User password auditing

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - security about .Net Passport My hotmail account has been followed by some malicious cracker for a long time though he didn't really control it. I want to abandon it. If the hotmail is not used by me for three months,the Net Passport will be cancelled and so as the msn messenger account,right? but I can't delete all the net pals' accounts from my messenger list because they have added to their lists. If the cracker registers the same account of hotmail, and will he see all the net pals from the messenger account and talk to them? And will he received all the emails from my previous hotmail account? Tag: User password auditing Tag: 53166
  - 2
    - FORBIDDEN-can't get access. I am trying to go to a website and I keep getting the following message: what can I do ?? Forbidden You were denied access because: Access denied by SmartFilter content category. The requested URL belongs to the following category: Dating. Tag: User password auditing Tag: 53160
  - 3
    - Can't uninstall MS Office Standard The problem began a couple of days ago when (1) the system response time slowed considerably (2) my IE home page defaulted to the ISearch web site and (3) pop-up ads started appearing. I hadn't seen a pop-up for quite some time after installing the Google tool bar. I noticed that there was a new tool bar called ISearch but, when I went to the tool bar tab to get rid of it, all the selections were grey and I couldn't toggle any of them on or off. So I searched for, and found, all files containing "ISearch", then deleted them. When I re-booted, Windows locked up on me. I tried re- installing and, after several unsuccessful attempts, I finally succeeded. However, MS Office can not be accessed. When I went to Control Panel to delete my MS Office Standard, the system locked up. I was able to cancel the application, but my MS Office does not work. Is there some way to delete MS Office Standard without losing my Outlook e-mails, calendar, contacts or tasks? Tag: User password auditing Tag: 53159
  - 4
    - Firewall and VPN resources Can someone direct me to white papers / other resources for a firewall and VPN beginner? Tag: User password auditing Tag: 53158
  - 5
    - MSN Messenger and firewall Hi, What ports to open to get the video conference to work behind a firewall using MSN Messenger 6.2? Regards, Christer Johansson Tag: User password auditing Tag: 53157
  - 6
    - Digitally Signing files We're looking to improve security on our webserver by checking each website directory perdically for files that have not been digitally signed by us The decission to do this has come from someone above me but I need to go back with the following How can you digitally signs files A website can potentially have thousands of files - can you batch sign all of them before uploading to the server Is this a practical approach or are their other methods we could employ to make sure no files have been uploaded without being digitally signed Thank Tag: User password auditing Tag: 53154
  - 7
    - hotmail.com I've added an email address to my Outlook Express that is only used for family and close friends. Internet shopping, etc. I use another one. My questions is, twice in the last couple of weeks I hve rec'd email from "tom@hotmail.com". I don't know who this is and he/she is attaching either a worm or viurs which Road Runner has "cleaned" and deleted for me. My question is...who is "tom@hotmail.com"? I doubt that I know him/her. My husband's name is Tom, it is not him. Thank you for your time and help. Tag: User password auditing Tag: 53146
  - 8
    - Information right management Hi, Can anybody give me some sample exmple to progrmatically implement Information right management (IRM) thorugh C#. THis is in prioirty need. Thanks in advance. Regards Robin Tag: User password auditing Tag: 53142
  - 9
    - deleted e-mail by mistake Can any one help I deleted an e-mail by mistake, it was permanently deleted from deleted items is there any way to recover the mail. I have windows XP and am using outlook express 6. Thanks Lynnette Tag: User password auditing Tag: 53140
  - 10
    - outlook express outlook express will not allow me to view attachments (photos) it seems to be a security issue...what can i do? Tag: User password auditing Tag: 53130
  - 11
    - User Names and Password Windows is storing my User name and Password. I do not like it. Where can I find what is stored and how can I delete these entries Tag: User password auditing Tag: 53129
  - 12
    - Good intentions but ultimately ineffective? Calif. Bill Requires 'Spyware' Notice May 18, 10:16 PM (ET) SACRAMENTO, Calif. (AP) - Consumers would have to be told before information-reporting "spyware" was added to their computers if legislation approved Tuesday by the California Senate becomes law. The measure by Sen. Kevin Murray, a Democrat, was sent to the Assembly by a 36-2 vote. Murray said consumers can unknowingly add the spyware to their computer systems when they buy software. "These programs track what Web sites you visit, may steal your passwords, access your financial information, log your keystrokes, bombard you with pop-ups, track your purchases and remotely report your activity and personal information to a third party," Murray said. Republican Sen. Jim Battin said the spyware problem needed to be addressed on a national level, but action by California lawmakers would be a "good start." ___________________________________________________________ Good intentions but ultimately ineffective, right? How does this put an end to the really bad malware out there, like hijack browsers, keyloggers, etc.? A good start indeed, but I compare this to only putting a Band-Aid on a severe bullet wound. Tag: User password auditing Tag: 53128
  - 13
    - Pass word protection after boot up I have windows XP. I want to set a password so that a password is required as soon as the boot up process is complete. I have a set password protection when the screen saver comes on I tried using the instructions in Support, but the instructions seems to be wrong - there are appears to be steps missing. You help is greatly appreciated. Tag: User password auditing Tag: 53126
  - 14
    - LOCAL NYC UNIGROUP MEETING: 20-MAY-2004 (Thurs): Kerberos This is a multi-part message in MIME format. --------------97F144D251EB458E36F234A8 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit --------------97F144D251EB458E36F234A8 Content-Type: text/plain; charset=us-ascii; name="0announcement" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="0announcement" LOCAL NYC UNIGROUP MEETING: 20-MAY-2004 (Thurs): Kerberos Interoperability IMPORTANT: Please note our new location: 104 Washingon Street Between Rector St and Carlisle St In the Wall Street area. ========================================================== UNIGROUP OF NEW YORK - UNIX USERS GROUP - MAY 2004 MEETING ========================================================== ------------------------------------------------ 1. UNIGROUP'S MAY 2004 GENERAL MEETING ANNOUNCEMENT ------------------------------------------------ When: THURSDAY, May 20th, 2004 (3rd Thursday) Where: <<<< OUR NEW MEETING LOCATION >>>> Alliance for Downtown NY Conference Facility 104 Washington Street Downtown, New York City ** RSVP Will No Longer Be Required for Entry! ** Time: 6:15 PM - 6:25 PM Registration 6:25 PM - 6:45 PM Ask the Wizard, Questions, Answers and Current Events 6:45 PM - 7:00 PM Unigroup Business and Announcements 7:00 PM - 9:30 PM Main Presentation -------------------------------------------------- Topic: MIT KERBEROS 5: Introduction to Authentication and Cross-platform Interoperability -------------------------------------------------- Speaker: Jeff Altman, President, Secure Endpoints Inc. <http://www.secure-endpoints.com> INTRODUCTIONS: -------------- Kerberos provides secure login facilities for Unix, Linux and Windows. Our speaker for this month's Kerberos meeting (and the planned OpenAFS meeting) will be Jeff Altman. Unigroup members will remember that Jeff is a past Unigroup speaker (of Kermit95 and Telnet Security Working Group fame). Jeff has been working with a series of well known security related projects for many years. Unigroup has the following meetings planned over the next few months: - Solaris 10 Launch Event - Field Trip to Sun Microsystems - OpenAFS - Jeff Altman (followup presentation) - Zope / Web Development - Zope Corporation ................................................................. MIT Kerberos Version 5 is the basis for the Kerberos distributed with Solaris, AIX, HP-UX, Red Hat Linux, Debian, MacOS X, OpenVMS, and just about every other Kerberos distribution other than the Heimdal distribution and the implementation built into Microsoft Windows 2000 and subsequent releases. MIT is directly responsible for three Kerberos products: - MIT Kerberos 5 for Unix/Linux - MIT Kerberos for Macintosh which is bundled with MacOS X - MIT Kerberos for Windows The current releases of MIT Kerberos 5 for Unix/Linux (1.3.3) and KfW (2.6.1) are available from the MIT Kerberos web site: http://web.mit.edu/kerberos/ The MIT Kerberos 5 release 1.3.3 release fixes bugs and adds one major feature: - Support for AES in GSSAPI has been implemented. This corresponds to the in-progress work in the IETF (CFX). MIT Kerberos for Windows 2.6 release includes krb5 release 1.3.3 and provides enhanced integration with the Microsoft Windows Kerberos implementation as well as OpenAFS for Windows. In addition to developing the leading open source implementation of Kerberos, the MIT Kerberos Development Group contributes more than half of the document authors within the IETF Kerberos Working Group. MIT's participation has been crucial to ensuring that all of the major implementations of Kerberos (including Microsoft's) adhere to the published standards to facilitate interoperability. This talk will provide an introduction to the Kerberos 5 authentication protocol; a detailed overview of the MIT Kerberos implementation; a discussion of interoperability concerns which developers and administrators face when implementing and deploying a multi-platform Kerberos infrastructure; and some demonstrations utilizing the GSS on Linux, Windows, and Java. Note: If your organization would be interested in providing a grant to further Kerberos development at MIT. Please contact Marshall Vale, Team Leader, of The MIT Kerberos Team, at <krbcore@mit.edu>. ------------------------------------------------------------------- SPECIAL INSTRUCTIONS: --------------------- While RSVPs will _NOT_ be required for this location, please RSVP if you know you are attending, or if there is a high probability that you will be attending. This will help us determine the correct amount of food and refreshments. Please RSVP by two days prior to the meeting day (the food must be ordered in advance). To REGISTER for this event, please RSVP by using the Unigroup Registration Page: http://www.unigroup.org/unigroup-rsvp.html This will allow us to automate the registration process. (Registration will also add you to our mailing list.) Please continue to check the Unigroup web site and meeting page, for any last minute updates concerning this meeting. If you registered for this meeting, please check your email for any last minute announcements as the meeting approaches. ------------------------------------------------------------------- Outline of the Main Presentation: --------------------------------- In this talk, Jeffrey Altman, from Secure Endpoints Inc., will discuss the Kerberos 5 trusted third party implementation. The topics will include: - Introduction to the Kerberos 5 Protocol and Why It Works. - Overview of the MIT Kerberos 5 Implementation for Unix/Linux/MacOS X and Microsoft Windows. - Discussion of Cross Implementation Interoperability and Single Sign-On (SSO). - GSS API bindings (C, Java, and Microsoft's SSPI). - IETF Kerberos Working Group Status Report. ------------------------------------------------------------------- Web Resources: -------------- Kerberos: The Network Authentication Protocol http://web.mit.edu/kerberos/ The MIT Kerberos Team http://web.mit.edu/kerberos/www/krbdev.html The Kerberos Network Authentication Service http://gost.isi.edu/info/kerberos/ Kerberos FAQ http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html Step-by-Step Guide to Kerberos 5 Interoperability http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp (other Kerberos links are also on this page) ------------------------------------------------------------------- Speaker Biography: ------------------ Jeffrey Altman, is the President of Secure Endpoints Inc., and is a long time open source developer and participant in the Internet Engineering Task Force. Jeffrey's current projects and roles include: * MIT Kerberos. Core team member. http;//web.mit.edu/kerberos/ Contributor to the Kerberos 5 library and applications; and lead developer of the Kerberos for Windows product. * OpenAFS. Gatekeeper. http://www.openafs.org Lead developer for the Windows port of OpenAFS client and server. * C-Kermit and Kermit 95. Contributing developer. http://www.kermit-project.org Kermit 95 Program author. Responsible for all security and network protocol stack components. * OpenSSL. Contributing developer. http://www.openssl.org * Project JXTA. Director. http://www.jxta.org ------------------------------------------------------------------- Company Biography: ------------------ Secure Endpoints Inc. specializes in providing support and new development for open source products on the Microsoft Windows 2000/XP/2003 family of products. ------------------------------------------------------------------- Giveaways: ---------- O'Reilly has been kind enough to provide us with some of their books, which we will continue to raffle off as giveaways at our meetings. Addison-Wesley Professional/Prentice Hall PTR has been kind enough to provide us with some of their books, which we will continue to raffle off as giveaways at our meetings. Addison-Wesley also has a new end-user discount, available through their User Group program. We will be announcing the details at our next meeting! Unigroup would like to thank both companies for the support provided by their User Group programs. Note: The chances tend to be about 1 in 5, that any attendee of our meeting will walk away with a fairly valuable giveaway (ie. many of these books are valued between $30 and $60)! Novell has provided us with some SuSE Linux Distributions. IBM has provided us with some IBM Tote Bags and Linux Penguins. ------------------------------------------------------------------- Fee Schedule: Yearly Membership (includes all meetings): $ 50.00 Non-Member Single Meeting: $ 20.00 Student Yearly Membership: $ 20.00 Non-Member Student Single Meeting (with ID): $ 5.00 Payment Methods: Cash, Check, American Express. ------------------------------------------------------------------- Complimentary Food and Refreshments will be served. This includes sandwiches such as turkey, roast beef, chicken, tuna and grilled vegetables as well as cookies, bottled water and assorted beverages. ------------------------------------------------------------------- Directions: Alliance for Downtown NY Conference Facility 104 Washington Street Wall Street Area Downtown, New York City This building is located on the West side of the street. Cross Streets: Between Rector (South) and Carlisle (North) Streets. Our meeting location is in the Lower West Corner of Downtown, North of the Battery Tunnel, South of the Downtown Hotel, East of West Street, and West of Greenwich Street. Walking West on Rector Street from Broadway, you pass Church, Greenwich then Washington Streets. There are multiple blocks of parking lots right there, between Washington and Greenwich Streets, starting at the Battery Tunnel and extending North for a number of blocks. Nearest mass transit stations, in order, are the '1/9' (Rector Street), 'R/W' (Rector Street) and the '4/5' (Wall Street). ----- Please mark this meeting on your calendar and join us! Please tell your friends about Unigroup! ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------- 2. UPCOMING MEETINGS ----------------- We have a series of meetings in the works: - Kerberos - Jeff Altman - May 2004 - OpenAFS - Jeff Altman - Planned - Solaris 10 - Launch Event - Field Trip to Sun Microsystems - Zope / Web Page Development - Zope Corporation - Planned - Unix/Linux/BSD and Wireless Communications/Security - IPsec - DNS - Unix 30th Birthday Celebration - iSCSI, Serial ATA, and other new peripheral technologies - Unix Clusters and Clustered Databases - Linux Clustering Part 3: Beowulf version 2 - Building a Firewall using FreeBSD and Linux - High Performance Internet Servers / Web Acceleration - Unix Office Tools: Word Processors, Spreadsheets, Accounting Packages. - PKI - GNU Development Environments - Meetings on a variety of Sun/Solaris/Java topics Please let us know about any other meeting topics that you may be interested in. Potential speakers on Unix related technology topics should contact the Unigroup board at ugny-0504@unigroup.org. ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ -------------- 3. PRIOR MEETINGS -------------- Unigroup would like to thank IBM, and our speaker Bill Sandve, for his presentation on "AIX / AIX5L Overview and Futures". Bill flew in from Texas for this meeting and presented a broad history of AIX, past, present and future. Unigroup members were briefed on various IBM proprietary initiatives with AIX, which are not generally known to the public. We also learned about specific areas where IBM is focusing future AIX development, and various features in AIX which will support the next generation of IBM Unix/Linux systems. We also discussed the ways in which multiple instances of AIX and Linux can co-exist together on a single hardware system. We would also like to thank Dan Dantzic of the IBM Linux Center of Competence, for hosting our Field trip to IBM, and Jim Gleason of the IBM Linux Cluster Group (and NYLUG), for finding us this Field Trip meeting location at IBM. ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ -------------------- 4. UNIGROUP INFORMATION -------------------- Unigroup is one of the oldest and largest Unix User's Groups serving the Greater New York City Regional Area since the early 1980s. Unigroup is a not-for-profit, vendor-neutral and member funded volunteer organization. Unigroup holds regular and special event meetings throughout the year on technical topics relating to Unix and the Unix User Community. Unigroup is also the Greater NYC Regional Area Affiliate of UniForum - an International Unix Users Group. Unigroup holds regular meetings planned for (at a minimum) the Third THURSDAY of Odd Months. We generally try to hold Field Trip Meetings on the Even Months, although we will have the ability to hold monthly meetings at our new downtown meeting location. Planned meeting dates are: 5/20/2004, 6/17/2004, 7/15/2004... Watch for our Special Event meetings at the various trade shows in NYC as well as "Field Trips" to the facilities of local hardware and software vendors. ========================================================================= = For Unigroup Information, Events and Meeting Announcements be sure to = = visit our World Wide Web Home Page: = = http://www.unigroup.org = ========================================================================= For further information or to get on the Unigroup Electronic Mail Mailing List send an EMail message to: ugny-0504@unigroup.org To contact the Board of Directors of Unigroup, send an EMail message to: ugny-0504@unigroup.org To contact the Newsletter Editor, send an EMail message to: ugny-0504@unigroup.org If you have recently attended a meeting and you are not receiving Email announcements, please send us an Email and we will make corrections to our lists. Please Email the Board with any suggestions, especially potential meeting topics and speakers. Unigroup welcomes contributions and content suggestions for our newsletter. Unigroup is a volunteer organization and we need your assistance! Please let us know if you can help! ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------- 5. TRADE SHOWS ----------- CeBit 2004 ---------- The CeBit Show is coming to the Javits Center in NYC on these dates: Tue May 25 10:00 AM - 5:00 PM Wed May 26 10:00 AM - 5:00 PM Thu May 27 10:00 AM - 3:00 PM For more information, or for complimentary online registration, visit: http://www.cebit-america.com SIA Show - TMC2004 - Securities Industry Technology Management Conference ------------------------------------------------------------------------- The SIA Show is coming to the Hilton New York in NYC on these dates: Tue Jun 8 12:00 PM - 6:00 PM Wed Jun 9 9:00 AM - 6:00 PM Thu Jun 10 9:00 AM - 12:00 PM For more information, or for complimentary online registration, visit: http://www.sia.com/tmc2004 *Please let us know about any local trade shows which may be of interest to our membership, and are not listed above. ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ I hope to see you all at our next meeting! -Rob Weiner Unigroup Executive Director ugny-0504@unigroup.org http://www.unigroup.org --------------97F144D251EB458E36F234A8-- Tag: User password auditing Tag: 53123
  - 15
    - Encrypted Email Does anyone have any starter tips on how to set up encrypted email for a company? I've done some reserch & only know the bare basics of Digital ID's...I could really use some tips on how to actually implement them We have 42 PC's - all are using Win XP PRO. 23 are in 1 building running under a Novell network & sharing a DSL line. The rest are working as "stand-alone's" & home offices throughout 1/3 of our state, using various dial-up connections. All email is a POP3 through our web hoster using Outlook Express Boss gives ME this great "idea" that all our mail should be encrypted. That's the extent of management help here, other than, can I implement it by Thurs. at 10am??? (as in 2 days from now! I do not have a "team", it's just me trying to figure out how to do this, or at least, trying to figure out a plan Any assistance will be greatly appreciated! Thank you so much Patt ASNI IS Tag: User password auditing Tag: 53122
  - 16
    - Microsoft Redistributables trying to download Norton Internet Security and it says "the feature you are trying to use is on a cd-rom that is not available" Insert MSRedist disk. Can someone help please. Tag: User password auditing Tag: 53120
  - 17
    - IE 6 Security flaw When using digest authentication the browser does not seem to return the opaque string, is this deliberate, or do you have to specify and different auth type. example GET /top.htm HTTP/1.1 Accept: */* Accept-Language: en-gb Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:87 Connection: Keep-Alive REQ : Authorization: Digest username="fred", realm="Internal@server.test", qop="auth ", algorithm="MD5", uri="/top.htm", nonce="3b14f0b2188d8c91e33ee7f2a84a1040", nc=0000003e, cnonce="d4fcf375b60c595a53c752af40b08640", response="ee58ca2a70377d87 37975fd379858f34" see no opaque, this would allow replay attacks see rfc 2617 HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm="testrealm@host.com", qop="auth,auth-int", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41" Authorization: Digest username="Mufasa", realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41" Tag: User password auditing Tag: 53119
  - 18
    - win32 application I recently downloaded the sasser worm removal tool from Microsofts website, but when I try to open it to run it, I get the following error message c:\documents and settings\default\desktop\windows-KB841720-ENU-V4.exe is not a valid Win32 application What do I need to do to fix this Tag: User password auditing Tag: 53118
  - 19
    - Mutliple IEXPLORE.EXE opening.. Hi I would like to know what the heck is going on!!! When I turn on my computer everything loads normal... then it gets insanely laggy. I hit ctrl+alt+del to bring up task manager and there are multiple IEXPLORE.EXE open?!? 2 and sometimes 3 of them are taking up 100% of my cpu in equal shares... arggghh I cant do anything on this PC now it happens everytime i restart.. Can somebody please help me? I would much appreciate it.. thanks :) PS Im able to post this because I've had my task manager open this whole time and just been ending any IEXPLORE.EXE that pops up.. other than this one of course ;) Tag: User password auditing Tag: 53117
  - 20
    - Norton AntiVirus Rescue Disk Won't Scan Error 35 General protection fault in NAVDX.OVL When running NAVDX.EXE, it quits the scan and gives the above error message whether it's run from my booted DOS Rescue disk or from the Norton AntiVirus folder on drive C in a DOS Prompt window. However, when run from Windows by right clicking a folder in the Windows Explorer tree and selecting the option to "Scan with Norton AntiVirus" or simply running a scan from the AntiVirus user interface, it runs ok and does the scan without producing an Error 35 message. But, don't they use the same Norton AntiVirus folder NAVDX files as used when running from a DOS Prompt window? If so, why the different results? I'm running Norton SystemWorks 2003 in Windows'ME and have been doing Live Updates, testing my Rescue disk, and running system scans weekly now for many months without a problem until this past week-end. Below is a sample run of my Rescue disk from a DOS Prompt window: D:\Rescue> NAVDX.EXE C: /prompt Loading NAVDX, please wait... Using virus definitions from C:\...~1\COMMON~1\SYMANT~1\VIRUSD~1\20040514.033 Using options from D:\RESCUE Scanning Memory... OK Scanning Master Boot Records... OK Scanning Boot Record... OK Scanning file: C:\MSDOS.SYS Error [35]: General protection fault in D:\RESCUE\NAVDX.OVL at 059F:00F8 code 0000 SS=15AF DS=15AF ES=0000 load base=0157 AX=9BCE BX=DFF2 CX=DFF2 DX=0000 SP=CF6C BP=CF8C SI=002A DI=0000 C:\> -randau Oregon, USA ================================ I read and post from the Google Groups web site using a Spam collecting email address that I don't use for anything else. So if someone wants to contact me, cleanup the Spam resistant Email address below. randau2...(at)...proaxis.com by replacing ...(at)... with @ Tag: User password auditing Tag: 53109
  - 21
    - What is the difference between a worm and a trojan ? Ok, I know the difference between a virus and a trojan. But what is the difference between a worm and a trojan? Is the one a subset of the other type or are they completele different ? Peter Tag: User password auditing Tag: 53105
  - 22
    - Server security audit cleared by strange computer name When I logon to a server today I noticed a messenger server pop up kind of "Message from <kioskmachineonmynetwork> to "MyServer". As a curiosity I checked the security audit all logs entried were cleared at 7:00AM, today. The audit log was cleared: Primary User Name:SYSTEM Primary Domain: NT Authority Primary logon ID:(0x0,0x3E7) Client UserName: Administrator Client Domain:DBDCH621 Client Logon ID: (0x0,0x656A) At this time I already changed local admin password and rebooted the server, ran AV scan. Am I able to get any relevant information from the log description above ? DBDCH621 client is totally unknown to me. Tag: User password auditing Tag: 53104
  - 23
    - Logon Process: Advapi - Causing blue screen. The following login event occurs twice everynight (Usually ~20:30), and then the server bluescreens and reboots. Login: (user: "creative" does not exist btw) Event ID : 529 Event Importance : Critical importance event Date & Time : 18/05/2004 - 9:58:21 PM Rule Triggered : Logon Failure : ANY reason (inform on any failed logon event) Computer : IIS02 Event Log : Security Event Source : Security Event Category : Logon/Logoff Event Type : Failure Audit S.E.L.M. Event ID : 1084881498_000000000000465 User Name : NT AUTHORITY\SYSTEM Operating System : Windows 2000 Domain Controller Logon Failure: Reason: Unknown user name or bad password User Name: creative Domain: IISFARM Logon Type: 2 Logon Process: Advapi Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Workstation Name: IIS02 Caller User Name: N/A Caller Domain: N/A Caller Logon ID: N/A Caller Process ID: N/A Transited Services: N/A Source Network Address: N/A Source Port: N/A Then immediately we get: Event ID : 1001 Event Importance : Critical importance event Date & Time : 16/05/2004 - 8:32:09 PM Rule Triggered : Save Dump: Memory Dump occured Computer : IIS02 Event Log : System Event Source : Save Dump Event Category : Unused message ID Event Type : S.E.L.M. Event ID : 1084703649_000000000000625 User Name : N/A Operating System : Windows 2000 Domain Controller The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x00bb21d0, 0x00000002, 0x00000001, 0xbfc13ce2). Microsoft Windows 2000 [v15.2195]. A dump was saved in: C:\WINNT\MEMORY.DMP. Regards, MB Tag: User password auditing Tag: 53095
  - 24
    - Pop up porn sites I am currently running Xp but when I am surfing the net from time to time a porn site window pops up uninvited can any one help me on how to stop this from happening. Cheers Chris. Tag: User password auditing Tag: 53094
  - 25
    - Port Reporter connections from 0.0.0.0 Should I be concerned about remote connections from 0.0.0.0? Tag: User password auditing Tag: 53091
- Next
  - 1
    - frequent attacks against my computer! can anyone advise me as to why my computer has relentless attacks every day, E-mails are leaving my computer to people i dont even know and being returned as undeliverable. I dont even send these e-mails. The attacks are coming from a hotel in montreal canada. I contacted the hotel and they say they have no idea whats going on even though these attacks are coming from their hotel.HELP! Tag: User password auditing Tag: 53090
  - 2
    - CWS searchx strain won't go away I'm experiencing problems with IE 6 under windows 98. the startup page keeps resetting to about:blank which shows a search page with a bunch of categories. i used CWShredder 1.57.0 with up to date patterns to clean up CWS and it said it got rid of the searchx strain. however, the problem didn't go away. i tried running CWShredder again and again it reported searchx to be present and that it cleaned it up. any idea how to acutally get rid of it? thanks for any help, gary -- Gary Roach ADB Services Tag: User password auditing Tag: 53088
  - 3
    - CWShredder got rid of wmplayer.exe but not references to it I'm working on a machine with adware problems. I've used CWShredder to get rid of CWS and when it did, it must have removed wmplayer.exe because when i boot up. i get an error saying: Cannot find the file 'WMPLAYER.EXE' (or one of its components). Make sure the path and filename are correct and that all required libraries are available. i searched the registry and there are numerous references to wmplayer.exe. what do i do with them? thanks for any help. gary -- Gary Roach ADB Services Tag: User password auditing Tag: 53083
  - 4
    - Password I know this sounds strange. I just loaded the W2k. on my daughter system. Upom boot a password is required. I forgot the password. Can I use the CD to reset or recall the password? Do the software have to be reloaded? Any suggestions? Tag: User password auditing Tag: 53079
  - 5
    - Windows Security Update CD Feb 2004 I recently installed this update. Now every time I turn on my computer, the dial up connection box appears and I cannot get rid of it. I am assuming this is because the security update is automatically looking to connect for more updates. any ideas on how i turn this off?? Tag: User password auditing Tag: 53076
  - 6
    - On both firewall???? I'm running WinXP behind a router with NAT, do I still have to activate the XP firewall? Thank you in anticipation. Victor --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.688 / Virus Database: 449 - Release Date: 5/18/04 Tag: User password auditing Tag: 53071
  - 7
    - Disabling Firewalls Hi, Sorry not sure if this is the right newsgroup to post under, but anyways here is my question. I'm trying to install the Wireless G-Base Station MN-700. It says I must disable my firewall, so I go to Network Connection, and look and the tab that should be unclicked, is unclicked, but during setup I'm still getting the message saying I must disable the firewall. Is there something else I can do or try to get rid of it? I'm running Windows XP. Tag: User password auditing Tag: 53070
  - 8
    - Internet security To ensure privacy on the PC, at home, I can, if I so choose, add passwords and encryption but, if there is someone with me, he can see what I see, as there are no magic spectacles to reveal the contents only to me once the door is opened. So, it seems that such devices are of no use when working in protected areas whilst on the net, since the hacker who circumvents my firewall presumably also can see what I see. Is the only security a firewall and a dynamic IP with plenty of logging off to change it? One other security question. I recently read of a registry hack to prevent Windows storing passwords but, assuming it works, how can a password be recognised unless it is stored and, since there must be a record somewhere in the system, doesn't the expert hacker have the knowledge and tools to find it? Tony. Omit cymru to email. Tag: User password auditing Tag: 53065
  - 9
    - CA Server Crash Hello, I had a stand alone CA installed on a memeber server and server crashed and will not be used again. Windows 2000. I had issued only one certificate from the CA. I'm going to install CA on a new server ... before that ... do I need to clean up Active Directory ??? Thanks MaTT Tag: User password auditing Tag: 53064
  - 10
    - Microsoft Patch I keep getting an email that says it is from Microsoft and the subject is "use this patch immediately". The problem is my virus protection keeps saying it contains a virus. Has anyone else received this? Tag: User password auditing Tag: 53057
  - 11
    - Spyware [Interstitial Ad Delivery by 180 Search Delivery] I have an obnoxious program called "Interstitial Ad Delivery by 180 Search Delivery" that appears to be responsible for causing pop-up advertisements when I use Internet Explorer. Another program called "PAD Lookups by 180 Search Assistant" also appears to be tied into the problem. When I try to delete the program, I am told I have to be connected to the internet. I click OK and it takes me to a site requiring me to download and use a "removal" program. I am not willing to get stung twice. Any one know of an easy way to remove this adware? Tag: User password auditing Tag: 53053
  - 12
    - View/Privacy Report Does anyone know how to delete Privacy Report History in the View meno? thanks... Tag: User password auditing Tag: 53047
  - 13
    - something has hijecked and uploaded onto my pc I was browsing yesterday like I normally do and this pop up appeared, I went to click the x to shut it down but I moved the mouse too fast and actually clicked an open space and this subsequently open the pop up I had a look and then closed it down. all of a sudden somthing called netsearchsoft downloaded itself and now I cant get it off, so all the web pages I veiw can only be veiw throughit. I am finding all of this very scary. can someone help me please. Tag: User password auditing Tag: 53046
  - 14
    - Computer shutting down For the past few months, I've been having a problem with my computer. My floppy drive will act like it's "reading" a disk, but there is no disk in the drive. Then the computer shuts completely down. It doesn't matter if I am online or not. Is this a security problem? I have run (and always have ran) Norton Internet Security and Anti- Virus. Could it be a bad drive? Please help!!! Tag: User password auditing Tag: 53038
  - 15
    - Netsky firus on Mail server Hi All My Eoo.log is continuously infected with the netsky virus. I have a dedicated Exchange 2000 server runing on W2k server platform with the latest service packs for each installed. I have Symatec antivirus corporated edition and Antivus /filtering for Exchange 2000 (up-to-date virus definitions) install to protect us against virus attacks, so far it has been working very well until the 14 May 2004. Our server is a strictly internal mail server. In order to send and receive mail outside the LAN our outlook 2000 clients are configured to pull mail from a pop3 and smtp server hosted by our ISP this mail is then stored on our mail server; about 30 users have this setup whilst others can only send and receive on the LAN. These 30 users have been pulling emails from the External server that are infected with the netsky virus. When our internal Mail server does a realtime virus scans it quarantines the EOO.LOG file from the MDBDATA folder and no one can access their mailbox. Is there some way I can protect this server from this happening all the time, and this file from not being quarantine? because when you perform a comprehensive removal of the virus it is not found. Thank you in advance for your help Best regard Sam Tag: User password auditing Tag: 53034
  - 16
    - Norton Antivirus I do not know if this is a windows problem, but I cannot update my Norton Antivirus software. The Symantec web site is the only web site that I get the "page cannot be displayed" when I try to download the update. I can access the site on other computers so I know it is not the web site. My temp files have been deleted, my firewall is disabled. Nothing I do allows that web site to function properly. Any ideas? I am able to surf everywhere else. ???? Tag: User password auditing Tag: 53030
  - 17
    - cookies problem I am trying to access a this website http://www.iboplus.com but get an error message when I log in my username and password. It tells me that my cookies settings are too high, but when I adjust them to what the help page recomends it still sends me to the same help page with the same instructions. All of this even with my pop up defender disabled and zone alarm settings reduced to nothing. Please help. Mike Tag: User password auditing Tag: 53029
  - 18
    - Automatically disable an account after a period of inactivity In a mixed 2000 / 2003 AD eviroment. how would I set a rule/policy that automatically diables a users account after a period (say 30 days) of inactivity? Tag: User password auditing Tag: 53025
  - 19
    - PING Sadie In an effort to provide clarity here, when replying to a post using the web-interface, please preface the Subject of your replies with "Re:" (e.g., "Re: PING Sadie"). Or use OE instead, which will do so automatically: http://insideoe.tomsterdam.com/resources.htm#setupmsnews Please do not change the subject of a reply in any other way. Doing so will dis-associate your reply from the thread. Thank you. -- PA Bear for Other Newsgroup Readers Tag: User password auditing Tag: 53012
  - 20
    - Word Security / Encyption Does anyone know where I would find out what level of encryption is used for a Microsoft Word document when it is password protected? Tag: User password auditing Tag: 53006
  - 21
    - VirtuMonde Recently upgraded from Adsubtract 2.xx to AdSubtract Pro 3.04. SpySubtract was also acquired and installed. (Intermute) The day of installing these shortly afterwards ran Norton CleanSweep (Fast and Safe choice) which stated my browser (IE6.0) was open in regards to flushing internet cache etc. Found IExplorer was open per CTRL-ALT-DEL. (Win98SE) No IE window was open and visible on the desktop display. Closed IExplorer per CTRL-ALT-DEL. Rebooted. No open IExplorer. Shutdown a few hours later Following day, somewhere along the line, same thing happened. Removed IE same way from memory, rebooted, and all remained okay. Following morning, scanned with PestPatrol. Found VirtuMonde. One line entry in registry. Deleted. Line in registry was: HKEY_CLASSES_ROOT\appid\{0dc5cd7c-f653-4417-aa43-d457be3a9622} per PestPatrol. No other VirtuMonde indications were found.. 2 days later, no more instances of open IExplorer, with no IE window open. I seldom browse except via Google to get info. Two hardware firewalls, and ZA Pro. NAV2002. Adsubtract Pro, Spysubtract, PestPatrol each with current defintions/updates. Following run and check memory: NAV, AdSubtract, SpySubtract, PestPatrol. Connect to internet via cable modem. Hardware firewalls consist of a router and a dedicated PC as NAT firewall in series. This PC and another PC connect to the NAT Firewall via hub. The other PC is dedicated video rendering, seldom on. Was not on when problem ensued. All applicable 98SE security updates installed. Cookies, cache, history cleaned daily after any browsing. Questions: Is there simply a coincidence between the software installation noted above and VirtuMonde? Why did PestPatrol allow the VirtuMonde entry into the registry to begin with? It runs in memory and checks memory. Why did SpySubtract not locate VirtuMonde? What EXACTLY is VirtuMonde? I've seen various including PestPatrol's writeup. Not clear. Layman's terms please. Know that it's simply a confidentiality bug, not a virus, but that's all I understand. Panda has best writeup, PestPatrol is more throrough in how to manually delete same. How can IExplorer be open with no open IE window on the desktop display? Have thrown alot of money and time towards hardware and software to prevent outside intervention on my PC. What can I do any further? Standalone? Tag: User password auditing Tag: 52994
  - 22
    - GETTING RID OF JUNK ON MY PC Sorry bit of a computer biff.need to stop my dailer number changing on its own. can anyone help please! Tag: User password auditing Tag: 52985
  - 23
    - GETTING RID OF UNWANTED JUNK ON COMPUTER I have a firewall set up on my computer but i still get loads of different things saved to my hard drive.at the moment i have a problem with my dailer number keeps changing.im guessing to a more expensive number.i have to keep changing my network connection settings.Can anyone help pplease ! Tag: User password auditing Tag: 52984
  - 24
    - CWS.SEARCHX CoolWebSearch won't go away! Hello, I've tried everything to get rid of cws.searchx including running cwshredder, search and destroy, adaware, and hijack this (and deleting appropriate entries); deleting regsitry entries; and every other thing you can think of, and the darn thing keeps coming back within 20 minutes of getting rid of it. I've tried running these programs in safe mode to no avail. I'm using all the updated versions of each program. Could someone give me some advice on what to do next? I really don't want to have to reinstall windows or anything drastic like that. I appreciate any help you guys can give me. Thanks Richard Tag: User password auditing Tag: 52979
  - 25
    - Win2k3 "Security Guide" templates applicable during 2k to 2k3 migration? Hello We have a mixed NT/2k domain, and are decomissioning our last NT DC to bring up a Windows 2003 Domain Controller. End result would be a 2000/2003 domain. I've been reading the "Windows Server 2003 Security Guide," and would like to implement those templates. Must all Domain Controllers be Windows 2003 in order for the templates to be applied If a server is 2k and the 2k3 templates are issued to the OU, as i understand, only 2k settings will apply and 2k3 settings would be ignored by the 2k machine, correct Thank you very much Edgard Tag: User password auditing Tag: 52966

Do you know of any good NT user audit utility? One that can show
password information such as:

Expiration date/interval
Password length
Password required
Unique passwords

NDS can be reported like:

Container, Name, Password Expiration Interval, Password Expiration
Time, Password Minimum Length, Password Required, Password Unique
Required, Passwords Used
SERVERS.OU.O, Chey Vsvr Us99ngw01, , , , , ,
IS.OU.O, USER1, 40 days, , 6/23/2004 8:54:46 PM, 6, TRUE, TRUE,
IS.OU.O, USER2, 90 days, , 5/18/2004 11:30:30 AM, 5, TRUE, TRUE,
IS.OU.O, HelpDesk, 90 days, , 1/2/1992, 6, TRUE, FALSE,

Top

Re: User password auditing by RichardH

RichardH
Wed May 19 17:13:10 CDT 2004

There are loads of ways to do this using command line utils or scripts but
if you are after a quick and simple solution try Somarsofts DumpSec tool
www.systemtools.com/somarsoft

This will allow you to dump info on the users and the password policy and
save it off to text files.

HTH

Rich

"Troy Tate" <ttate_nospam@ctscorp.com> wrote in message
news:uavma0l5g3nl6hiqei64n9blgit7citphs@4ax.com...
> Do you know of any good NT user audit utility? One that can show
> password information such as:
>
> Expiration date/interval
> Password length
> Password required
> Unique passwords
>
> NDS can be reported like:
>
> Container, Name, Password Expiration Interval, Password Expiration
> Time, Password Minimum Length, Password Required, Password Unique
> Required, Passwords Used
> SERVERS.OU.O, Chey Vsvr Us99ngw01, , , , , ,
> IS.OU.O, USER1, 40 days, , 6/23/2004 8:54:46 PM, 6, TRUE, TRUE,
> IS.OU.O, USER2, 90 days, , 5/18/2004 11:30:30 AM, 5, TRUE, TRUE,
> IS.OU.O, HelpDesk, 90 days, , 1/2/1992, 6, TRUE, FALSE,
>

Top

Re: User password auditing by Troy

Troy
Tue May 25 08:59:12 CDT 2004

Thanks for the info. Looks like this has to be run locally on the DC
for the domain. I couldn't get it to query a remote DC. Any other
suggestions?

Thanks,
Troy

On Wed, 19 May 2004 15:13:10 -0700, "RichardH"
<richardh@contentmaster.com> wrote:

>There are loads of ways to do this using command line utils or scripts but
>if you are after a quick and simple solution try Somarsofts DumpSec tool
>www.systemtools.com/somarsoft
>
>This will allow you to dump info on the users and the password policy and
>save it off to text files.
>
>HTH
>
>Rich

Top