VPN and/or remote access Plug-Ins

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - who could lock pages in memory Dear, all. Windows 2003 local security settings\user rights assignment\lock pages in memory, the default setting is: none is defined here. Could this mean nobody have right to lock pages in memory, or all body have this right? Thanks. Frank Tag: VPN and/or remote access Plug-Ins Tag: 75858
  - 2
    - CreateEvent fails with ERROR_INVALID_OWNER We're calling the Win32, CreateEvent, and it's failing with ERROR_INVALID_OWNER = "this security ID may not be assigned as the owner of this object". Here's the setup. We have a .NET class library (called .CAL) that calls into an unmanaged C-callable DLL (OMDAPI.DLL). The class library is hosted in a Web page. The Web page is running in IIS with anonymous access turned off. The web.config contains these entries: <authentication mode="Windows" /> <identity impersonate="true" userName="" password="" /> Therefore, we're trying to have the Web page impersonate the client browser's user. When OMDAPI.DLL connects to the ASPNET_WP process, during the DLL_PROCESS_ATTACH, it creates a static CSecurityDescriptor (from ATL). It calls InitializeFromThreadToken() on that CSecurityDescriptor. The DACL is null for this CSecurityDescriptor. The first user connects to the page, which calls into the class library which calls into the DLL. The DLL calls CreateEvent with a unique name and a SECURITY_ATTRIBUTES structure. The event name is generated from the username and some other data. Therefore, for each user, we're generating a different event name. The SECURITY_ATTRIBUTES structure is filled in with the CSecurityDesriptor (m_pSD) that was created during DLL_PROCESS_ATTACH. The first user's call to CreateEvent succeeds. I'm not 100% sure, but I believe this is the first time this security descriptor is actually used. The second user that logs in fails with ERROR_INVALID_OWNER. The second user is coming in from a different machine since we're using impersonation, it must be from a different user. It's been seen, sometimes on Windows Server 2003, that the second user gets in OK, but the third user fails. So basically, it fails after at most 3 users. The primary test platform has been Windows 2000. Now, OMDAPI.DLL has been around for a long time (6-7 years) and works fine in stand-alone, multi-threaded Windows applications. It has only started failing now that we're hosting this in a Web page. I've tried giving the ASPNET user account these privileges but they don't work: - administrator privileges - "act as part of the operating system" I haven't verified this, but it seems likely that each user is coming in on a different thread. The first user gets in and grabs ownership of that security descriptor. Then when the second user comes in on the second thread, it fails because it's already owned by the first thread/user. Does that sound reasonable? Some other things: - it's not in our class library because someone else wrote their own class library and called into OMDAPI.DLL and they get the same problem. - We're not trying to recreate the event name because it's different for each user. Any help as to why we're getting this ERROR_INVALID_OWNER would be greatly appreciated. Thanks in advance. Tag: VPN and/or remote access Plug-Ins Tag: 75852
  - 3
    - Error loading Roaming Profile - System detected a security comprom Getting this error when attempting to log in to a domain. Domain Controller is running Windows 2000 Server. ============ Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator. DETAIL - The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. ============ I am able to authenticate after logging in for functions such as internet browsing. Tried removing the computer from the domain and deleting the computer from AD, and reconnecting everything with no success. Tag: VPN and/or remote access Plug-Ins Tag: 75851
  - 4
    - Accoona Blockage of IE6 I have Windows 98 and IE6. Accoona has taken over my search engines and displays itself on all ads. I've tried removing it from the Add / Remove Software screen but it's not listed. I've searched Explorer to no avail. How do I get rid of this thing and how do I block it in the future? Help! Greg Tag: VPN and/or remote access Plug-Ins Tag: 75847
  - 5
    - child's account I have set up my childs account and want to do my other child, but you require a credit card to verify that I as the adult I ok the account. I do not have a credit card, becasue I do not want one. So how do I ok my childs account without one? Tag: VPN and/or remote access Plug-Ins Tag: 75846
  - 6
    - S/MIME signatures for internal email only? Hello all. I'm a newbie at setting up S/MIME on Exchange 2000. I am using an internal corporate Certification Authority that distribute= s = certificates for encryption and signing email. Is there a way to sign and/or encrypt only email that is internal only, = traveling within the organisation? Thank you for any suggestion on how this can be done. Dmitry. -- = Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ Tag: VPN and/or remote access Plug-Ins Tag: 75840
  - 7
    - Passwords Hi. I have been given an Excel document from a friend, it works ok but it is protected. I want to change it because the text does not centre; it is all over the place, some it centres others it aligns left or right. Very messy and unprofessional. He cannot remember the protection. Does anyone know if I can bypass the protection so I would be able to change the way text is written in the document? Many thanks. Tag: VPN and/or remote access Plug-Ins Tag: 75835
  - 8
    - Training Hey folks, fist post. I have taken on the job duties at my company as the network security administrator. My company wants to send me to some training to help me get off on the right track. Can anyone suggest a good training session? Or in your opinion what is the best out there? I am not worried about certifications at this point just needing to get a week training session under my belt. I am moderately knowledgable on Network Security and thats about it.. Something entry level to mod. would be cool. Thank you for your time in advance! Tag: VPN and/or remote access Plug-Ins Tag: 75831
  - 9
    - Open File - Security Warning I have several Windows 2003 Server SP1 and Windows XP SP2 systems attempting to run the various programs from a network share. I have been able to modify the Internet Explorer security settings to allow the local Intranet sites but a Security Center error appears each time a user attempts to open the program: Open File - Security Warning The publisher could not be verified. Are you sure you want to run this software? This file does not have a digital signature that verifies its publisher. You should only run software from publishers your trust. How can I disable this error? I have already tried allowing full access to the Intranet via Intranet and Trusted Sites Security Zones and disabling CheckExeSignatures in the registry. This is occurring with almost every network-run application we have installed. Tag: VPN and/or remote access Plug-Ins Tag: 75830
  - 10
    - Changing Cert template in Win2k3 Enterprise PKI CA Greetings, I wasn't sure where to post this as there wasn't a PKI/MS-CA forum. But here goes: We deployed Enterprise CA on Windows 2000 and recently upgraded the domain to Windows 2003 Enterprise (schema, native mode, etc.) The User Certificates issued are still based on the v1 template "user". we want to change the certificate lifespan from 1 to 4 years. The same with computer certificates. Can I replace the v1 user template with a v2 template so that is editable? Can I edit the v1 template somehow? The v1 templates are mostly greyed out in CertTempl.msc Help. Mike -- --- Mike Ruiz Network and Enterprise Systems Engineer Hobart and William Smith Colleges Tag: VPN and/or remote access Plug-Ins Tag: 75827
  - 11
    - RPC Server Unavailable When Requesting Computer Certificate Hi, I'm trying to set up a machine for use with our VPN. We will be using L2TP & smartcards, so I need to request a computer certificate. Up till now I've been able to configure most computer when people are in the office, connected to the domain, using automatic certificate deployment via group policy. However we have 1 user who is not going to be in the office, but needs VPN access. So I've changed the VPN access to allow PPTP temporarily, and asked him to connect, then I've used remote assistance to terminal service into his machine. From there I've managed to use the web based enrollment to download the CA certificate, and tried to use the certificates MMC snap in to request a computer certificate. However I get the initial screen up, asking which certificate I'd like, common name etc, but when I press finish, the system hangs for about 10 seconds, then errors with "RPC Server is unavailable". At first I thought this might be a firewall issue, as he was running windows firewall, as well as Symantec firewall. So I disabled both, and also the firewall on his 3com router. However after trying again, with a number of reboots, it still errors. I can ping the CA, the domain, and other computers. Does anyone have any ideas as to how I can successfully request a computer certificate? Is there another way of doing it? I notice there is no computer certificate option in the web enrollment form, even though the template has been added to the CA. We're using ISA 2004 as the VPN server, and it's allowing all protocols through from VPN > internal, and Internal > VPN. The DC is windows 2003 server, and the client machine is Windows XP pro SP2. Many thanks Ben Tag: VPN and/or remote access Plug-Ins Tag: 75819
  - 12
    - Initial post on windowsxp.help_and_support This is a multi-part message in MIME format. --------------040301030109070307020802 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Didn't saw any answer yet. --------------040301030109070307020802 Content-Type: message/rfc822; name="win98se vs. winXPsp2 file sharing problems.eml" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="win98se vs. winXPsp2 file sharing problems.eml" Date: Fri, 16 Sep 2005 00:30:14 +0300 From: Paul Grecu <paul.grecu@dacris.net> Organization: DACRIS User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 Subject: win98se vs. winXPsp2 file sharing problems Content-Type: multipart/mixed; boundary="------------050707030809020704070601" Message-ID: <ubmblyjuFHA.3752@TK2MSFTNGP09.phx.gbl> Newsgroups: microsoft.public.windowsxp.help_and_support NNTP-Posting-Host: 82.77.83.97 Path: TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl Xref: TK2MSFTNGP08.phx.gbl microsoft.public.windowsxp.help_and_support:594846 This is a multi-part message in MIME format. --------------050707030809020704070601 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, everyone! I just don't understand why is not working as it supposed to. I want my XP box to behave like a 9x one. I mean no matter which user or password I use to logon into network (let's say a simple workgroup) onto the win9x box, it should be able to browse the shares on the XP box anonymousely aka using guest account. Now I'm gonna tell you what I've already tryed out: 9x Box XP Box ~~~~~~ ~~~~~~ user: test simple file sharing = on pass: test guest account = on (but deny logon locally) \\xpbox\fullshare result: \\xpbox is not accessible user: test simple file sharing = off pass: test guest unchanged (see above) NTFS: everyone = full control SHARE: everyone = full control GPO: Limit local account use of blank password to console logon only = Disabled Do not allow anonymous enumeration of SAM accounts and shares = Disabled Sharing and security model for local accounts = Classic result: \\xpbox is not accessible user: guest nothing changed pass: result: everything is ok --------------050707030809020704070601 Content-Type: text/x-vcard; charset=utf-8; name="paul.grecu.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="paul.grecu.vcf" begin:vcard fn:Paul Grecu n:Grecu;Paul org:Dacris Impex Srl;IT Department adr:;;;Constanta;;8700;Romania email;internet:paul.grecu@dacris.net title:Network Administrator x-mozilla-html:FALSE url:http://www.dacris.net version:2.1 end:vcard --------------050707030809020704070601-- --------------040301030109070307020802 Content-Type: text/x-vcard; charset=utf-8; name="paul.grecu.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="paul.grecu.vcf" begin:vcard fn:Paul Grecu n:Grecu;Paul org:Dacris Impex Srl;IT Department adr:;;;Constanta;;8700;Romania email;internet:paul.grecu@dacris.net title:Network Administrator x-mozilla-html:FALSE url:http://www.dacris.net version:2.1 end:vcard --------------040301030109070307020802-- Tag: VPN and/or remote access Plug-Ins Tag: 75817
  - 13
    - Windows 2003 server SP1 Hello, I have installed windows 2003 enterprise edition on standalone system, i installed SP1 also, but found that system became a bit slower and also MY CD burning application stopped working after SP1 installation. I had to unistall SP1 to make nero work. What applications get affected after installing SP1 on windows 2003 server. how to rectify it. Pls Advise Tag: VPN and/or remote access Plug-Ins Tag: 75804
  - 14
    - Suspicious processes!!!! hi all, after researching processes running in my task manager i came across this process, wuauclt.exe - This is used by the automatic update tool in Windows ME to check the Windows Update site every so often to see if any updates need to be installed. it also said, The original wuauclt.exe from Microsoft gets placed in the Located at C:\WINDOWS\System32\wuauclt.exe . If you find it anywhere else then you should be suspicious for sure. So i did a file search on my c:\ and found 4 files, here they are, WUAUCLT, in, c:\1386, 137kb, application, date modified 8/29/2002 WUAUCLT.exe-1360D60A, in, c:\WINDOWS\prefetch, 25kb, pf file, date modified 9/15/2005 wuauclt, in, c:\WINDOWS\SYSTEM32, 122kb, application, date modified 5/26/2005 wuauclt, in, c:\WINDOWS\servicepackfiles\i386, 109kb, application, date modified 8/4/2004. could one of these be a virus/trojan? if so, how do i determine which one? I also have 5 svchost.exe using 51,000k between them, this cant be right surely!I have scanned with AVG, spybot s&d and ad-aware (all updated) and found nothing. please help, thank you. lee. xp sp2 Tag: VPN and/or remote access Plug-Ins Tag: 75800
  - 15
    - IPSEC with non-domain Server Hi All I am trying to add some additional security to a IIS server not in our Domain (Stand alone). I would like to use IPSEC to control who has access to this box and have been successful with IPSEC using the Preshared Key on the Server and Client. Microsoft does not recommend Pre Shared Keys, but what else is available with a non domain server and no PKI infrastructure? Thanks Mike Tag: VPN and/or remote access Plug-Ins Tag: 75794
  - 16
    - Malicious software removal tool I want to know if it is possible for some systems to experience negative effects as a result of the malicious software removal tool. I play on the MSN gaming zone fairly regularly. Tuesday night for no apparent reason an assortment of MSN zone pages are corrupt. They appear to be not downloading correctly/completely. I have XP Pro, Asus K8V SE deluxe with an Athlon 64 processor. The web pages are the same this morning. Other than this removal tool I can't think of anything else. Sept 13 would be the first download of the tool for me since I have only had this system for a short time. Tag: VPN and/or remote access Plug-Ins Tag: 75783
  - 17
    - restricting admin access to network I need to figure out a way to prevent the network admins from promoting themselves to enterprise/schema admins. I have already set up the restricted group, but they can still add themselves to these groups to bypass this. Questions: -1) How can I set the permissions so only enterprise admin can edit all GPOâ??s? I will then delegate specific policies to specific people. 2) Can I modify the default domain GPO ACL to only have enterprise admin edit it? I see in the GPMC that I can remove the delegation to domain admins. Is this how I go about this? 3) MOST IMPORTANTLY: I have tried removing domain admin permissions from my guys, but then it gets really hard for them to do their work on client PCâ??s since they have to log in as local admin. What can I do to ease this pain and remove domain admin for a few more guys? I have added them to the administrators group in AD but that did not seem to help. 4) Right now the group â??domain adminsâ?? is added to the remote tab of the system tab. Should I replace this with the â??Remote Desktop Usersâ?? group? I am also considering customizing this per server, is this safe? I realize that I am not doing things the right way and that none of use should log onto every/any PC as a domain admin, but I do not have a more efficient method yet. TIA Tag: VPN and/or remote access Plug-Ins Tag: 75781
  - 18
    - Meta data and showaccs.exe Would like to know what the following permission set is after using showaccs. exe. Following folders (+XWRD[f]{d]), files (+xwrd) for Everyone, Global Group. -- Message posted via WinServerKB.com http://www.winserverkb.com/Uwe/Forums.aspx/windows-security/200509/1 Tag: VPN and/or remote access Plug-Ins Tag: 75775
  - 19
    - How to tell if a firewall alert is suspicious or not How can I tell if a Sygate firewall alert is suspicious or not? For example, I received this message from Sygate just now: Sygate Personal Firewall: Firefox (firefox.exe) is being contacted from a remote machine [206.13.28.12] using local port 1258 (OPENNL - Open Network Library). Do you want to allow this program to access the network? How can I tell if this is suspicious or not? Tag: VPN and/or remote access Plug-Ins Tag: 75769
  - 20
    - could not upgrade file %1 from %2 %1: %2 kb896727 I run ME. It automatically downloads this fix, but it will not load at startup. It gives me the above message. Any suggestions? -- thanks, Steve Tag: VPN and/or remote access Plug-Ins Tag: 75764
  - 21
    - Need logon and Logoff data for 30 days Hi, I have about 600 remote users that logon through 10 Citrix servers. Upon request, I need to be able to provide when a perticular user logged on and off for the last 30 days. I curently have set our default domain policy to "audit account logon events" but it is logging a ton of stuff and constantly fills our security log before 30 days is up. Anyway, any suggestions would be greatly appreciated. 2003 AD TIA, Shay Tag: VPN and/or remote access Plug-Ins Tag: 75755
  - 22
    - anti-spyware vs antivirus vs firewall I know what all three are used for ( anti-spyware, antivirus, firewall), but I would like an explanation of the grey areas where they overlap. For example, I think a firewall will stop a worm from infecting a computer, but will a real-time antivirus also do this? Is there any overlap in the pests an antivirus and antispyware will take care of? Is there a website on the latest trends of security software? Tag: VPN and/or remote access Plug-Ins Tag: 75748
  - 23
    - Spybot and ISA SERVER Hi I am having an issue with spybot - it will not update whatever I do. We are running an ISA server using authentication. Therefore u can't browse or even get to the web without your username being authenticated. This is done between the browser and ISA but it seems Spybot can not deal with this. Can anyone help me ????? I've entered the login details into spybot but still not luck..... Please help. Tag: VPN and/or remote access Plug-Ins Tag: 75745
  - 24
    - MSN Contacts Recently when i try to block and delete a contact i am getting an error message 'gggg@hotmail.com can not be blocked. Please try again later' I have uninstalled and the reinstalled verstion7.0 Any suggestions Tag: VPN and/or remote access Plug-Ins Tag: 75744
  - 25
    - Active X files blocked Active X files are blocked on my computer making it impossible to use the MS Update Site or to download McAfee anti-virus and firewall. The suggested fixes from Microsoft and McAfee have done nothing. Any ideas? Tag: VPN and/or remote access Plug-Ins Tag: 75743
- Next
  - 1
    - Server Client not Talking to WSUS Dear all My environment is a Windows 2003/2000 server environment with around 40 Workstations: - - WSUS server is a Windows 2003 server - Test Client Server is a Windows 2000 server I have around 40 Workstations and they are all talking to the WSUS Server and updates are being downloaded to each workstation fine. I have read the WSUS documentation and understand that Windows Server 2000 OS is supported by WSUS. I have moved the server to a OU with the WSUS Policy enabled. I have executed the wuauclt.exe /detectnow command I have also executed a 'gpresult' command to see whether the Server has inherited the WSUS policy, it has fine. Any Recommendations or Advice Would be much appreciated. Regards Bruno Tag: VPN and/or remote access Plug-Ins Tag: 75741
  - 2
    - IPSEC VPN I have an IPSEC tunnel created between 2 Servgate firewalls. Everything was working fine until I recently installed updates on my Windows Server 2003, these updates included SP1. Since then I have been experiencing access difficulties. The headquarters can access the remote network but the remote PC's can no longer access headquarters. They can ping PC's on the network, but they can not access the network drives or remote desktop into the server. I can see at the firewall that the tunnel has been created and is running. Does anyone know of any new secutiry settings on Win2k3 that could be preventing access. Thanks. Tag: VPN and/or remote access Plug-Ins Tag: 75740
  - 3
    - Microsoft windows update Hello I have application and critical servers, I Want to stop all traffic Internet for these servers and keep only microsoft windows update to automatically receive updates. It is implemented into pix, hardware firewall with ACL like this: stop all internet traffic ans keep only for Windows update site IP address. firewall administratos said that microsoft update site has a lot of random adress IP is it true?, if no what is the exact address ip ? if yes how can implement this security? -- Salutations Tag: VPN and/or remote access Plug-Ins Tag: 75738
  - 4
    - telling which security groups are on which folder Hi there, I have a question. In Our organisation we have a lot of junk from our old servers and with that junk came a lot of security groups. Does anybody know a good (free) application that can tell which security group is used on which folder? I hope somebody knows such a programm Thank you all :) Maarten Tag: VPN and/or remote access Plug-Ins Tag: 75734
  - 5
    - No entries in Security Event Log I run XP Pro + all patches (except SP2). I do not use ICF. I have never seen an entry in the Security Event Log. Do I need to set something to enable logging? Tag: VPN and/or remote access Plug-Ins Tag: 75730
  - 6
    - min rights for access Hello. I must published an mmc for the support team with the snapin for the shares and open files for an win2003 server. now i search the minimal right for the support team group to used this mmc. itÂ´s not the solution to make the group member of the power user. has anyone an idea? thx marko Tag: VPN and/or remote access Plug-Ins Tag: 75729
  - 7
    - using ICF on 2003 server in domain? Dear, all. Is someone using ICF on 2003 server in domain envierenmnet? Is all functions, for example, ad replication, works well? Thanks. Frank Tag: VPN and/or remote access Plug-Ins Tag: 75727
  - 8
    - Blocking Downloads Is there a program that will allow me to block my kids from downloading programs and or music from the web. I don't want them to be able to download or install anything without some type of authorization process. Thanks ! Tag: VPN and/or remote access Plug-Ins Tag: 75714
  - 9
    - Directory access Hi, Here is my problem. I'm working on the Group Policy in Windows 2003. All users on my domain (excepts Administrator) have a restricted access to their "C:"-->read only on their XP computer(I didn't do anything for that). There is a user groupe that needs to write in a subfolder of "C:\Program files". Is there a way to change the access of that specific folder without having to modify the access on each XP computer? Thanks Mathieu Tag: VPN and/or remote access Plug-Ins Tag: 75713
  - 10
    - MRU Hi- I use ad-aware. After each scan, it lists MRU (& other spwares if found)- Can I safely place a check each time to remove these MRU's as well. what are these MRU's. thank you ! Tag: VPN and/or remote access Plug-Ins Tag: 75708
  - 11
    - Account lockouts help We have a few users in our org that continually get locked out. Every 5 minutes, their accounts go into the lockout state. They are locked down by a GPO but only for folder redirection. Any ideas??? Thx. Jon Tag: VPN and/or remote access Plug-Ins Tag: 75706
  - 12
    - How to resrict administrative access Hi everybody, Here is a classic situation. A Windows 2003 domain with 10000+ users. We need to restrict administrative logons to one particular source IP subnet or some specific workstations. The goal is to mitigate the risk of stolen administrator credentials'. Does anyone have an elegant solution for that problem? Tag: VPN and/or remote access Plug-Ins Tag: 75704
  - 13
    - Standalone Root- Standalone Sub I am trying to determing what advantage I will get by implementing a Standalone Subordinate CA to issue certificates to clients. I do not have an AD domain and I just need to issue certificates to a few hundred external vendors. Would it be necessary to have a subordinate CA or would I be just as well off with a Stand Alone Root CA issuing the client certs? It would also save me the cost of another server. >From what I can tell, I don't get any extra redundancy by having the sub CA, so what is its intended purpose. Can anyone give an example of how a sub ca could make sense in my environment? Thanks! Travis Tag: VPN and/or remote access Plug-Ins Tag: 75703
  - 14
    - Maximum Users allowed in a Share This is the problem I have been having. We have shares setup on a Windows 2000 server. We have the share mapped as a netwrok drive. I have users who complain that their drive is disconnecting and that they lose connection with their email pst's. I tried increasing the time for the server autodisconnect. It did not work. I turned off the autodisconnect, and we still have a problem. I tried deactivating the license server in case it might not be configured properly, we still had the problem. Does anyone know what the maximum amount of users is for a share? We are trying to increase the number of people who have access to the share (set the limit vs. taking the default which is maximum). Please let me know so we can get this problem taken care of. Thanks, Tag: VPN and/or remote access Plug-Ins Tag: 75701
  - 15
    - System Quarantining Does anyone know of any products that will quarantine systems that do not have the most updated MS Critical Patches? We have LANDesk and looking into that. I know Cisco has MARS and another security package. Basically, we have workstations we deploy patches to that we control. However, we have many laptops that we do not control, but want to ensure they have updated patches. Thanks for you assistance. P Tag: VPN and/or remote access Plug-Ins Tag: 75698
  - 16
    - OK Here's The Situation.... I am locking down my network. I am moving to a windows 2003 server domain. I am moving all machines into the domain. At the time of moving into domain I am disabling file downloads in internet security settings. I have the security tab disabled to the user via group policy. I am enabling downloads to Trusted sites. I have to manually at each pc add the trusted sites because from what i gather the group policy site to zone assignment list only works post xp sp2 and 2003 sp1 I am running all windows 2000 desktops. Say i miss a site that the users need to download from i dont want to have to go back to every machine and add that site ... is there a way to script the adding of trusted sites via logon or something? Any help would be greatly appriciated. Tag: VPN and/or remote access Plug-Ins Tag: 75692
  - 17
    - McAfee popup ad My McAfee software kept popping up an ad trying to get me to buy something, so when McAfee expired I got rid of it through the delete process and installed Norton. But the ad still keeps showing up, especially when I am not connected to the internet. Where is it on my computer and how can I get rid of it? -- Pharcellus Tag: VPN and/or remote access Plug-Ins Tag: 75689
  - 18
    - Router and Firewall I have a router that does NAT so why would I need to install an additional firewall? Tag: VPN and/or remote access Plug-Ins Tag: 75688
  - 19
    - winantispyware and winfixer popups grrrrrr i keep getting winantispyware and winfixer popups. i know nothing about programing and my adaware and microsoft anti spy ware wont stop it. how do i stop them ,or should i use them? Tag: VPN and/or remote access Plug-Ins Tag: 75682
  - 20
    - Virus Dectection What do I do when my virus scanner shows such a message? But it is unable to provide a description of the virus. I tried to quarantine but the next time I boot up I receive a message telling me the system is unable to locate the system file. Please help. WinXP Pro 2002 SP1 C:\WINDOWS\system32\kernels32.exe Trojan horse Downloader.Generic.EOI Tag: VPN and/or remote access Plug-Ins Tag: 75681
  - 21
    - Password I am trying to change my password and it will not let me do it. WHy? The reason I need to change it is because it was recommended by Ebay. Someone tried to use my ebay account and Ebay emailed me to let me know they also suggested I change my email password and if I had problems to contact msn. What can I do. Tag: VPN and/or remote access Plug-Ins Tag: 75675
  - 22
    - Password Protected Screensavers Trying to save myself from having to visit 90 desktops.... Is there a way to set all the computers in our network to meet the "Enable Password Protected Screensaver" criteria VIA a GPO or Domain Controller Security setting? Thx. Jon Tag: VPN and/or remote access Plug-Ins Tag: 75672
  - 23
    - MS backs out of releasing a security patch.... "Other than saying it planned to release a solitary fix in last week's advanced bulletin, Microsoft is yet to disclose any details of the security bug other than to describe it as "critical". " http://www.securityfocus.com/news/11310 Could this be the patch for outlook and IE? If so, the World already knows about it. Reference the original article here. "The bug affects default installations of Outlook, Outlook Express and Internet Explorer on Windows 2000 and XP Service Pack 1. EEye said that additional versions of Windows may also be affected." http://www.vnunet.com/vnunet/news/2142042/unpatched-bugs-ms-outlook Imhotep Tag: VPN and/or remote access Plug-Ins Tag: 75666
  - 24
    - Can We Monitor Websites Visited that Are Not Ours? Hello-- I've read the TN articles about using IIS to generate logs on hits to your own websites, but our management wants to monitor what websites our staff/clients are viewing that they shouldn't be viewing. Is there a way to generate a report that will show which websites our staff are visiting? Thanks, Stephen Tag: VPN and/or remote access Plug-Ins Tag: 75661
  - 25
    - Password complexity in W2K Pro/Serv network I am trying to figure out a way to enable customized password complexity in W2K Server on the Domain Level Policies. By default, W2K Srvr sets p/w complexity to 3 caps, 3 numbers, and 3 special characters. Is there a way to create your own template for password complexity? I know in NT 4.0 SP2, a passfilt.dll file was included and you could supply your own guidlines for complexity. Nothing like this exists as far as I can tell on W2K. Any ideas? Thanks. Tag: VPN and/or remote access Plug-Ins Tag: 75657

A number of companies are now using plug-ins to allow client desktop
control for support/troubleshooting.

QUESTIONS:

1) After the remote session is terminated, is there anyway to
identify and locate the plugin installed by the support organization?

2) Is it possible to force the plugin to be installed into a specific
directory/folder where the file system has permissions (NTFS assumed
here since I don't believe FAT32 has folder permissions)?

3) If #2 is possible, will this contain the viewer from going outside
(accessing or viewing) beyond the folder?

4) If not, is it possible for the client to contain the area where
browsing can take place -- if so how?

Thanks

David

Top