ftp tcp reset floods

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - MS-CHAP V2 and server certs I have a question about IAS, PEAP MS-CHAP V2, and wireless. I am using MS-CHAP V2 to authenticate PDAs on our wireless network. Because we are using MS-CHAP V2, we are using AD credentials to authenticate the clients. Everywhere I have read it states that we have to install the server certificate onto the device. I have found a loop hole though. Both on the wireless PDA and laptops, we can choose not to validate the server certificate. I can still authenticate to the IAS server (wireless) but I have not installed the server cert onto the device (because I have unchecked the validate server checkbox both in zero config and the wireless application). This is my question, if we don't validate the server and if we don't have the server cert, won't the transmission of the user account and password be in clear text? Is there a way on the IAS server that we have to force the clients to have the server cert or they wont be authenticated? Thanks, Peter Kim Tag: ftp tcp reset floods Tag: 89849
  - 2
    - Security Certificate Error message when visiting my bank web-site Since last two weeks when I try to logon to my bank's URL:www.online.citibank.co.in/, I get the message that "security certificate for the site has expired or is not valid". The expiry date given is: 10/20/2006. I checked with the bank and they e-mailed me the new certificate and the procedure to install it. I did. The new certificate is installed but I still get the same message and cannot logon to the site. I am unable to access my bank accout and I AM GETTING FRUSTRATED. I am not sure if I have screwed up something in my computer. The bank cannot help me either. They say that no one else is having this problem. CAN SOMEONE HELP ME PLEASE PLEASE. -- SP Tag: ftp tcp reset floods Tag: 89848
  - 3
    - HOW CAN i GET THE ADMINISTRATOR PASSWORD? Sorry, could anyone tell my how the process to get the password of the administrator when you are the USER permission have to access to the Network So my qustion could we get the password of the Admin which we access as a User? and if so, please tell how? Tag: ftp tcp reset floods Tag: 89846
  - 4
    - HOW CAN i GET THE ADMINISTRATOR PASSWORD? Sorry, could anyone tell my how the process to get the password of the administrator when you are the USER permission have to access to the Network So my qustion could we get the password of the Admin which we access as a User?=20 and if so, please tell how?=20 Reply =BB Tag: ftp tcp reset floods Tag: 89845
  - 5
    - Microsoft TV Advert & Security 'people ready business' Hi All, Has anyone seen the TV Advertisement featuring a character named Alberto, advertising the 'people ready business'? It is on UK television, I couldn't say about any other country. I have spotted several security problems with the advert. 1. Alberto is in a lift (elevator) 'shoulder surfing' over someone who is using her PDA. She had no idea if all the people in the lift were staff cleared to see the information. 2. Alberto is trying to swipe his card to enter a door. Another person just opens the door. If a security device is fitted, it should be used! 3. Alberto does not log on to his workstation. No login = no accountability. Now, I know this is the fanciful whim of an advertising agency but do you think Microsoft should have allowed this to be released? Comments? Me. Tag: ftp tcp reset floods Tag: 89840
  - 6
    - windows XP firewall blocking installation of McAfee VirusScan via protection pilot I have a Windows server 2003 with McAfee protection pilot and am trying to push out the software to the workstations. The problem is that Windows XP firewall is blocking the installation. I am looking for way to use group policy to allow McAfee to install on the remote machines. Any help would be greatly appreciated. Tag: ftp tcp reset floods Tag: 89829
  - 7
    - Windows 2003/Windows XP security question Hi I have a question that's been bugging me a little... Suppose I have a machine that needs to be on the internet, e.g. SMTP Gateway, FTP server etc. The actual box would be a high spec desktop machine rather than a dedicated HP server. What OS would be the best to use? Windows 2003 Server or Windows XP Pro? Is Windows 2003 Server actually more secure than Windows XP? Or is XP recommended here because it is a desktop machine, although 2003 will work fine on it. Network wise, we are using a Cisco PIX 506E firewall that will assign the box a NAT address. Would be grateful for any advise... Thanks SJ Tag: ftp tcp reset floods Tag: 89826
  - 8
    - Pest Trap software Need help. I got a malicious software called Pest trap. I have attempted to remove it from the control panel add/remove software. It will not let me delete it from the computer. Any suggestions? -- BDaily Tag: ftp tcp reset floods Tag: 89824
  - 9
    - ztm file extension listed as executable Hi all, I just ran this old utility called LExE (from Mischel Internet Security) to find out which file extensions are listed as exeutable on my machine. Among the usual extensions, the tool listed ".ztm". Not knowing where this had come from, I changed the extension on a text file on my desktop to the .ztm, and checked the properties, which gave the following output: Type of file:ZipGenius Theme Opens with:%1 I do have ZipGenius installed so the first part sounds possible. But since I do not think a zip tool theme file should be listed as executable, I did a search in the registry to try to find out where the extension is set. A full search in the regedit returned no results. Anyone knows where a file extension is set to be executable? thanks in advance JJ Tag: ftp tcp reset floods Tag: 89822
  - 10
    - too many error messages what do I do? I am experiencing to many error messages and shut downs,please help Tag: ftp tcp reset floods Tag: 89820
  - 11
    - Clicking "Shut Down" for Important Updates HELO, When choosing "Turn off Computer" on Windows XP's start bar, the dialog window "Stand by | Turn off | Restart " comes up BUT it is different. It now has: "Click Turn Off to install important updates and turn off your computer" I clicked "Turn Off" yesterday and it made the normal dialog to shut down start happening again. (this was after watching some processes happen before automatic power-down). After using my computer for a couple days now, that peculiar "shut-down" dialog window comes up again. Do you know what is happening? Is this a virus? Tag: ftp tcp reset floods Tag: 89814
  - 12
    - Re: Spyware? I use a free version of Spybot-Search & Destroy, lately I have run this program and I always have the following messages that need to be fixed: Microsoft.Windows Security Center_disabled Microsoft.Windows Security.Internet Explorer I elect to fix the problems and it does so, but when I recheck I get the same thing again. I recently upgraded to Internet Explorer 7. It there a conflict between this and the utility program I am running? Can anyone offer a solution or is this a waste of time. Are there better Anti Adware/spyware utilities out there? Gary Marks -- gjm Tag: ftp tcp reset floods Tag: 89809
  - 13
    - GPO & Password set to expire When a user logs onto the domain from their workstation and the "user must change password at next logon" option is selected if they type a password less then 3 characters it gives an error message. I'm not sure why this is happening. The group policy object does not have a minimum password selected. If I have them type the same password on the domain controller under "reset password" it accepts the password as they type it. Do I have a policy set wrong?? After typing the password on the server reset password option they are able to logon to the domain on the workstation with that password with no problem? Thanks for your help. Kim Tag: ftp tcp reset floods Tag: 89807
  - 14
    - General EFS Question EFS newbie here - We have an SBS2003 domain and most all work is done in the office on workstations. Some users are now looking at VPN from home and using Remote Desktop Connection to their workstations when necessary. This is good, but I would like to make sure that files that leave the office are not going to open or otherwise be usable to anyone. For example, if someone copied a file from our network over a VPN and then tried running it on their own (remote) computer, the fie would not open or run; But if they brought that same copied file back into our office, say on a floppy, it would run or open. From what I know, as long as the key to decrypt the file does not leave the network, then the file should only open on the network - Right? Thanks Paul Tag: ftp tcp reset floods Tag: 89806
  - 15
    - Security Alerts/Unable to get into some sites In the last few days I have been unable to get in some sites I have gotten into before. Today I tried to get into a 401K site where my money is invested. I got the Security Alert and it stated "the security certificate has expired and is not yet valid." Then I tried to get into a Medical site where I order my prescriptions. I got the same message. I tried to get into AOL help and was unable to get into this site either. How can I resolve this? -- Barbara Tag: ftp tcp reset floods Tag: 89799
  - 16
    - HOME PAGE Every time I open up my internet explorer instead of going to my home page it redirects me to a security site (http://eprotectpage.com/). It tells me I have a virus but I dont! I cant get my home page back! im a little worried about it. -- your friend jeff!! Tag: ftp tcp reset floods Tag: 89795
  - 17
    - Removing Microsoft Antispyware I hope that this is the right NG to ask this question, if not then perhaps someone can point me in the right direction. Several of the computers at work have Microsoft Antispyware installed, (with a bulls-eye icon on the desktop). As it is now outdated I tried to uninstall it by going to Add or Remove programs in the control panel but although the program is there, when highlighted there is no *Remove* button. Can anyone tell me how you remove this program? -- Thank you in advance for all assistance, Sandy In Perth, the ancient capital of Scotland and the crowning place of kings sandymann2@mailinator.com Replace@mailinator.com with @tiscali.co.uk Tag: ftp tcp reset floods Tag: 89793
  - 18
    - Do I need a CA\PKI I will be setting up an Active Directory network in the near future. I was wondering if I need a CA\PKI for my environment. Here is what I am looking at setting up. Two domain controllers, that will also serve as file servers. One of the domain controllers will have a tape backup unit connected to it running Backup Exec. IIS will not be installed anywhere in the domain. Users will have a home directory, and may have access to other shared directories as needed. The majority of users will be connecting to the domain in the LAN, and will not have access to the domain remotely. All the servers in the domain will be in the same location. Given this environment, do I need to set up a CA/PKI? If so what are the reasons and advantages of doing so? Thanks for any input. Tag: ftp tcp reset floods Tag: 89792
  - 19
    - Is it a Sasser worm? Hi all. Yesterday I started a shutdown of my server. It hanged for a while, then it displayed this message: (...) The system process 'C:\WINNT\system32\lsass.exe' terminated unexpectedly with status code 128. The system will now shut down and restart. So it seems there is a Sasser infection. But there are some points: - The server is a Windows 2000 Server SP4 OS. The sasser patch, KB835732, is installed since year 2004 - Security rollup and other hotfixes are installed, too - the antivirus software running on the server is up to date and it did not found any virus - the server is not connected with the Internet - there is not other evidence of this virus (registry key, avserve.exe, win.log, ecc.) So, what is happening? A new sasser variant? Another infected computer on the LAN is trying to infect the server? Or maybe this message is not always caused by this virus? Thank You. Tag: ftp tcp reset floods Tag: 89785
  - 20
    - Capicom Security Alert We've developed a web application on our internal Intranet, which includes the creation of a digital signature. This functionality is developed using the capicom dll. When capicom is initiated from IE a number of security alerts are displayed about accessing the local certificate stores. We are receiving complaints from our end users about how many prompts they are receiving. One of the capicom prompts allows the user to tick a check box to stop it appearing again when the user accesses the same website. This works fine for the browser session but as soon as the browser is closed down this flag is lost and the prompt appears next time the user tries to produce a signature. Is this how it is meant to work? And is there any way of maintaining this across browser sessions so that the user does not have to click on this prompt everytime they create a signature on our internal website? Any suggestions would be greatly appreciated. Many thanks. Tag: ftp tcp reset floods Tag: 89784
  - 21
    - OneCare Subscriptions There's probably a OneCare newsgroup, but I couldn't find it. I'm interested in knowing how to view my multiple PC subscriptions through OneCare. For each $50 subscription, I can protect up to three PCs. But I haven't been able to figure out where I can go to view which PCs are on what subscriptions (I have more than one) and how many more openings I have per subscription, etc. In other words, I'm looking for a breakdown of my PC distribution on a subscription by subscription basis. Any help, or a point in the right direction would be appreciated! -Anthony J. Tag: ftp tcp reset floods Tag: 89777
  - 22
    - Norton 2006 security check reports hacker threat ports 80 443 I am not familiar with port operation, but when I run security checks I am told there is a "hacker threat" because these ports are open. They are the hppt and https ports and I don't know why this is a problem. I am fairly certain there are no virus ,spyware, malware, etc. on my system. What should I check? Symantec has not been very helpful. Windows XP SP2. -- Randu Tag: ftp tcp reset floods Tag: 89770
  - 23
    - Antivirus Does Microsoft or anyone else have a recommended virus protection for Domain Controllers? Also as I understand it, the new Antigen is for Exchange and sharepoint servers? Is it designed to replace like symantec corporate on just those servers? Tag: ftp tcp reset floods Tag: 89765
  - 24
    - Important...Interesting...Danger behind some file types ?? I have played with Windows XP professional for some time and I see that some Microsoft applications such as Outlook Express and MSN / Windows Live Messenger flags many file types as 'dangerous' because it could contain some kind of code that could somehow compromise the system such as .EXE .SCR .BAT .COM .SCR .PIF .HTA .VBS .JS .HLP .CHM .REG .INF and many others. at each one it is clear that it can compromise the system via executable code eg. EXE BAT COM PIF SCR or some kind of script code, eg. in HLP, HTA VBS and JS files. Now my question... why do they also flag .URL and .SCF files as dangerous ? I searched everywhere on those files structures and how they are 'scripted' but didnt find anything that could directly compromise the system. the URL file (internet shortcut can do the same, if not less then an HTML file but HTML files are not flaged as dangerous. in URL files you can assign any shortcut u want or execute local files using 'file:///' protocol, but with HTML it is also possible to display the content of an arbitrary external website via IFRAME tag and execute local files using the OBJECT tag. so I wonder why URL files are dangerous and blocked ?? also .SCF files why they are dangerous?...Microsoft provided very little documentation on these files but the most 'harm' it can do is minimize all opened windows hehe. so I would really appreciate if someone, perhaps some Microsoft security professional gave me some light here. By the way a specially crafted desktop.ini file can be much more dangerous but .INI files are not flagged or blocked. Also something tricky with INF files. If you download an INF file and open it, Internet Explorer warns asking if you really want to execute the 'software'. Why is that if the INF file has the default OPEN command set to notepad.exe. (double clicking the file opens it in notepad). To install it, it should be right-clicked and select install. So warnings should only go to the 'INSTALL' command, this way it would not confuse users or give a false alarm of 'danger'. thanks very much in advance and hope to hearing from someone soon :) Tag: ftp tcp reset floods Tag: 89761
  - 25
    - firewalls Is is it bad to run two firewalls at the same time ???? I have trendmicro pc-cillin 2006 witch has a firewall in the internet sec system ... I installed sunbeltsoftware kiero personal firewall.. But I have to keep restarting the service from start, run, services.msc... Can i lower the firewall settings on trend to medium , its on med high... to run both.. Any info will help ... tyvm.... Tag: ftp tcp reset floods Tag: 89760
- Next
  - 1
    - Setting up 2 domains with one way trust to dmz What I have now is a domain on the inside interface of a firewall and workgroups on the dmz. I am thinking for easier administration that making a second domain on the dmz with a one way trust would help cut down the administration of accounts and such. To me it looks fairly straight forward for the domain creation. I would create a new domain like dmz.xxxxx.com for the dmz with inside domain being xxxxx.com. Now the big question what ports need to be open for all this to work correctly on the firewall? I found ms artical 179442 which lists a ton of ports that need to be opened to make this work. I have no problem with the server ports its the client ports that I don't like. maybe I am reading it wrong or something. any help would be most welcome. list of server ports 135/tcp RPC 389/TCP/UDP LDAP 636/TCP LDAP SSL 3268/TCP LDAP GC 3269/TCP LDAP GC SSL 53/TCP/UDP DNS 88/TCP/UDP Kerberos 445/TCP SMB Client ports 1024-65535/TCP/UDP or is this the same as I have configured already on the firewall of any on the inside has access to dmz? Tag: ftp tcp reset floods Tag: 89756
  - 2
    - EFS algorithm Hi, which common algorithm can be used in a windows 2000, XP and 2003 environment for efs, assuming that on all os' the latest service pack is applied and on the w2K the high encryption pack is installed? I've found some on the Internet saying desx and others 3des. Thanks and regards Ueli Tag: ftp tcp reset floods Tag: 89754
  - 3
    - What is this? We have a form that was submitted with a lot of crazy stuff in it. Any ideas what this could be? ----------------------------------------------------------------------- <a href="http://11.gotope.com/pentola-fondue-bourguignonne/"> pentola-fondue-bourguignonne </a> http://18.bonn-coach.com/gioco-pugilato/ <a href="http://19.nmkjj.com/box-esterno-tv/"> box-esterno-tv </a> <a href="http://4.gotope.com/corsetteria/"> corsetteria </a> http://11.bonn-coach.com/ragazza-sesto/ <a href="http://4.nmkjj.com/tetta-piu-grande-mondo/"> tetta-piu-grande-mondo </a> <a href="http://9.nmkjj.com/inurl-guestbook-php-page-od/"> inurl-guestbook-php-page-od </a> http://13.mcfc-fans.com/hotel-campofelice-di-roccella/ <a href="http://6.mcfc-fans.com/acicastello-immagini/"> acicastello-immagini </a> <a href="http://3.diederichwedding.com/psicologia-it/"> psicologia-it </a> http://18.nmkjj.com/capodanno-lazio/ <a href="http://17.bonn-coach.com/borsa-pinko/"> borsa-pinko </a> <a href="http://19.gotope.com/dario-antiseri/"> dario-antiseri </a> http://18.mcfc-fans.com/auto-noleggio-carre/ <a href="http://15.mcfc-fans.com/giochi-gratis-nokia-7250/"> giochi-gratis-nokia-7250 </a> <a href="http://11.diederichwedding.com/pok-e8mon/"> pok-e8mon </a> http://19.diederichwedding.com/wireless-sicurezza-mac-address/ <a href="http://8.gotope.com/lavoro-bettola/"> lavoro-bettola </a> <a href="http://17.gotope.com/legge-elettorale-2006/"> legge-elettorale-2006 </a> http://5.mcfc-fans.com/versione-latino-and-nepote/ <a href="http://5.diederichwedding.com/itinerario-chianti-vacanza/"> itinerario-chianti-vacanza </a> <a href="http://3.gotope.com/fontana-feng-shui/"> fontana-feng-shui </a> http://7.diederichwedding.com/mp3-tinturia/ <a href="http://6.diederichwedding.com/viaggio-finlandia/"> viaggio-finlandia </a> --------------------------------------------------------------------- your help would be greatly appreciated. Rich Tag: ftp tcp reset floods Tag: 89753
  - 4
    - Using Cipher for Default Encryption Settings We have a client who would like to encrypt data with EFS. The client would like to have it setup so that all data folders are encrypted by default. The client would also like to have it setup that new directories created by the user are also tagged for encryption by default. Basically the client doesn't want the user to "accidentally" have unencrypted data on the hard drive. I am looking for an alternative to Whole Disk Encryption products, and I would like to use EFS. I know EFS can not be used to protect system files or the root directory. That's ok. My question is, can I use the cipher.exe command to set all possible (non-system, non-root) directories to be tagged for encryption? I am thinking about the following command: cipher /e /i /s:c:\ I believe this will set the encryption flag for all directories starting the root directory, and ignoring the errors (for c:\, c:\windows, & any other system directories). My understanding is that this flag means any new files or directories created or copied into these "encrypted-flagged" directories will be encrypted on the write. Then, a second command of: cipher /e /a could be used to actually encrypt the file data in certain directories such as My Documents to encrypt current, existing data on the hard drive. Does anyone have any experience with this? Thanks -MB Tag: ftp tcp reset floods Tag: 89752
  - 5
    - files on ur web directory Hi All, i found that : "In order to reduce a web application attack surface, only web application pages should be kept on the web directory and any other files should be removed to any other local folders." my questions are: 1- is that true?? and why?? 2- what are exactly the file extensions that are allowed to be left on the default web directory?? 3- what are the type of files that are considered to be vurneable???? finally, if anyone one has any reference for such a topic, i'll be happy receiving it :) thanx for ur help and reply :) Tag: ftp tcp reset floods Tag: 89751
  - 6
    - Lingering corruption issues from MS06-049 - KB article 925308 This new article speaks to a fix to the problem created by 06-049. If the patch is broken why is this not a re-release of the patch? I see none of the usual "Microsoft only recommends applying this to systems experiencing the problem..." I take it then that every system on which 06-049 is installed is still potentially vulnerable to file corruption. If so then 925308 is in fact a vital patch not for security's sake but for data protection's sake. MS please respond. Should we apply this fix to all systems that have 06-049 installed. Tag: ftp tcp reset floods Tag: 89743
  - 7
    - Important Information Check out: www.Brandon-Lands.com Tag: ftp tcp reset floods Tag: 89741
  - 8
    - Kerberos UDP vs TCP Hi everybody I'm facing some problems with Kerberos authentication using UDP protocol. As suggested by Microsoft using TCP protocol the problem has been solved instead. Questions: Why Microsoft uses UDP by default if there are authentication problems? What would be the global impact on the network (WAN) using Kerberos authentication through TCP? Would it be a suitable solution? Any help really appreciated. Tag: ftp tcp reset floods Tag: 89737
  - 9
    - Security settings change locks program I'm using Windows Server 2003 and I was trying to add a user to the user list under the security tab of a folder and it seems to just lock up when I hit apply or ok. I have let it sit for over 30 mins with no progress. I did a small subfolder and that worked. Is it just slow to apply the setting to all the sub folders? Is there a way to make this run smoother? Thanks. Tag: ftp tcp reset floods Tag: 89728
  - 10
    - IBM THINK PAD CAN anybody help have being given a n ibm thinkpad and cant turn on wi-fi Tag: ftp tcp reset floods Tag: 89726
  - 11
    - Audit Logging for the NIC Properties Is it possible to audit a network interface driver's properties? That is, an administrator goes into a local area connection, configures the NIC, and changes Flow Control (or some such driver property). Can this action be logged and audited? This is for Win2003 Server Standard Edition running in a Win2003-native Active Directory domain. Thank you in advance, J Wolfgang Goerlich Tag: ftp tcp reset floods Tag: 89723
  - 12
    - pki - CRL questions Designing a basic w2k3 pki for internal purposes. Three tier (root & intermediate offline, enterprise isuing). Might be expanded to support external (outside AD forest, outside internal WAN) use in the near future. Do I need to publish CRL's and AIA to external accessible webservers from the start, or can I start with internal publishing only? Can the CRL publishing list be changed for all CAs (external HTTP address added) without much reconfiguration at a later stage? What is the preferred order, when using mostly AD integrated clients: ldap or http first? I want this design to be flexible, not directly needing an extra layer of intermediate and issuing CA's when external used certs are needed, but also want to prevent making irreversible decisions... Tag: ftp tcp reset floods Tag: 89722
  - 13
    - ipsec ports I am going to setup IPSEC tunnels between windows servers that pass through different firewalls owned by other organizations. I need to submit requests to the other firewall admins requesting ports and protocols be opened up and I want to get it right the first time. What ports are required to be open for the handshake and communication of ipsec between two windows servers through a firewall? Thank You Erik Tag: ftp tcp reset floods Tag: 89720
  - 14
    - Security Updates I am wondering why no security updates from Windows Update for November. Usually by now we have them for the month. I have tried using IE7 four times and uninstalled each time and back to IE6, because it just is too much trouble to try to fix bugs. But the update icon apears in system tay to update to IE7. Is it because we are going to be forced to update to IE7 in order to get critical updates? Tag: ftp tcp reset floods Tag: 89718
  - 15
    - Windows Defender Does the windows defender get all spyware programs out. I have been using spyware programs for a long time and i have come across alot of spywre which cannot be removed by some programs for instance. cam it remove Vundo? or other programs which are difficult to get out? Snooza~Plz Reply asap as i think i might be watched. Tag: ftp tcp reset floods Tag: 89716
  - 16
    - User cannot FTP file from local disk to website. The user can connect to the website (using an FTP client software) but cannot upload a file. The client software just hangs. I (as administrator) can perform the upload. It must be a Server 2003 security issue. The client ftp program is WSPTF_Pro. -- Regards Tom Tag: ftp tcp reset floods Tag: 89713
  - 17
    - firewall configuratioin I do not know which of these to allow or block or make me ask I have no ideal what I am doing configuring the firewall do I block, allow theses or make them ask me? Internet Connection Sharing? Windows RPC service? DHCP protocol client? DNS protocol client? ICMP network diagnostics? Destination Unreachable? Ident Service? Protocol AH? Protocol ESP? Protocol GRE? L2TP VPN? PPTP VPN? Tag: ftp tcp reset floods Tag: 89712
  - 18
    - question about IAS and PEAP MS-CHAP V2 (wireless authentication) Hey guys this is my first post. I have a question about IAS, PEAP MS-CHAP V2, and wireless. I am using MS-CHAP V2 to authenticate PDAs on our wireless network. Because we are using MS-CHAP V2, we are using AD credentials to authenticate the clients. Everywhere I have read it states that we have to install the server certificate onto the device. I have found a loop hole though. Both on the wireless PDA and laptops, we can choose not to validate the server certificate. I can still authenticate to the IAS server (wireless) but I have not installed the server cert onto the device (because I have unchecked the validate server checkbox both in zero config and the wireless application). This is my question, if we don't validate the server and if we don't have the server cert, won't the transmission of the user account and password be in clear text? Is there a way on the IAS server that we have to force the clients to have the server cert or they wont be authenticated? Thanks, Peter Kim Tag: ftp tcp reset floods Tag: 89711
  - 19
    - Windows Firewall Exception: RunDLL32 Is it normal for RunDLL32 to show up in the Windows Firewall Exception list? How about Explorer.exe? -- Gary S. Terhune MS-MVP Shell/User http://grystmill.com/articles/cleanboot.htm http://grystmill.com/articles/security.htm Tag: ftp tcp reset floods Tag: 89700
  - 20
    - Someone hacked into my computer... I'm under the impression that my computer has been hacked into. It seems whoever it was took a special likeing to my school files (mainly papers I've written over time), as that folder is now empty. Fortunately windows recorded the last date and time the contents of that folder were "modified". My question is is there some way I can see who was in my computer at that time? This happened somewhat recently I'm guessing (about 2 days ago according to windows). Seeing as I was on the computer at the time specified, I know it wasn't anyone I live with. Thanks to anyone that can help. Tag: ftp tcp reset floods Tag: 89698
  - 21
    - Mcafee removel 'I have tried uninstalling mcafee even to the point of going on mcafee's website and downloading thier uninstall exe. It says it is compeletly uninstalled and i reboot . But then it is still in add and remove. I want to install their new mcafee security , but it will not let me because the old one is still on my comp. I have tried and am ready to throw this comp in the trash if I cant get it to do what I need. HELP HELP ! Thank you Tag: ftp tcp reset floods Tag: 89694
  - 22
    - security template unreadable On a windows 2000 system recently updated to sp4, I have been getting 2 regular security-rleated events in the event/application log 1) one a warning SecCli event 1202--Security policies are propagated with warning. 0xd : The data is invalid. Please look for more details in TroubleShooting section in Security Help. 2) an error: Usrenv event 1000 The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (13). None of the knowlege base articles on these errors seem to apply to my situation. Winnt\security\log\winlogon.log reports "Reading Configuration template info...Error 13: The data is invalid. secreateglobalprivilege is not a valid privilege." In the management console, windows is unable to read the basic security template. I'd appreciate it if someone could tell me if these errors are causing any practical problems--especially my inabilty to start rasman (unable to create buffers) or cannot connect with mysql (connection lost). And, if so, what's the fix? I'm not a newbie, but neither am I an expert in this area. Thanks Tag: ftp tcp reset floods Tag: 89692
  - 23
    - Cant open CMD/taskmanager Hi, Can anyone help me, i cannot seem to open the Command Prompt or my Taskmanager. I think i may have a virus, but cannot find it with Mcaffee. Any suggestions? Tag: ftp tcp reset floods Tag: 89689
  - 24
    - UserOverRide key on Win2003 I'm trying to OverRide the screeen saver seetings like a do for Win200. It's configured at: HKLM\SYSTEM\CCS\Control\Terminal Server\Winstation\ICA-TCP\USEROVERIDE\Control Panel\Desktop under this I created ScreenSaveActive = 0 ScreenSaverIsSecure = 0 ScreenSaveTimeOut = 4500 I'm using under ICA-TCP key, beucase it's for a Citrix server/connection. But it does not work for Win2003, just for Win2000 any idea? thanks in advanced.. Tag: ftp tcp reset floods Tag: 89683
  - 25
    - W2K3 3-tier CA Implementation I have been trying to follow all of the best practices and recommendations for a W2K3 Enterprise CA solution. I have the Root installed, still online for right now, and have been trying to get the Intermediate CA that will be used for policies set up. I would like to follow Microsoftâ??s lead and use a 10 year, 2040 bit certificate. I have copied the Subordinate Certification Authority template and increased it to 10 years, copied the new OID and description from Intermediate Certification Authority and used both of them in the CAPolicy.inf file in C:\WINDOWS, but I keep getting 2 year certificates. After resolving, I will need to create Issuing CA certificates from the Policy CA that are 5 years and 2048 bits. Thanks for ALL of the input. Tag: ftp tcp reset floods Tag: 89680

anyone familiar with something going around that is doing tcp resets on
ftp ports against akamai servers (err, 15% of the internet akamai)?

I have something jumping from one windows pc to another using them to
burst hundreds of thousands of small (less than 50 bytes) ftp packets
against various akamai
servers. I have sniffed the traffic, and it consists of small packets
with the tcp reset flag set to 1 coming from a non-privileged port on
the pc (e.g. 1046) and going against port 21 on the remote machine.
This is followed by an ack response from the remote machine (which is
listed as a duplicate ack) back to port 1046. Rinse and repeat a few
hundred thousand times.

This traffic brings the cpu utilization on our router quickly up to
100% at which point it starts to dump services. I am not sure if this
is an attempt to participate in a DDoS against the remote machines, or
if it is an attempt to tank my router.

Windows pcs have updated anti-virus (CA), are NOW running windows
firewall,
and are fully patched to today (although they may have been compromised
at any time in the past, who knows). Several have had on-line f-secure
and symantec scans in safe-mode that show nothing. Once I turn on
Windows Firewall (it was turned off to allow some administration via CA
Antivirus admin console and for Enterprise ghost functions to work),
that seems to stop the traffic, but I still must have a a nasty bug
waiting to pounce.

Any help would be appreciated.

Top