tracing remote logins

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - How to deny access to some internet sites Hello All, I don't want some users to access to some sites in my single pc. How can I do that? (Other than firewall) Tag: tracing remote logins Tag: 77759
  - 2
    - any advice on recovering from stolen MSN ID hi, everyone I found out my MSN ID is stolen. any suggestion on what i should do to: (1) block the hacker's access to my account (2) minimize the damage (3) and any software/security tool i could deploy to avoid future accident thanks for your help!!!! danny Tag: tracing remote logins Tag: 77756
  - 3
    - strange network activity on port 123 / 1230 I am experiencing some very strange network activity. Some of the PC on my network are sending a UDP packet from port UDP 123 outbound to IP 192.0.0.192 port 1230 every 17 seconds. Any suggestion? Thank you. Tag: tracing remote logins Tag: 77755
  - 4
    - WindowsXP-KB896424-x86-ENU Not available for SUS only for WSUS? I can not find this kb in my Susadmin? New updates only supported with Wsus? Tag: tracing remote logins Tag: 77752
  - 5
    - Anti-spy and cookies Why do Spybot and Adaware find cookies? Are cookies really a threat to your privacy or the health of the computer? Tag: tracing remote logins Tag: 77749
  - 6
    - event 560 on SQL Server Cluster I have two nodes in a SQL Server cluster. I got many of the following events on both servers. Any idea what is going on and how to fix it? I don't want to just disable the auditing. Thanks. Event ID: 560 Source: Security User: NT AUTHORITY\NETWORK SERVICE Type: Audit Failure Computer: ServerName Category: Object Access Object Open: Object Server: SC Manager Object Type: SERVICE OBJECT Object Name: RemoteAccess Handle ID: - Operation ID: {0,138135995} Process ID: 724 Image File Name: C:\WINDOWS\system32\services.exe Primary User Name: ServerName$ Primary Domain: MyDomain Primary Logon ID: (0x0,0x3E7) Client User Name: NETWORK SERVICE Client Domain: NT AUTHORITY Client Logon ID: (0x0,0x3E4) Accesses: Query status of service Privileges: - Restricted Sid Count: 0 Access Mask: 0x4 -- Yi Tag: tracing remote logins Tag: 77735
  - 7
    - Connecting to a remote domain using DCOM and reading AD Hi, I am connecting to a DCOM server in a remote domain by specifying credentials in CoSetProxyBlanket(). The DCOM server is reading the AD to perform certain tasks. I am using RPC_C_AUTHN_GSS_NEGOTIATE /snego protocol. I need to specify the security packages that are supported in packagelist of SEC_WINNT_AUTH_IDENTITY_EX structure that I am passing to CoSetProxyBlanket(). Could not find how to specify the package names in MSDN. Any pointers for that would be most helpful. Thanks & regards, Neel. Tag: tracing remote logins Tag: 77730
  - 8
    - random mouse movement strange problem the pc has random mouse movement clicks on icons opens them or will close a running program. I ran a virus program and it did not detect anything i desconnected it from the network and it still moved. i fdisk the drive then reformatted the drive and reinstalled windows and i still have the same problem. any ideas? Tag: tracing remote logins Tag: 77729
  - 9
    - NT4 Workstation accessing 2000 DC I've recently migrated an NT4 domain into our larger 2000 AD Domain. For a while all workstations (NT4, 2000Pro, XP Pro) could log on and access the file shares correctly. However, I have now upgraded the system(C:) and fileshare(F:) disks on the DC to dynamic and created mirror sets. All XP, 2000 PCs still work normally. However, the small number of NT4 Workstations now cannot see the shares on the Server, due to "servername is not accessible" - "Access is denied" messages. They do still log on to the domain OK using valid domain user accounts. I've even removed the computer object from AD, re-added it (allowing Pre Windows 200 computers) , kicked the PC off the domain and re-added it. It joins the domain fine. The only change I'm aware of has been that the server disks were upgraded to dynamic. My understanding of this is that NT wouldn't be able to access these drives locally (i.e. if directly connected to them via the SCSI adapter) but would be able to access the shares over the network. Can anybody confirm this? I've tried adding an entry to the lmhosts file: <IP address> <ServerName> #PRE #DOM:<netbios domain-name> This made no difference. I'd appreciate any possible solutions. Many thanks Tag: tracing remote logins Tag: 77726
  - 10
    - Component Services Remote Shutdown Permissions Hi, Is it possible to assign permissions to remotely shutdown components in Component Services, without making the users Administrators of the server where the components are running? If so, how can this be done? I already tried to configure the users in GPO "Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignments\Force shutdown from a remote system" and "Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignments\Shut down the system", but it didn't worked. Is there anyway to implement this kind of permissions? Thanks, Pedro Coelho Tag: tracing remote logins Tag: 77724
  - 11
    - Windows rootkits in 2005, part one If you are new to rootkits, here is a good starting place... http://www.securityfocus.com/infocus/1850 Imhotep Tag: tracing remote logins Tag: 77708
  - 12
    - Question on makecert, signcode, chktrust I'm new to certificates but I've tried the prescribed steps without success. With a simple .Net exe I've done this to use a test certificate: - makecert -sk "ABC" -n "CN=ABC CORP" abc.cer - signcode using UI to specify - abc.exe - Custom signing - select-from-file the abc.cer file - Private key in a CSP, specifying ABC - sha1 hash algorithm - specify "Abc Corp" as description, www.abccorp.com as the URL - setreg 1 true It says it all worked, and my abc.exe is bigger than it was. But when I then do ChkTrust abc.exe the message box it brings up says it's untrusted. Back in signcode there's a place to View Certificate. It says "Cannot be verified up to a trusted certification authority". . If I look at the Certification Path is shows "Root Agency" as parent of "Abc Corp". "Abc Corp" says certificate OK. Root Agency says "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.". If I click on Install Certificate.. to run the Cert Import wizard, nothing changes So is there some other simple step I've not heard about to get test certs, or even just signcode/chktrust, to really work? -- Tim Johnson High Point Software, Inc. www.high-point.com (503) 312-8625 Tag: tracing remote logins Tag: 77707
  - 13
    - Microsoft fixes imperfect picture flaw If a picture is worth a thousand words, with the latest Windows vulnerability, some of those words might be "compromised," "rooted" and "infected." http://www.securityfocus.com/brief/41 Imhotep Tag: tracing remote logins Tag: 77706
  - 14
    - MSN Instant Messenger Sharing Of Personal Conversations I have noticed that individuals who have recorded personal IM conversations with others share the personal conversation of IM with others publicly irregardless of the other parties consent of such acts...My question is: is this practice illegal and in violation of MSN Instant Messenger CoC or are there any implications to copyright infringement? thanks Tag: tracing remote logins Tag: 77703
  - 15
    - User Information. I'm trying to put a password onto my log-in name. I go to Start menu,control panel,User accounts. I press on that and the glass comes up for a split second and goes away. THe page for User Accounts doesnt appear. What could be the problem? Please help!!=[ Tag: tracing remote logins Tag: 77702
  - 16
    - error 5 connecting to Ghost share We've set up a (Win2K3) server that holds Ghost images in a share from which we can pull down images to workstations using the Ghost boot diskette. Problem is we can no longer map a drive using 'net use g: \\server\share', because error 5/access denied comes up, asking for a password that never works. The mapping always used to work. The permissions are sufficient and always worked before. This is totally mystifying -- there's no password on the share, this is a Windows 2K3 domain! I have a feeling this is a known problem, but I can't find any info on it. Anyone know what could be the cause ? Tag: tracing remote logins Tag: 77700
  - 17
    - Security in Microsoft Products Chat this Thursday, November 10th This is a reminder to join Mike Nash, Vice President for the Microsoft Security Business Unit, and his team of security experts for a live Security chat this Thursday, November 10, 2005. The chat will take place from 10:00 â?? 11:00 AM Pacific Time. Go to: http://www.microsoft.com/communities/chats/vcs/05_1110_TN_Sec.ics to add this to your calendar. On the day of the chat, you can log in at: http://www.microsoft.com/technet/community/chats/chatroom.aspx Tag: tracing remote logins Tag: 77696
  - 18
    - static ip address Hello, Is this possible to setup static ip address to use remote access? i.e. I just need one or two locations to access my windows 2003 server or my xp workstatios. Thanks Tag: tracing remote logins Tag: 77687
  - 19
    - Microsoft Security Bulletins for 11/8/2005 November 8, 2005 Today Microsoft released the following Security Bulletin(s). Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summary: http://www.microsoft.com/technet/security/Bulletin/ms05-Nov.mspx Critical Bulletins: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424) http://www.microsoft.com/technet/security/Bulletin/ms05-053.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- Melissa Travers, MCSE MVP Lead - Exchange Server, Security & Virtual Machine Please do not send email directly to this alias. This alias is for newsgroup purposes only. This posting is provided "AS IS" with no warranties, and confers no rights. Tag: tracing remote logins Tag: 77686
  - 20
    - New MSSecure.XML Version 2005.11.08.0 Now Available MBSA 2.0 detection is based directly on Microsoft Update, so all inquiries regarding MBSA 2.0 patch detection for this month's release should by sent to the public microsoft.public.softwareupdatesvcs newsgroup. This announcement is specific to MBSA 1.2.1 and the underlying MSSecure.XML file that services the MBSA 1.2.1 tool. MSSECURE.XML Data Version 2005.11.08.0 (for use by MBSA 1.2 and SMS SUS Feature Pack) was last modified today, November 8, 2005, and is now available for all supported languages (English, French, German and Japanese). Today's release contains 1 new bulletin. This new bulletin is fully supported by MBSA 1.2 for detection. New November Bulletins 1) MS05-053 (GDI) - 896424. This patch replaces MS03-035 and MS05-002 for Windows XP SP1 only (no other patches for other affected platforms are superseded by this patch. See the MSRC MS05-053 bulletin for details). This release also includes fixes for 2 minor issues including: o MS05-018 when scanning a French machine incorrectly reports an invalid checksum warning for NTOSKRNL.EXE when scanning a multi-processor or HT Windows XP SP2 machine o MS05-051 when scanning the ENU, DEU, FRN or JPN locales incorrectly reports an invalid checksum for OLECLI32.DLL on Windows 2000 SP4 machines. -- Doug Neal [MSFT] dugn@online.microsoft.com This posting is provided "AS IS" with no warranties, and confers no rights. If newsgroup discussion with experts and MVPs is unable to solve a problem to your satisfaction, feel free to contact PSS for support on the Microsoft Baseline Security Analyzer (MBSA). Information is available at the following link: http://support.microsoft.com/default.aspx This e-mail address does not receive e-mail, but is used for newsgroup postings only. Tag: tracing remote logins Tag: 77685
  - 21
    - suggestions for disaster recovery website - outsourced / hosted? I'm reviewing a DRP (disaster recovery plan). The company wants to use Yahoo groups for their emergency website. I know this might not be the expertise for this MS-centric group, but I figured why not try. :) Basically I wanted to know, 1. Does anyone know when do yahoo accounts expire... that would be bad if after a disaster, people cannot get in because they did not use their yahoo email for a year :) 2. Any suggestions for non-Yahoo Groups type of sites (pay is fine) that have threaded discussions, based on some authentication (username & pwd) ? We don't want something tied in to the domain of the company... since the network may be down in event of a diaster :) THanks Jason Shohet Tag: tracing remote logins Tag: 77681
  - 22
    - Custom Exit Module not appearing in Certificate Services snap-in I'm writing a custom Exit Module for Certificate Services. I've followed the instructions I have found in the Platform SDK, MSDN library and in relevant user groups, but the Exit Module isn't showing up in the Certification Authority's properties dialog in the way it is supposed to. What I've done is this: * Built an Runtime Callable Wrapper for certdxs.dll * Implemented ICertExit2 in a VB.NET class called ExitModule.Exit * Implemented ICertManageModule in a class called ExitModule.ExitManage * Applied ComVisible(True) and ClassInterface(ClassInterfaceType.None) attributes to the assembly * Gave the resulting assembly a strong name so it can be added to the GAC * Created an installer project for the assembly Next I deploy the assembly and dependencies to a Win 2003 test server with Certificate Services installed. Then I register the assembly for COM using regasm.exe and add it to the GAC using gacutil.exe. At this point, I would expect it to appear in the CA property dialog, but it doesn't - not even after stopping and restarting the Certificate Server. I have also tried simplifying it further by only implementing ICertExit, but still without the desired result. Please can anyone identify what is preventing certificate services from recognising the module? -- Paul Taylor <a href=www.dotcomsoftwaresolutions.co.uk>Dotcom Software Solutions</a> Tag: tracing remote logins Tag: 77676
  - 23
    - CSP for Pocket Hello! I would like to know if there is another way of testing a csp without making an image with Platform Builder. I would like to follow the same process as in the pc. That is, to replace the coredll.dll without making an image. And, finally, I would like to know if there is a non-empty example of the csp for pocket. Could you help me, please?, Regards, Antonio. -- ------------------------------------------------------- Antonio Ruiz Martínez Faculty of Computer Science-University of Murcia 30071 Murcia - Spain e-mail: arm@dif.um.es or arm [at] dif [dot] um [dot] es ------------------------------------------------------- Tag: tracing remote logins Tag: 77675
  - 24
    - Lock Keyboard Is there a way to lock the keyboard for example whilst away from the computer for a while so typing does not occur in error. thanks Tag: tracing remote logins Tag: 77672
  - 25
    - Spyware hijacking Passport? Hi, I have a problem with passport-related products on a Windows ME computer. Accessing Messenger or logging in to passport causes an avalanche of pop-ups and slows my computer to a crawl. Even though I read an article in an Irish newspaper about this problem several months ago, McAfee still does not detect/fix the problem nor do any free packages like Adaware - and I cannot find any articles online describing the problem or how to fix it. According to the article I read, the problem is caused by clicking on a link suggesting that Messenger needs to be updated. Having used Spybot, Adaware, MacAfee, uninstalled and re-installed MSN messenger... I have run out of ideas. Does anyone know anything about this problem and how it might be solved? I've had the problem for Thanks, Joe Tag: tracing remote logins Tag: 77671
- Next
  - 1
    - How do I verify System Administrator Privileges in Windows ME I set myself up years ago as the system administrator on my home machine (running Windows Milennium). The other two accounts are my wife's and daughter's accounts. For some reason I do not seem to have system administrator privileges any more. For example, if I click on Tools-> Internet Options in Explorer (v6.0), I get a message saying: "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator". I can to into "users" in the control panel to verify that there are no user besides the ones listed above. I have not found any way of verifying that am either setup as an administrator or not (incidentally, Windows XP that I have access to at work seems to have more menus under the "user" icon that allows one further insight). So I am stuck - how do I gain control, so I can, for example install the software that I want. I am running Norton viruschecker on the machine and have run Trendmicro Housecall scan recently. Also, the only thing thie home computer has been linked to was a wireless router where it shared to access to the internet with a laptop in the house (I used the "home (i.e. problem) machine" to install the router etc..., but the network was never setup so that other machines on the wireless network could access the "home machine" - at least that was the intention). Incidentally the wireless router blew up in a lighting storm and I can not go through the installation process of the new router until I solve this problem. Help, Oli Tag: tracing remote logins Tag: 77667
  - 2
    - Copy protection of files on Server Hi We have an MS-access databse, that holds all vital companyinfo and Know How. Naturally, users must have access to the database during work, but we want to protect the files from being copied to their laptops ( in case, they were to leave the company). We looked at Information Rights Management, but seems not to support Acces. Any good Ideas ? Is this the right newsgroup to ask the question in ? Environment SBS2003 server, 2000 TerminalServer, XP Pro PC's, Office 2003 Tag: tracing remote logins Tag: 77643
  - 3
    - How do you set up OWA? I've set this up many times for Exchange 5.5. I can't seem to figure it out for Exchange 2003. While I find many helpful hints from MS on how to configure users and specific portions, I can't find anything on the basics of setting it up. Ie, do you still create a virtual folder on the web site? If so, where does it point? Do you need to install an add in for the exchange server? Is it there by default? Thanks for the help. Tag: tracing remote logins Tag: 77635
  - 4
    - Administrative Password - Problem Hi, I have a forest with two Servers running Windows 2000 Server, both of which have AD installed. They system was not setup properly, and there was no second account with administrative right, hence, only the Administrator had the administrative rights. They systems are both running on a raid 5. Sometime back, I had to change the password for Administrator, and I did that using Active Driectory users and Computers console. This wasn't the First Server that I had installed on the network, hence it did not have the Global Catalog (as default). Unfortunately, there was a problem (I don't understand exactly if it was network, or some synchronization problem), and now, I cannot log onto both the servers using neither the hold or the new password. This network was not connected to the internet, and I am sure no one has changed the passwords. Any Ideas what I can do to reset my password? Will appreciate any input, or explanation of what might have gone wrong. Thank you! Tj Tag: tracing remote logins Tag: 77630
  - 5
    - IE Explorer All, I have now, three separate times in a week, cleared my IE adress bar history. Each time, within a day or two, I have a link to my "Local Disk (C:)" re-appear back into the adress history. Does anyone know why this is happening? Best Regards Scott Tag: tracing remote logins Tag: 77623
  - 6
    - HTTP Error 403.13 - Verisign IP Address Hi All Please bear with me as I'm not a network person but this is the problem we have: We have a web server running IIS 6.0 behind a firewall. On this server we have a secure (https://whatever) web site that has a certificate from Verisign, which is valid. Last week we put Verisign=E2=80=99s IP address into the firewall so the web server could check the revoked list on verisign.com - http://SVRIntl-crl.verisign.com/SVRIntl.crl. The web site worked and everything was good =EF=81=8A Now however, the website is not working and bringing up the following error =EF=81=8C: HTTP Error 403.13 - Forbidden: Client certificate has been revoked on the Web server. I have talked to the network lads and they said nothing had changed but when they did some more digging they found that Verisign=E2=80=99s IP Addre= ss had changed at the DNS server. So when the certificate tries to get to the revoked list on verisign.com, it can=E2=80=99t get through the firewall as the IP Address is not listed in the list of IP=E2=80=99s allowed to get through. And the network lads say we can=E2=80=99t authorise domains on the firewall, it has to be IP Addresses and Verisign are a high level domain (or something) and they can change their IP Address whenever they want??? I hope I have explained the situation correctly, like I say I=E2=80=99m not= a network person so I=E2=80=99m learning as much as I can as I go along. So my question is, how do I get my web server to see verisign.com without opening the whole server to the internet, for obvious security reasons, so it can see the revoked list on verisign.com using only IP Addresses? Any and all help would be gratefully received. Tad Tag: tracing remote logins Tag: 77621
  - 7
    - spyware problem My friends computer is infested with spyware. They have Win XP Service Pack 1. When I log in, the comp freezes. Only Task Manager works. I tried Safe Mode but I get the same problem(freezes) and only task manager works. I'm unable to click anything else on the screen. Is there anyway I can get by that so I can install an anti-spyware program? Tag: tracing remote logins Tag: 77620
  - 8
    - attachments I can't send attachments from a card program that I have installed on my computerusing msn or hotmail Tag: tracing remote logins Tag: 77610
  - 9
    - Administrator Use Here is my issue. I want my Administrators to need to use smart card or some type of secondary authenication when they log in as a domain/enterprise admin. I was thinking of using a usb as the 2nd part authenication. Does anyone know how to set this up? I would like to use something built into Windows like pki etc. Thanks. Tag: tracing remote logins Tag: 77608
  - 10
    - Need advice about reinstallation of XP with Service Pack I. I have had to reinstall WindowsXP with a disk containing only service pack I. So I have lost all my previous downloaded Microsoft upgrades including the Service Pack II. Can someone help me with the method of redownloading all the past upgrades I had over the past 1.5 years? Please help, Frank Tag: tracing remote logins Tag: 77603
  - 11
    - Defending ARP Spoofing Hi all, I want to build up a resource containing all possibilities to defend ARP spoofing. As I think ARP spoofing is one of the most powerful, easiest and underestimated attacks I want to know all your tricks, patches, anything that you know/apply to defend ARP spoofing. I know the standard things to do (like static ARP entries and so on), what I want to know from you is something like: -OS x has a patch y which helps preventing ARP spoofing (like antidote) or -OS x in version y has a small built in ARP prevention (like SunOS) or -Firewall/IDS x is able to prevent/detect ARP spoofing Also welcome are new thoughts about ARP spoofing prevention (like S-ARP or Secure Link Layer). Give me all your information, tricks and tips, so I can build up a complete resource. Thanks a lot, Chris Tag: tracing remote logins Tag: 77599
  - 12
    - Security- is this from you? I checked by information and it is okay. I did not click on the link enclosed. Dear MSN customer, Update your billing information! We have been unable to charge your credit card for your MSN Microsoft Online Services. The following credit card is the current payment method on your billing account. If your services have not already been suspended, they will be suspended within 30 days unless we receive updated billing information.(If payment is due for other Microsoft services purchased with the above card, those services may also be suspended.) To avoid possible suspension of your services or to reactivate suspended services, please immediately provide a valid credit card and a current expiration date. To view or change your billing account, go to https://billing.microsoft.com To update your payment information or select a different payment method, click Billing Information. For payment history and online billing statement, click Monthly statement. If you have already resolved this issue, please disregard this notice and accept our thanks. Thank you for using Microsoft Online Services! Microsoft Customer Support -------------------------------------------------------------------------------- Note: Please do not respond to this message. To receive notifications at a different e-mail address, sign in to your account at https://billing.microsoft.com select 'Personal information', then click 'Update this information', change the 'E-mail address', and click 'Save'. Form: 4 Tag: tracing remote logins Tag: 77597
  - 13
    - hidden searchverity folder hi. i have just found a hidden system folder called searchverity in 'my documents'. it doesn't show up with windows explorer even with the relevant hidden and system options selected. the files in it do not show up when using search with hidden/system files checked. i found this directory using a 3rd party file manager. my question is - is this likely to be spyware. i would like to be sure before deleting something important? i have antivirus and antispy and neither have detected anything unusual. many thanks Tag: tracing remote logins Tag: 77596
  - 14
    - Windows Event Log consolidator public beta We have created a Windows Event log consolidator which is available from http://www.sacs.co.za with the following attributes... some of them only available in final version. SACS Event Consolidator is available for download and public beta test on the Windows Event Log consolidation to a central server with reporting. Single server which can handle 1000 concurrent connections with a no-configuration SQL database with end-user configurable reporting. Final version expected December 2005. SACS Event Consolidator Final Version: a.. Centrally log Windows Events, syslog and SNMP to a central server b.. Scalable SQL server c.. Report writer exporting to HTML, PDF, XLS, RTF and BMP d.. Professional version handles up to 1000 concurrent connections e.. Store-for-forward architecture f.. Centralised audit management and configuration based on classification of machine g.. Centralised domain wide agent installation and configuration h.. and more... http://www.sacs.co.za/index.php?option=com_remository&Itemid=27&func=selectcat&cat=6 Please do not hesitate to give comments and suggestions... Tag: tracing remote logins Tag: 77592
  - 15
    - Win2003 firewall and mssql Hi, Yesterday i've activated the SP1 firewall on a win2003 server. On this server i've Mysql and MSSQL running. I've activated all the ports needed Right now everything works except MSSQL On the firewall i've opened port 1433 tcp and udp and the port 1434 udp. The error i get from some scripts when the firewall is on is: Microsoft OLE DB Provider for SQL Server error '80004005' [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied. Obviously on the server network utility I've checked that the actived tcp/ip port is the 1433. How can I resolve this issue? Thanks. Tag: tracing remote logins Tag: 77590
  - 16
    - Hotmail Problem saying account closed access denied I was in my hotmail account and pulled up the msn messenger and clicked on the upgrade to the 7.5 and installed it after that i could not access my hotmail at all cant get my profile nothing of my mail saying account closed access denied.. running xp sp2 ie6, my nic is rose34l@hotmail.com everything is correct when i try to sign in i can get my messenger to sign on but cant get my email.... please help have had this account 8 years you can reach me at rlicausi34@comcast.net if you have a solution to this problem i've tried everything.. Tag: tracing remote logins Tag: 77586
  - 17
    - Scanner problem Welly well well, I try to run the scan at http://safety.live.com/site/en-us/downloads/default.htm ; but it stops loading after two sec and tells me it's blocking active content, now I try to disable blocking but it doesnt work. I also tried to lower security and put the address in the safe places list but to no avail. I posted the above at some other newsgroup here and since then I have tried to fix it by deleting the Safety Scanner files on my drive; now IE just crashes with a message telling me something is wrong with the Safety Scanner component when I try to reinstall it. Can I somehow fix this new problem? Tag: tracing remote logins Tag: 77579
  - 18
    - Hotmail problems - account closed I am logged into MSN messenger no problem, but when I try to check my emails, I get this message: Account Closed. Access Denied. What is wrong? Tag: tracing remote logins Tag: 77575
  - 19
    - Windows Millienum ME Does anyone know how I can block others from opening my start menu and opening my desktop folders? Tag: tracing remote logins Tag: 77568
  - 20
    - Looking for some (free) tool like sitekiosk... Hi, i am looking for some free or open-source tool like sitekiosk. Does anybody know some software like it? Thanks in advance... Best Regards Kerem Gümrükcü Tag: tracing remote logins Tag: 77557
  - 21
    - Microsoft Anti-Spyware Beta has got a name. If you're into it... http://blogs.technet.com/antimalware/ -- Galen - MS MVP - Windows (Shell/User & IE) http://dts-l.org/ "A man should keep his little brain attic stocked with all the furniture that he is likely to use, and the rest he can put away in the lumber-room of his library where he can get it if he wants it." Sherlock Holmes Tag: tracing remote logins Tag: 77555
  - 22
    - online threats Hi and thanks for the reply. I only get a few of these spam emails everday so it isnt a big problem deleting them manually. Over the last year I probably got about 100-150 in total. Whats really amazing though is the time/care that must be taken everday when online and the knowledge one must possess inorder to defend him/herself from so many threats. Viruses, spyware, adware, unsolicited spam email in addition to the normal system maintaince such as hardware repair and/or driver and software updates. All this takes MUCH time and knowledge, time they could probably spend playing more games, learning new software, or anything else one can imagine with his/her computer. From the money perspective i spend about 60 euros a year for antivirus and spyware/adware removal software(subscription fees). Its truely amazing i think! Personally, I am only busy in the summer and I consider myself lucky to have so much time to spend with this stuff. What about your average joe who works eight hours a day and comes home tired? I seriously doubt they got the energy or will to learn all this stuff and spend so much time trying to get a healthy system. In other words a lot of people are doomed and this will probably only get worse before it gets better. More intensive policing and tougher laws are necessary and by the way FUK the "freedom of speech" act! Every demented person and unscrupulous corporation is taking advantage of that pathetic law worldwide. Many of the most prosperous companies traded publicly are "knowingly" and "silently" installing their adware that is prepackeged with the freeware(kazaa-prime example). Of course many naive people, I used to be one, thought i could get free software, only to discover the damage to my computer a few minutes later. But you cant do much thanks to the freedom of speach act and that long ten page disclaimer which always removes liability from them. Who takes the time to read a ten page disclaimer and privacy policy? I for sure dont. Probably, the only solution to this bs is that one day most companies and consumers alike will mature enough to know that its in their best interest to play fair. If i bored or offended anyone i apologize but i feel too strong about these issues not to voice them. P.S. I use outlook express and my email is isp based. What options do i have? Tag: tracing remote logins Tag: 77551
  - 23
    - African Advance fee fraud, euro lotteries, .... I get so much JUNK email everyday I truly wonder why governments dont do something? African Advance fee schemes are the most prevailant and enticing. Allegedly they give you millions of dollars just for transfering their funds into your account. They go into great depth to make it sound legitimate and usually they claim to be "government officials" who need to "quickly" and "confidentially" transfer their funds in return for a 5-10 percent commission. Get real why would they chose me for their partner instead of getting professional assistance and when was it ever that easy to make millions of dollars for doing virtualy nothing? Everybody should ask themselves those two questions! Then the euro lottery deal. I just won a euro email lottery without even knowing about it! And the best part is like the african scheme everyone copies the format(virtually all are identical), confedintiality and urgency are a must. Then the prescription pills that u save a bundle by purchasing online. Since when does such serious medication get exchanged online without any doctors perscriptions? I woulnt even purchase aspirin online let alone prescription pills! Lastly, the BIG software ripoff, where you can purchase top software like adobe, microsoft, norton and other top software at a huge discount. Do companies now about this? I dont think they would be overly joyed having their software pirated in such ways if indeed the deal is legitate and not a total scam! I dont know, i havent tried it. Tag: tracing remote logins Tag: 77549
  - 24
    - Keep losing file associations On my computer at work, my file associations with several AutoCAD ADT 2006 files keep resetting to the file wrong icons. This is very annoying as I use the icons to easily identify drawings (.dwg) from backup files (.bak), plot files (.plt) and other files. Using: Tools / Folder Options / FileTypes / Advanced / Change Icons I select the file type, browse to the .dll or .exe file where the correct icon is stored and pick the icon. This ressets it correctly, for about half the day. Then the icons reset back to what they're NOT supposed to be. I have found several file icons for AutoCAD have been mis-associated. Is there another way, maybe using something in the registry, to permanantly correct this issue? Tag: tracing remote logins Tag: 77546
  - 25
    - SONY Code already being abused... "World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect. The software--deemed a "rootkit" by many security experts--is shipped with tens of thousands of the record company's music titles." Although, not a big deal yet, the code can clearly be used for more serious exploits... Thanks Sony, DRM and the entertainment industry... http://www.securityfocus.com/brief/34?ref=rss Imhotep Tag: tracing remote logins Tag: 77543

We currently remotely log into our servers with the administrator Id. Today
someone shutdown one of our domain controllers as administrator. How can I
find out what ip address (node) did this?

Top

Re: tracing remote logins by Lanwench

Lanwench
Thu Nov 10 12:33:50 CST 2005

In news:6AE4DB7B-FE52-4C5B-9E44-DF79998B8719@microsoft.com,
janet <janet@discussions.microsoft.com> typed:
> We currently remotely log into our servers with the administrator Id.
> Today someone shutdown one of our domain controllers as
> administrator. How can I find out what ip address (node) did this?

I don't think you can. At any rate, it's not good practice to have everyone
share the same account - set up two accounts for each user:

1. Regular user account for daily use
2. Account with more permissions for anything requiring it

These should not be domain admin accounts - use delegation to assign
permissions as needed.
Make sure you've got auditing turned up so you know who did what when.
Don't give anyone the domain admin credentials - those should be
top-secret-emergency-use-only.

Top