TTLS compared to PEAP. What is the difference?

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Unwanted emails For several months I have been getting emails from individuals with garbled up subject lines. They are come-ons for products or services and I have to open them up to delete them. How can I stop these emails? I have the Anti-spyware Beta from Microsoft. Thanks -- leapinlemur Tag: TTLS compared to PEAP. What is the difference? Tag: 79639
  - 2
    - Standby setting When I put computer on standby then later turn it off, awindow opens to say the other peopl are using the ocmputer and shutting it down will cause them to lose information. No one else uses this computer, it is not on a network, and even after I set a password to access this continues to happen. Anyone know is this is a security issue? Windows XP on a Dell dimension 2400 hopefully,l Tag: TTLS compared to PEAP. What is the difference? Tag: 79633
  - 3
    - How to install security configuration wizard I followed the procedure , add/remove windows components. It prompts me for the win2003sp1 disk and I have the original win2003 disk- NoGo. What can a person trying to deal with these MS blunders do? I cant waste time with this so I wont install another MS app because the procedure is buggy. Does anyone have a quick remedy? Regards craig Tag: TTLS compared to PEAP. What is the difference? Tag: 79628
  - 4
    - Remove Anti-Virus I recently install a mcafee anti-virus to my pc, and the windows security center detects that is mcafee is install and up to date. Then i remove mcafee completely using add/remove programs in control panel, then i replace with new kaspersky anti-virus personal 5.0.388. But on the windows security center on virus protection tab is said "Windows Found Mre Than One Anti-Virus Install" but kaspersky is the only anti-virus i have now? Is there a solution for this to remove completely the mcafee??? Thanks Tag: TTLS compared to PEAP. What is the difference? Tag: 79605
  - 5
    - Windows cannot connect to the domain Hi, I need help. Currently I am using Windows XP Pro (SP2) and my server are Windows 2003 Server (SP1) and I am connect to the Domain. I always get this error message when I turn on my computer: "Windows cannot connect to the domain, either because the domain controller is down or otherwise unaviailable, or because your computer account was not found. Please try again later. If this message continues to appear, contact your system administrator for assistance." Anyone could help me on this. Many Thanks. Regards, Low. Tag: TTLS compared to PEAP. What is the difference? Tag: 79597
  - 6
    - Limited Users / No AV software --How Safe I don't feel like using reg hacks and special permissions to enable virus defs to be automatically downloaded and installed by limited user accounts. I haven't seen any AV software that installs to the home directory, I believe they all essentially insist on something in the 'Program Files' directory. Obviously, I am unwilling to create administrator accounts for all users just for virus defs and thereby creating a giant catch 22. The way I see it, if I can't install virus defs in a limited user account, I couldn't install *most* viruses either. I am about to eliminate this licensing and subscription headache altogether and opt for mandatory limited user accounts and XP upgrades. Any opinions? How would a sasser or other exploit potentially deal with limited user accounts? Thanks. Tag: TTLS compared to PEAP. What is the difference? Tag: 79592
  - 7
    - windows xp new user Hi ther, I bought a 2nd hand computer and when I turn it on it comes up with a screen that apologises for not being able to start windows and gives me options to start (eg. normal, safe mode etc.,) When I enter on any of these options it displays a blue screen: "STOP C00018 {registry file failure} The registry cannot load the hive (file): \systemroot\system32\config\SECURITY or its log or alternate It is corrupt, absent or not writeable Beginning dump or physical memory Physical memory dump complete. Contact your sytstem administator or technical support group for further assistance!" HELP! I DON'T KNOW WHAT THIS MEANS OR WHAT TO DO! Thankyou very much for any assistance you may be able to give me! Kind regards, Sharon (Auck NZ) Tag: TTLS compared to PEAP. What is the difference? Tag: 79586
  - 8
    - internet problems/computer too Everytime I am on the internet, i get a message saying "An error has occurred in Internet Explorer and it will shut down." It also shuts down my page i am looking at. It is also followed by a message saying "sysader: iexplorer EXE. application error the instruction at "0x62308d59 referenced. I cannot do a system a system Restore on my computer either. Would appreciate any help I can get, thanks! Tag: TTLS compared to PEAP. What is the difference? Tag: 79572
  - 9
    - Call for Papers: June 26 - 29 - Special Track on Wireless Technologies and Digital Cities - SAM'06 Call for Papers Special Track on Wireless Technologies and Digital Cities. The 2006 International Conference on Security and Management (SAM'06) June 26 - 29, 2006, Monte Carlo Resort, Las Vegas, Nevada, USA The SAM'06 Conference will be held simultaneously with a number of other international conferences and workshops, and will be sponsored by the World Academy of Sciences and co-sponsored by CSREA. This year SAM'06 will offer a Wireless Technologies and Digital Cities Track aimed at promoting discussions on industry efforts to implement digital cities using secure wireless technologies. A digital city refers to the concept of using wireless technology to integrate a city's infrastructure to promote economic development and improve the quality of citizens' lives. You are invited to submit a paper which may be about 5 pages (see below for submittal information), or a panel proposal. All accepted papers will be published in the conference proceedings. SCOPE OF THE WIRELESS TECHNOLOGIES AND DIGITAL CITIES TRACK Topics of interest should be centered on Wireless technologies and Digital cities and include the following: Secure Digital City Architecture Personal Information Security and Privacy Mobile Device Security IEEE 802.1x, WiMAX, Wi-Fi, and WAPI Security Mobile Identity Management Security for Wireless Sensor Networks Mobile Lightweight Cryptography Data Federation, Security and Privacy Instant Messaging Security Secure Location Related Services Wireless Authentication and Key Exchange Privacy of GSM, CDMA, and 3G Secure Wireless Mesh Networks Secure Voice over Wireless Mobile Device Security GSM and 3G Security Secure Wireless Network Management Secure Ad-Hoc Networks SUBMISSION OF PAPERS AND PANEL PROPOSALS Prospective authors are invited to submit a draft copy of the paper (about 5 pages - single-spaced, font-size of 10 to 12) to Nitin Gupta at nitgupta@alumni.usc.edu by the due date (see schedule below). The length of the Camera-Ready papers (if accepted) will be limited to 7 (IEEE style) pages. Papers must not have been previously published or currently submitted for publication elsewhere. Panel proposals should be no longer than three pages in length, should include possible panelists, and should include an indication of which panelists have confirmed participation. The first page of the paper or the panel proposal should include: title and each author's name, affiliation, postal address, E-mail address, telephone number, and Fax number. The first page should also include the name of the author who will be presenting the paper and a maximum of 5 keywords. IMPORTANT DATES Feb. 20, 2006: Draft papers and panel proposals due March 20, 2006: Notification of acceptance April 20, 2006: Camera-ready papers and pre-registration due June 26-29, 2006: 2006 International Conference on Security and Management (SAM'06) GENERAL CHAIR WIRELESS TECHNOLOGIES AND DIGITAL CITIES TRACK Prof. H.R. Arabnia Nitin Gupta, CISSP - Intel Corporation (Chair) Please refer to http://www.world-academy-of-science.org/Home/ws for up-to-date information on the 2006 International Conference on Security and Management (SAM'06). Tag: TTLS compared to PEAP. What is the difference? Tag: 79570
  - 10
    - Microsoft Security Advisory (912840): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution X-post to Security, Security.Homeusers, IE6 & WinXP General newsgroups. Followup set to microsoft.public.security. Microsoft Security Advisory (912840): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution http://www.microsoft.com/technet/security/advisory/912840.mspx Welcome to the Microsoft Security Response Center Blog! New Security Advisory for Possible Windows Vulnerability http://blogs.technet.com/msrc/archive/2005/12/29/416569.aspx -- ~PA Bear Tag: TTLS compared to PEAP. What is the difference? Tag: 79546
  - 11
    - Microsoft Antispyware program system tray icon color (blue vs red) I've installed Microsoft Antispyware on two different machines and thought I configured them the same way. For some reason one of the system tray "target" icons is blue and on the other machine the system tray "target" icon is red. Any idea why? Machines are very similarly configured. Regards, Roveer Tag: TTLS compared to PEAP. What is the difference? Tag: 79541
  - 12
    - Signing email using SmartCard CSP Hi, I keep on trying to develop my own CSP to sign email's, but it seems like i can't be done without CA. Is it posible to inform operating system ( Win2000 and above ) that there's a CSP library which can sign data? Any help would be appreciated:) GIGI Tag: TTLS compared to PEAP. What is the difference? Tag: 79530
  - 13
    - Ad/Spyware removal problem Hi, I have cleaned up an infected PC using NAV2005, Ad-Aware SE, Spybot1.4, all run in safe mode. Except for one problem. When I reconnect to the internet a yellow triangle with an exclamation point inside starts blinking in the system tray. Within a minute or so a pop-up comes out of it with the message: ~ SYSTEM ALERT: Popups ~ Your computer is infected with spyware ~ managing pop-up advertisements (OHPE ver ~ 4.12_23) ~ Click the icon to learn more on what you can do ~ about pop-up windows and other unwanted ~ software. When I disable my internet connection it almost immediately stops blinking and popping up, and vice-versa when I enable the connection. I included the complete verbiage in case someone recognizes it. I am running XPpro/SP2, all critical Microsoft updates are applied, IE pop-up blocker is on, Noton SystemWorks2005 is running with default settings. Thank you for your help in advance, Alan -- Alan Day Tag: TTLS compared to PEAP. What is the difference? Tag: 79522
  - 14
    - Win98se KB 891711 I hope I am posting this question on the correct forum. I have an old notebook which has Win98se and I notice in the MSCONFIG startup there is a file KB891711.etc. Just what is this file and is it needed? I have read a few reviews and all seem to be uninstalling it (unclicking in startup and removing with Add/Remove) because of problems it is causing. I have Norton AntiVirus2004 and Norton Firewall 2004 and AdAware. Can someone offer a definitive anser? Thank you. Tag: TTLS compared to PEAP. What is the difference? Tag: 79513
  - 15
    - Trojan-Backdoor-Retro64 Hi, When I downloaded generic downloader from miniclip.com, I also got Trojan-Backdoor-Retro64. My Spybot found the program and demaged it. I later deleted it. Spybot and Aol do not pick up any threats now but my Spy Sweeper still does and since this is free version, it does not remowe this trojan. Is there any free way to remove this trojan? Is it still dangerous? Your advice will be highly appreciated. Tag: TTLS compared to PEAP. What is the difference? Tag: 79512
  - 16
    - windows server 2003 and folders I have the following shared folders created: \\<server>\FB Share \\<server>\Users\<username> What permissions should the above folders have in this domain environment? Tag: TTLS compared to PEAP. What is the difference? Tag: 79508
  - 17
    - Unable to access Security Event Log Windows 2003 Stand alone I have an app that cannot access the Security Event Log. It runs as a serives and does not have probs accessing the application or system log. The service is running as the administrator user. Tried it with multiple users and the system account. The error that get loged is Windows error code : 1722 Win32Exception: Lookupaccountsid: 1722. I used secpol to make sure that administrator has the Manage auditing and security log right. I used the resource kit ntrights tool to give the administrator the SeSecurityPrivilege. Its interesting that I can run whoami /all and it shows that Manage auditing and security log is disabled. Any ideas? Thanks in advance. Frustrated... Tag: TTLS compared to PEAP. What is the difference? Tag: 79505
  - 18
    - Windows 2003 Security Event Log I have an app that need to read the Securiyt Event Log. It cannot I get an error (Win32Exception: Windows error code: 1722 LookupAccountSid: 1722). The user that the service runs as is administrator. I used secpol to make sure that administrators group has the Manage auditing and security log right, it does. What is interesting is when I run whoami /all it show that the Manage auditing and security log(Manage auditing and security log) is disabled. Any body got any ideas. Oh by the way I used the ntrights utility that comes with the resource kit to give the administrator user the Manage auditing and security log right. Tag: TTLS compared to PEAP. What is the difference? Tag: 79504
  - 19
    - Enabling windows firewall on 2003 server remotely Hi, I have windows 2003 SP1 server that is colocated, managed thru PCAnywhere and terminal services only (I do not have physical access to the box). I also do not have another 2003 box locally that i can test this on. Im wondering when the firewall starts when I enable it. At the moment if I attempt to go into the Windows Firewall section of the control panel, it asks me to start the Internet Connection Sharing service and Im reluctant as Im not sure if this will block me out of Terminal Services. Can anyone tell me if I start this service, will I have a chance to add exceptions before the firewall starts? So that I can add a terminal services exception to allow me to manage the server remotely without having to make a call to the ISP while the server is down. Thank you, Jason Tag: TTLS compared to PEAP. What is the difference? Tag: 79495
  - 20
    - Integrated Windows Authentication w/Netscape 8? Does Netscape 8 support IWA? Do you know how to set up the browser to support that feature? My initial test was unsuccessful. Tag: TTLS compared to PEAP. What is the difference? Tag: 79485
  - 21
    - CFP - IT Underground 2006, Prague, Czech Republic Hello, I'd like to announce the call for papers for the IT Underground 2006, a two-day conference organized by Software Conferences and hakin9.lab team in 23-24 February 2006, Prague, Czech Republic. IT Underground 2006 is a fifth edition of a conference dedicated to IT security issues, where remarkable authorities will share their knowledge and experience with IT specialists. In previous editions we had pleasure to listen to: Ofir Arkin, Maximillian Dornseif, David h1kari Hulton, Chuck Willis, Charl Van der Walt, Shalom Carmel, Martin Herfurt, Adam Laurie, Marcel Holtmann, Alexander Kornbrust, Saumil Udayan Shah, Robert Lee Ayers, Dave Aitel, Stefano Zanero, Thorsten Holz, Joanna Rutkowska, Michael Shema, Piotr Sobolewski, Michal Szymanski, Paul Wouters, Rakan El-Khalil, Wojciech Dworakowski, K.K. Mookhey, Pawel Krawczyk. The dead line for lecture proposals is the 15th of January, 2006. All the detailed information you can find on http://www.itUnderground.org/ We hope that you find our offer interesting. Please, contact me to discuss further details of our cooperation. IT Underground 2006 - basic characteristics. When: 23-24 February 2006 Where: Prague, Czech Republic Topic: IT Security We assure: - hotel accommodation and transfer, - full support for your presentation, both before and during the conference, - providing the necessary technical facilities for the presentation, - assistance in acquiring and publishing presentation materials, information about your lecture in the conference brochure, - supervising and directing the overall progress of the conference. -- Piotr Sobolewski piotr.sobolewski@gazeta.pl Tag: TTLS compared to PEAP. What is the difference? Tag: 79484
  - 22
    - No password expiration alert when smart card logon is required In my company we have a domain with windows 2000 Active Directory. We are deploying smart cards for windows logon. Domain account's username and password are needed to logon other services like the Outlook Web Access (OWA), Windows Messenger, and file shares. To make the users use their smart cards for windows logon, we have to enable the "Smart card is required for interactive logon" option for their accounts in the AD. The problem is that the password expiration alert does NOT appear to a user ONLY when this option is enabled, so eventually the password expires and it has to be reset by the administrator. Does any one know how to overcome this problem? Best Regards, Muhammad Raga'ei Information Security Associate Tag: TTLS compared to PEAP. What is the difference? Tag: 79481
  - 23
    - Can we default to a trusted domain in IIS prompt? I am trying to configure Windows Integrated Security on a SharePoint server (Windows 2003 sp1) so that users do not have to enter a domain at the logon prompt, but just a username. I was able to do this in a basic scenario when the web server is in the same domain as the user's domain by setting the default logon domain Metabase property. But when I tried to do this in the case where the user is part of a trusted domain rather than the server's domain, it did not work. Is there another setting that I need to add/modify? Is this even possible in IIS 6.0? Thanks, Mary Tag: TTLS compared to PEAP. What is the difference? Tag: 79480
  - 24
    - Internet explorer infected problem My internet explorer has some kind of program infecting it. My home page regardless of what i changed it to has some program which redirects me to http://www.systemwarning.com/. Also it creates an icon on my start menu which claims my computer is infected, and attempts to download spyaxe on my computer. Tried to remove using microsoft antispyware,mcafee... it removed certain files such as search for free and spy axe, but i cant seem to get the interenet explorer homepage chaning and the start menu icon, plus the reattempt of spyaxe to go away. anyone know how to get rid of these? Tag: TTLS compared to PEAP. What is the difference? Tag: 79478
  - 25
    - Windows system restore I am running windows 2000 pro. Started up my pc and it seems to be restored back to the day I first ran the pc. All of my documents are gone, in internet explorer everytime I restart the pc everything starts back to fresh settings. Everything seems to work fine, but after every restart it goes back to day one. Tag: TTLS compared to PEAP. What is the difference? Tag: 79477
- Next
  - 1
    - Windows Firewall Please help this message pops up. Due to unidentified problem, Windows cannot display Windows Firewall settings. -- thank you joe Tag: TTLS compared to PEAP. What is the difference? Tag: 79474
  - 2
    - EFS and laptops This is a newbie laptop EFS question. So please bear with me. EFS is seemingly weak from what I know and am experiencing. The DRA component is excellent since the priv key can be exported and only imported as needed; thereby making the DRA pub key on a laptop useless. When encrypting a file, a pub/priv key pair is automatically created within my user profile and used/needed for encrypt/decrypt respectively. Logging on as admin is not enough to read the data if encrypted with my Sammy account. To decrypt the Sammy-encrypted data, one need only crack into the Sammy account to utilize its keys. Therefore, I see EFS to be only as strong as the WinXP logon credentials. On a stolen laptop, one can easily boot via CD/floppy to run brute force attacks and other cracking software against the SAM to get Sammy's passwd. Once obtained, a hacker and thief as well, logs on as Sammy to utilize the keys within his profile for decryption. Where is the strength in that? To overcome the aforementioned, I've simply exported Sammy's key pair onto a floppy and deleting the priv key on the system afterward, upon logging off. Should anyone, including **myself**, log on as Sammy either legitimately or not afterwards, they cannot decrypt. So as a legit user, I just import the key pair from the floppy, but this is so cumbersome to export/import after each log off to avoid my aforementioned weakness in EFS on a laptop. Can someone please show me what I am missing about EFS? Thank you. //S.U. Tag: TTLS compared to PEAP. What is the difference? Tag: 79472
  - 3
    - MS Money I need to gain access to my Money 2001 that I have on an old computer but have forgotten the password that I used back then. Is there any way I can find out what my password was? Does anyone know what file the password is kept in and if it's readable? Any help will be appreciated since it's very important that I retrieve some information from that year which I did not carry forward to the more current years. Thank you! Tag: TTLS compared to PEAP. What is the difference? Tag: 79467
  - 4
    - MS Money I need to gain access to my Money 2001 that I have on an old computer but have forgotten the password that I used back then. Is there any way I can find out what my password was? Does anyone know what file the password is kept in and if it's readable? Any help will be appreciated since it's very important that I retrieve some information from that year which I did not carry forward to the more current years. Thank you! Tag: TTLS compared to PEAP. What is the difference? Tag: 79466
  - 5
    - Access and roles in DCOM technology Hi everybody, I have a system consists of 4 servers. On each server there are services and COM+ components installed. The services and components run under applicative user. The 4 servers interact via DCOM technology. If the applicative user is a regular user in the Domain, the DCOM operations fail because of "Access denied". If this user is local administrator on 4 servers everything works fine. Does anyone know, what are the minimal roles needed for the applicative user so the DCOM technology will work between the servers? Must he be an administrator? The operation system is Windows 2003. Thank you in advance for any help Efrat Tag: TTLS compared to PEAP. What is the difference? Tag: 79460
  - 6
    - Give administrators access to users MY Documents Hi there- I want to give administrators access to all the users my documents folders. I have my documents redirected via GP to the usersw directory. How do I do this? Thanks Tag: TTLS compared to PEAP. What is the difference? Tag: 79456
  - 7
    - MSN Money I need to gain access to my Money 2001 that I have on an old computer but have forgotten the password that I used back then. Is there any way I can find out what my password was? Does anyone know what file the password is kept in and if it's readable? Any help will be appreciated since it's very important that I retrieve some information from that year which I did not carry forward to the more current years. Thank you! Tag: TTLS compared to PEAP. What is the difference? Tag: 79455
  - 8
    - Mrxpriumpstc service can't be found Has anyone come across this service? It doesn't turn up on Google or on a search of my computer. Doing a Find in Regedit doesn't turn up anything either. Anyone know what this is? Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7000 Date: 12/26/2005 Time: 10:44:10 PM User: N/A Computer: IBM-A0DC4189602 Description: The Mrxpriumpstc service failed to start due to the following error: The system cannot find the file specified. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Tag: TTLS compared to PEAP. What is the difference? Tag: 79454
  - 9
    - Isa 2004 and the Dpm 2006 agent On the member server with Isa server 2004 (single nic template), I would like to install the Dpm 2006 agent but I'm always receiving the "RPC unavailable" error message. An idea ? Thank you for your response Tag: TTLS compared to PEAP. What is the difference? Tag: 79450
  - 10
    - Italian Rogue Dialler and Italian popups First time in 10 years on internet. Yesterday ended up with a rogue dialler trying to dial out to 7020102463 and the following between &&&&&&&s, abbreviated from Symantec site , removed that. Then today some more Italian intrusions placing files through different directories etc , keywords : e1xplorer , archiviosex , exsplorer , redfunny , skymasters , xbeta69 and the main one sgrunt. Since removing the sgrunt directory and repeating the process below it has disappeared but we assume only temporarily, as don't know where keep picking it up from , certainly not visiting porn sites , or where else its lurking. It has also disabled the modem speaker , as distinct from , apparently setting the volume high in Modem options. We'd like to get the dial and beep/chime acknowledgement back again. In rasphone.pbk does Speaker=1 and Dialmode=1 mean speaker on or off? Checked not modem malfunction by trying another modem &&&&&&&& Windows 95/98/Me/NT/2000 Click Start, point to Find or Search, and then click Files or Folders. Make sure that "Look in" is set to (C:) and that "Include subfolders" is checked. In the "Named" or "Search for..." box, type: rasphone.pbk Click Find Now or Search Now. If you find rasphone.pbk, right-click the file, and then click Open With. Deselect the Always use this program to open this program check box. Scroll through the list of programs and double-click Notepad. When the file opens, search for the section named: [Connessione Predefinita] Check if the connection number was changed by the dialer, looking at the following entry: PhoneNumber=7020102463 If the telephone number does not match with your ISP telephone number, remove all the entries of this section. Close Notepad and save your changes when prompted. Create a new dial-up connection with the right ISP number and parameters. ***** snipped ******* 5. To delete the links added by the risk Click Start > Programs > Accessories > Windows Explorer. Navigate to and delete the following files: %UserProfile%\Desktop\WinMoviePlugIn.lnk %UserProfile%\Desktop\explorer.lnk %UserProfile%\Start Menu\Programs\WinMoviePlugIn.lnk %UserProfile%\Start Menu\Programs\explorer.lnk %UserProfile%\Start Menu\WinMoviePlugIn.lnk %UserProfile%\Start Menu\explorer.lnk %UserProfile%\My Documents\WinMoviePlugIn.lnk %UserProfile%\My Documents\explorer.lnk %UserProfile%\Favorites\WinMoviePlugIn.lnk %UserProfile%\Favorites\explorer.lnk Exit Windows Explorer. &&&&&&&&&& Tag: TTLS compared to PEAP. What is the difference? Tag: 79447
  - 11
    - IPSEC and Windows Security Center I often go to Events viewer to see if there are errors showing in system events or application events. I am seeing a system error at every launch: "The IPSEC Services service terminated with the following error: The attempted operation is not supported for the type of object referenced." Event type: Error Event source: Service control manager Event ID: 7023 If I go over to look at Application Errors for the exact hour-minute-second time equivalent, what is happening looks like there is some competition in the loading process: "The Windows Security Center Service has started" Event type: Information Event source: Security Center Event ID: 1800 ........................... These two events happen at the same time as each other at every computer launch. I have ICF turned off and am using McAfee's VS, Firewall, Spam Killer, new program with newest updates, and all windows updates. 1. Should IPSEC Services be on or off? In Services it is set as Automatic, but does not say it is started. In opening the dialog, it says it is stopped. 2. Do I need to set something different? The TCP/IP NetBios Helper is "started" and "automatic" Windows XP Pro SP2 Advanced computer user (install programs and do successful troubleshooting, etc.) Tag: TTLS compared to PEAP. What is the difference? Tag: 79446
  - 12
    - Terminal Server on the DMZ Hi All, I need to install terminal server on my DMZ. My license server is seating on the LAN What port I need to open to let the new server on the DMZ to communicate with the License server on the LAN? Did the port need to be open all the times or only on the activation phase? Thanks In Advanced! Nir Tag: TTLS compared to PEAP. What is the difference? Tag: 79445
  - 13
    - How (not) to create malware (TSPY-Agent.EA) with VC++ .Net? Hello, I scanned my pc with a lot of tools and now I can't find anything left like malware etc.. Also I'm running a firewall. But after build a simple vc++ project (with visual studio 2003 .net) with release-build-configuration, the tool from trendmicro finds in the created exe-file the virus pattern from TSPY-Agent.EA. When I build the same project with debug-build-configuration, the exe-file seams to be clean. McAfee, Sophos, and Kaspersky do not find any malware both in the release as in the debug exe-file. (I'm using the tools from http://www.elephantboycomputers.com/page2.html#Removing_Malware with the newest definitions.) Here the configuration for the debug-version: ================================================= <Configuration Name="Debug|Win32" OutputDirectory="Debug" IntermediateDirectory="Debug" ConfigurationType="1" CharacterSet="2"> <Tool Name="VCCLCompilerTool" Optimization="0" AdditionalIncludeDirectories="E:\Projects\tool\src\tool" PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS" MinimalRebuild="TRUE" BasicRuntimeChecks="3" RuntimeLibrary="5" UsePrecompiledHeader="3" WarningLevel="3" Detect64BitPortabilityProblems="TRUE" DebugInformationFormat="4"/> <Tool Name="VCCustomBuildTool"/> <Tool Name="VCLinkerTool" OutputFile="$(OutDir)/tool.exe" LinkIncremental="2" GenerateDebugInformation="TRUE" ProgramDatabaseFile="$(OutDir)/tool.pdb" SubSystem="2" ImportLibrary="" TargetMachine="1"/> <Tool Name="VCMIDLTool"/> <Tool Name="VCPostBuildEventTool"/> <Tool Name="VCPreBuildEventTool"/> <Tool Name="VCPreLinkEventTool"/> <Tool Name="VCResourceCompilerTool"/> <Tool Name="VCWebServiceProxyGeneratorTool"/> <Tool Name="VCXMLDataGeneratorTool"/> <Tool Name="VCWebDeploymentTool"/> <Tool Name="VCManagedWrapperGeneratorTool"/> <Tool Name="VCAuxiliaryManagedWrapperGeneratorTool"/> </Configuration> ======================================== and here for the release-version: ======================================== <Configuration Name="Release|Win32" OutputDirectory="Release" IntermediateDirectory="Release" ConfigurationType="1" CharacterSet="2"> <Tool Name="VCCLCompilerTool" Optimization="2" InlineFunctionExpansion="1" OmitFramePointers="TRUE" PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS" StringPooling="TRUE" RuntimeLibrary="4" EnableFunctionLevelLinking="TRUE" UsePrecompiledHeader="3" WarningLevel="3" Detect64BitPortabilityProblems="TRUE" DebugInformationFormat="3"/> <Tool Name="VCCustomBuildTool"/> <Tool Name="VCLinkerTool" OutputFile="$(OutDir)/tool.exe" LinkIncremental="1" GenerateDebugInformation="TRUE" SubSystem="2" OptimizeReferences="2" EnableCOMDATFolding="2" TargetMachine="1"/> <Tool Name="VCMIDLTool"/> <Tool Name="VCPostBuildEventTool"/> <Tool Name="VCPreBuildEventTool"/> <Tool Name="VCPreLinkEventTool"/> <Tool Name="VCResourceCompilerTool"/> <Tool Name="VCWebServiceProxyGeneratorTool"/> <Tool Name="VCXMLDataGeneratorTool"/> <Tool Name="VCWebDeploymentTool"/> <Tool Name="VCManagedWrapperGeneratorTool"/> <Tool Name="VCAuxiliaryManagedWrapperGeneratorTool"/> </Configuration> ========================================= So the best will be to reinstall all, but now I'm interesting in what is going on in my pc. Thanks for your help! Axel Tag: TTLS compared to PEAP. What is the difference? Tag: 79440
  - 14
    - Windows XP - Can McAfee Privacy Security and WinAmp run together? After installing Privacy Service 7 I have been getting freezes in Windows XP shortly after WinAmp starts. In the restart there is the message "GDWH is not responding". After a lot of searching and finding many false leads, I found a post in WinAmp forums suggesting uninstalling McAfee Privacy Service. I found that disabling Privacy Service allowed WinAmp to run. Any ideas on getting these to run together? Tag: TTLS compared to PEAP. What is the difference? Tag: 79435
  - 15
    - IE, Powerpoint, tribalfusion? Recently when visiting certain websites a message came up to insert the Powerpoint disk. I resisted this for awhile, but finally gave up and inserted the Powerpoint installation CD, and voila, tribalfusion popups are back. Has tribalfusion found some kind of way to defeat IE's popup blocker using Powerpoint? Tag: TTLS compared to PEAP. What is the difference? Tag: 79433
  - 16
    - SSPI client to ldap Server - Error at last stage of n-way authentication check Hi all, I'm using Microsoft=AE Platform SDK 2003 and my client program is using SSPI calls. I'm able to get 4 octet string token from TGT server just before the final step of handshaking mechanism in SASL connection. i=2Ee. my final step of three way handshaking is broken in the final step where i'm calling EncryptMessage(..) [enquivant to gss_wrap( .. ) in GSSAPI]. It is returning some garbage value (-122346..34) instead of SEC_E_OK; ------------------------------------- SAME WAY I'VE TRIED THE HANDSHAKING MECHANISM USING GSSAPI CALLS AND .=2E...EVERYTHING IS WORKING FINE... WHILE USING SSPI CALLS.....I'M GETTING PROBLEMS...............!! Here is code snippet ---- --------- this step succeeded err =3D pSecurityInterface->InitializeSecurityContext ( &hcredClient, pClientCtxHandleIn, TEXT("LDAP/ps2345.intranet.xyz....@INTRANET.XYZ.COM"), grfRequiredCtxAttrsClient, 0, SECURITY_NATIVE_DREP, pClientInput, 0, pClientCtxHandleOut, pClientOutput, &grfCtxAttrsClient, &expiryClientCtx); cbv.bv_len =3D pClientOutput->pBuffers[0].cbBuffer; cbv.bv_val =3D (char*)pClientOutput->pBuffers[0].pvBuffer; // successful call verified..... retval =3D ldap_sasl_bind_s(ld, NULL, "GSSAPI", &cbv, NULL, NULL, &sbv); if ((retval =3D=3D LDAP_SASL_BIND_IN_PROGRESS || retval =3D=3D LDAP_SUCCE= SS)) { cbv.bv_len =3D 0; cbv.bv_val =3D NULL; if (sbv) { ber_bvfree(sbv); sbv =3D NULL; } //replying the challenge will NULL value retval =3D ldap_sasl_bind_s(ld, NULL, "GSSAPI", &cbv, NULL, NULL, &sbv); if((retval =3D=3D LDAP_SASL_BIND_IN_PROGRESS || retval =3D=3D LDAP_SUCCES= S)) { inSecBufDesc.ulVersion =3D SECBUFFER_VERSION; inSecBufDesc.cBuffers =3D 2; inSecBufDesc.pBuffers =3D &inSecBuf[0]; inSecBuf[0].BufferType =3D SECBUFFER_STREAM; inSecBuf[0].cbBuffer =3D sbv->bv_len; inSecBuf[0].pvBuffer =3D sbv->bv_val; inSecBuf[1].BufferType =3D SECBUFFER_DATA; inSecBuf[1].cbBuffer =3D 0; inSecBuf[1].pvBuffer =3D NULL; ULONG mylongVal=3D0; //Decrypting the Response. err =3D pSecurityInterface->DecryptMessage(pClientCtxHandleIn, &inSecBufDesc, 0,&mylongVal); -------------- till here everything is successful....verified with corresponding GSSPI call ...the (inSecBufDesc).pBuffers[1] contains the 4 byte octet string....Now according to rfc2222.txt, final step required to wrap the data (EncryptMeassage call) in this case and use final ldap_sasl_bind_s call err =3D pSecurityInterface->QueryContextAttributes( pClientCtxHandleIn, SECPKG_ATTR_SIZES, &sizes); // password length is passWd_Len =3D strlen("myuse...@INTRANET.XYZ.COM") + 4; //setting the first byte of octet to 1 ptr =3D (unsigned char *)inSecBufDesc.pBuffers[1].pvBuffer; maxsz =3D (ptr[1]<<16) | (ptr[2]<<8)| (ptr[3]); ptr =3D (unsigned char *) malloc(passWd_Len); ptr[0]=3D 1; ptr[1]=3D maxsz>>16; ptr[2]=3D maxsz>>8; ptr[3]=3D maxsz; sprintf((char *)&ptr[4], "%s", "myuse...@INTRANET.XYZ.COM"); ---------------------------till here everything is ok....SAME AS DONE WITH GSSAPI CALLS AND IS SUCCEEDED ...EVERYTHING IS FINE TILL HERE. NOW THE JOB IS TO ENCRYPT AND SEND IT TO THE SERVER IN FINAL CALL.------------- --------------------Problem lies in next part of the code --------------------- // Need three descriptors, two for the SSP and one to hold the //application data. inSecBufDescSecond.ulVersion =3D SECBUFFER_VERSION; inSecBufDescSecond.cBuffers =3D 3; inSecBufDescSecond.pBuffers =3D &inSecBufSec[0]; inSecBufSec[0].BufferType =3D SECBUFFER_TOKEN; inSecBufSec[0].cbBuffer =3D sizes.cbSecurityTrailer; inSecBufSec[0].pvBuffer =3D malloc(sizes.cbSecurityTrailer); // This buffer holds the application data. inSecBufSec[1].BufferType =3D SECBUFFER_DATA; inSecBufSec[1].cbBuffer =3D passWd_Len; inSecBufSec[1].pvBuffer =3D malloc(inSecBufSec[1].cbBuffer); memcpy(inSecBufSec[1].pvBuffer, ptr, passWd_Len ); inSecBufSec[2].BufferType =3D SECBUFFER_PADDING; inSecBufSec[2].cbBuffer =3D sizes.cbBlockSize; inSecBufSec[2].pvBuffer =3D malloc(inSecBufSec[2].cbBuffer); err =3D pSecurityInterface->EncryptMessage(pClientCtxHandleIn, ( 0 / SECQOP_WRAP_NO_ENCRYPT ) ,&inSecBufDescSecond, 0); ----> if i keep second argument as SECQOP_WRAP_NO_ENCRYPT ....the call returns SEC_E_OK , butinSecBufDescSecond.pBuffers[1] does not contains the expected data. On the other hand keeping second argument 0=2E..returns error(-2146893054) Let me know...where is the problem ??=20 Amit Tag: TTLS compared to PEAP. What is the difference? Tag: 79432
  - 17
    - SSPI client to ldap Server - Error at last stage of n-way authentication check Hi all, I'm using Microsoft=AE Platform SDK 2003 and my client program is using SSPI calls. I'm able to get 4 octet string token from TGT server just before the final step of handshaking mechanism in SASL connection. i=2Ee. my final step of three way handshaking is broken in the final step where i'm calling EncryptMessage(..) [enquivant to gss_wrap( .. ) in GSSAPI]. It is returning some garbage value (-122346..34) instead of SEC_E_OK; ------------------------------------- SAME WAY I'VE TRIED THE HANDSHAKING MECHANISM USING GSSAPI CALLS AND .=2E...EVERYTHING IS WORKING FINE... WHILE USING SSPI CALLS.....I'M GETTING PROBLEMS...............!! Here is code snippet ---- --------- this step succeeded err =3D pSecurityInterface->InitializeSecurityContext ( &hcredClient, pClientCtxHandleIn, TEXT("LDAP/ps2345.intranet.xyz....@INTRANET.XYZ.COM"), grfRequiredCtxAttrsClient, 0, SECURITY_NATIVE_DREP, pClientInput, 0, pClientCtxHandleOut, pClientOutput, &grfCtxAttrsClient, &expiryClientCtx); cbv.bv_len =3D pClientOutput->pBuffers[0].cbBuffer; cbv.bv_val =3D (char*)pClientOutput->pBuffers[0].pvBuffer; // successful call verified..... retval =3D ldap_sasl_bind_s(ld, NULL, "GSSAPI", &cbv, NULL, NULL, &sbv); if ((retval =3D=3D LDAP_SASL_BIND_IN_PROGRESS || retval =3D=3D LDAP_SUCCE= SS)) { cbv.bv_len =3D 0; cbv.bv_val =3D NULL; if (sbv) { ber_bvfree(sbv); sbv =3D NULL; } //replying the challenge will NULL value retval =3D ldap_sasl_bind_s(ld, NULL, "GSSAPI", &cbv, NULL, NULL, &sbv); if((retval =3D=3D LDAP_SASL_BIND_IN_PROGRESS || retval =3D=3D LDAP_SUCCES= S)) { inSecBufDesc.ulVersion =3D SECBUFFER_VERSION; inSecBufDesc.cBuffers =3D 2; inSecBufDesc.pBuffers =3D &inSecBuf[0]; inSecBuf[0].BufferType =3D SECBUFFER_STREAM; inSecBuf[0].cbBuffer =3D sbv->bv_len; inSecBuf[0].pvBuffer =3D sbv->bv_val; inSecBuf[1].BufferType =3D SECBUFFER_DATA; inSecBuf[1].cbBuffer =3D 0; inSecBuf[1].pvBuffer =3D NULL; ULONG mylongVal=3D0; //Decrypting the Response. err =3D pSecurityInterface->DecryptMessage(pClientCtxHandleIn, &inSecBufDesc, 0,&mylongVal); -------------- till here everything is successful....verified with corresponding GSSPI call ...the (inSecBufDesc).pBuffers[1] contains the 4 byte octet string....Now according to rfc2222.txt, final step required to wrap the data (EncryptMeassage call) in this case and use final ldap_sasl_bind_s call err =3D pSecurityInterface->QueryContextAttributes( pClientCtxHandleIn, SECPKG_ATTR_SIZES, &sizes); // password length is passWd_Len =3D strlen("myuse...@INTRANET.XYZ.COM") + 4; //setting the first byte of octet to 1 ptr =3D (unsigned char *)inSecBufDesc.pBuffers[1].pvBuffer; maxsz =3D (ptr[1]<<16) | (ptr[2]<<8)| (ptr[3]); ptr =3D (unsigned char *) malloc(passWd_Len); ptr[0]=3D 1; ptr[1]=3D maxsz>>16; ptr[2]=3D maxsz>>8; ptr[3]=3D maxsz; sprintf((char *)&ptr[4], "%s", "myuse...@INTRANET.XYZ.COM"); ---------------------------till here everything is ok....SAME AS DONE WITH GSSAPI CALLS AND IS SUCCEEDED ...EVERYTHING IS FINE TILL HERE. NOW THE JOB IS TO ENCRYPT AND SEND IT TO THE SERVER IN FINAL CALL.------------- --------------------Problem lies in next part of the code --------------------- // Need three descriptors, two for the SSP and one to hold the //application data. inSecBufDescSecond.ulVersion =3D SECBUFFER_VERSION; inSecBufDescSecond.cBuffers =3D 3; inSecBufDescSecond.pBuffers =3D &inSecBufSec[0]; inSecBufSec[0].BufferType =3D SECBUFFER_TOKEN; inSecBufSec[0].cbBuffer =3D sizes.cbSecurityTrailer; inSecBufSec[0].pvBuffer =3D malloc(sizes.cbSecurityTrailer); // This buffer holds the application data. inSecBufSec[1].BufferType =3D SECBUFFER_DATA; inSecBufSec[1].cbBuffer =3D passWd_Len; inSecBufSec[1].pvBuffer =3D malloc(inSecBufSec[1].cbBuffer); memcpy(inSecBufSec[1].pvBuffer, ptr, passWd_Len ); inSecBufSec[2].BufferType =3D SECBUFFER_PADDING; inSecBufSec[2].cbBuffer =3D sizes.cbBlockSize; inSecBufSec[2].pvBuffer =3D malloc(inSecBufSec[2].cbBuffer); err =3D pSecurityInterface->EncryptMessage(pClientCtxHandleIn, ( 0 / SECQOP_WRAP_NO_ENCRYPT ) ,&inSecBufDescSecond, 0); ----> if i keep second argument as SECQOP_WRAP_NO_ENCRYPT ....the call returns SEC_E_OK , butinSecBufDescSecond.pBuffers[1] does not contains the expected data. On the other hand keeping second argument 0=2E..returns error(-2146893054) Let me know...where is the problem ??=20 Amit Tag: TTLS compared to PEAP. What is the difference? Tag: 79431
  - 18
    - Windows 2003 server Network Security I want to lock down my network from PCs for Laptops outside the company. Basically I do not want anyone to be able to plug in his or her laptop computer via an RJ45 connection and have any access to resources without signing in with a valid userid and password. I donâ??t want them to have a DHCP IP address to surf the Internet unless authorized via their userid and password. Where do I start to implement these restrictions? Thanks Tag: TTLS compared to PEAP. What is the difference? Tag: 79427
  - 19
    - about axistwo.exe and nprvesof.exe Hello, who knows something about a file named axistwo.exe? I can't find anything about it in the web. It's generated in a directory named "life soft tick". In this dirctory there are also some other files: nprvesof.exe Win Tool Meal.exe Thanks for your help, Axel Tag: TTLS compared to PEAP. What is the difference? Tag: 79421
  - 20
    - L2TP/IPsec sites-to-sites vpn Hi Here are my scenario. I have two sites that are connected through a isdn lines but I don't want to use that line anymore, instead I will use a site-to-site vpn connection. My main site is using a Windows 2000 server with ISa 2000, this computer is a member of my domain. Ip adress 10.10.x.x/16. On this site I have a Stand alone certificate server on Windows 2003. This server is not a Domain Controller. The remote site is using a Windows 2003 server with ISA server 2004, he is also a member of my domain. Ip adress 10.30.x.x/16 On both isa server I have made the necessary configuration to make a pptp conection, and with this type of connnection I am able to make the connection between both sites. My problem is when i'm trying to use a L2TP/IPsec connection. On the ISA 2004, I change the protocol type of the remote site to L2TP. On the ISA server 2000, packet filters for this type of traffic is there, and I changed the type of protocol the netwotk interface is using for LP2TP vpn type. My concerns are about the certificates part. On the ISA 2000, I use the certifictaes mmc to request and install a computer certificates with success. On the ISA server 2004, I tried the same thing but I receive this error The certificate request was submitted to CA that is not started or you don't have permissions to request certificates from availabe CAs. I restarted the routing and remote access and IPSec policies services on both computers without success. So on this server I use the a web request (http://10.10.0.x/certsrv) to request a administrator template certificates. When I tried to connect I receive this error on both ISA servers Event Type: Error Event Source: RemoteAccess Event Category: None Event ID: 20111 Date: 12/23/2005 Time: 8:53:50 AM User: N/A Computer: MASTER3 Description: A Demand Dial connection to the remote interface IsaMoncton on port VPN2-0 was successfully initiated but failed to complete successfully because of the following error: The L2TP connection attempt failed because security policy for the connection was not found. Data: 0000: 17 03 00 00 .... I have read many articles and some articles tells that I need a computer certificates, some other a IPsec template, others a Router(offline) templates... So my first idea was to use a computer type certificates but I can not use the MMC Certificates snap-in on the ISA 2004 to reuqest one and the the computer templates is not available for installation when I'm using the web. I can't figured out where is my errors and all my reading haven't help me it mixed me up instead Thanks Tag: TTLS compared to PEAP. What is the difference? Tag: 79420
  - 21
    - Service running as Local system account Unable to map drive on ano Hi all I have a problem. I am developing a service which need to run as Local System Account, and which need to access a directory on a remote computer, in order to both read and write files. Both computers are running Windows 2000 and are in the same domain. As Local System Account do not have any network permissions as such, I have tried some alternative approaches but none seem to work. 1). I have tried to share the directory on the remote machine as a so called null session share (http://support.microsoft.com/default.aspx?scid=kb;en-us;289655), as that in theory should allow access to everyone and everything. But when I tried to write a file I got the "System error 5 has occurred.Access is denied." error. 2) Next I have tried to grant the computer account on which the service is running full access to the share as this article describes (http://forumz.tomshardware.com/software/Folder-Sharing-Computer-Accounts-ftopict225518.html). With the same result. The way I tested both approaches this: In both methods I use UNC format and IP numbers to address the remote share, like this: \\192.168.106.12\share\ 1) Run some code in my service using the function OpenStreamOnFile(MAPIAllocateBuffer, MAPIFreeBuffer, ulFlags, file_name, szFilePrefix, out_stream) function, and also fopen( "\\192.168.106.12\\share\\data.dat", "w+" ). Both methods fail though. 2) started a CMD prompt with Local Systems Account credentials (using the method described here: http://www.windowsitpro.com/Article/ArticleID/47673/47673.html and the psexc.exe tool from sysinternals - running psexec.exe -s cmd.exe). Then tried to both copy a file manually using the copy command and to map a drive letter using "net use". But all I got was a "System error 5 has occurred.Access is denied." I would appreciate any help I can get. Small things to try or even whole new approaches, as I am really running out of ideas here. Also if you need further information regarding my setup, please let me know. Thanks, and a merry Christmas to all Kind regards/ Venlig hilsen Peter Langhoff Feddersen System Engineer, MCSD Systematic Software Engineering A/S Web: www.systematic.dk Tag: TTLS compared to PEAP. What is the difference? Tag: 79417
  - 22
    - Not able to open a locked mdb file from Windows 2003 Hi, I have this problem: I'm not able to open an mdb file that is already locked. The file is located in another server, the folder is fully shared, and my user has full access to that folder. I only has this problem for Server running on Windows Server 2003. My Win2K Server doesn't have this problem. I can open the file only if I open it from Microsoft Access, when I tried to double click the file from Windows explorer nothing happen. If the file is not locked I can open it by double click, even though there is a security window pop up. I can open a locked mdb file if the file located in Local Server. Is this problem has anything to do with Windows Server 2003 security?? Any suggestion will be greatly appreciated Thanks Tag: TTLS compared to PEAP. What is the difference? Tag: 79411
  - 23
    - SPAM!!!! Im sick to death of spam , its soo anoying . The funniest thing is though Why have i recived an email that is spam and that has come from my actual email adress.?? Can any one help me? Cheers:D Tag: TTLS compared to PEAP. What is the difference? Tag: 79400
  - 24
    - Local Administrator Password Good morning! I was wondering if Microsoft had any software that globally reset all local admin passwords on my domain. Can MOM accomplish this? Thank you in advance for your help. Roger Settle rsettle@(remove this)oasisadvantage.com Tag: TTLS compared to PEAP. What is the difference? Tag: 79399
  - 25
    - 0x80070569: Logon failure: the user has not been granted the requested logon type at this computer. Hi. In a Windows 2000 domain, I defined a domain user (dom\StartTask) member of Domain Users and Users domain group with password never expires and set in Domain Security Policy 'Deny Access to this computer from the network' and 'Deny logon locally'. After this, in a member server (Server01), I create a scheduled task and associate with defined user. The task doesn't run and in View Log I see the following message: ---- "xxxx.job" (xxxx.bat) 12/22/2005 11:59:59 AM ** ERROR ** The attempt to log on to the account associated with the task failed, therefore, the task did not run. The specific error is: 0x80070569: Logon failure: the user has not been granted the requested logon type at this computer. Verify that the task's Run-as name and password are valid and try again. ---- In Event Viewer (Security) the event : Logon Failure: Reason: The user has not been granted the requested logon type at this machine User Name: StartTask Domain: dom Logon Type: 4 Logon Process: Advapi Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Workstation Name: Server01 ---- The strange think is that after I reset the password, the scheduled task works. Could you help me? Ivan Cella Eridano@hotmail.com Tag: TTLS compared to PEAP. What is the difference? Tag: 79396

They both create a TLS tunnel to run a legacy method (any method)

through it and require a certificate only for the EAP Server. Do they

have any real difference or are they two different ways to do the same

thing?

Top

Re: TTLS compared to PEAP. What is the difference? by S

S
Sun Jan 01 05:39:17 CST 2006

The real difference is that TTLS isn't supported out of the box in Windows.
In theory, TTLS is more attack-proof, but as you said, it's all perceived
risk and the transport layer security is equal.

Here's more details:

http://www.oreillynet.com/pub/a/wireless/2002/10/17/peap.html

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

"vasal" <vasal@va.gr> wrote in message
news:eX3dJYZDGHA.1124@TK2MSFTNGP10.phx.gbl...
> They both create a TLS tunnel to run a legacy method (any method)
>
> through it and require a certificate only for the EAP Server. Do they
>
> have any real difference or are they two different ways to do the same
>
> thing?
>
>

Top