trusted ip address

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Data Executable Prevention My team and I develop a program on VB.net. To run this program, user will need to run an execute file (.EXE). The problem is that XP SP2 will also prompt a windows and ask whether user want to run or cancel this. Ofcourse, this case we need to run this program. So, is there anyway I can disable this action. It is bothering our users a lot. Thanks in advance Tag: trusted ip address Tag: 74613
  - 2
    - product key I seem to have lost my product key code for my windows 98se. I don't have it installed right now so I can't pull it from the registery. Is there any way I can get the product key again? Tag: trusted ip address Tag: 74606
  - 3
    - Univers.exe and dingping.exe services won't stop This is a multi-part message in MIME format. ------=_NextPart_000_0086_01C59A9E.C7FDB390 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello. On a SBS2000, SP4 server, does anybody know how to stop and kill = Univers.exe and dingping.exe ? When i try to stop them in services, it say that it can't stop them. = When itry to delete the files from WINNT\SYSTEM32, it won't let me = delete them even though they are not read only. Any help would be greatly appreciated. Thanks, Tony ------=_NextPart_000_0086_01C59A9E.C7FDB390 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.3790.2440" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial color=3D#0000ff>Hello.</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>On a SBS2000, SP4 server, does = anybody know=20 how to stop and kill Univers.exe and dingping.exe ?</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>When i try to stop them in = services, it say=20 that it can't stop them.  When itry to delete the files from=20 WINNT\SYSTEM32, it won't let me delete them even though they are not = read=20 only.</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>Any help would be greatly=20 appreciated.</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff></FONT> </DIV> <DIV><FONT face=3DArial color=3D#0000ff>Thanks,</FONT></DIV> <DIV><FONT face=3DArial color=3D#0000ff>Tony</FONT></DIV> <DIV><FONT face=3DArial = color=3D#0000ff></FONT> </DIV></BODY></HTML> ------=_NextPart_000_0086_01C59A9E.C7FDB390-- Tag: trusted ip address Tag: 74599
  - 4
    - I Update and Check Daily After Getting burned more than a few times from Viruses and Spyware, I now update MS Windows, Use Spybot search and destroy, AVG AntiVirus software, RegScrubXP To clean registry, Pc Doctor to check for errors and lastly Registry First Aid. I update and Run These Every Single day. This might seem over kill but most of the time one picks up an error that the others Don't. Very RARELY Do I get Pop ups and spyware. Tag: trusted ip address Tag: 74597
  - 5
    - Anyone familiar with wp-inklineglobal.com? I tried updating my subscription to Norton anti-virus (fairly late at night, which is why I didn't clue in at first). During the process of ordering, a page came up that looked much like the other pages, and I continued my order. It had a "McAfee Security Recommends' logo and "STOP SPAM EMAILS" with a button to Download SpamKiller, and packaging that looked like the Norton and McAfee packaging. It still looked legit. Anyway, I was tired, and I processed my order with my credit card, thinking I was still on the Norton site. When the invoice came to my inbox, it said "Thank you for purchasing from inKiline Global, Inc." and the charge would be processed as WP-INKLINEGLOBAL.COM. I wanted to request a refund, because this obviously was not from the Norton/Symantec site. When I went to the refund site, it said I have to fax my refund request including the copy of the invoice which has my name, address, phone#, and 2 email addresses on it ,to Singapore or the US. Now I'm afraid to fax anything to them (I'm in Canada), and I'm afraid to download the software in case it's going to unload a world of crap on my system. Has anyone heard of the company? I'm unable to find anything on sites that compare or rate software programs. Tag: trusted ip address Tag: 74595
  - 6
    - Dedicated admin to handle patch management ? 130 servers organization, 3,500 PC's. 3 sysadmins. So far each sysadmin has been responsible for patching respective servers they maintain. Do you agree that a more effective approach is elect one sysadmin to be responsible to patch all servers and workstations ? Tag: trusted ip address Tag: 74592
  - 7
    - cydoor/altnet & others I am helping a friend clean up her pc. I am no expert. but I have learned some & consider myself a novice still. I installed on her pc this. ZA, AVG, Ad-aware, spyblaster, SS&D, Hijack this, stinger, silent runners. I have NOT installed sysclean yet. Immediately, ad-aware found about 2500 things in the first scan. and about 23 viruses/backdoor trojens, etc. the other programs have found stuff too. as well as Yahoo antispy (included in the tool bar)- but, 3 programs can not take out cydoor/altnet. I researched and found out that Kazaa has to do with it. I already deleted it from the control panel Add & remove programs. have done safe mode scans. I was wondering if someone knows of a fix to delete these 3 types of malware.=cydoor/altnet & maxspeed & 2nd thought. I delete Max and 2nd with the programs, but I rescan & there they are again. Note: I disabled system restore and have scanned that way too. thanks for your advise -- Thanks so very much for your help-! ! ! ! Tag: trusted ip address Tag: 74582
  - 8
    - General antispyware question for - enterprise deployment Currently on a small network with 2 remote sites, and one "HQ" site, with roughly 55-60 users, I manually installed MS anti spyware on end user machines, and it seems to get the job done. All detection/deletion/quarantines happens in the background, via all the checkboxes are checked. We'll have a professional consulting company upgrade our 5.5 network to 2003 enterprise. Every client PC is running XP SP2 with the latest updates via: "Download the patches, but let me choose when to install". What do people here think about Symantec 10.0 CE which has integrated spyware monitoring / removal capability built in to the antivirus shield agent as compared to MS antispyware. What do people here think about Cisco CSA? I need some good indepth opinions on what people think is the most quality enterprise approach to "deploying antispyware agents", either signature based or behavior based applications. Or do some of you use server level applications like surfcontrol/websense that take care of all of it? Good discussion on this would be nice,because this is an issue we want to cut at the knees. Tag: trusted ip address Tag: 74578
  - 9
    - Beta Spyware warning I have had the Microsoft AntiSpyware running for a few months and no complaints. I also have a program called "Startup Inspector for Windows" on my computer which I got at http://www.windowsstartup.com/. Startup Inspector looks at the programs that run on startup and tells you what they are and suggests if you should disable them or not. Microsoft AntiSpyware puts a program in the registry startup call gcasServ.exe. In the past, Startup Inspector had no information on this program. Now, Startup Inspector says in the comments for gcasServ.exe ; "Added by a variant of the RBOT WORM! Do not confuse with the Microsoft AntiSpyware executable of the same name." I uninstalled Microsoft AntiSpyware, rebooted, redownloaded it, then reinstalled it. Then I ran Startup Inspector which still gives the same warning. I wonder if there is a way if I can find out if I actually have the RBOT worm of if Startup Inspector is full of beans. Thanks Tag: trusted ip address Tag: 74574
  - 10
    - XP Home Security Center This computer is about three years old and has been trouble free. I just upgraded to Norton Internet Security w/Anti Spyware 2005. I have been running Norton with the XP Security Center functions turned off as recommended by Norton. I am now unable to get the pop up windows that I need. I tried to configure Norton to accept them. No go. So I checked the Security Center and sure enough, it had turned itself on again. I cannot seem to get the personal firewall to turn off now. When I click on cofigure, the off selection has already been chosen, but the main window has the firewall in happy green for "on." I've gone around in circles trying to turn it off. I've added the URL I need most to be allowed through the firewall, and it is still blocked. Any suggestions? Thanks, Krackers Girl Tag: trusted ip address Tag: 74560
  - 11
    - Domain Controller Autoenrollment Fails I just installed a Win2k3 server as a second domain controller (the first server is also running win2k3). Autoenrollment is enable in directory services for domain controllers with the standard domain controller certificate but autoenrollment fails with Event 13: Automatic certificate enrollment for local system failed to enroll for one Domain Controller Authentication certificate (0x80070005). Access is denied. Any ideas? Thanks in advance. Tag: trusted ip address Tag: 74559
  - 12
    - How to create the SPNEGO token used in CIFS/SMB authentication? Dear all, Is there any Windows API available to generate SPNEGO tokens as the security blobs used in CIFS/SMB authentication? For example, how to generate the NegTokenInit token that lists all the authentication mechanisms supported by the server machine replying to a client's protocol negotiation request? I know it is possible to hard code a SPNEGO token but just wondering if there is a better way to do it. And, it seems the SSPI library doesn't provide this support. Thanks. best, chuck Tag: trusted ip address Tag: 74556
  - 13
    - Firewall Ports Keep Changing for Exchange Hello - We have an Exchange 2003 Server running on a GSX Virtual Server. Each night the virtual server is stopped for backup and restarted. When the users come in each morning, their Outlook desktop client is found to be blocked by the firewall on the Exchange Server. It seems we're having to open a different 1400 port each time and afterwards their Outlook desktop clients can connect. We're using Windows Server 2003's firewall. The store.exe seems to be the process that is using the 1400 ports. It is a privileged application on the firewall. Any ideas as to how the firewall/client might be reconfigured so the needed ports are opened and we do not have to open new ports all the time? Can store.exe, or the Outlook desktop client, be forced to use a specified port? Thanks, Lynnette Tag: trusted ip address Tag: 74551
  - 14
    - vpn I have two schools, each with a Cisco PIX 506e firewall/router. As I upgrade to Windows Server 2003 (Standard) I will be making changes to my Forest/Domain structure. Since I plan on connecting the schools via VPN I have a couple of questions: Should the VPN connections be done using IPSec or is there another protocol that I should consider? Should I create a Forest at each school and simply create a trust between the two locations or should I have one forest and set each school as a domain within the forest? Tag: trusted ip address Tag: 74543
  - 15
    - continual request for pages that don't exixst I keep getting hit on a 2000 is5 server for pages that don't exist on my machine why would I be getting these requests. They are from diffrent sources. GET /Help.asp |-|0|404_Object_Not_Found 0 GET /MSOffice/cltreq.asp UL=1&ACT=4&BUILD=4219&STRMVER=4&CAPREQ=0|-|0|404_Object_Not_Found 0 Tag: trusted ip address Tag: 74541
  - 16
    - IIS SMTP TLS with 256 bit encryption on IIS 6 [repost] All, Is there a way to make Windows 2003 IIS 6 support 256 bit TLS? As far as I have read, IIS6 does not support it. I really need this up and running ASAP! Do I need to use Apache to do this? If there is a way for IIS 6, please follow up with info and links if possible. Thanks, FastEddie Tag: trusted ip address Tag: 74540
  - 17
    - Is someone trying to get my password to sign in? When I am in hotmail, my acct will automatically shut down and then ask me to resign in...When I do this a box comes up and it asks me to type in the letters int he box before it lets me put in my password. Is someone else trying to get my password to sign in? Tag: trusted ip address Tag: 74538
  - 18
    - Windows Adv Server 2003 Backup Utility - Automated System Recovery What is the difference between doing an ASR (using the Wizard) and manually performing a backup with c:\ and System State selected? It appears from the documentation that you can create a recovery floppy from a backup with System State by simply copying some files from the %systemroot%\repair directory Tag: trusted ip address Tag: 74536
  - 19
    - IIS SMTP TLS with 256 bit encryption on IIS 6 All, Is there a way to make Windows 2003 IIS 6 support 256 bit TLS? As far as I have read, IIS6 does not support it. I really need this up and running ASAP! Do I need to use Apache to do this? If there is a way for IIS 6, please follow up with info and links if possible. Thanks, FastEddie Tag: trusted ip address Tag: 74535
  - 20
    - Using GPO to limit access I'm familiar with basic concepts of GPO, however, can I use GPO and apply it to SPECIFIC users only when the log on to a SPECIFIC server (a Terminal Server) I found docuemntation to apply to a specific server but that seems to effect everyone logging onto that server - I need it to apply only to 5 or 6 users when they log onto one server only. What procedure do I have to follow for a DC and / or a member server - I'm assuming that if we need to configure a member server it has to be done via Local Security policies ? Regards Jeff Richardson Tag: trusted ip address Tag: 74532
  - 21
    - someone else is signing in on my email Recently people have been telling me I was on the computer when I was not even near one. I have been told that someone must have access to my password to do this. My computer has a program that must run to check for virus's once every day at a certain time. Is it possible that when the virus checker powers up the computer it is signing me in automatically? Or how else could this be happening. -- leslied Tag: trusted ip address Tag: 74524
  - 22
    - Virus messages from hotmail I sent an attached word document to an overseas friend who reported the following message: Unknown virus scanner failure virus found. Note: There is no cure available for the virus on the file JanetWard.doc. It is not possible to download files from hotmail that contain incurable virus. Contact originator of the file and inform them that the file contains incurable virus. I have a virus checker for all emails in and out, and I rechecked this document and found nothing. What does this mean, does anyone know please? Tag: trusted ip address Tag: 74522
  - 23
    - msExchMailboxSecurityDescriptor Hi, can i use the SetACL.exe to configure a mailbox dacl ? I want to deny all access to a mailbox but using some functions ripped from msdn isn't working. Thanks in advance, Victor Tag: trusted ip address Tag: 74514
  - 24
    - Certificate Services Hello. I am getting a very odd error message when I try to start the Certificate Services service. I get an error message saying "Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)". When I check the Event log, in the Application Log I get error ID 17. The complete error message is: Event Type: Error Event Source: CertSvc Event Category: None Event ID: 17 Date: 8/3/2005 Time: 11:54:06 AM User: N/A Computer: <server> Description: Certificate Services did not start: Unable to initialize the database connection for <CAserver>. Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. I have tried doing a repair install of Windows, uninstalling and reinstalling Certificate Services countless times, manually deleting the CertLog and CerSrv folders and all of the certificates created. However, for some reason, I cannot figure this out. Any help is appreciated. Thank you. Tag: trusted ip address Tag: 74512
  - 25
    - help with beta antispyware Hi I installed the microsoft antispyware (beta1) and it has been helpful to get some of the spyware in my computer however one keeps popping up - EGroup Dialer. I always remove it from the system but it keeps coming back and it is always in this path hkey-currentuser/software/microsoft/systemcertificates/trustedpublisher/certificate/(certificate number). i dont know much about this..how do i get rid of this...can anyone help please...thanks a lot. Liz Tag: trusted ip address Tag: 74511
- Next
  - 1
    - How secure is ADS NAS kit? Hi, I recently purchased a Network-Attached Storage HD enclosure by ADS Tech, but I am not sure how secure/hackerproof it is. (Assuming, of course, that it has been correctly configured though it's web interface, all user accounts have difficult passwords, access rights to specific folders have been specified, etc., you know, the obvious has been taken care of). I want to put some data on it that could be shared with some of my friends/family over internet, as well as business files, which I don't want anybody to even have a chance to get access to (besides myself). The NAS kit interfaces through NetBios in Win workgroup environment, for outside access it has FTP and HTTP. One thing I don't like about the FTP is that any user who has any kind of FTP access can see all shared folders, even those that he has no access to (when such folder is clicked, the "Access denied" box opens). Would be much better in my opinion if a "root folder" per used could be specified. Does anybody know how safe it is to put shared data alongside with private data on that thing? Somebody might ask: Why would I want to put confidential data on it? Because of the versatility -- I can access it from any computer, it does not require any specific computer to be turned on (like in case with USB/FireWire drives). I can access it from outside through Internet, or take it with me if necessary. Thanks in advance! Tag: trusted ip address Tag: 74501
  - 2
    - SendAs/ReceiveAs permissions I'm running a Windows 2003 AD forest with Exchange 2003. Is there a way to prevent Domain Admins from being able to send mail as other people, i.e. remove the SendAs permission for the Domain Admins group from all user and group objects in the domain? I don't want to set an explicit deny, because some members of Domain Admins require this ability, but in general, the group does not. Thanks, Don Tag: trusted ip address Tag: 74496
  - 3
    - For N. Miller Hi N. Miller, I found out what it is. I made a Rule to Log anything using that IP in or out. It is my Browser Netscape 7.2 that makes a Inbound Domain call using the App (Browser) Netscape.exe and looks for a Outbound return using the Apps Netscape.exe, Wucrtupd.exe and Wuloader.exe. Sometimes it didn't use an App at all on the Inbound that alerted me to it in the first place. I can't Block the In/Outbound using the Netscape App or I can't Surf the Web. But I can Block the In/Outbound one's using the Windows Update Apps wucrtupd.exe and wuloader.exe without any problems. Why the hell does it need to use those Apps when it can use Netscape.exe both ways ????? And it may explain those hits on Port 80 I see too. Is this something we should worry about? Is it a type of Spyware? Kevin Rule "205.188.146.145" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1176) Remote address,service is (205.188.146.145,domain) Process name is "C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE" Rule "205.188.146.145" ignored (0.0.0.0,1098). Details: Inbound UDP packet Local address,service is (0.0.0.0,1098) Remote address,service is (205.188.146.145,domain) Process name is "C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE" Rule "Block Outbound AOL Proxy wucrtupd.exe TCP/UDP" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1103) Remote address,service is (205.188.146.145,domain) Process name is "C:\WINDOWS\SYSTEM\WUCRTUPD.EXE" Rule "Block Outbound AOL Proxy wuloader.exe TCP/UDP" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1094) Remote address,service is (205.188.146.145,domain) Process name is "C:\WINDOWS\SYSTEM\WULOADER.EXE" Tag: trusted ip address Tag: 74495
  - 4
    - Visio Connector for MBSA 2.0 released! Based on the extremely positive response we received to the first version of Visio Connector for MBSA, we have just released Visio Connector for MBSA 2.0. This utility allows you to view the vulnerability assessment information generated by MBSA 2.0 on a Visio 2003 network diagram. You must have both Visio 2003 and MBSA 2.0 (or MBSA 1.2.1) for this connector to function. You can learn more or download this free utility at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx. Sanjay Puri This posting is provided "AS IS" with no warranties, and confers no rights. Tag: trusted ip address Tag: 74494
  - 5
    - LSASS.exe thrashing processor I have a box with Windows 2000 Server (standard) running SQL 2000 (standard). The problem is that the lsass.exe is running constantly at 50-60% and taking up between 150-250 MB of memory usage. To me, this seems like an awful lot, not to mention that the process never stops. Ran Symantec Corporate and came up clean. Any ideas? Tag: trusted ip address Tag: 74491
  - 6
    - One Care Public Beta Where's the Group(s)? One Care is in Public Beta. Usually that would mean a group or groups. Does anyone know where they might be? Best, Chad Harris Tag: trusted ip address Tag: 74481
  - 7
    - Best Anonymous Proxy for Winxp ?? Hey guys I am searching for a Free Anonymous Proxy for Windows Xp .....Send me Links Thanx Tag: trusted ip address Tag: 74475
  - 8
    - xp firewall help I just purchased a new laptop bundled with xp-sp2, Norton AV (90 day), I activated the Norton AV but disabled the Norton personal firewall, ran the network wizard to configure the laptop wireless adaptor to one I installed in my home pc, (xp-sp2, dial up), enabled file, print, ICS sharing, updated Norton definitions and xp updates. The problem is everytime I turn on the laptop the windows firewall is disabled along with two of the three alert options located in the Security Center. So I literally have to open the security Center Window to see that it is off and then manually set it to on. I have to do this each time I restart. I checked the services tab under computer management and the text says its on auto, I also ran a scan with Norton and it came up clean. Anyone know how to keep the windows firewall on as a default or is this a byproduct of having Norton? Hihar in Thanks, Tag: trusted ip address Tag: 74474
  - 9
    - cdp publish hi all i installed a new CA infrastructure in my organization. i have root CA server and subordinate CA and 5 machines as CDP'S. on the subordinate CA server at the server properties in the certificate main consule, when going to the extensions tab, and typing a path to any of my CDP'S using DNS CNAME for the CDP, im getting an error trying to publish to that cdp. its like the server cant find that cdp. when i type the netbios name or the dns name for the cdp path its working. why is that, i need to use cname's for my cdp's for redundecy. thanks for the help Tag: trusted ip address Tag: 74470
  - 10
    - Mapping Drives in Windows Server 2003 HELP! I want to map a XP Pro pc to a share I created on a 2003 server. When I go to map the drive from my PC...it prompts me for a username and password. I try to log into the share and it keeps saying bad username or password. I created at least 2-3 test users to try this with and changed passwords but it still wont except my logins...I am stumped! Please Help!! Tag: trusted ip address Tag: 74463
  - 11
    - spyware Possible spyware installed but I can not detect it. I have zonealarm antivirus/firewall with popup blocker enabled. Ad-Aware pro/ad-watch popup blocker enabled. I've run scans with all including the multi av-cls several times. Popups are occuring regardless if I'm browsing the web or not. Soon as I boot the system if you just wait a while they start to appear. Any thoughts or suggestions? Tag: trusted ip address Tag: 74462
  - 12
    - Certificate Services Performance --- Back in December of 2004 we deployed a large CA based on Microsoft Certificate Services (MSCA) on Windows 2003. The MSCA is advertised to reach 2 million certificates a day - which is about +/- 1388 certs per minute. I recently ran some tests and I was lucky to get 16 certs per minute. This was running on a 4 processor HP DL580, 4 GB memory with nCipher HSM hardware assist --- So, I have two questions for the group --- 1. Has anyone else tested their certificate generation performance; what did you find? 2. If you did test your performance, what tools did you use to test the performance? I used a vbs script running for other networked nodes in a scheduled batch job. Thank you. Daya -- Daya Puls, CISSP IT Security, Sigma Systems, Marlborough, MA Tag: trusted ip address Tag: 74455
  - 13
    - Nessus report is not correct ? Using nessus to scan my website, the report contains follwing messages. ============================= Vulnerability http (80/tcp) At least one of these CGI scripts is installed : hello.bat echo.bat They allow any attacker to execute commands with the privileges of the web server process. Solution : Delete all the *.bat files from your cgi-bin/ directory Risk factor : High CVE : CAN-2000-0213 BID : 1002 Nessus ID : 10246 ============================= Vulnerability http (80/tcp) The CGI 'args.bat' (and/or 'args.cmd') is installed. This CGI has a well known security flaw that lets an attacker upload arbitrary files on the remote web server. Solution : remove it from /cgi-dos. Risk factor : High CVE : CAN-1999-1180 Nessus ID : 11465 ============================ But I can't locate file hello.bat,echo.bat,args.bat or args.cmd in my computer. What should I do ? Ignore these messages? Where can I find more information ? By the way, my computer's configuration is: OS: WIndows 2003 Server IIS: IIS 6.0 language: Active Server Page (ASP) Tag: trusted ip address Tag: 74450
  - 14
    - "message service" pop up window I have recieved a "Message Service" pop up window. The message tells me to go >www.ms-repair.com<. Is this a legitimate site? The message also tells me that my system has 72 errors, need to install registry repair, run registry repair, and reboot the computer. Thank you in advance for anyone who can help, Tag: trusted ip address Tag: 74358
  - 15
    - Ports 6346 and 1434 TCP and UDP HI, Is anyone else getting a lot of hits on 6346 and 1434 in both TCP and UDP ? 1434 is ms_sql-m but what use is 6346 for ? Kevin Tag: trusted ip address Tag: 74355
  - 16
    - Antivirus on server or client? What is recommended: install an antivirus program on the server or on each client individually? Setup: W2K Server, XP clients, MS Exchange. Tag: trusted ip address Tag: 74346
  - 17
    - pop uos i keep recieving pop ups from the same address(69.28.210.175/media/773379) every 5 minutes on the nose 24/7.I'm using stopzilla to block these but they still splash on my screen and are logged and momentarily slow my computer.I use adaware and spybot searcch and destroy as well as delete my cookies but it has no effect. 1. is it legal for these to be sent? if it is something needs to be done. 2.is it possible to stop these from reaching my computer? Tag: trusted ip address Tag: 74339
  - 18
    - MS04-011 LSASS virus My laptop runs under XP(sp2). Since I installed Trend-Micro PC-cillin 2005 (AntiVirus,Firewall,AntiSpyware combined), I'm getting "MS04-011 LSASS" attack warnings. Microsoft XP-SP2 supposed to have the fix for this virus, but the the warning never goes away. "Microsoft Bulletin MS04-011(835732)" offers the fix for all other operating systems except for XP. Anyone knows how to get rid of this problem? Thanks. Ken Tag: trusted ip address Tag: 74332
  - 19
    - AOL Servers Probing ??? Hello, I've been getting a number of hits on Port 80 from AOL Servers and Proxies even without a Browser open. Since they are not tied to an App Rule they are Blocked and they hit some other Ports too, sometimes as high as 60,000. Why are they Banging my Http Ports (80 and 1080) and ramdom Ports from 5000-80,000???? Since I'm Dial-up I'm not the Target but this IP Block must be. The one's between 5000-60,000 are rare and I don't worry about them but it seems they are AOL Servers or Proxie Servers most of the time and not Users. And I'm not talking about when I first go online with Dial-up where someone else could have had the IP and I'm getting their Returns. This example is not from a server but I had cleared my Log yesterday after some Security Scans to check my Firewall so it's all I have right now. Rule "Default Block HTTP Port 80" blocked (compaq,http). Details: Inbound TCP connection Local address,service is (compaq,http) Remote address,service is (172.165.17.222,2122) Process name is "N/A" In Local Address; compaq is another way this computer lists localhost, 127.0.0.1. Tag: trusted ip address Tag: 74330
  - 20
    - spyware - windupdates Hi, Adaware keeps finding something called windupdates. I keep deleting it and it keeps coming back! Help! How do I get it to go away permanently? Tag: trusted ip address Tag: 74326
  - 21
    - possible to block/uninstall games via Group Policy? Hi is it possible to block or uninstall games via a group policy? Tag: trusted ip address Tag: 74325
  - 22
    - Restrict users to only connect to our wireless network Hi, I have a wireless network and want to make sure the users only connect to this wireless network and no others at all. Can this be done? Tag: trusted ip address Tag: 74324
  - 23
    - unable to connect to windows firewall ant-virus wont auto protect I am having dificulties with the windows security centre i keep recieving the warning about the firewall connection and also now my norton anti-virus will not enable autoprotection.. can anybody help. i ahve tried to recconect my windows firewall but it wont do it, a message come sup sayin it cannot connect to windows firewall!! what can i do? Also i have norton anti virus and up untill 2 days ago it was working fine doing a full computer scan every week but now thiswont work, on th eoptions itis not set on auto protect and it will nto allow me to select this option!! help me my compute ris at graet risk what can i go.. i was adviced to download the updates but this has not fixed the problem help Tag: trusted ip address Tag: 74323
  - 24
    - Local Caching Where is the user's password cached when you have a GPO setting on Interactive logon: Number of previous logons to cache (in case domain controller is not available)? Is it store in LSASS secrets? If we set our server to not store local cache of user's password what application or other things will break? I u nderstand that if you turn that off and there is no domain controller available that you will be unable to logon to that server in that domain...But what other hidden gotchas are out there that I might not be thinking of? Tag: trusted ip address Tag: 74306
  - 25
    - Fake Add Message Well hey, i started to hear this from many friends, a contact that adds them then they loose their password and wont be able to sign again to their account.! that's so weird, any one heard about that ?? Tag: trusted ip address Tag: 74305

i have mc afee protections i keep getting attempts to use my computer and
questions do you trust this site. what are the trusted ip addresses.
following the ip pool 70 - 20118-113-pitt.east.verizon.net address would
this be a hacker
--
mrs ditty dot

Re: trusted ip address by Lanwench

Lanwench
Sun Aug 07 09:31:39 CDT 2005

In news:47985989-2D30-4176-85BB-C74E073D4D50@microsoft.com,
ditty dot <dittydot@discussions.microsoft.com> typed:
> i have mc afee protections i keep getting attempts to use my computer
> and questions do you trust this site. what are the trusted ip
> addresses. following the ip pool 70 -
> 20118-113-pitt.east.verizon.net address would this be a hacker

First rule: if you don't know why something is trying to access your
computer from the internet, block it.
Second rule: if something doesn't work right afterwards, rethink #1.

Block everything inbound by default, and make exceptions if needed (unlikely
on a home computer).

Re: trusted ip address by N

N
Sun Aug 07 13:54:31 CDT 2005

On Sun, 7 Aug 2005 07:23:02 -0700, ditty dot wrote:

> i have mc afee protections i keep getting attempts to use my computer and
> questions do you trust this site.

McAfee really shouldn't be asking about allowing inbound connections. Those
inbound connections which aren't responses to outbound requests should be
blocked automatically.

> what are the trusted ip addresses.

Very few. If you run a LAN, your LAN IP addresses should be trusted. If you
run a server, well; you really need to learn a whole lot about what happens
when you run a server. For most people, that isn't an issue; most people
don't run servers.

> following the ip pool 70 - 20118-113-pitt.east.verizon.net address would
> this be a hacker

No way to tell without seeing the actual packets sent. UDP packets to ports
1025-1030 would be typical of messenger spam, though. I mostly see those on
ports 1026/1027; my router blocks them. Other ports would be indicative of
other activity. I mostly see messenger spam, or automated RPCSS worm
activity. After that I see relay attempts on my MTA. I rarely see anything
that could be attributed to "hacking"; as a conscious activity directed by
a human agent at my connection.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint