SSL session persistance

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Password capturing program Is there a program called Pass Ping that is considered a "password capturing program"? The only thing I can find is the standard Ping command which comes with Windows. A "technology expert" is admant that there is such a program yet will not provide me with any information. TIA! Tag: SSL session persistance Tag: 25468
  - 2
    - Automation receive certificate from IE pop-up Is there anyone know how to write a C codes to automation receive IE content Certificates on SSL URL? The pop-up display when user try to go to https:// sites. Tag: SSL session persistance Tag: 25456
  - 3
    - Unblocking specific messages Today I was introduced to the "Block message" function in MicroSoft Express 6. Thinking I would be given another step in the option to block, I hit "block message" on a message I did not want to block in the future. Is there a way to take this "block" off???? Thanks for your help. Tag: SSL session persistance Tag: 25448
  - 4
    - ASP.NET I have found machines with the ASP.NET State Service loaded with a local account called ASPNET. Did this come from the ASP.NET 1.1 download? Should the service be using that local account or the system account? Tag: SSL session persistance Tag: 25443
  - 5
    - changing a name Hello here's one for the think tank. I have had the address a_dragon_flyer@hotmail & the screen name of dragonflyer for over 6 years. I have loged-on to several chat rooms in the past , but now I am being told that I have to change my dragonflyer screen name because somebody else is using it. I have written several time to MSN support but they are not answering my question of how this could have happened. Does anybody have any ideas of where I can go to solve this? How about Mr. Bills address so I can ask him how this double name use happened? Signed The first dragonflyer Tag: SSL session persistance Tag: 25441
  - 6
    - honestly safe? I recieved this letter on 22nd july 2003. I am not a member of this form which is spoken of in the following text, this doesnt really worry me but the fact that a group devoted to being damn nosey as they are and reading our emails through the use of hotmail does. can msn really say we are overall safe when groups like this will freely display information like this? Why does no-one stop this............after all its your users who are suffering From : "SpyBoy" <me@msn.com> Reply-To : SpyBoy@werewatching.com To : shams_till_i_die@hotmail.com Subject : Elite Spyz/ Project "Big Sister"/ Hackers Affilates Date : Tue, 22 Jul 2003 18:01:50 -0000 Reply Reply All Forward Put in Folder...InboxSent MessagesDraftsTrash Can Printer Friendly Version Hey Guys and Gals.. Big Sister was launched 2 weeks ago.. Intended target was 100 people.. we have now 450+ so if you want to know if you have become a statistic message spyboy@sysfuck.com on MSN Messenger. The 1st initial project on Spying on people was a mere 13- 14 people so now the team has succedded in breaking this record. The Team SpyBoy "Project Leader" 404 = Admin from MSNFanatic.com Zinho = Admin from Hackerscenter.com Crow =Admin from Smart-Hack.com ElectroPhreak =Exploiter Nitro =Exploiter KTC =Exploiter These people have witnessed what has been created, and what we can do, and partially on how I did it.. We have been able to Crack 128 bit encryption.. ( i wouldnt do banking online anymore ) Hotmail/Yahoo/Aol/ISP/Login:on/info , conversations watched.. hell we have even been watching a celebrity who has Latex Fetishes....also some sensitive material from lets just say sensitive sites has been logged.. cannot explain in an email..something that i think has not been achieved by anyone..or had the balls to do it.. We have also discovered on How to take over Hotmail/Yahoo accounts.. personally i own most of you and you dont even know it... as some of my fellow forum members realised .. i read thier emails.. forget privacy on the net it dosnt exist anymore.. To Admins of groups/Websites.. The team is finishing the project within approx 1 week if you want exclusive rights to the project ..contact me.. i personally gained 1000+ members on my forums when i logged 13-14 people and we have already been getting interview appointments with News Sites.. For other questions join the forums.. we dont bite.......well ;) http://spyz.sprawl-vr.com/cgi-bin/bbs/ikonboard.cgi SpyBoy Affilated with: http://www.msnfanatic.be http://www.smart-hack.com http://www.hackerscenter.com http://www.eliteshadows.com http://www.elite-messiahs.tk http://www.progenic.com http://www.moorer-software.com http://www.shadow-x.org http://www.mindsights.com http://www.windowsos.com http://webtech.tk Tag: SSL session persistance Tag: 25436
  - 7
    - Program Desire I found this program listed on my computer,and do not know where it came from or what it is if anyone can identify it please let me know. THANKS David Tag: SSL session persistance Tag: 25435
  - 8
    - A question about cross-certification I have a question about cross-certification. I can make test certificates by using "makecert.exe",but I don't know how to do cross-certification . Is the cross-certificate a single certificate that is issured by another CA or just the two Root certificates of the two CAs? and how to do it? regards, Frank Tag: SSL session persistance Tag: 25427
  - 9
    - Unwanted Messages How do I stop unwanted messages appearing on my screen when using the internet. These seam only to be messages from girls wanting to party or show their picture They appear what ever programme i am using Tag: SSL session persistance Tag: 25419
  - 10
    - Outlook Express v5.02 - OS 9.1 (Mac) Does anyone know of any downloads or security patches that will prevent unwanted email as I am being bombarded by junk emails at the moment? Appreciate your help. thanks, Katie Tag: SSL session persistance Tag: 25415
  - 11
    - password Windows remembers my password for various sign ins how can i didconnect or cancel this Tag: SSL session persistance Tag: 25414
  - 12
    - unable to access certain sites Ever since we had our computer worked on, we have been unable to access certain sites that had been previously accessible (ie cingular.com). Are there certain settings that have been checked (or unchecked) which have prohibted our access? Let us know what our security settings ought to be. Tag: SSL session persistance Tag: 25396
  - 13
    - password A close friend, who is in his eighties, and is housebound, recently bought his first system, pre-installed with XP. After using it for a couple of months someone advised him to use a password log-on. He has forgotten his password and cannot get into his system. Is there any other solution other than re-installing XP? Please can someone help! Tag: SSL session persistance Tag: 25390
  - 14
    - hotmail security.... Somebody got into my hotmail account and did something that copies every e-mail I send to them somewhere, somehow. How was this done and how can it be checked, disabled etc. All of my settings look normal. HELP! Tag: SSL session persistance Tag: 25384
  - 15
    - Jerry Bryant! need info on MS03-026 please! Is there a hotfix for this for Windows 2000 Pro? The only one I can find requires the cryptographic service to run, which is not a standard service for 2000 Pro. Thanks in advance, Sean Tag: SSL session persistance Tag: 25378
  - 16
    - Hard Drive Mysteriously Filling Up How can my computer use 2 gigs of hd in 3 days when I haven't downloaded anything? Tag: SSL session persistance Tag: 25377
  - 17
    - Latest Critical Update The latest critical update (Direct-x9) is asking me to install this patch when I go and scan the updates page. But...the Microsoft Bulletin says my system (Windows98SE) is not effected. Plus...I don't even have direct-x-9 on my system......I have 8.1 So what I did was to ignore it and removed it from the update/scan list. Would that be the right thing to do? Tag: SSL session persistance Tag: 25369
  - 18
    - Front pagexp I am trying to do Web Security but I need information on Security Settings as I cannot find it even following Help. Thanks for any information Norman Tag: SSL session persistance Tag: 25347
  - 19
    - security certificate i opened my microsoft Outlook 2000and got the following message error 0x800b0101:the server you are connected to is using a security certificate that could not be verified Tag: SSL session persistance Tag: 25346
  - 20
    - Internet explorer sending me where I don't want to go. I typed in www.yahoo.com into my address bar earlier today and it sent me to some porno site that kept trying to force me to download something. It would only send me to there website I wanted if I typed in the http:// first. I have stopped IE from sending me to where I don't want to go, but whenever I omit the http:// (i.e. www.ebay.com) I notice the following in my status bar: http://vrape.hardloved.com/top/top.php? id=0&search=www.ebay.com This sends me to Ebay, but it still records this address in my drop-down list on the Address toolbar. I feel like it's still trying to make me go where I don't want to, so how do I fix it so IE will simply search for www.ebay.com? Andrew Tag: SSL session persistance Tag: 25341
  - 21
    - History Is there any way to stop Win XP from recording the history of places visited. Can you just turn it off so history does not work. Thanks Tag: SSL session persistance Tag: 25340
  - 22
    - I'm admin cannot access folder or change settings I'm running winxp pro This is so strange - I'm wondering if I have been hacked - I have norton fully updated and running as well as Microsoft's firewall, but . . . I cannot access a folder on my "D" drive - it says access denied- I am admin and tried chaning read only setting in properties to no avail. I right clicked and chose security and sharing, but there are no security options - access options or the like - there - I am not sure how to get around in administrative tools, but I'm thinking that is where the problem is (though I did not change anything - I swear!). I used Norton Disk doctor and it stops giving me the message: The operating system or another process currently has exclusive access to this drive, or some of its files. . . What gives? Any advice would be greatly appreciated. Tag: SSL session persistance Tag: 25338
  - 23
    - I'm admin - cannot access folders I could access hours ago This is so strange - I'm wondering if I have been hacked - I have norton fully updated and running as well as Microsoft's firewall, but . . . I cannot access a folder on my "D" drive - it says access denied- I am admin and tried chaning read only setting in properties to no avail. I right clicked and chose security and sharing, but there are no security options - access options or the like - there - I am not sure how to get around in administrative tools, but I'm thinking that is where the problem is (though I did not change anything - I swear!). I used Norton Disk doctor and it stops giving me the message: The operating system or another process currently has exclusive access to this drive, or some of its files. . . What gives? Any advice would be greatly appreciated. Tag: SSL session persistance Tag: 25337
  - 24
    - Security Patch for Q823803 causes RAS startup failure On July 23, 2003, Microsoft issued Microsoft Security Bulletin MS03-029: Flaw in Windows Function Could Allow Denial of Service (Q823803). Installing this patch on my NT 4.0 Server causes my RAS server to no longer initialize properly. The event log shows the error: Point to Point Protocol engine was unable to load the module. Without RAS, I am unable to use this system for dialup or VPN connections. I uninstalled the patch and the system now works fine. Use caution. Tag: SSL session persistance Tag: 25335
  - 25
    - Internet Security Site I have a problem getting into the security site on the internet. For example, I tried to buy airline tickets on line. But I will get a message said that "this page cannot be displayed". I talked to my internet provider SBC Yahoo DSL and we went through step by step process on the computer to try to solve the problem. Finally they said it is my OS that is not letting me to get into the security site. I have a hp pavilion ze5200 notebook, designed for Microsoft Windows XP. I am wondering if you can help me with this problem. Tag: SSL session persistance Tag: 25333
- Next
  - 1
    - Restricting access to websites I have recently installed Windows XP Home Edition, version 2002 and have tried to restrict access to websites by my teenage children. I went into internet options and enabled content with the strictest settings on the ratings systems ICRA and RASACi, however it makes no difference and does not block access to any websites whatsoever. What am I doing wrong? Is the program faulty because I have spent hours going through the "help" instructions to no avail. Please help soon. Tag: SSL session persistance Tag: 25332
  - 2
    - Can't install download I can download the security update 823559; however, it never installs. Help,please. Tag: SSL session persistance Tag: 25331
  - 3
    - Need help removing something from my computer I've noticed that when I go to click on one of my bookmarked links, it will take me to a blank page and the Address will begin with www.qksrv.net (with a bunch of numbers after it). I'm assuming this is something that has written itself to my machine but I can't find it under Add/Remove programs. Any help would be appreciated! -dannielle Tag: SSL session persistance Tag: 25323
  - 4
    - dx upgrade - unexpected network connection Why does the direct x upgrade to v9.0b attempt to connect to this site? It does not appear to be related to download of components? (I blocked the attempted connection and the upgrade worked fine, but why is the connection being attempted?) - Stephen ===================================== Local Port : 2093 Remote Name : http.edge.ru4.com Remote Address : 198.107.152.227 Remote Port : 80 (HTTP - World Wide Web) Ethernet packet details: Ethernet II (Packet Length: 62) Destination: 00-30-a3-b7-1c-00 Source: 00-07-e9-b5-94-be Type: IP (0x0800) Internet Protocol Version: 4 Header Length: 20 bytes Flags: .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset:0 Time to live: 128 Protocol: 0x6 (TCP - Transmission Control Protocol) Header checksum: 0xa61c (Correct) Source: xxxxxxxxxxxxxxxxxxx Destination: 198.107.152.227 Transmission Control Protocol (TCP) Source port: 2093 Destination port: 80 Sequence number: 3371730648 Acknowledgment number: 0 Header length: 28 Flags: 0... .... = Congestion Window Reduce (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...0 .... = Acknowledgment: Not set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..1. = Syn: Set .... ...0 = Fin: Not set Checksum: 0x7b0a (Correct) Data (0 Bytes) Binary dump of the packet: 0000: 00 30 A3 B7 1C 00 00 07 : E9 B5 94 BE 08 00 45 00 | .0............E. 0010: 00 30 B8 BC 40 00 80 06 : 1C A6 92 81 33 95 C6 6B | .0..@.......3..k 0020: 98 E3 08 2D 00 50 C8 F8 : 86 D8 00 00 00 00 70 02 | ...-.P........p. 0030: FA F0 0A 7B 00 00 02 04 : 05 B4 01 01 04 02 | ...{.......... --------END------- Tag: SSL session persistance Tag: 25319
  - 5
    - Microsoft Security Bulletin MS03-031 - 815495 Title: Cumulative Patch for Microsoft SQL Server (815495) Date: July 23, 2003 Software: Microsoft SQL Server 7.0 Microsoft Data Engine (MSDE) 1.0 Microsoft SQL Server 2000 Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) Microsoft SQL Server 2000 Desktop Engine (Windows) Impact: Run code of attacker's choice Maximum Severity Rating: Important Bulletin: MS03-031 The Microsoft Security Response Center has released Microsoft Security Bulletin MS03-031 What Is It? The Microsoft Security Response Center has released Microsoft Security Bulletin MS03-031 which concerns a vulnerability in the products listed above. Customers are advised to review the information in the bulletin and test and deploy the patch in their environments, if applicable. More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-031.asp If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- Regards, Jerry Bryant - MCSE, MCDBA Microsoft IT Communities Get Secure! www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. Tag: SSL session persistance Tag: 25315
  - 6
    - Microsoft Security Bulletin MS03-030 - 819696 Title: Unchecked Buffer in DirectX Could Enable System Compromise (819696) Date: July 23, 2003 Software: Microsoft DirectX® 5.2 on Windows 98 Microsoft DirectX 6.1 on Windows 98 SE Microsoft DirectX 7.0a on Windows Millennium Edition Microsoft DirectX 7.0 on Windows 2000 Microsoft DirectX 8.1 on Windows XP Microsoft DirectX 8.1 on Windows Server 2003 Microsoft DirectX 9.0a when installed on Windows Millennium Edition Microsoft DirectX 9.0a when installed on Windows 2000 Microsoft DirectX 9.0a when installed on Windows XP Microsoft DirectX 9.0a when installed on Windows Server 2003 Microsoft Windows NT 4.0 with either Windows Media Player 6.4 or Internet Explorer 6 Service Pack 1 installed. Microsoft Windows NT 4.0, Terminal Server Edition with either Windows Media Player 6.4 or Internet Explorer 6 Service Pack 1 installed. Impact: Allow an attacker to execute code on a user's system Maximum Severity Rating: Critical Bulletin: MS03-030 The Microsoft Security Response Center has released Microsoft Security Bulletin MS03-030 What Is It? The Microsoft Security Response Center has released Microsoft Security Bulletin MS03-030 which concerns a vulnerability in the products listed above. Customers are advised to review the information in the bulletin, test and deploy the patch immediately in their environments, if applicable. More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-030.asp If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- Regards, Jerry Bryant - MCSE, MCDBA Microsoft IT Communities Get Secure! www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. Tag: SSL session persistance Tag: 25314
  - 7
    - annoying popups! OK, I keep getting these annoying popups about "IP leakes" and other such pop ups leading me to websites to BUY there product to stop them. Well the longer I am online (I use AOL) the more they come (about 1 every 20 min or so). I tracked it down to a program that resides in microsoft folder "system32". The program is "csrss.exe" but when I try to end the program it says it is a "critical program and cannot be ended". Well if this is a microsoft problem I dont want it, and if its some sneaky ploy by adverisers (which I think it is) its annoying as hell! Please help! Please email any help: Zammzig@aol.com thanx you! Frank Tag: SSL session persistance Tag: 25283
  - 8
    - Help 823980 Patch causing problems!!!! This security patch was applied to all of our Domain Servers earlier this week. It is causing access and connection issues with remote machines trying to connect to our servers. After removing and rebooting the server the problem remains? Are there register entries that need to be removed/modified? I was able to backoff an XP Pro box to a earlier point in time, but cannot do a restore to these servers Tag: SSL session persistance Tag: 25279
  - 9
    - security I am using a computer in LAN at my office. I am visiting sites other than officially required , during office hours. How can I know whether there is any programme installed in the LAN so that somebody gets a list of the sites that I visited? If there is one, can I remove or deny access of my visited sites to that? Will the list be sored in server anyway? If I am working with all other computers off, ie not in LAN, any difference in the informtion that my computer sends? Nadia Tag: SSL session persistance Tag: 25277
  - 10
    - Archives of daily websurfing Hi, I've heard that it is possible to get a daily archive of the websurfing done on the home pc. Does anyone know how that is done? Is it different than just looking at the history for the day? I want to keep track of my son and what sites he goes to. I have Cyber Patrol, but I still want to have an archive of his activity. Thanks... Tag: SSL session persistance Tag: 25273
  - 11
    - Controlling CRL validity period for MSCA Hello, I wanted to understand exactly how the MS Certificate Authority determines the actual CRL validity period and how to control it precisely. I am interested in knowing the variance (how much etc.) it adds to the publish interval which seems like a grey area to me. I tried the following. I set these values in the relevant registry entries on my CA (Windows 2000 Ent CA): CRLPeriod REG_SZ = Hours CRLPeriodUnits REG_DWORD = 1 CRLOverlapPeriod REG_SZ = Hours CRLOverlapUnits REG_DWORD = 1 Note this CA do not do deltas. After adding the CRLOverlapxx reg values I bounced the service and forced a CRL publish at 2pm PST but the CRL validity of this latest CRL shows up as: Effective Date: Tuesday, July 22, 2003 11:39:21 AM Next update: Tuesday, July 22, 2003 9:24:21 PM I want to understand the math used for arriving at this validity period when I have the above settings. Related question would: What is the minimum validity period that one can publish a CRL with on a MSCA? Like for eg. can I have a CRL that is valid only/exactly for 1 or 2 hrs. Thanks. Jayant Tag: SSL session persistance Tag: 25272
  - 12
    - Supposedly freeware I recently downloaded what I was told was a freeware trial version of Microsoft Excel, and I was stupidly roped into believing it. However, I went online and was redirected to the 'Licence Migration' page as my PC detected copied software was being used. I deleted the program that was in question, as when I opened it it was registered to someone called 'Dario' (not me anyway!) However, I am a bit concerned that Microsoft may think I am using pirated software. Is there any way I can email them to let them know of the situation? If anyone can email me at chrisbo@lycos.com to let me know I would be grateful- cheers! Tag: SSL session persistance Tag: 25268
  - 13
    - any help would be great had some errors pop up thought i might get some help with...i run xp home log in to aol and use IE6 as browser errors are cool snac supersub.dll 0001:000041bb,3fd0,4126.....any clue what these are and does it have any connection to my not being able to stay connected for long periods of time on my dsl?.........am i doomed? lol hellp.......thanks Tag: SSL session persistance Tag: 25264
  - 14
    - WebDAV on IIS6 - security problems I have a probem with WebDAV on IIS6 (Windows Server 2003) not respecting NTFS file permissions. The shared web folder is configured on the web site to not allow anonymous access, and to use integrated windows authentication. Access from the client (Windows 2000) is using Add Network Place under My Network Places in Windows Explorer. Two issues: 1. Files created on the server (ie uploaded through WebDAV from a client) are owned by the Administrators group, not by the user that logged in. 2. When connecting as a user that does not have browse access to a subdirectory, repeated attempts in windows explorer of - right-clicking the folder under web folders in the left pane - choosing "explore" to create a new windows explorer window eventually give me (2-3 attempts) an explorer window allowing full access to ALL of the shared web folders and sub folders -- even write access to folders which NO users (apart from Administrator) have access. Tag: SSL session persistance Tag: 25245
  - 15
    - Official security patch for OE??? Is this an official e-mail from Microsoft? I have received a few of these, but have not opened the attachments until now as this one came up with it being affected with the W32.Gibe.B@mm virus. The attachment name was Q367392_exe.dat and it came with a text file as well explaining that the last character of this attachment had been changed. Could someone please put my mind at rest? Message body of e-mail appears below: Microsoft Corporation Customer this is the latest version of security update, the "July 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches. System requirements Win 9x/Me/2000/NT/XP This update applies to Microsoft Internet Explorer, version 4.01 and later Microsoft Outlook, version 8.00 and later Microsoft Outlook Express, version 4.01 and later Recommendation Customers should install the patch at the earliest opportunity. How to install Run attached file. Click Yes on displayed dialog box. How to use You don't need to do anything after installing this item. Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact us. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies. Thank you for using Microsoft products. Best wishes from Microsoft Corporation Internet Security Section ---------------------------------------------------------------------------- ---- ©2003 Microsoft Corporation. All rights reserved. The names of the actual companies and products mentioned herein may be the trademarks of their respective owners. Kol ----------- "I have travelled the length and breadth of this country and talked with the best people, and I can assure you that data processing is a fad that won't last out the year." The editor in charge of business books for Prentice Hall, 1957 Tag: SSL session persistance Tag: 25240
  - 16
    - update216.exe I'm not sure if I'm inthe right newsgroup for this query but I hope soemone can help. I recently received, unsolicited, the above update (update216.exe) from Microsoft re internet security. WhenI tried to open it and downlod my Norton virus software said it contined a virus that it was unable to fix. HAs anyone had similar problems adn are these updates really from Microsoft regards Peter Murphy Tag: SSL session persistance Tag: 25236
  - 17
    - 802.1x and Windows 2000 client We try to implement 802.1x authentication on our network. But specificity is, that not all computers are equipped with SP3. And the plan is to make a quest(buffer)VLAN for such computers. But the problem is that Windows 2000 once entered to "quest" VLAN on Windows startup don’t want re- authenticate with domain username and password after they entered. Also if we initiate re-authenticate port from switch, Windows 2000 802.1x don not release/renew computers ip address after it move to new VLAN. List of components: 1 WS - Windows 2000 with SP3 and 313664 802.1xhotfix 2 Cisco ACS 3.2 server 3 Windows NT 4.0 domain 4 Cisco Switch 6513 CatOS 7.6.2 Tag: SSL session persistance Tag: 25235
  - 18
    - Certificates Hi, We have Windows 2000 Server, Active Directory, a CA setup as Enterprise. and Exchange 2000 running across 5 servers with 60+ Windows 2000 client PC's. Word is used as wordprocessor with macro and VB security set to high. I have created a number of custom toolbar, forms, docs, etc for use with Word and digitally signed them using a security certificate created with selfcert. All the toolbars, forms etc created are only for internal use My question is, how do I setup CA to automatically issue my selfcert created certificate to each client PC as and when it needs it? I don't fancy having to go to each PC to install it. Thanks in advance Tag: SSL session persistance Tag: 25234
  - 19
    - Microsoft is sending updates unsolicited? Is this legit? I suspect not. I am not inc. the attachment. =20 I received the following email today: Microsoft User=20 this is the latest version of security update, the "July 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet=20 Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your=20 computer from these vulnerabilities, the most serious of which=20 could allow an attacker to run executable on your system. This update=20 includes the functionality of all previously released patches. System requirements Win 9x/Me/2000/NT/XP=20 This update applies to Microsoft Internet Explorer,=20 version 4.01 and later Microsoft Outlook, version 8.00 and later Microsoft Outlook Express, version 4.01 and later =20 Recommendation Customers should install the patch at the=20 earliest opportunity.=20 How to install Run attached file. Click Yes on displayed=20 dialog box.=20 How to use You don't need to do anything after installing=20 this item.=20 Microsoft Product Support Services and Knowledge Base=20 articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products,=20 please visit the Microsoft Security Advisor web site, or Contact=20 us. Please do not reply to this message. It was sent from an=20 unmonitored e-mail address and we are unable to respond to any=20 replies.=20 Thank you for using Microsoft products.=20 With friendly greetings,=20 MS Public Services ----------------------------------------------------------- --------------------- =A92003 Microsoft Corporation. All rights reserved. The=20 names of the actual companies and products mentioned herein may be the trademarks of=20 their respective owners. Tag: SSL session persistance Tag: 25221
  - 20
    - Invalid Password I signed out of all applications (ie yahoo, ebay, hotmail) last week prior to vacation. Upon my return, I'm able to connect to the internet, but when I select certain applications, specifically my primary email account in yahoo, as well as ebay, I am receiving an invalid password message. My password has not changed and I am trying to figure out what is causing this. This is not an issue of needing to reset or get a new password, because it has not changed. I talked to compaq, earthlink, and neither could help me out. Earthlink thought it was a gliche where I needed space, but if that was the case, they I would think I could log on from another computer. I've already adjusted cookies, security and privacy settings as well as condensed space. Thanks to anyone who can provide any help Tag: SSL session persistance Tag: 25218
  - 21
    - Invalid files/folder names that cannot be deleted or renamed. I have a windows 2000 server the files and folders that somehow got on the computer and now they can't be renamed or deleted. How can these be deleted? Dan Tag: SSL session persistance Tag: 25212
  - 22
    - Strange File appeared on me desktop from no-where A strange file has appeared on my dektop seemingly from no- where. It is apparently virus free and is named 'hs_err_pid' followed by several numbers and seems to be some kind of error log. When opened with notepad, it seems to refer to some kind of Java violation which is beyond my ken. Does anyone know wot this is about? Tag: SSL session persistance Tag: 25211
  - 23
    - ms 2k3 security flaw is the link true? http://story.news.yahoo.com/news? tmpl=story&u=/nf/20030717/tc_nf/21919 if so, aside from downloading the security patch, what other methods do we need to protect win 2k3 server? Tag: SSL session persistance Tag: 25210
  - 24
    - Delegating AD access Delegation of Windows 2000 Active Directory has been established for our technical staff and has limited their access to a degree that allows them to function well. However, they have access to disable/re-enable user accounts, which we want to deny. I've searched through the object classes on the user object, but cannot find the specific setting that will prevent this access. Any ideas? Thanx Tag: SSL session persistance Tag: 25206
  - 25
    - Error Msg when I select the Security Tab in IE 6.0 I have a problem with IE 6.0.2. Whenever I go to Internet Options and select the Security Tab, I get an error message and IE shuts down. The error message is attached here. How can I fix it? MSIMN caused a general protection fault in module MACXW4.DRV at 0001:00000fa4. Registers: EAX=7b9e047f CS=023f EIP=00000fa4 EFLGS=00000246 EBX=00009ae8 SS=42af ESP=00009aec EBP=00009b50 ECX=00000040 DS=071f ESI=0000bf86 FS=3f3f EDX=000000ea ES=047f EDI=00009b2e GS=7b9e Bytes at CS:EIP: 66 26 ff 2e a0 e0 66 5e 66 50 1e b8 7f 04 8e d8 Stack dump: 05bf2119 00000000 7b9e0000 6c7f0000 071fbfd4 42af9b3a 00000040 01cc00ca 1fbe0000 00000020 071f2c04 2c0420c9 00002c04 00000000 00007b9e 00000000 Tag: SSL session persistance Tag: 25203

I would appreciate some guidance / help on the following..

1. I set up an initial SSL session with UID + PWD

2. I then open a new window (from the inital HTTPS window)
and authenticate again (using a valid cert), using client
authentication. (i.e a 2 layer security model). I copy the
URL after authentication.

3. I then close window in 2. above

4. I then paste in the URL from "inside" the second
session into a new browser session, and get straight back
to the secure site without any further client
authentication....

I am using IE6 SP1

Q. Is this typical behavior ?

Is it a documented issue ? ('cos I cant find anything)

If so are there any workarounds to terminate the session
from the browser ?

Thanks for any direction

Floyd

Top

Re: SSL session persistance by S

S
Sat Jul 26 08:32:42 CDT 2003

It's kinda well-known. Two windows are by default the same instance of
Internet Explorer and share security contexts. If you'll launch a separate
instance of IE (via desktop shortcut), that won't happen.

--
Svyatoslav Pidgorny, MS MVP, MCSE
-= F1 is the key =-

"Floyd" <nospam@homeleigh.com> wrote in message
news:031c01c352fe$2b6adba0$a501280a@phx.gbl...
> I would appreciate some guidance / help on the following..
>
> 1. I set up an initial SSL session with UID + PWD
>
> 2. I then open a new window (from the inital HTTPS window)
> and authenticate again (using a valid cert), using client
> authentication. (i.e a 2 layer security model). I copy the
> URL after authentication.
>
> 3. I then close window in 2. above
>
> 4. I then paste in the URL from "inside" the second
> session into a new browser session, and get straight back
> to the secure site without any further client
> authentication....
>
>
>
> I am using IE6 SP1
>
> Q. Is this typical behavior ?
>
> Is it a documented issue ? ('cos I cant find anything)
>
> If so are there any workarounds to terminate the session
> from the browser ?
>
> Thanks for any direction
>
> Floyd
>
>
>

Top