AD Security reporting tool Tag: 85974
  - 7
    - Computer(s) keep trying to crash on me. It seemed to start about 6 months after I bought a new computer from infotech. It is running XP pro, has an MSI motherboard and cable modem. I was running Defender antivirus and firewall, but someone was able to disable the firewall and antivirus (from a remote location) without me noticing. I usually turn the computer off at night, or if I won't be using it for a while, but evidently the computer doesn't need to be on to access it remotely. Anyway, I turned it on one morning and noticed the display was different, the mouse and keyboard both had their drivers removed and all my email was gone. Shortly after that you could hear the harddrive running like crazy. I assumed it was a virus, so i tried going into msconfig to turn most of the stuff off. I noticed windows explorer was running, along with remote desktop and a few other web-publishing programs most of which I have never used. When I attempted to restart the computer, all I got was a "no operating system found" error. I have lots more info, but no time right now to go into detail. If anyone has had a similar problem or has any suggestions, I would appreciate it. Thanks!!!! Tag: AD Security reporting tool Tag: 85970
  - 8
    - CA store Windows has a Certificate store Manager; Tools>Options|Content tab and click [certificates]. There are [import and export] and [Advanced] buttons. How do I get an CA digital ID out of there for use in email. Why is this a problem for users when seeking digital ID for encryption algorithms of work data? Tag: AD Security reporting tool Tag: 85968
  - 9
    - Permissions I need help here. I have a SBS2003 network with a member server running Windows 2003 Server. I have setup volumes on the machine, i.e. H, T, V drive etc... Now, what I have done is I have shared out these volumes, e.g. T drive with the Share to have Everyone=Read. The Security tab also has the same, Everyone=Read. Now, a user has setup a folder in T drive (called EEE) and shared this as well. This time, the share permissions are for that user only=Full Control, and in the security tab that user is set to=Full Control. Via Network Neighbourhood>Windows Network>etc... the user can paste into the subfolder in T drive (shared as EEE) with no problem, but when he goes through machinename\T\EEE he is unable to. He does not understand the fact that right-clicking the EEE folder has the same permissions (i.e. Full Control is greyed out) but going in via the correct share he will have different rights. He believes that no matter what, that user has the same permissions via any share he goes through on T drive - i.e. T or EEE. Furthermore, I need to understand the logic myself before I speak to him, so please can someone make me understand this. Thanks, S Tag: AD Security reporting tool Tag: 85962
  - 10
    - Excel Attempts to contact Akamai.com every time it's started Can anyone tell me why Excel (2002) has just recently started to try to contact akamai.com every time I start it (Excel) up (I know this because my Firewall intercepts the attempt) and how I can stop it from doing so Tag: AD Security reporting tool Tag: 85960
  - 11
    - Hotmail Hacked Hello, My other hotmail account was hacked and consequently money stolen from my paypal account. How can I contact hotmail to tell them this and have them close my account? Lucas Tag: AD Security reporting tool Tag: 85953
  - 12
    - looking for a suitable proxy Hi. I've posted about proxy's before, but now I know better what and how I want to protect myself. Using security services that have a very high security, such as those that send heavily encrypted data, can be counterproductive and attract attention, because someone who would use one of those would probably have something to hide. Wouldn't the NSA or the Israelities/israelies (?) be interested ? I'm just looking for a secure proxy, without taking extreme measures with regard to security. A proxy service through which a lot of traffic would go would be good, I'm less likely to be noticed that way. In the first place I want to protect myself against criminals, hackers, nosy people, organizations and yes, I don't want Big Brother (the state) looking over my shoulder. A proxy in control by a non-profit organization or some other organization that would fight for my privacy, even if pressed by law or security officials or advanced social engineering, would probably be good. Is more anonymity better ? I wonder in which Homeland Security would be interested ... Also important is speed. Often, proxies slow down speed, and I'm using a broadband connection. Essentially my computer name AND IP are static, would proxies hide them ? I know you can't get 100% anonymity, but that's ok. What about www.the-cloak.com ? I live in Western Europe. Any recommendations ? Thank you. Tag: AD Security reporting tool Tag: 85950
  - 13
    - Permissions Removed from Folders Mr. Sanders, is correct. You would need to take ownership of the folder/files and then assign the desired permissions. Tag: AD Security reporting tool Tag: 85947
  - 14
    - SSL/TLS & renegotiation and Internet Explorer Dear All, I am working on my own server that supports SSL, both with and without client authentication. I am in the process of implementing a feature which allows the server to prompt the user to provide his digital certificate whenever he tries to access a resource that requires client authentication. So whenever i get a request for such a Page then my server sends a SSL HelloRequest to the Client thus initiating a SSL renegotiation. The server caches the HTTP request in its Session buffer before it initiates the renegotiation. So, the client re-initiates the handshake by sending the 'client-hello' packet (encrypted with the session key negotiated in the previous session) and the server reciprocates with the serverhello, server cert, client cert request and server hello done packets, all encrypted with the older session key. At this stage, IE closes the connection with the server and prompts the client to choose his digital certificate. When the client chooses the certificate it re-initiates the handshake, establishes a new connection and then starts the handshake process again with the 'client-hello' packet. Now, at this stage I am not sure how to link up the old SSL session and the new SSL session on the server side. Actually I have to forward the HTTP request to another backend server, get the response and forward it to the IE client. My question is how do i link the old and new sessions that i have established with the Internet Explorer. Is there anything that will be common between the two sessions Any help on this would be greatly appreciated. Regards Tag: AD Security reporting tool Tag: 85946
  - 15
    - All permissions removed from folders One of my customers has removed all groups and all permissions from several folders on a Small business Systems 2000 Server. So far all attempts to regain any kind of access or control have failed. Is there any way at all, or perhaps a tool of some kind, that would allow me to manually assign Administrator rights to these directories? Tag: AD Security reporting tool Tag: 85944
  - 16
    - Essentials of Biometrics Training Course Essentials of Biometrics" is set at an introductory level and requires no previous specialist knowledge of Biometrics. The main focus of this course is on:- Raising awareness and understanding of the Biometrics technology in layman's terminology. Providing a comprehensive understanding of the different Biometric technologies. Highlighting the key considerations for implementing a Biometric solution within a security system. Providing an overview of current Government and private sector applications. This course will be useful for managers, senior management, security consultants and anyone who needs a general understanding of Biometrics. By the end of this course the delegates will: Gain an up to date basic knowledge of the Biometrics technology Gain a view of how Biometric applications can best be implemented Understand the factors affecting the performance of a Biometric application Appreciate the social and ethical issues Learn how governments and private sector areas are adopting the technology Availability: July 25th 2006 Fully Booked August 22nd 2006 Fully Booked September 26th 2006 Spaces Available November 7th 2006 Spaces Available November 28th 2006 Spaces Available A synopsis of the course can be found at www.identitysolutions.uk.com/training.html Tag: AD Security reporting tool Tag: 85934
  - 17
    - 'C:\Windows\System32' window pop up at startup Hi, When I start up Windows XP, folder 'C:\Windows\System32' always pops up. I following the suggestions from some articles, and created the following message. Could anyone suggestion how should I proceed? Thank you very much! Key Name: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Class Name: <NO CLASS> Last Write Time: 7/5/2006 - 8:32 AM Value 0 Name: MSMSGS Type: REG_SZ Data: "C:\Program Files\Messenger\msmsgs.exe" /background Value 1 Name: ctfmon.exe Type: REG_SZ Data: C:\WINDOWS\system32\ctfmon.exe Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Class Name: <NO CLASS> Last Write Time: 7/4/2006 - 11:21 PM Value 0 Name: ATIModeChange Type: REG_SZ Data: Ati2mdxx.exe Value 1 Name: SynTPLpr Type: REG_SZ Data: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe Value 2 Name: SynTPEnh Type: REG_SZ Data: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Value 3 Name: QCTRAY Type: REG_SZ Data: C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE Value 4 Name: QCWLICON Type: REG_SZ Data: C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE Value 5 Name: BMMGAG Type: REG_SZ Data: RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor Value 6 Name: TPTRAY Type: REG_SZ Data: C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE Value 7 Name: TP4EX Type: REG_SZ Data: tp4ex.exe Value 8 Name: TPHOTKEY Type: REG_SZ Data: C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe Value 9 Name: NPDTray Type: REG_SZ Data: C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe Value 10 Name: AGRSMMSG Type: REG_SZ Data: AGRSMMSG.exe Value 11 Name: UC_SMB Type: REG_SZ Data: Value 12 Name: Tgcmd Type: REG_SZ Data: "C:\Program Files\Support.com\bin\tgcmd.exe /server" Value 13 Name: OfficeScanNT Monitor Type: REG_SZ Data: -HideWindow Value 14 Name: SunJavaUpdateSched Type: REG_SZ Data: C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe Value 15 Name: AVG7_CC Type: REG_SZ Data: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents Class Name: <NO CLASS> Last Write Time: 7/2/2006 - 8:20 PM Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL Class Name: <NO CLASS> Last Write Time: 7/2/2006 - 8:20 PM Value 0 Name: Installed Type: REG_SZ Data: 1 Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI Class Name: <NO CLASS> Last Write Time: 7/2/2006 - 8:20 PM Value 0 Name: Installed Type: REG_SZ Data: 1 Value 1 Name: NoChange Type: REG_SZ Data: 1 Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS Class Name: <NO CLASS> Last Write Time: 7/2/2006 - 8:20 PM Value 0 Name: Installed Type: REG_SZ Data: 1 Tag: AD Security reporting tool Tag: 85927
  - 18
    - I just don't get it??How to remove threats? Someone please help.For the last couple of months everytime I scan my pc for threats it finds 6 and then there's no option to remove them what do I do I've got norton antivirus and I'm completely lost as to what I do -- Many thanks Zowie Tag: AD Security reporting tool Tag: 85922
  - 19
    - Password safe/vault Hi all, Can anyone recommend a password safe/vault that uses AD authentication? I want to be able to use AD groups to control who has access to the safe and hopefully restrict access to certain password groups. e.g. the logged in user can only access the SQL passwords; another can access only exchange passwords; etc. Does anyone know of products I should avoid? Have you used the product you've suggested in a commercial environment? Did you eval a bunch of products and decide on one? What made you purchase that product over the others available? Of course I'm not expecting answers to all these questions. I just need an idea of what you guys have experienced with this type of product. Thanks, Scott Tag: AD Security reporting tool Tag: 85920
  - 20
    - Need to protect your network from ALL unknown devices, not just USB? Dear All, With rapid advancements in network connectivity such as USB, Bluetooth, WiFi, Firewire etc. and the multitude of peripheral devices available, as you are aware organisations like yourselves have a constant battle against data being stolen or leaked through 'honest mistakes'. Antidote Security Ltd are partnered with SecureWave Ltd whose Sanctuary Suite employs the White List - "Default Deny" approach, which is a proven, positive security model and fast becoming the industry standard. Sanctuary Device Control provides an essential platform to develop, administer and enforce effective granular policies for the safe use of removable devices. Along with detailed auditing and reporting, this solution protects both PC's and servers alike, enabling you to control which devices can be used by whom, when and how! SecureWave customers include, Barclays Bank, Norwich Union, Bank of Tokyo-Mitsubishi, Inland Revenue, Egg, Unisys, Fujitsu, Royal Navy, M.O.D., Metropolitan Police (+ 9 other police forces), PITO, Home Office, Hampshire County Council, Cabinet Office and others. Benefits: a.. Security - Control over what enters and leaves the organisation b.. Confidentiality - Prevent use of unauthorised end user devices c.. Legal - Ensures regulatory compliance d.. Productivity - Lower IT operating costs and improved IT management efficiency e.. Administration is straightforward with a 3-click operation to assign/remove permissions f.. Full auditing of user & administration actions is provided After rigorous testing by the UK Government's Cabinet Office (www.cabinetoffice.gov.uk/csia), Sanctuary has was awarded the CSIA - Claims Tested seal of approval, proving this solution does indeed do what it claims - which is a great accolade to place alongside it's other certifications. Please feel free to download a FREE 30-day evaluation (http://www.securewave.com/public_request_partner.jsp?id=33271) or for further, please forward an email to info@antidotesecurity.co.uk Best Regards Mark Smith Managing Director - Antidote Security Ltd Tag: AD Security reporting tool Tag: 85915
  - 21
    - Outlook 2003 + Can't Publish to GAL We're using several Verisign Digital ID's in our company network. Previously i was able to install new private keys then publish to GAL, but now this doesn't work any longer. I get the following message when i press Tools->Options->Security->Publish to GAL Microsoft Office Outlook was unable to publish your certificates. The server may be offline or your certificates may be invalid. Contact your administrator if the problem persists. On some other machines this works fine. They also have a verisign digital ID. Who can help me with this pleeeaase? Tag: AD Security reporting tool Tag: 85913
  - 22
    - stop ie error message it happens when i go into yahoo chess game site can anyone tellme what going on when ie give me a error message then reboot my computer? Tag: AD Security reporting tool Tag: 85904
  - 23
    - Partial profiles appearing on W2K GC A handful of partial profiles have appeared on a client's W2K GC in the "documents and settings" directory. The profiles belong to user accounts that are NOT administrator accounts. The profiles only have three subdirectories instead of the customary twelve subdirectories. The three directories are "Application Data", "Cookies" and "Local Settings". NTUSER.DAT, ntuser.dat.log, and ntuser.ini are also created. It is my understanding that user profiles should only appear on a W2K GC in the "Documents and Settings" directory as a result of a user logging on from the server keyboard, or by an administrator logging in via Terminal Services (which is in admin mode). Windows Update and the client's third party patch management software both report the server as fully patched. 1) Is there any legitimate way that a non-admin user could create a profile on the server? 2) If the profiles were created by a user using an exploit to elevate their privileges via Terminal Services, how would you manually check to see that the appropriate TS patches were actually fully installed? Thank you Tag: AD Security reporting tool Tag: 85903
  - 24
    - Utlility to display alternate identity in Window bar? Hi all: I might have dreamed this, but I'm wondering if anyone has seen a utilty or add-on patch that cuases the the identity of the user to be displayed in the title bar of a window. The app I seem to recall seing displayed this info (logged in user) near the resize/close buttons. This was useful for running with lowest privilidge, but using "Run As" to run utilities, etc. with alternate credentials. Any ideas what I saw or where? Thanks, d. Tag: AD Security reporting tool Tag: 85899
  - 25
    - Attachment Manager Problem in Windows 2003 Hi The attachment manager in Windows 2003 is not futioning properly or im not setting it up correctly. Please advice me how to make it working properly with in the GPO. as i noticed its functioning only to the hotmail.com/msn.com/hotmail.co.uk ... All microsoft related sites. but attachments are functioning in Gmail,Rediffmail,Yahoo & all external Sites. Whom do i need to contact regarding this issue. Please reply me at the earliest to kurunji@yahoo.com Thanks & Regards Kurunji Tag: AD Security reporting tool Tag: 85895
- Next
  - 1
    - View content of PKCS#12 file (.pfx) How can I view content of PKCS#12 file? I don't want to install its certs, but only to view content (list all certs). Tag: AD Security reporting tool Tag: 85894
  - 2
    - Can't remove Windows Defender Windows Defender generated an error. Tried to remove Defender from control panel, would not uninstall. When trying to reinstall another error generated " you must remove installed version first". Started PC in safe mode and tried removing Windows Defender entries from registry. Some entries would not remove. Restarted in normal mode. Problem still exists. PLEASE HELP as Microsoft Antispyware runs out on the 31st of July 2006. Tag: AD Security reporting tool Tag: 85890
  - 3
    - deactivate IE intranet security warning In need of assistance. Just initiated a IE Group Policy to establish the proper security zones for all our XP SP2 clients. Have placed our intranet webservers in the trusted zone and set the security level to LOW. User logs into a web app on these servers and an IE warning appears: When you send information to the local intranet, it might be possible for others to see that information. Do you want to continue? [check box] In the future, do not show this message. User checks the box clicks Yes on the "do not show this message again" and the app opens. User closes the app and then reopens User receives the same warning. Is there any way to disable this warning message? Have tried several changes to the policy with no success. Any help would be appreciated. Jay Tag: AD Security reporting tool Tag: 85889
  - 4
    - how to restrict limited user only visiting several websites I've been reading here alot and decided to post. Windows XP SP2, the administrator account want to restrict limited account only visiting several dedicated websites, and forbidden the limited account visit all the rest websites! My ideal is that disable quering DNC server, and mapping the IP addresses to host names only which I allow the limited account to visit...... But the drawback is that the limited account user can input the IP address directly in browser! Maybe there have other methods to accomplish the hard work! __ Ash Tag: AD Security reporting tool Tag: 85867
  - 5
    - Permission to Copy Files to Server Folder But Not Edit Them On a Windows 2003 Server I would like a specific user to have permission to add Excel files to a folder on the server from his own workstation, but not be able to edit the files, once they are placed into the folder. He still needs to be able to open and read the files, once they are in the folder on the server, just not be able to make changes to them. Can anyone tell me what combination of file permissions in Windows 2003 Server would produce this result. Thanks in advance! Tag: AD Security reporting tool Tag: 85865
  - 6
    - Error Message (???) I keep getting the following messsage when I open any of the Works applications e.g. Word Processor, Database etc C:\Programe Files\Microsoft Works\MSWorks.exe The NTVDM CPU has encountered an illegal instruction. CS:0604 IP:0145 OP: ff ff ff 00 00 Choose "close" to terminate the application I have choosen Close a million & one times! It allows me to access Word Processor but every time I log out and log back in (restart) the same message appears. Can anyone help??? Thank You! Tag: AD Security reporting tool Tag: 85860
  - 7
    - Mulitple Antispyware Beta Questions The address http://communities.microsoft.com/newsgroups/default.asp?ICP=spyware link in the software doesn't work. Is there and active newsgroup to post questions? When my system is left idle and offline for periods of time, the antispyware just isn't active when I open my desktop and use the computer again. Is there an explanation or known issue where the antispyware would dissapear from my toolbar or why it would become inactive and unloaded from the system applications with user input or while the system is idle? Have run other programs and found no spyware on my system just to be sure. Am I the only one annoyed that you can't minimize the window while antispyware updates? Tag: AD Security reporting tool Tag: 85859
  - 8
    - VirusScan Enterprise Security Alert I keep getting an alert that tells me my Virus Scan "may be out of date" but no help is available for my doing an update from anywhere. Can anyone advise me? Thanks, Michael. Tag: AD Security reporting tool Tag: 85855
  - 9
    - And just when we thought the IRS Phishing Scams were over ........ Despite the fact that the tax season is over and all the press on the IRS Phishing scam, the phishermen must think the IRS name is a good "lure." http://fraudwar.blogspot.com/2006/06/and-just-when-we-thought-irs-phishing.html Tag: AD Security reporting tool Tag: 85854
  - 10
    - what do I risk...? Hi all of you ! My antivirus is PCCIllin Trend. I discover by chance my machine also holds a series of McAfee files and folders. It takes up space, and I dont have much. I fear interference with PCCillin. Can I just wipe them out ? Thanks for advice Tag: AD Security reporting tool Tag: 85847
  - 11
    - Be careful using AIM & all Instant Messengers Worm appears as Microsoft antipiracy program http://www.infoworld.com/article/06/06/30/HNwormmsantipiracy_1.html <QP> Security analysts have detected a new piece of malware that appears to run as a Microsoft program used to detect unlicensed versions of its operating system. The malware has been classified as a worm and spreads through AOL's Instant Messenger program, said Graham Cluley, senior technology consultant for Sophos, a security vendor. Sophos is calling it W32.Cuebot-K, a new variation in the Cuebot family of malware. The worm has a range of malicious functions. After it's installed, the worm immediately tries to connect to two Web sites, a sign it may try to download other bad programs on the machine. Cuebot-K can disable other software, shut off the Windows firewall, download new malicious programs, perform basic DDOS (distributed denial of service) attacks, scan local files and spawn a command prompt, Sophos said. Worms that spread through instant messaging programs often appear as messages or links sent from friends, which trick a user into executing the program. Cuebot-K propagates by sending itself as a file named "wgavn.exe" to more people in the user's "Buddy List" but without a message, Cluley said. </QP> -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org Tag: AD Security reporting tool Tag: 85836
  - 12
    - help please I am a layman. Somehow after recently installing microsoft 2000 pro edition on my computer I constantly get pop up windows warning me of damage to my registry and directing me to sites like rclean.com, fixreg.com and numerous others. In fact IT JUST HAPPENED! it said go to regfixit.com (or regfixes.com)! Like an idiot I initially bought in, figuratively and literally and paid 29.95 for a registry cleaner product. Guess what? I still get these messages up to 40 times a day. I e-mailed the company and asked for a refund but am not holding my breath. any advise would be greatly appreciated. I re-installed my OS three times and it doesn't help. Thanks, Larry Tag: AD Security reporting tool Tag: 85832
  - 13
    - View a certificate I've created some certificates so we can use SSL to access remote email. How do I go about opening the certificate. I want to open it so I can view it. I want to see the: BEGIN CERTIFICATE Stuff here END CERTIFICATE But when I open the certificate with notepad, its just a bunch of giberish. What do I need to do? Tag: AD Security reporting tool Tag: 85831
  - 14
    - Cannot update hosts file. After downloading latest update I find the disk is read only. Is there anyway to change the attribute with windows explorer? Tag: AD Security reporting tool Tag: 85822
  - 15
    - Kerberos pre authentication question Hi, Can anyone help me on this one. What are the security risks of switching of kerberos pre authentication? The reason for this question is that our VPN3000 concentrator does not support pre authentication. However before we go switch off pre auth i would like to get your view on the risks, if any? -- Thanks Andy Tag: AD Security reporting tool Tag: 85821
  - 16
    - Bug in 802.1x stack (Windows XP) Hi, I am testing 802.1x authentication in our network. The client I use for testing is one Windows XP SP1 and one with SP2. Both have problems to authenticate the user. When I sniff the packets send by the XP Client I can see that Windows is using a wrong domain name. The switch sends the wrong login credentials to the IAS Radius server which denies the access request because the domain controller for this, wrong, domain can not be found. Our domain is 3SOFT, normal login works, but when I enable 802.1x the domain name used by Windows in the EAPoL packets is "MDOFT". So does anybody if there a fix for this problem? Bye Tom Tag: AD Security reporting tool Tag: 85818
  - 17
    - Remote Desktop for Windows Server 2003 Hi, Is it possible to access/change the options from the Windows Server 2003 User management tabs (right click my computer => manage => local users and groups => users => right click on user properties => remote control tab) from a (Visual Basic) program?? I want to turn on/off the permissions for remote access simply by one mouseclick, and I want a little timer on it, so for example the system management has got 5 hours to work on our server and then it closes the remote desktopconnection. Can someone please help me with this problem?? Thank you in advance, Lennart Klaver R&D, server management Tag: AD Security reporting tool Tag: 85791
  - 18
    - How many "current" microsoft bulletins are there? By that I mean to say that one Microsoft bulletin ( eg. MS99-025 ) can supersede another ( MS98-004 ) ( ref: http://www.microsoft.com/technet/security/bulletin/ms99-025.mspx ) How can one find out? I did look at the mssecure.xml that MBSA 1.2 uses and found that there are (Currently) 342 'SupercededBy' tags. Is this any indicator of the number i.e. 493 (total bulletins) - 342 (superseded) giving 151? Tag: AD Security reporting tool Tag: 85790
  - 19
    - Windows 2003 remote admin access Hello, I have a query which is only apparent due to politics in the work place. On a technical level I can quite easily stop this issue but am intrigued as to how this can be happening?.. One of our Windows 2003 servers is being accessed by a user who does have an administrator account, but does not have local access to the server. From outside the local network the only permitted inbound access is for HTTP, HTTPS, SMTP and FTP, all using the standard ports. There is no remote access software installed, e.g. Remote Desktop, NetOp etc. How can it be possible for files to be added / removed, permissions changed etc on this server via these protocols? (Obviously the user can interact with the services that are provided, but things are changing outside of these locations). Any ideas at all, anyone? Thanks, John Tag: AD Security reporting tool Tag: 85788
  - 20
    - Microsoft User-Modem Driver Framework Feature Pack 1.0.0 (Pre-rele Can anyone tell me what this is or what its use is intended for. I found it on my Add/Remove portion of the control panel and presuem that it was placed into my system by the automatic update route. Please help is you can. I understand this my not be a serious issue, or even a security issue, but frankly I want to know what it is and have searched every possible way I know how on the Microsoft web site and came up with ZERO results. Thank You -- Larry D Tag: AD Security reporting tool Tag: 85786
  - 21
    - Disabling local user accounts on remote servers I have a local user account that is a member of the local admins group on over 100 hundred servers. I would like to disable this local account from a central location (my pc) instead of logging into each server and manually disabling. I am a domain admin. I would also prefer not to do this by using computer management and connecting to the servers I want to disable the account on. If I cannot do this i'd like to at least be able to change the password of this local user account from my pc instead of logging into each server. Can this be done with a script or batch file. If so can anyone provide some sample code as I am not very familiar with writing scripts? Tag: AD Security reporting tool Tag: 85785
  - 22
    - Local System Account & Network Access Hi, I have a custom developed windows service running on XP - very simple , it accepts commands via TCP/IP and executes them on the pc on which it is installed. The service gets installed with 'Local System' account credentials which by all accounts does not have access to network resources. I am however able to send commands to the service instructing it to install software packages which reside on a network share (shared read-only for domain users) and it works just fine. I am concerned because all the documentation I have read indicates that this should not be possible, are there any special circumstances where the System account can access UNC share paths? Tag: AD Security reporting tool Tag: 85784
  - 23
    - Is Acitve Directory keeping track of old account names? After an account has been renamed (and the proper audit settings have been set) event 685 will be created in the security log of the DC. Event 685's description displays the old Account name and the new account name. Does anyone know whether MS-AD itself keeps track of the old names? Are the old names being stored in some attribute or is it possible to enable such a feature? Regards, Frank Tag: AD Security reporting tool Tag: 85782
  - 24
    - where to upload unknown files for analysis I ran a virus(nod32) and spyware(webroot) check which could not find anything wrong with the following files: daneng.dll ddayy.exe Both of them have the same date and time stamp. daneng.dll caused explorer.exe to crash which, when I renamed the file, explorer did not crash anymore. It crashed when using fast user switching in xp. The files do not have any version or company information, and do not seem to be associated with any application. I could not find daneng.dll in a google search. I found one reference to ddayy.exe but no information about it. Does anyone know where I can upload them for analysis? Thanks, Chris Tag: AD Security reporting tool Tag: 85780
  - 25
    - msn messanger not working i can t get into my msn dcasingena@hotmail.com and my brother and my friends have tried there s on my cpu and they managed to get in and mine has been giving me a trouble shooter for 4 days now Tag: AD Security reporting tool Tag: 85769

Dears;

How I can get a reporting tool for w2k give me whole details of users
security informations and permitions on all the active directory?

Top