W2K Server -- local settings versus effective settings

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Re-applying old patches Hello, It was recently discovered that the Windows Update website shows that security patch 835732 (4/04) is missing from the W2K machines in our company. This is strange, because this patch was originally applied to our W2K image using the Windows Update site. Also, if a recent patch is run wth the /L switch on the command line, it shows that 835732 *is* installed. In any case, if the patch is re-applied to the machine, Windows Update no longer sees it as missing. So, management has requested that it be re-applied to these machines. When we do this, will all subsequent patches need to be re-applied as well, or are the patches "smart" enough not to overwrite newer files? -- -Jstep Tag: W2K Server -- local settings versus effective settings Tag: 67250
  - 2
    - Error while consuming web services over SSL-The underlying connec. Hi, I'm trying consuming web services over SSL by an ASP .Net client without success. System Architecture: My Server side contains the following layers, starting from the client side: (Client side) WSD firewall Weblogic server. The webservices deployed On the weblogic Protocol: SSL. Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET Version:1.1.4322.573 Symptoms 1. The handshake completed successfully, (taken from the MMC): â??An SSL client handshake completed successfully. The negotiated cryptographic parameters are as follows. Protocol: SSL 3.0 Cipher: RC4 Cipher strength: 128 MAC: MD5 Exchange: RSA Exchange strength: 1024â?? 2. Iâ??m getting the error message: WebException: The underlying connection was closed: An unexpected error occurred on a send.] emtv1.WebForm1.Button1_Click(Object sender, EventArgs e) in c:\inetpub\wwwroot\emtv1\webform1.aspx.cs:69 System.Web.UI.WebControls.Button.OnClick(EventArgs e) System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) System.Web.UI.Page.ProcessRequestMain() Facts: 1. Other client (java client) consumes the same services successfully. 2. Overriding the GetWebRequest method not solved the problem. What am I missing? Thanks in advanced, Tag: W2K Server -- local settings versus effective settings Tag: 67242
  - 3
    - BlackHole Adware? I know there is a list of spam sites people can access to use as 'black hole' addresses. Can the same thing be done for ad-ware/spy-ware sites? I don't have the resources to set such a thing up, but if it existed I would push very hard for my employer to use it. I realize the black hole list hasn't stopped spam, so maybe it is a waste of time. Comments? Tag: W2K Server -- local settings versus effective settings Tag: 67241
  - 4
    - Error 0x80094001 while enrolling User Certificate I have W2K3 forest with two domains ad.test.com (forest root) and sub.ad.test.com. I have Enterprise CA installed on server in sub.ad.test.com. I modified Cert. Templates security to let users (ib sub domain) Enroll certificates. I configured Computer certificate enrollment with GPO. Most of comps get their certificate. But I cannot Enroll User Certificate using Web or MMC. When I try I get: "Certificate Services denied request 106 because The request subject name is invalid or too long. 0x80094001 (-2146877439). The request was for SUB\Administrator. Additional information: Error Constructing or Publishing Certificate" Still I can Enroll Basic EFS certificate. Please Help! Tag: W2K Server -- local settings versus effective settings Tag: 67240
  - 5
    - COM Object Shutdown Rights Hello! I have windows 2000 server with some COM objects. Some of them sometimes stop working (hang) after object Shutdown and started again it works fine. So I would like to give rights () to shudown object (it maybe even right to manage all of Component Services) to my HelpDesk people without giving them Admin rights on server. Tag: W2K Server -- local settings versus effective settings Tag: 67239
  - 6
    - Delegates viewing files I need to know if there is a way to find out if a delegate has opened up attachments in my mailbox. Also, is there a way of detecting this in the future. I am running Windows XP Pro with Office XP on a Microsoft server 2003. Tag: W2K Server -- local settings versus effective settings Tag: 67229
  - 7
    - Ports Security Hi, I would like to know whether it is possible to block a specific port number for outgoing or incoming connections? I am using windows 2000 professional and would like to know any solutions for the same. For example, if I want to block a port number say 1255 for outgoing connections but allow it for incoming connections. Also can I do it dynamically, i.e. with out restarting my machine. Any information would be of great help. Thanks, Abhishek. Tag: W2K Server -- local settings versus effective settings Tag: 67228
  - 8
    - Safe mode hangs I have a persistent istbar trojan and any attempt to run spyware cleaners in safe mode causes it to hang. I have winXP SP2 and the problem is the same for 3 different spyware programs. They work fine with a normal boot, just not in safe mode - however removing the istbar trojan this way causes it to return. Any advice appreciated. Jen Tag: W2K Server -- local settings versus effective settings Tag: 67216
  - 9
    - hotmail hijack I have suspision that an ex-girlfriend has hijacked my hotmail account, the password was a strong password, and she was the only one that knew it. Any way the security question in the account has been changed to denie me from resetting. The bad part is that she is logging on to my msn and pretending to be me, I had a lot of contacts and cannot notify them all. She is also sending email pretending to be me. I have got the police involved (prank phone calls also) but they are currently unable to do anything. My question is, is there anything I can do to have this account closed? or get it back? - please help Tag: W2K Server -- local settings versus effective settings Tag: 67215
  - 10
    - Email requesting info for MSN Received email from someone reporting to be MSN requesting information and stating that my account would be deleted within 4 days if we didn't answer the questions Tag: W2K Server -- local settings versus effective settings Tag: 67211
  - 11
    - Email requesting info for MSN Received email from someone reporting to be MSN requesting information and stating that my account would be deleted within 4 days if we didn't answer the questions Tag: W2K Server -- local settings versus effective settings Tag: 67210
  - 12
    - How risky are these open ports for online gaming. My PC XPsp2, has a up to date firewall and antivirus. I want to play and host games online, but the gaming arena/website requires me to open these ports: 6667 (IRC) TCP 3783 (Voice Chat Port) TCP 27900 (Master Server UDP Heartbeat) UDP 28900 (Master Server List Request) TCP 29900 (GP Connection Manager) TCP 29901 (GP Search Manager) TCP 13139 (Custom UDP Pings) UDP 6515 (Dplay UDP) UDP 6500 (Query Port) TCP how risky is this, and is there a way of still being secure with the ports open. Thanks. Tag: W2K Server -- local settings versus effective settings Tag: 67206
  - 13
    - internet explorer security settings certan items dont open when i open pages on internet explorer it say check settings and refresh what should internet explorer security settings be set at in advanced settings ? what should be ticked and not ticked ? please help if you can thank you PIPP -- ukpipp Tag: W2K Server -- local settings versus effective settings Tag: 67205
  - 14
    - what is this dllhost.exe is dllhost.exe a virus or is it a window file? can i shutdown this process? Tag: W2K Server -- local settings versus effective settings Tag: 67193
  - 15
    - help on window security update? How do i find out if the window critical security update is truly installed techically? because when i had hp media center 2004/sp2 and all the critical update and when I upgraded it to HP media center 2005 upgrade cd, i went to add/remove after installing media center 2005 and notice all the critical security update was not there anymore, so i went to window update and check and notice there is seven critical window update available but there all 0KB/0mb size with exclamation point next to those security update saying its already installed on your computer, i went to check add/remove and its not there at all, so i decided to installed it again when i did it didn't download the update instead it intiliazing....done installed.. after seeing this i went to add/remove to check if it's installed and all the critical security update are installed. this is why i want to find out if its truly installed? what is intiliazing? does it mean all the 7 critical security update file is on my computer already and window update is just reinstalling the security update again. please help? Tag: W2K Server -- local settings versus effective settings Tag: 67192
  - 16
    - Virus?!? Hey, I dled something of the internet, and it only opened and went to a black screen and closed. I tried to delete the file after restarting but it tells me the file is currently in use. I am assuming its a virus, How can I find a way to delete the file? -- North Coast Smoker Tag: W2K Server -- local settings versus effective settings Tag: 67189
  - 17
    - Significant sub-authorities in determining duplicate machine SIDs We've been trying to troubleshoot some GPO problems lately and while doing so determined that some of our computer labs had duplicate machine SIDs for our XP clients. Some of the computers had exact duplicates of the SID. Others had duplicate RIDs in the SID sub-authority components. Does it matter if any portion of the SID is a duplicate of another? Or does the entire SID have to be a duplicate for it to matter? What should I be looking for? Thanks! -- David Shriner Systems Administrator Newport News Public Schools Tag: W2K Server -- local settings versus effective settings Tag: 67187
  - 18
    - Certificates - What am I missing? To secure communication between my citrix server and its secure gateway in the dmz it is recommend to use a server certificate. I have an internal enterprise CA set up on a Windows 2003 server. When I go t0 the the web page to request a certificate from the CA the options I have available are: User, Administrator, EFS Recovery Agent, Basic EFS, Web Server, Exchange User, and Exchage Signature Only. What am I missing? I'm confused about what type of certificate I should be requesting. Tag: W2K Server -- local settings versus effective settings Tag: 67186
  - 19
    - base line XP kernal protection and folder protection, any? Base line security: 100% new hardware. new xp+sp2 pro no Domain, two accounts: admin and nobody admin is normal install admin. nobody is group USERs only.( no other groups assigned) Is is possible to have a user defined ( using builtin groups or custom) that will be locked out of the windows folder. To my knowledge , the answer is no. ( whole or in part) I wish this feature to protect the windows folders from a virus , etc. I am aware XP has a builtin protector but it has been breached by some worms already. Is there any 3rd party programs that will protect windows.? " OS Code Protector, etc " Is there any hope that Long horn will improve this issue? Print and file sharing is off, fire wall Sp2 is fully active and default. Thanks for any help. My goal is to protect folders from other users and to protect the windows folders from all by admin. PS: I am already aware that I , as a user can set my folders to only accessable by me and admin. I am not asking for Anti Virus or Antispy where as I have this in spades now. Tag: W2K Server -- local settings versus effective settings Tag: 67181
  - 20
    - TroubleShooter workaround The recent service pack for ie.6, kb889293 has knockout the troubleshooter in win98se again. The workaround hotfix is still available but TShoot.inf cannot be found to reinstall. Any ideas for quick fix? Also, somewhat less functional Files&Folders search after installing kb889293. -- Harry Domain Tag: W2K Server -- local settings versus effective settings Tag: 67169
  - 21
    - W2K3 RRAS P2P Tunnel w/ 3rd Party Appliances Can anyone provide success stories, or recommendation with regard to setting up a Point to Point VPN Tunnel Solution with 3rd Party SOHO products at WAN sites back to a Windows 2003 Server running RRAS as the VPN Host Server? Thanks, Jeff Tag: W2K Server -- local settings versus effective settings Tag: 67168
  - 22
    - SQL Server over the Web, what are my options? SQL Server DB is at location A IIS Server with the website is at location B The website at location B needs to be able to run sql queries against the DB at location A over the internet. The options I am considering are: 1) VPN between A and B. What are the pros and cons? 2) On the firewall at B, forwarding traffic from A to SQL server. Would use SSL encryption for the DB connection but still not sure this is secure enough. Do those sound like valid secure options? Are there other options I should be considering. Thanks -- Darren Jensen Tag: W2K Server -- local settings versus effective settings Tag: 67159
  - 23
    - GPO on computers desktop Hi. I created a OU and moved a computer account on it. I created a computer policy (GPO), but when i restart it, the computer not show the policies apply. If i create a policy for user, this work. So what i can do ? Thanks Tag: W2K Server -- local settings versus effective settings Tag: 67155
  - 24
    - Monitor Group Membership Changes Although it's possible to detect an update to a group using the security event log, this doesn't give the detail of the change. Does anyone know of a mechanism or tool that would allow the state of a group to be logged before and after a change was made ? In other operating systems, this sort of thing can be done with a configurable "exit" - i.e. an event trap that could call user written code to perform a required action, e.g. log something to a file, generate an email, etc. If a configurable exit were available between the membership change being requested and being actioned that would allow the content of the group to be writen out. Similarly, after the change had been committed an exit could allow the logging of the group post change. This would allow an audit trail of exactly what changes were made to a group over time. Does anyone know if this exists in an Active Directory environment ? If not, are there any third party tools that might achieve the same result and any speculation on how they achieve this ? Thanks for any information or suggestions. Tag: W2K Server -- local settings versus effective settings Tag: 67151
  - 25
    - Unidentified Files I have recently acquired several files of the form BQSHYJ2R.ocx in the Windows folder. From a 'Goggle' search I understand these files are associated with ActiveX controls but in what respect I couldn't determine. Are these files dangerous in any way and require removal or are they an essential part of the 'system'? Tag: W2K Server -- local settings versus effective settings Tag: 67144
- Next
  - 1
    - thanks Thanks for your help. I finally solve the problem. - OP1 <ohpusone@yahoo.co.jp> Tag: W2K Server -- local settings versus effective settings Tag: 67139
  - 2
    - I have been asked to leave the company for having spotted serious security breaches Dear Colleagues: At the tail end of this post is my original post with regards to this matter. Basically, I went and told my superiors that our network was seriously exposed. Today I had a meeting and, guess what, it was suggested that I find another job. This is great, essentially having the dipshits at work side with a completely ignorant person who knows nothing about security. Guess what industry I work in? Education! Thats right folks, education. Maybe the people who are in education need a bit of it themselves. And we wonder why our system is so screwed up! Curious George Dear Colleagues: For the life of me I don't know why I have to ask this question since the answer is so obvious, however, I need to have others tell me that I am not completely insane. I work at a place where we have a myriad of wireless access points and NO, I am not writing from there at present. NONE of the wireless access points has any form of security on them whatsoever. No WEP, no CHAP. . . no nothing. Everything is open so you could walk into our joint, grab an IP address and surf the web to your heart's content. Here is the problem. My boss insists that its "no big deal" and that since the servers are on the inside and protected, we really don't have a thing to worry about. Furthermore, my boss is under the impression that since we are situated in a wide area, that nobody would be able to get into our network because of this distance. Needless to say, my boss does not consider somebody sneaking into a parking lot with a laptop, a good network card and a directional bazooka antenna a possibility. So here is what I have to explain to my boss' boss and, perhaps, the board of directors. . . and here is where I can't help but laugh. I hope that I will be able to keep a straight face come Monday when I have to explain myself to people why its important. Okay, so I know the analogies. For example, I understand that not having a secure wireless network with many Waps and high gain transmission antennas is the same as putting cables out to anybody within 'x' amount of yards with a sign that says "free internet access", but since I am going to be asked these obvious questions, just what type of damage could somebody do? Yeah, I know about denial of service attacks, yeah I also know about enumeration and password guessing, but considering that we have an SQL server on the inside of our network (no, the sa account password is not null) what are we talking about. I can envision so many things. Like somebody just sitting there caputring packets to get things like usernames, passwords and the like, but come on. . . what else could they do. I have read my boss the riot act many times, but this is now going to go in front of somebody over my boss' head, so, aside from giving them worst case scenarios, end of the world analogies, etc., how else could people break in. Creative responses are appreciated and will be rewarded with much praise. I can't believe that I have to actually explain this to people, and this entire thing would last about two seconds when it comes to talking with a computer professional, but you see, my boss is under the impression that they are a computer professional because they received a Master's degree in Comp Sci back in the 80's. I know that this line of thinking is dangerous, but I really want some creative answers to put my point across strongly, and yet professionally. Although I realize that this post will likely be the butt of many jokes (which I will appreciate immensely) I never the less would appreciate a bit of useful information in your responses. I am going to have a serious drink now, and then bang my head against the wall. Thanks in advance, CC Tag: W2K Server -- local settings versus effective settings Tag: 67126
  - 3
    - spam I find this in my email today and it looks wierd. I guess that I am trying to alert people to this email but I don't know how. This is the message that I received from HOTMAIL STAFF today. Can someone find out if it is real or not ---------------------------------------------------------------------------------------------- From : Hotmail Staff <suspension@msnusers.com> Sent : Monday, January 31, 2005 10:41 AM To : vppaul@msn.com Subject : Members Support | | | Inbox Dear MSN Member, During our regularly scheduled account maintenance and verification procedure, we have detected a slight error in your information. This might be due to either of the following reasons: 1. A recent change in your personal information (i.e. change of address). 2. Submiting invalid information during the initial sign up process. 3. An innability to accurately verify your selected option of subscription due to an internal error within our processors. Please update and verify your information by clicking the link below: https://login.passport.net/uilogin.srf?id=6528 If your account information is not updated within 48 hours then your ability to use your MSN account will become restricted. Sincerely, Please do not reply to this e-mail. If you have general questions regarding your account, please click Help in the upper right corner for the MSN Hotmail comprehensive online help. Â© 2004 MIcrosoft Corporation. All rights reserved. ---------------------------------------------------------------------------------------------- The link wants to know your SS# and I know that's a bad thing. I felt that I should do something. Paul Tag: W2K Server -- local settings versus effective settings Tag: 67125
  - 4
    - Are you using the Windows Firewall? If you can spare a few minutes I would love to find out if your organization is using the XP SP2 Windows Firewall, and what (if any) kinds of improvements you might like to see in the future. As we make plans for the Windows Firewall we would like to see if customer deployments, and needs, may have changed now that it's been shipping for a while. http://www.surveymonkey.com/s.asp?u=47602838938&c=nssec I would still be eager to hear from you weather or not you plan on using the Windows Firewall. Thanks, Michael Surkan Program Manager, Networking & Devices, Microsoft Tag: W2K Server -- local settings versus effective settings Tag: 67114
  - 5
    - Cannot open encrypted files Hi all, I have HP server with Win2000 domain controller and 10 clients, my problem is one of these clients has encrypted files (large document, mail, photo) in all the suden the DC crashed (SW issue) so i did a new installation for DC and ISA and Exchange in other directory...But still I can't access the encrypted files How to solve such problem??? Tag: W2K Server -- local settings versus effective settings Tag: 67110
  - 6
    - 560 Audit Failure I am seeing the following event in the security log for all of our Win2k3 servers. We use a security template to configure items like auditing events, user rights, etc.. I am not seeing the event in the Win2k servers. Any help would be appreciated. Event Type: Failure Audit Event Source: Security Event Category: Object Access Event ID: 560 Date: 1/31/2005 Time: 9:21:01 AM User: NT AUTHORITY\LOCAL SERVICE Computer: <ServerName> Description: Object Open: Object Server: Security Object Type: File Object Name: \Device\NetbiosSmb Handle ID: - Operation ID: {0,20574410} Process ID: 900 Image File Name: C:\WINDOWS\system32\svchost.exe Primary User Name: LOCAL SERVICE Primary Domain: NT AUTHORITY Primary Logon ID: (0x0,0x3E5) Client User Name: - Client Domain: - Client Logon ID: - Accesses: SYNCHRONIZE ReadData (or ListDirectory) WriteData (or AddFile) Privileges: - Restricted Sid Count: 0 Access Mask: 0x100003 Thanks, Brian Cohen Tag: W2K Server -- local settings versus effective settings Tag: 67101
  - 7
    - Internet Access - Require logon Hi all, I was hoping someone may be able to point me in the direction of an enterprise app that would allow us to require users to log on when they wanted to access the internet (browse, ftp, telnet ect) We'd also need to only allow certain individuals any access at all. We're running Windows Servers 2003 and completely WindowsXP workstations. While at Ford for training, I noticed they use something similar to this. Anyone know what that product may be? Thanks! Matt Tag: W2K Server -- local settings versus effective settings Tag: 67099
  - 8
    - NT Security Patches Hi, I have observed that the recent patches do no have Windows NT 4.0 Workstation support. I understand that Microsoft have declared it as obsolete. The patches do not specifically states that Windows NT 4.0 workstation is not affected. so can i saftely say that Windows NT 4.0 workstation is not affected? Pls advise. Tag: W2K Server -- local settings versus effective settings Tag: 67095
  - 9
    - Hidden connection string Hi ,everyone.Sorry for my English skill (I'm not good at writing) I have a question: When I set a connection string to login SQLServer in webconfig file, may be like this: ....UserID=sa;PWD=mypwd.... If somebody open this file , he can see this password .How can I hidden this password? Please help me Thank for all replies! Tag: W2K Server -- local settings versus effective settings Tag: 67094
  - 10
    - MS Anti-spyware Beta produced a 4.0 GB errors.log file I am running the Beta version of the MS Anti-spyware Beta. Today, I found that there was a 4.0+ GB errors.log file. It will be good if the size of this file is limited so it does not eat up all the hard drive. Tag: W2K Server -- local settings versus effective settings Tag: 67088
  - 11
    - Why one Svchost.exe is using a local address of 0.1.0.4? Hi to you group. May I ask if someone have ever seen that before that one Svchost.exe (932) who is controlling ..AudioSrv, BITS, CryptSvc, Dhcp, dmserver, ERSvc, EventSystem, FastUserSwitchingCompatibility, helpsvc, Netman, Nla, Schedule, seclogon, SENS, SharedAccess....has the local address as 0.1.0.4? The others have either 127.0.0.1 or my IP address or 0.0.0.0 and that is the normal, I think because I have never seen another local address being used. I can tell that I installed a webcam just before seeing this but are not sure that one is the culprit though and it is not connected any more as I took it away. A2 Squared also found a Trojan.Win32.Autoit.b the last night after a scan but when reading about that one it doesn't seems to be so destructive and I could not see that it used any ports but to be honest, not much info to get on that one via searching the web. I have also scanned the PC in safe mode with AVG, MS Antispyware, Spybot S&D, Ad-Aware SE, Hijack This, CWShredder and some other stand alone scanners even the Sysclean from Trend Micro and they didn't find anything. I think I am clean. The thing is that strange local address and that Svchost.exe always ends up with having five as listening to ports from being three from the beginning. They are the same...992 (DNS Chache) and 932...but they multipy after a while. More info...I have no File and Printersharing, no Client for MS Network, disabled uPnP, no Browser thingy, no RDsessMgr and no Remote Registry, no remote access at all as all are disabled but I can see in Symantecs Deepsight Extrator logs that I have connections events, so something might not stop it but it should be ZA free as I have as a firewall and I am also running XP Pro SP2. All things I have are the latest versions and updated every day. TCPView I have used, CurrPorts also and SuperScan and also another post scanners to look after known Trojan ports but that one was freezing up while scanning. ProcessExplorer and AutoRun I used too but understand nada, at least in order to find something malicious. Okay, thanks for you time and TIA for any thoughts about what it can be. Cheers to all. :-)) Gunilla. PS. Sorry for the long post. Tag: W2K Server -- local settings versus effective settings Tag: 67087
  - 12
    - Browser Aid I keep running Adware SE, Spy Bot and Spyware Blaster and each time I run it I get similar results in Adware which seemd to point to this Browser Aid spyware. Is there a way to permanently remove this virant from my machine? Tag: W2K Server -- local settings versus effective settings Tag: 67075
  - 13
    - AVG "internet connection failed" I have two computers both with XP and broadband with AVG antivirus. I have just run an XR Repair to the operating system followed by installation of SP1 then SP2. I now need to download all other updates but AVG keeps saying my "Internet connection has failed. Please check you connection settings" and yet I CAN connect to other websites (so the actual internet connection is established). I have double-checked all my settings match those of my other computer, yet AVG still fails to connect. My other computer connects using AVG with no problems. Does anyone have any ideas? Thanks, Chris Tag: W2K Server -- local settings versus effective settings Tag: 67074
  - 14
    - ie6 not clearing temp files and cookies Since I installed ms Antispyware the temp files and cookies do not clear from temp folder. I have the clear history set to 0 days in IE6 and I have all the checkable boxes checked in MS antispyware which I run every day, so why are my temp files not being purged by either IE6 or MS antispyware? Tag: W2K Server -- local settings versus effective settings Tag: 67069
  - 15
    - Spotting Seedy Recruiting Firms Dear Colleagues: To those out there whose first response to this is to protest about my excessive cross-posting, please accept my apologies but I believe that the subject matter contained herein is important enough that it warrants the greatest possible amount of discussion. Some of you may be like me - an IT professional who managed to survive the US's post-dot-com frenzy of downsizing, outsourcing and belt-tightening - not to mention the recession! Perhaps you are looking to get out of where you are for various reasons, including having to deal with employers who have gotten so accustomed to belt tightening that they don't realize that its time to start spending money again on new technologies which, this time around, will play a more significant part in the economic recovery than ever in history - no, this is not the introduction to some online get rich quick scheme. We prepare our resumes, cautiously answer a few ads, have a few interviews but still want to find something a bit more lucrative. So we turn to staffing companies in the hopes that they will be able to find something for us. I have nothing against them and believe that a good recruiter can be a tremendous asset to both employer and employee alike - my problem is with the charlatans who psyche you up with their "tremendous opportunities" pitch, get you to waste your time with phone calls or so-called "screening interviews" only to make you realize that they could care less about pairing you up with the right employer - you are just a number to them and whether or not you actually get a job through them seems irrelevant. You could have all the qualifications under the sun, but if you run into one of these agencies, you stand a greater chance of finding the right job by throwing your resume from a highrise. There are even a few who say that (for a fee) they will "market" you to employers. . . hey, doesn't that line of bullshit belong to the multilevel marketing scammers? The topic that I would like this thread to discuss is how to spot a real "headhunter" (who sets up relationships that are beneficial to all parties) and the "other types" (who seem to prey upon people looking for work). Thanks (and apologies if applicable) to all those who may become a part of this discussion. Curious George Tag: W2K Server -- local settings versus effective settings Tag: 67068
  - 16
    - Possible breach of my msn email account? When I checked my MSN email account this morning, I noticed some strange emails. First of all, the junk mail filter usually does a more than adequate job of screening all offensive email, but one, subject line "Is this your porn pic?", or along those lines, made it in my inbox. I deleted the message, but I think it might be related to other strange activity. I also noticed I had significantly more emails in my junk box than a normal day (I check and delete its contents everyday). Also in my main inbox were two emails from Symantec_Antivirus_for_SMTP_Gateways@absq.net, subject line "Content Violation", which stated there were content violations in an email message from me to a couple of email addresses that I've never written to in my life. They also had the phrase "File(s):bill_regards.txt.pif" in the text of the email. The addresses are not in my inbox, anything. I use dial up, so my computer was not connected to the internet when this activity was going on (the afternoon of Jan 28th), so I don't think it can be due to some malicious software on my machine. I immediately updated my Norton Antivirus software, and scanned my entire machine, and it returned no viruses, but recommended deleting one "high risk" file that contained adware. I'm also actively using MSN's beta anti-spyware. Checking my inbox about 4 hours later, it appears no other strange activity has happened. How else might my email account have been compromised and what can I do about it? Is my email account safe with MSN? Tag: W2K Server -- local settings versus effective settings Tag: 67058
  - 17
    - Spam problem via HTTP Hi Guys, Not sure if this is the right newsgroup, but i have this really annouying problem that i have a proxy server that when i check the logs is some how generating spam from an outside IP address. when i stop the http service of the proxy server the spam stops, below is a couple of line from the log files. 203.98.164.138 - - [29/Jan/2005:00:22:55 -0000] "CONNECT 168.144.1.79:25 HTTP/1.0" 200 425 - - 212.25.72.224 - - [29/Jan/2005:00:22:57 -0000] "CONNECT 213.133.104.11:25 HTTP/1.0" 200 345 - - i cant find how this is happening, we have a firewall all the latest av/anti spyware and ms updates and still it keeps happeing as soon as i start the http service. Any ideas much appreciated. Tag: W2K Server -- local settings versus effective settings Tag: 67055
  - 18
    - Thanks (and apologies) for your comments on "The Most Obvious Question You Are Ever Likely To See" (e.g. No-Brainer security question) Dear Colleagues: In all of my years of posting to newsgroups I would have to say that the response you all provided me are among the best I have ever seen. I thank you all so very much for your advise. To those of you who mentioned my excessive cross-posting, please accept my apologies but this total lack of security is something that has given me nightmares. To those of you who suggested that I publish the address of one of our parking lots, I would like to, if anything to prove a point, however, being that I am the poor slob who would be called upon to remedy the problem (and likely be the one who is blamed) its not advisable. Now, without going into much fanfare (and to better respond to those of you who inquired), my boss is one of those people who thinks they know it all. My boss is a teacher and we are a school and every time that I have suggested that we secure our wireless network, my boss rolls her eyes as if I were crying wolf. The people who installed our waps said that we should have some type of security in place, but her thing is all about what happens if somebody comes in with a laptop and cannot connect. Of course I said that such a person would have to visit the IT department, but this has fallen upon deaf ears. The biggest problem is not with the fact that my boss knows precious little about managing a network and that the last time she was involved in any form of network management was sometime back in 1985, it is because she is adamant about her technical knowledge. It does not matter if 99% of the industry believes in something (for example, having SDLT tape backup devices) its what she thinks works and does not. In short, she is completely ignorant. To be clear, I have no quams about having a woman boss. What I have a problem with is somebody who is so adamant that they are right and I am wrong that it seems that no matter what I say, she will go against it. There are more issues here than meet the eye, but I had to draw the line when it came to the integrity of our data, not to mention what could happen if the wrong person got in. For those of you who mentioned that I should tread carefully, thank you. I already have my resume and cover letter updated for even if they turned around and changed all of the things that are totally wrong and dangerous, I cannot stay in the sort of environment where our administrators take the advice of somebody who clearly has precious little technical knowledge over the advice of somebody who comes in with recommendations from a plethora of experts. This being said, I thank those of you who graciously contributed to this thread and apologize to those who feel that my cross posts were excessive - regardless of these complaints, those of you who took issue with my crossposting also contributed good advise never the less. Thank you so very much for your time and advice - I hope that somehow we can cross paths in the future and I can repay the favor. Curious George Tag: W2K Server -- local settings versus effective settings Tag: 67054
  - 19
    - pop up for removing spyware twice when I was online a pop up from microsoft came up and asked if I wanted to run the antispy ware I clicked ok both times and nothing happened now one comes up and says 18% of my computer is infected do I want to fix it and again a clicked on ok and still nothing. Im not sure what to do from here. thanks for any advice! Melissa Tag: W2K Server -- local settings versus effective settings Tag: 67053
  - 20
    - Instant Messenger Can you get a virus from typing on im. Can you find someones ip address from typing on im. Tag: W2K Server -- local settings versus effective settings Tag: 67045
  - 21
    - Sasser.exe Hello all ---- I hope you can help me. Within the past few weeks I've been infected with spyware. Not fun at all. I dled Microsoft Antispyware and ran it a few times and it was able to remove most of the infected files. The only spyware I can't remove is sasser.exe. When I try to remove it (or quarantine it) it simply freezes the program. Any ideas? I'm not what you call a super techy person...so I might not understand all the jargon. :) TIA, kat Tag: W2K Server -- local settings versus effective settings Tag: 67042
  - 22
    - computer hi-jacked need help please!!! everytime i go to homepage or email a web site called www.i--search.com has taken over the computer. is there anyway i can get rid of this? i tried deleting it in cookies and history and it will not delete. please help thank you Tag: W2K Server -- local settings versus effective settings Tag: 67040
  - 23
    - I am having problems with my laptop...someone help please? For the past week or so, I have been having some rather serious issues with my laptop...For whatever reason, I am unable to access anything that is a java-based application. Also, there are certain apps on my windows XP that no longer function properly (i.e. when i try to "run" or "search" for something, it doesn't work). My windows media player doesn't work either, i had to disable it completely, there was some internal error that stopped it from playing anything, audio OR video. As a matter of fact, I'm writing this message on my roomate's computer. I was unable to sign onto my .net passport on my computer. Here is basically a chronological listing of what has taken place, considering my computer, in the last week or so: About two weeks ago, Norton Internet Security started becoming a pain, not working properly, reporting of some type of internal error. I tinkered with it a little bit, and finally got rid of it, because every time I tried to re-install it, it wouldn't do it. Anyway, I replaced it a couple days later with Mcafee's Ad-aware and software called Spyware Doctor, to combat spyware. Also, early last week, our local internet service provider (time warner cable) came to switch over the connection to my other roomate's name, since our former roomate was moving out. I figured I'd mention it, even though I doubt it has anything to really do with it. Who knows, maybe they screwed something up on their end. Anyway, I suspect that somehow, someway, my operating system got srewed up, and I don't know how to fix it. I need some help, if someone out there has a clue as to what might be the deal with my computer, I'd appreciate it if you could give me some feedback. Just so it's put out, yes, I have java intalled, and all that other stuff. Tag: W2K Server -- local settings versus effective settings Tag: 67039
  - 24
    - DeltaType AddOrChangeUser Hi, In NetLogon.log, what's the significations of the following line: <time stamp> [CHANGELOG] DeltaType AddOrChangeUser (5) SerialNumber: 560 2e927 Rid: 0x1035 Name: 'Some_user_name' Google doesn't provide me with anything relevant. Thanks in advance. Tag: W2K Server -- local settings versus effective settings Tag: 67028
  - 25
    - Missing Firewall in XP In 2003 I purchased a computer with XP Home Ed already installed. Therefore, Miscrosoft won't answer my question. My question is, everything I have been reading lately says that a firewall comes with XP. However, when I access the Internet Connection in the Control Panel, there is no indication that there is a firewall. Should one be there? I have not loaded SP2. I did once but I had so many problems that I just removed it. How can I get the Windows firewall? thank you. -- Dee Tag: W2K Server -- local settings versus effective settings Tag: 67015

Hello,

I have a domain of W2K SP 4 member servers and domain controllers. The
domain policy is set to allow only members of Domain Admins and Domain
Users to logon locally. This is the effective setting, no local
settings are configured.

Today I was recovering a box from image (and at the time, the box
wasn't plugged into the network). After the image loaded, I was unable
to logon locally to the box (with the local administrator account); I
received an error stating that I was not allow to log on locally.

This is where I get confused. The effective settings come from the
domain. But the box wasn't plugged into the domain when it rebooted.
If there are no local policies set and the box didn't get the domain
policies when it booted (because it wasn't talking to the domain), then
how did I prevented from logging on locally with the local
administrator?

Top

Re: W2K Server -- local settings versus effective settings by Steven

Steven
Thu Feb 03 14:38:52 CST 2005

Assuming you were able to logon with a domain account check the Local
Security Policy to see if it was what you expected and also check the deny
logon locally settings. Possibly the image was made from a computer that had
restrictive settings applied to it. --- Steve

"Adam Sandler" <corn29@excite.com> wrote in message
news:1107458101.673656.58920@l41g2000cwc.googlegroups.com...
>
>
> Hello,
>
> I have a domain of W2K SP 4 member servers and domain controllers. The
> domain policy is set to allow only members of Domain Admins and Domain
> Users to logon locally. This is the effective setting, no local
> settings are configured.
>
> Today I was recovering a box from image (and at the time, the box
> wasn't plugged into the network). After the image loaded, I was unable
> to logon locally to the box (with the local administrator account); I
> received an error stating that I was not allow to log on locally.
>
> This is where I get confused. The effective settings come from the
> domain. But the box wasn't plugged into the domain when it rebooted.
> If there are no local policies set and the box didn't get the domain
> policies when it booted (because it wasn't talking to the domain), then
> how did I prevented from logging on locally with the local
> administrator?
>

Top